Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/06F7B2EE3AC111EF85B44A3DC4F9AE02.roa
File: 06F7B2EE3AC111EF85B44A3DC4F9AE02.roa (raw, json)
Hash identifier: ztkMOFiokp3aNGPfhQPvNbwzRYBmWotc5SbytVhZjhA=
Subject key identifier: 3C:A8:7A:AD:64:1D:25:1C:87:4D:1E:2D:B8:8E:0E:3E:47:C3:2A:B3
Certificate issuer: /CN=A91F3C87/serialNumber=EF9FE381DA3D42EB7C4E0D049CCAE7228E28FB4B
Certificate serial: E1
Authority key identifier: EF:9F:E3:81:DA:3D:42:EB:7C:4E:0D:04:9C:CA:E7:22:8E:28:FB:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75_jgdo9Qut8Tg0EnMrnIo4o-0s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/06F7B2EE3AC111EF85B44A3DC4F9AE02.roa
Signing time: Fri 05 Jul 2024 11:23:39 +0000
ROA not before: Fri 05 Jul 2024 11:23:39 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 136173
IP address blocks: 103.43.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 10:27:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 225 (0xe1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F3C87/serialNumber=EF9FE381DA3D42EB7C4E0D049CCAE7228E28FB4B
Validity
Not Before: Jul 5 11:23:39 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6687d7bb-8ea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:89:cb:ac:67:7f:a9:6e:70:94:ad:55:b0:43:
cb:0b:36:b5:ff:24:d9:02:22:c6:c5:ee:12:5a:14:
76:22:1e:82:9a:bb:a5:61:a8:10:8d:84:9f:eb:fd:
4d:77:4a:35:d0:1a:84:a9:4e:73:a4:8b:ba:7a:77:
81:78:f5:42:26:50:12:b5:7a:d4:52:cd:73:c6:0f:
38:fe:53:bb:c7:76:8b:2a:7b:6a:24:e4:44:b2:a8:
23:ea:b1:16:ba:0e:19:00:78:a6:a2:07:70:db:5a:
12:cb:65:c3:72:84:78:3d:4e:d6:31:eb:06:59:69:
c5:24:b6:43:96:70:25:41:9d:14:a0:c2:3c:96:20:
96:fd:06:8d:f5:47:e1:cf:34:72:df:73:eb:db:db:
6f:78:6e:90:46:ff:46:4c:bf:83:b1:75:11:22:5c:
f5:ee:43:b3:71:d8:c6:34:ce:95:a3:92:fd:df:a9:
bf:3b:89:b4:32:87:98:7f:07:71:76:34:96:31:c3:
72:d2:bb:c9:71:8a:2d:1a:d1:ca:9c:cf:ba:5f:47:
42:b4:ba:41:d5:a7:71:4f:6f:db:e7:0e:1c:20:c8:
8b:d0:01:1d:f8:2b:fa:80:15:80:a0:f7:cf:82:e9:
f5:c4:9c:63:40:4f:34:b0:86:68:fd:49:8e:04:b9:
d5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A8:7A:AD:64:1D:25:1C:87:4D:1E:2D:B8:8E:0E:3E:47:C3:2A:B3
X509v3 Authority Key Identifier:
keyid:EF:9F:E3:81:DA:3D:42:EB:7C:4E:0D:04:9C:CA:E7:22:8E:28:FB:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/75_jgdo9Qut8Tg0EnMrnIo4o-0s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75_jgdo9Qut8Tg0EnMrnIo4o-0s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/06F7B2EE3AC111EF85B44A3DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.43.173.0/24
Signature Algorithm: sha256WithRSAEncryption
22:64:7b:61:fd:78:bd:c3:d9:e9:73:a4:e7:75:7b:18:91:e1:
92:47:a0:99:bd:b2:22:64:55:2d:61:ae:ef:b5:08:e5:78:29:
72:47:2f:ca:38:a3:9b:a4:08:64:a3:fa:fa:f6:3c:47:34:d6:
4e:80:81:fd:b9:16:46:74:f6:cf:1a:6f:f7:75:b1:e4:52:ab:
0a:f2:16:f7:01:15:aa:21:6f:2e:b9:cc:02:d1:85:75:33:a8:
ed:40:69:47:e8:ea:e2:27:ae:f9:00:47:fa:13:7b:d4:01:c8:
ea:b0:ba:e8:90:f5:d3:ca:e2:36:2d:82:11:8a:14:50:78:58:
56:99:7d:ca:4e:64:4e:e7:ad:15:be:c4:f8:59:d6:22:3b:37:
bb:1a:7e:27:86:60:bd:4e:d0:ff:05:00:22:bc:55:18:13:12:
1a:67:40:fd:a2:b8:3d:c9:08:9d:80:33:32:e0:6c:50:5a:89:
5f:e1:6c:56:4e:b0:a4:3b:c3:85:85:b3:ca:43:b8:bf:b7:f1:
55:ff:40:34:35:26:e9:84:01:1a:77:e0:91:3e:7b:06:7e:37:
ea:a0:3c:e7:b8:7e:99:39:67:ea:a4:e7:39:f1:6a:8d:e1:db:
a0:d2:e1:15:b7:f0:ae:29:50:05:cf:6e:6f:99:e1:87:15:7c:
8b:dc:d5:a3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAOEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjNDODcxMTAvBgNVBAUTKEVGOUZFMzgxREEzRDQyRUI3QzRFMEQwNDlDQ0FFNzIy
OEUyOEZCNEIwHhcNMjQwNzA1MTEyMzM5WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg3ZDdiYi04ZWE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr4nLrGd/qW5wlK1VsEPLCza1/yTZAiLGxe4SWhR2Ih6CmrulYagQjYSf6/1N
d0o10BqEqU5zpIu6eneBePVCJlAStXrUUs1zxg84/lO7x3aLKntqJOREsqgj6rEW
ug4ZAHimogdw21oSy2XDcoR4PU7WMesGWWnFJLZDlnAlQZ0UoMI8liCW/QaN9Ufh
zzRy33Pr29tveG6QRv9GTL+DsXURIlz17kOzcdjGNM6Vo5L936m/O4m0MoeYfwdx
djSWMcNy0rvJcYotGtHKnM+6X0dCtLpB1adxT2/b5w4cIMiL0AEd+Cv6gBWAoPfP
gun1xJxjQE80sIZo/UmOBLnVDwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDyoeq1k
HSUch00eLbiODj5HwyqzMB8GA1UdIwQYMBaAFO+f44HaPULrfE4NBJzK5yKOKPtL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0M4Ny9FNzgyODU0RUVG
MEIxMUVEODFERDJENzJDNEY5QUUwMi83NV9qZ2RvOVF1dDhUZzBFbk1ybklvNG8t
MHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzc1X2pnZG85UXV0OFRnMEVuTXJuSW80by0wcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjNDODcvRTc4Mjg1NEVFRjBCMTFFRDgxREQyRDcyQzRGOUFFMDIvMDZGN0IyRUUz
QUMxMTFFRjg1QjQ0QTNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnK60wDQYJKoZIhvcNAQELBQADggEBACJke2H9eL3D2elz
pOd1exiR4ZJHoJm9siJkVS1hru+1COV4KXJHL8o4o5ukCGSj+vr2PEc01k6Agf25
FkZ09s8ab/d1seRSqwryFvcBFaohby65zALRhXUzqO1AaUfo6uInrvkAR/oTe9QB
yOqwuuiQ9dPK4jYtghGKFFB4WFaZfcpOZE7nrRW+xPhZ1iI7N7safieGYL1O0P8F
ACK8VRgTEhpnQP2iuD3JCJ2AMzLgbFBaiV/hbFZOsKQ7w4WFs8pDuL+38VX/QDQ1
JumEARp34JE+ewZ+N+qgPOe4fpk5Z+qk5znxao3h26DS4RW38K4pUAXPbm+Z4YcV
fIvc1aM=
-----END CERTIFICATE-----
Generated at Tue Nov 19 13:17:34 2024 by rpki-client on console-fra.rpki-client.org