Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/29430C66B82D11EE93D11110C4F9AE02.roa
File: 29430C66B82D11EE93D11110C4F9AE02.roa (raw, json)
Hash identifier: Ks7jAbP3hqVwKZ0ZWSY4HOl44+kp6rCfuM6Labo/Sm8=
Subject key identifier: A0:1F:01:C1:6F:65:EF:AA:42:12:B1:70:E1:51:D5:73:DF:1E:E3:06
Certificate issuer: /CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Certificate serial: 5A
Authority key identifier: 09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/29430C66B82D11EE93D11110C4F9AE02.roa
Signing time: Sun 21 Jan 2024 07:17:40 +0000
ROA not before: Sun 21 Jan 2024 07:17:40 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 396982
IP address blocks: 103.218.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 11:13:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90 (0x5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Validity
Not Before: Jan 21 07:17:40 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65acc514-0bf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c0:a3:76:26:87:1f:c4:6c:65:c8:5e:ad:8a:
e2:d2:56:0f:6a:eb:82:bf:ce:d3:7e:39:91:74:6a:
97:0e:60:58:3d:4b:2c:ac:fb:eb:a9:6e:6b:a5:d7:
09:7b:15:c5:72:d0:77:bc:ac:5d:cb:ae:e4:3d:47:
b1:fb:9d:c6:2a:9d:37:57:e7:28:2c:4d:c5:6e:fe:
92:aa:c4:37:6f:02:59:8d:86:d6:36:28:d2:de:0c:
2a:2d:93:ab:c8:9b:9e:0c:41:eb:b5:9b:51:59:52:
6b:46:e0:82:d6:9b:ce:7c:aa:af:c2:85:19:3b:28:
c4:75:49:1c:27:8b:e3:34:e4:3d:a1:99:9c:bf:f8:
5f:1a:fb:22:a1:0c:b7:59:ba:64:95:d7:b0:a6:14:
db:72:f3:52:cb:31:01:39:f1:24:e7:e4:c9:9a:d6:
b3:c5:a6:6a:7b:52:e2:e1:54:c7:bd:19:63:db:b8:
a7:ce:eb:68:45:f7:b7:8a:de:cd:f0:ea:73:64:e5:
34:a7:7b:b3:54:43:20:db:9c:dd:9c:e4:d5:d9:56:
ec:13:0d:67:14:62:9b:47:4f:5d:68:1b:9e:48:8c:
e0:1e:d3:7a:2d:bc:a5:f5:4e:3c:06:62:69:60:c3:
5c:00:19:24:05:5c:67:4a:4f:c2:7c:17:83:16:fd:
2e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:1F:01:C1:6F:65:EF:AA:42:12:B1:70:E1:51:D5:73:DF:1E:E3:06
X509v3 Authority Key Identifier:
keyid:09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/CUcFHvpQQpIVdQpIvAMa2pJu9m4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/29430C66B82D11EE93D11110C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.218.173.0/24
Signature Algorithm: sha256WithRSAEncryption
69:67:aa:c3:41:f7:70:4d:ea:f1:a2:86:f9:3b:25:7d:1f:f3:
c0:43:e8:b9:4e:83:ae:d9:57:c2:f3:27:92:9f:fe:c9:27:15:
70:21:61:63:1d:9d:e3:e0:33:f2:e4:69:f9:ce:87:6a:1c:93:
34:e4:d8:6a:b1:83:0c:9f:58:87:b8:b2:56:53:45:5c:5f:e8:
eb:bb:f9:e2:a6:df:46:f2:49:d6:1f:af:dd:0d:e9:8b:39:ba:
83:67:1a:e8:24:b3:3a:b9:46:d6:b5:96:cd:47:33:50:be:1c:
7a:b9:bd:3e:f0:32:5f:c3:96:16:6c:95:43:7a:b0:d3:1c:d3:
75:43:2b:47:68:2d:a8:47:b0:b7:12:b1:a8:11:8a:25:57:f4:
47:3a:e1:aa:a0:2c:e1:2f:c7:24:c9:bc:8e:d8:3f:e4:ff:97:
7e:c6:a8:0f:11:b9:46:ec:2f:22:b7:93:6a:2c:c3:43:33:be:
bb:5c:4b:e5:c1:f2:b5:34:22:db:41:29:80:a6:a3:f1:0a:11:
aa:26:ea:83:7a:af:a7:e8:5a:4f:58:d4:8d:c4:5a:21:57:91:
72:ca:a7:14:90:3b:ab:ef:52:a1:2d:35:55:eb:df:b0:1e:b1:
b2:80:72:95:86:e2:2d:54:da:f6:72:a6:fa:9f:2a:f2:bb:a3:
b7:cd:d9:00
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBWjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MTdBQTExMC8GA1UEBRMoMDk0NzA1MUVGQTUwNDI5MjE1NzUwQTQ4QkMwMzFBREE5
MjZFRjY2RTAeFw0yNDAxMjEwNzE3NDBaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YWNjNTE0LTBiZjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDEwKN2JocfxGxlyF6tiuLSVg9q64K/ztN+OZF0apcOYFg9Syys++upbmul1wl7
FcVy0He8rF3LruQ9R7H7ncYqnTdX5ygsTcVu/pKqxDdvAlmNhtY2KNLeDCotk6vI
m54MQeu1m1FZUmtG4ILWm858qq/ChRk7KMR1SRwni+M05D2hmZy/+F8a+yKhDLdZ
umSV17CmFNty81LLMQE58STn5Mma1rPFpmp7UuLhVMe9GWPbuKfO62hF97eK3s3w
6nNk5TSne7NUQyDbnN2c5NXZVuwTDWcUYptHT11oG55IjOAe03otvKX1TjwGYmlg
w1wAGSQFXGdKT8J8F4MW/S7TAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUoB8BwW9l
76pCErFw4VHVc98e4wYwHwYDVR0jBBgwFoAUCUcFHvpQQpIVdQpIvAMa2pJu9m4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYxN0FBLzQxRjBGOTdFNTJC
ODExRUU4RTQzMDAwREM0RjlBRTAyL0NVY0ZIdnBRUXBJVmRRcEl2QU1hMnBKdTlt
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQ1VjRkh2cFFRcElWZFFwSXZBTWEycEp1OW00LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MTdBQS80MUYwRjk3RTUyQjgxMUVFOEU0MzAwMERDNEY5QUUwMi8yOTQzMEM2NkI4
MkQxMUVFOTNEMTExMTBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGfarTANBgkqhkiG9w0BAQsFAAOCAQEAaWeqw0H3cE3q8aKG
+TslfR/zwEPouU6DrtlXwvMnkp/+yScVcCFhYx2d4+Az8uRp+c6HahyTNOTYarGD
DJ9Yh7iyVlNFXF/o67v54qbfRvJJ1h+v3Q3pizm6g2ca6CSzOrlG1rWWzUczUL4c
erm9PvAyX8OWFmyVQ3qw0xzTdUMrR2gtqEewtxKxqBGKJVf0RzrhqqAs4S/HJMm8
jtg/5P+XfsaoDxG5RuwvIreTaizDQzO+u1xL5cHytTQi20EpgKaj8QoRqibqg3qv
p+haT1jUjcRaIVeRcsqnFJA7q+9SoS01VevfsB6xsoBylYbiLVTa9nKm+p8q8ruj
t83ZAA==
-----END CERTIFICATE-----
Generated at Thu Apr 4 14:46:18 2024 by rpki-client on console-fra.rpki-client.org