Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB002/E24F8234022E11EF856F5132C4F9AE02/DA45BF3402D011EF84594A0BC4F9AE02.roa
File: DA45BF3402D011EF84594A0BC4F9AE02.roa (raw, json)
Hash identifier: wViP+gEHWSNRKRQvvr5GIGcfBraWeSZCy2JKI8Oik3o=
Subject key identifier: 32:0F:8B:2C:FA:41:D8:97:42:11:7E:F3:A1:35:8E:A5:58:14:6E:0C
Certificate issuer: /CN=A91EB002/serialNumber=9EF3E604A63F2CEF4BDDE37DCA890D0451967AEC
Certificate serial: 05
Authority key identifier: 9E:F3:E6:04:A6:3F:2C:EF:4B:DD:E3:7D:CA:89:0D:04:51:96:7A:EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvPmBKY_LO9L3eN9yokNBFGWeuw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EB002/E24F8234022E11EF856F5132C4F9AE02/DA45BF3402D011EF84594A0BC4F9AE02.roa
Signing time: Thu 25 Apr 2024 06:55:51 +0000
ROA not before: Thu 25 Apr 2024 06:55:51 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 152714
IP address blocks: 103.40.166.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jul 2024 12:26:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EB002/serialNumber=9EF3E604A63F2CEF4BDDE37DCA890D0451967AEC
Validity
Not Before: Apr 25 06:55:51 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6629fe77-af19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:43:fc:c1:87:97:4e:ca:f8:5f:f2:6c:fb:e8:
1d:ae:17:9c:7a:83:66:16:b5:a1:be:08:cb:5b:41:
fb:f7:83:fb:90:96:7a:52:5a:6d:c6:b3:e2:40:2f:
bc:3c:14:2e:19:a6:6c:7b:77:c2:77:51:84:13:09:
58:cd:86:9a:25:ef:b6:5b:2f:a5:9c:71:f3:a5:e5:
3d:3d:e8:78:c8:0c:b1:78:4e:95:d4:ad:78:57:c3:
32:fe:bf:06:37:5f:aa:b4:90:a4:f2:f6:f1:b1:60:
02:ee:92:cd:51:5d:75:0b:77:46:8a:a2:33:ef:5c:
2d:66:00:b0:b6:92:f6:b6:8c:a4:bc:5b:8d:1f:3d:
e4:68:c2:bd:fd:12:be:a3:e2:24:9a:67:92:32:0a:
a1:1b:34:a2:71:de:4d:e2:6e:99:6a:5d:5b:0f:9d:
80:e0:8f:e2:45:55:df:9f:d3:ff:03:4a:1c:cd:2d:
6e:28:5c:ec:6e:19:1f:9a:2f:9b:8c:ad:74:f5:e8:
3f:a3:01:a1:8e:c7:f6:a0:91:57:b5:6d:5e:9e:87:
0b:2b:54:b0:7c:f1:c1:89:63:a5:5f:d3:86:f1:94:
c1:89:d5:bc:65:a7:86:ca:66:bc:20:13:61:d8:d7:
ab:bb:87:e2:c5:1b:6f:bf:3a:40:fb:63:5f:c4:25:
d6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:0F:8B:2C:FA:41:D8:97:42:11:7E:F3:A1:35:8E:A5:58:14:6E:0C
X509v3 Authority Key Identifier:
keyid:9E:F3:E6:04:A6:3F:2C:EF:4B:DD:E3:7D:CA:89:0D:04:51:96:7A:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EB002/E24F8234022E11EF856F5132C4F9AE02/nvPmBKY_LO9L3eN9yokNBFGWeuw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvPmBKY_LO9L3eN9yokNBFGWeuw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB002/E24F8234022E11EF856F5132C4F9AE02/DA45BF3402D011EF84594A0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.40.166.0/23
Signature Algorithm: sha256WithRSAEncryption
18:8a:0d:7f:eb:b2:f6:09:28:6f:82:5b:64:49:98:10:f6:80:
cd:79:6b:05:c9:22:4d:19:1f:d0:1a:ba:20:49:0f:64:5b:00:
2f:4c:d2:16:dc:3a:e2:76:c8:84:42:aa:26:3e:c7:5c:5e:24:
18:6b:05:89:0b:cf:1c:23:75:86:5d:a1:49:43:51:6c:17:3a:
23:09:b0:6c:b2:65:85:b4:d4:f9:4f:cb:d9:20:a1:40:74:7f:
ee:a9:a4:a4:a8:86:9c:25:3f:ea:4a:5f:1f:cc:ec:d2:fc:17:
44:e6:0f:66:fd:d3:d5:71:7e:43:4f:35:98:b1:40:b3:8a:b0:
a7:ec:ca:39:e3:a4:38:69:3b:f4:61:5f:68:d4:c9:5b:59:95:
bc:82:35:4d:6d:2d:65:73:57:ca:22:0b:64:f8:50:3b:28:46:
0b:44:31:5c:2e:1c:cd:0e:e9:7d:ca:ec:5e:c9:10:36:a8:f7:
91:b3:90:84:38:c6:9f:38:29:6f:38:cb:24:c4:c7:80:99:13:
aa:ec:2f:01:1a:05:b6:f7:7e:83:35:c3:37:b3:74:03:56:f6:
bc:db:26:5c:48:3e:d4:34:34:91:c1:aa:8c:fc:84:9a:a8:04:
f2:78:4f:38:10:3f:d4:47:b6:60:bb:a7:b1:3c:df:95:5b:ca:
35:f7:c6:55
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
QjAwMjExMC8GA1UEBRMoOUVGM0U2MDRBNjNGMkNFRjRCRERFMzdEQ0E4OTBEMDQ1
MTk2N0FFQzAeFw0yNDA0MjUwNjU1NTFaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MjlmZTc3LWFmMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFQ/zBh5dOyvhf8mz76B2uF5x6g2YWtaG+CMtbQfv3g/uQlnpSWm3Gs+JAL7w8
FC4Zpmx7d8J3UYQTCVjNhpol77ZbL6WccfOl5T096HjIDLF4TpXUrXhXwzL+vwY3
X6q0kKTy9vGxYALuks1RXXULd0aKojPvXC1mALC2kva2jKS8W40fPeRowr39Er6j
4iSaZ5IyCqEbNKJx3k3ibplqXVsPnYDgj+JFVd+f0/8DShzNLW4oXOxuGR+aL5uM
rXT16D+jAaGOx/agkVe1bV6ehwsrVLB88cGJY6Vf04bxlMGJ1bxlp4bKZrwgE2HY
16u7h+LFG2+/OkD7Y1/EJdaFAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUMg+LLPpB
2JdCEX7zoTWOpVgUbgwwHwYDVR0jBBgwFoAUnvPmBKY/LO9L3eN9yokNBFGWeuww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVCMDAyL0UyNEY4MjM0MDIy
RTExRUY4NTZGNTEzMkM0RjlBRTAyL252UG1CS1lfTE85TDNlTjl5b2tOQkZHV2V1
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbnZQbUJLWV9MTzlMM2VOOXlva05CRkdXZXV3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
QjAwMi9FMjRGODIzNDAyMkUxMUVGODU2RjUxMzJDNEY5QUUwMi9EQTQ1QkYzNDAy
RDAxMUVGODQ1OTRBMEJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcopjANBgkqhkiG9w0BAQsFAAOCAQEAGIoNf+uy9gkob4Jb
ZEmYEPaAzXlrBckiTRkf0Bq6IEkPZFsAL0zSFtw64nbIhEKqJj7HXF4kGGsFiQvP
HCN1hl2hSUNRbBc6IwmwbLJlhbTU+U/L2SChQHR/7qmkpKiGnCU/6kpfH8zs0vwX
ROYPZv3T1XF+Q081mLFAs4qwp+zKOeOkOGk79GFfaNTJW1mVvII1TW0tZXNXyiIL
ZPhQOyhGC0QxXC4czQ7pfcrsXskQNqj3kbOQhDjGnzgpbzjLJMTHgJkTquwvARoF
tvd+gzXDN7N0A1b2vNsmXEg+1DQ0kcGqjPyEmqgE8nhPOBA/1Ee2YLunsTzflVvK
NffGVQ==
-----END CERTIFICATE-----
Generated at Thu Jul 4 13:51:17 2024 by rpki-client on console-ams.rpki-client.org