Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/9A3E8B841A0711EF991F7B4FC4F9AE02.roa
File: 9A3E8B841A0711EF991F7B4FC4F9AE02.roa (raw, json)
Hash identifier: DkRMJYKgUzPwxFd1kxwNjqVkyh8CC/cJTboQG4sajyk=
Subject key identifier: 0E:E2:2A:95:47:B4:0C:49:F8:3D:86:75:0B:65:05:67:16:33:9C:29
Certificate issuer: /CN=A91F4FB0/serialNumber=876E6813BF2C1811CD11DE99281ACD44BEC0DE73
Certificate serial: 24
Authority key identifier: 87:6E:68:13:BF:2C:18:11:CD:11:DE:99:28:1A:CD:44:BE:C0:DE:73
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h25oE78sGBHNEd6ZKBrNRL7A3nM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/9A3E8B841A0711EF991F7B4FC4F9AE02.roa
Signing time: Fri 24 May 2024 19:56:30 +0000
ROA not before: Fri 24 May 2024 19:56:30 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 149172
IP address blocks: 103.177.196.0/23 maxlen: 23
2400:3d20::/36 maxlen: 36
2400:3d20:1000::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 05 Jun 2024 10:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36 (0x24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F4FB0/serialNumber=876E6813BF2C1811CD11DE99281ACD44BEC0DE73
Validity
Not Before: May 24 19:56:30 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6650f0ee-987a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:dc:42:ca:58:4b:ed:00:fe:4b:a7:d6:fb:79:
51:5c:18:a9:10:2a:e9:3e:af:15:27:db:d7:14:a5:
9c:19:cc:f3:97:05:d6:50:f3:0b:a3:6d:e8:cb:f2:
ce:0c:e4:41:f1:6f:4e:fb:e2:19:dc:61:06:5c:c3:
c9:77:23:72:ff:b2:af:8a:ec:ff:5c:28:c0:8c:b1:
23:e5:a5:c8:6b:62:72:ab:b6:2e:ab:54:45:05:7e:
38:12:77:49:31:2e:ad:5e:2a:87:ed:1e:96:c9:96:
e5:e3:0b:6e:3b:b5:a6:49:31:3a:f7:40:e1:ef:72:
c9:63:ac:93:7f:8c:e7:f2:a2:3a:db:34:0a:d3:f4:
d7:63:47:c1:b2:a9:bd:5d:c5:48:94:bf:fa:bf:fc:
53:d2:ea:3e:ff:ac:ae:67:f5:5d:cf:f5:b9:02:a6:
83:7c:3f:fd:e4:5d:3c:51:a4:a8:3e:f7:fe:29:f7:
66:c6:e1:23:00:c7:50:dd:2d:54:0e:2c:cb:07:f3:
d6:1d:08:ac:28:9b:76:3a:01:30:d3:fb:6a:14:7e:
26:34:73:31:0f:7a:a4:b3:ab:1c:15:01:ad:9e:0d:
a0:16:9f:05:78:6c:8e:ca:a0:15:08:c8:5f:7c:c2:
0f:a4:1e:58:0f:a3:64:ad:6e:12:7e:42:9e:53:69:
3a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E2:2A:95:47:B4:0C:49:F8:3D:86:75:0B:65:05:67:16:33:9C:29
X509v3 Authority Key Identifier:
keyid:87:6E:68:13:BF:2C:18:11:CD:11:DE:99:28:1A:CD:44:BE:C0:DE:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/h25oE78sGBHNEd6ZKBrNRL7A3nM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h25oE78sGBHNEd6ZKBrNRL7A3nM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/9A3E8B841A0711EF991F7B4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.177.196.0/23
IPv6:
2400:3d20::-2400:3d20:10ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
aa:41:c2:15:8d:76:36:79:bc:67:62:6d:6b:ab:ee:ea:50:93:
08:43:8b:09:21:95:c1:53:45:10:56:01:d9:de:5d:11:e4:dc:
34:c9:41:2a:02:a3:66:44:e3:46:17:14:65:67:4f:b4:eb:d8:
e6:e0:be:10:18:30:59:14:c4:f6:6b:67:bb:32:2e:d3:29:9a:
ef:10:38:3b:05:d9:09:67:7d:76:97:e7:50:59:b6:4f:dc:c8:
60:e4:7c:8b:83:02:52:bc:68:c4:8e:e2:6e:c5:27:d9:52:be:
82:21:14:1d:c4:fa:23:c4:3a:15:ab:38:f1:f6:5a:c6:5a:f9:
7a:1f:3f:f4:f7:e8:fe:62:a1:30:fb:07:8d:aa:4e:02:21:6f:
6a:34:8a:c2:d0:a8:45:fc:59:a7:1b:a3:85:3b:7c:30:e3:0f:
f6:3e:f2:2f:ce:62:61:d6:29:e2:c4:78:cc:d0:66:d9:45:ce:
23:3f:da:1d:a0:71:c8:0a:68:54:d7:18:a7:23:b5:2e:df:44:
36:57:bc:3a:e0:fc:a8:97:3d:a6:95:96:30:7b:2f:0b:e0:88:
e2:d4:a8:0d:14:27:e2:7b:f7:c1:6c:b5:dd:0a:1c:fd:00:46:
45:39:fd:30:ae:13:0f:87:3c:eb:da:45:89:46:47:5d:ad:16:
90:1e:3a:e0
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIBJDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
NEZCMDExMC8GA1UEBRMoODc2RTY4MTNCRjJDMTgxMUNEMTFERTk5MjgxQUNENDRC
RUMwREU3MzAeFw0yNDA1MjQxOTU2MzBaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NTBmMGVlLTk4N2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC03ELKWEvtAP5Lp9b7eVFcGKkQKuk+rxUn29cUpZwZzPOXBdZQ8wujbejL8s4M
5EHxb0774hncYQZcw8l3I3L/sq+K7P9cKMCMsSPlpchrYnKrti6rVEUFfjgSd0kx
Lq1eKoftHpbJluXjC247taZJMTr3QOHvcsljrJN/jOfyojrbNArT9NdjR8Gyqb1d
xUiUv/q//FPS6j7/rK5n9V3P9bkCpoN8P/3kXTxRpKg+9/4p92bG4SMAx1DdLVQO
LMsH89YdCKwom3Y6ATDT+2oUfiY0czEPeqSzqxwVAa2eDaAWnwV4bI7KoBUIyF98
wg+kHlgPo2StbhJ+Qp5TaToNAgMBAAGjggKuMIICqjAdBgNVHQ4EFgQUDuIqlUe0
DEn4PYZ1C2UFZxYznCkwHwYDVR0jBBgwFoAUh25oE78sGBHNEd6ZKBrNRL7A3nMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY0RkIwLzA1OENFQzE0MTlC
RDExRUZCRDMzRTA4MkM0RjlBRTAyL2gyNW9FNzhzR0JITkVkNlpLQnJOUkw3QTNu
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaDI1b0U3OHNHQkhORWQ2WktCck5STDdBM25NLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NEZCMC8wNThDRUMxNDE5QkQxMUVGQkQzM0UwODJDNEY5QUUwMi85QTNFOEI4NDFB
MDcxMUVGOTkxRjdCNEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA4BggrBgEFBQcBBwEB/wQp
MCcwDAQCAAEwBgMEAWexxDAXBAIAAjARMA8DBQUkAD0gAwYAJAA9IBAwDQYJKoZI
hvcNAQELBQADggEBAKpBwhWNdjZ5vGdibWur7upQkwhDiwkhlcFTRRBWAdneXRHk
3DTJQSoCo2ZE40YXFGVnT7Tr2ObgvhAYMFkUxPZrZ7syLtMpmu8QODsF2QlnfXaX
51BZtk/cyGDkfIuDAlK8aMSO4m7FJ9lSvoIhFB3E+iPEOhWrOPH2WsZa+XofP/T3
6P5ioTD7B42qTgIhb2o0isLQqEX8Wacbo4U7fDDjD/Y+8i/OYmHWKeLEeMzQZtlF
ziM/2h2gccgKaFTXGKcjtS7fRDZXvDrg/KiXPaaVljB7LwvgiOLUqA0UJ+J798Fs
td0KHP0ARkU5/TCuEw+HPOvaRYlGR12tFpAeOuA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:48 2024 by rpki-client on console-fra.rpki-client.org