Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/C14C6F0EBF3311EEA0BF9940C4F9AE02.roa
File: C14C6F0EBF3311EEA0BF9940C4F9AE02.roa (raw, json)
Hash identifier: 42NkOBIXc2WrLX+NJW+W/gnDZN2Ag9t0iCbErdOWFfA=
Subject key identifier: 49:BD:04:8A:F7:06:AC:4B:A7:85:43:18:94:FC:47:5F:A9:30:9C:EA
Certificate issuer: /CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Certificate serial: 60
Authority key identifier: 09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/C14C6F0EBF3311EEA0BF9940C4F9AE02.roa
Signing time: Tue 30 Jan 2024 05:52:30 +0000
ROA not before: Tue 30 Jan 2024 05:52:30 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 14618
IP address blocks: 103.218.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 07:12:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96 (0x60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Validity
Not Before: Jan 30 05:52:30 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65b88e9e-827b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:88:3f:1d:7d:4c:f0:35:11:05:db:8f:84:bb:
b3:af:69:b9:73:9a:5b:33:a4:88:d8:1c:f4:90:8b:
18:af:fe:c5:88:db:c0:f2:d7:15:fa:a9:78:71:f9:
f5:06:f2:39:d9:58:f8:f0:81:9b:8d:b6:0c:92:f5:
9c:87:fa:81:38:b7:96:27:1b:55:2f:ed:32:30:9d:
21:85:31:1a:8a:75:0b:55:1b:27:af:dc:e9:60:8e:
51:ac:bd:20:a3:bd:0c:4b:84:ea:58:1d:e9:5b:d8:
2f:97:b9:4a:f4:2e:58:ad:58:f3:5d:69:ec:f0:be:
08:08:36:0a:c8:ce:3a:ec:97:63:df:e0:07:f9:74:
41:1a:55:05:11:8b:48:bd:d3:64:80:01:d6:1e:fc:
24:ce:ee:4c:f7:a0:ad:26:d5:79:26:40:d0:4b:2a:
27:dc:d0:07:21:b3:00:81:d5:09:71:da:dd:23:8e:
3b:13:c9:fc:20:c7:88:19:d9:4f:20:66:2b:44:3a:
c1:9f:2f:16:5c:ad:da:04:2f:0b:8b:61:2b:87:80:
11:ee:1b:d7:60:a2:ae:5a:32:38:49:66:2a:93:2e:
16:79:2b:87:d1:93:30:ab:7d:ce:94:50:6f:18:1c:
c0:9a:ef:c1:d1:78:35:b0:a3:94:4f:15:92:57:93:
ba:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:BD:04:8A:F7:06:AC:4B:A7:85:43:18:94:FC:47:5F:A9:30:9C:EA
X509v3 Authority Key Identifier:
keyid:09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/CUcFHvpQQpIVdQpIvAMa2pJu9m4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/C14C6F0EBF3311EEA0BF9940C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.218.172.0/24
Signature Algorithm: sha256WithRSAEncryption
29:4d:f7:cc:43:ff:2e:d6:e0:7b:cc:70:94:b6:08:2f:2e:b2:
39:90:2e:35:63:b9:b2:b5:bd:b0:2a:15:80:ba:4b:b6:54:a7:
85:ac:aa:dd:61:99:c8:72:4c:60:28:a5:2c:86:c4:06:89:06:
bb:12:d9:12:63:4f:1e:e7:f5:b4:51:59:06:9c:2e:26:91:82:
8d:a7:2e:d2:10:af:0a:c1:3b:82:cb:1b:df:c8:e0:a9:b2:92:
a4:56:60:59:e8:87:23:a9:b0:be:53:c7:06:bf:90:96:19:9f:
65:8d:d1:aa:e8:13:08:ee:3b:84:de:51:d5:8a:cb:89:f9:a1:
0c:53:1f:55:06:ea:99:73:08:d5:7b:a6:56:f9:f3:36:ef:3b:
ff:2b:80:61:d8:ba:04:a4:43:c6:7a:a1:1d:54:2e:97:30:f2:
9f:97:ac:0f:c3:4b:eb:51:70:9b:10:c4:f4:b6:e3:cb:6d:df:
d5:84:5a:60:f0:7f:51:60:bc:a4:45:60:0e:c3:d6:e0:9c:bb:
d7:d6:fd:1d:7d:56:6e:1a:af:85:ea:ac:3b:6c:01:98:68:60:
6e:2d:fb:5d:6a:e1:e0:f5:77:5b:69:f4:3c:d2:1f:1d:a0:0e:
83:63:e0:41:a9:62:2f:71:ea:c6:c1:21:cb:d3:c4:7d:64:bf:
48:68:87:ad
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBYDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MTdBQTExMC8GA1UEBRMoMDk0NzA1MUVGQTUwNDI5MjE1NzUwQTQ4QkMwMzFBREE5
MjZFRjY2RTAeFw0yNDAxMzAwNTUyMzBaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1Yjg4ZTllLTgyN2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFiD8dfUzwNREF24+Eu7OvablzmlszpIjYHPSQixiv/sWI28Dy1xX6qXhx+fUG
8jnZWPjwgZuNtgyS9ZyH+oE4t5YnG1Uv7TIwnSGFMRqKdQtVGyev3OlgjlGsvSCj
vQxLhOpYHelb2C+XuUr0LlitWPNdaezwvggINgrIzjrsl2Pf4Af5dEEaVQURi0i9
02SAAdYe/CTO7kz3oK0m1XkmQNBLKifc0AchswCB1Qlx2t0jjjsTyfwgx4gZ2U8g
ZitEOsGfLxZcrdoELwuLYSuHgBHuG9dgoq5aMjhJZiqTLhZ5K4fRkzCrfc6UUG8Y
HMCa78HReDWwo5RPFZJXk7p1AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUSb0EivcG
rEunhUMYlPxHX6kwnOowHwYDVR0jBBgwFoAUCUcFHvpQQpIVdQpIvAMa2pJu9m4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYxN0FBLzQxRjBGOTdFNTJC
ODExRUU4RTQzMDAwREM0RjlBRTAyL0NVY0ZIdnBRUXBJVmRRcEl2QU1hMnBKdTlt
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQ1VjRkh2cFFRcElWZFFwSXZBTWEycEp1OW00LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MTdBQS80MUYwRjk3RTUyQjgxMUVFOEU0MzAwMERDNEY5QUUwMi9DMTRDNkYwRUJG
MzMxMUVFQTBCRjk5NDBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGfarDANBgkqhkiG9w0BAQsFAAOCAQEAKU33zEP/Ltbge8xw
lLYILy6yOZAuNWO5srW9sCoVgLpLtlSnhayq3WGZyHJMYCilLIbEBokGuxLZEmNP
Huf1tFFZBpwuJpGCjacu0hCvCsE7gssb38jgqbKSpFZgWeiHI6mwvlPHBr+Qlhmf
ZY3RqugTCO47hN5R1YrLifmhDFMfVQbqmXMI1XumVvnzNu87/yuAYdi6BKRDxnqh
HVQulzDyn5esD8NL61FwmxDE9Lbjy23f1YRaYPB/UWC8pEVgDsPW4Jy719b9HX1W
bhqvheqsO2wBmGhgbi37XWrh4PV3W2n0PNIfHaAOg2PgQaliL3HqxsEhy9PEfWS/
SGiHrQ==
-----END CERTIFICATE-----
Generated at Wed Jan 31 09:31:21 2024 by rpki-client on console-fra.rpki-client.org