Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6C39/7BF0F274CE7011EBA7E09B1AC4F9AE02/49E70B34F87B11ECA0B67138C4F9AE02.roa
File: 49E70B34F87B11ECA0B67138C4F9AE02.roa (raw, json)
Hash identifier: bwnmyC+hpZSeXXR/JlzXAD96rSq59sLYbwbTin+ClI4=
Subject key identifier: AD:28:EE:64:66:A5:30:71:47:B4:E9:69:C5:DF:08:AF:1C:DA:44:78
Certificate issuer: /CN=A91F6C39/serialNumber=EA26D323831CDA1A384E91E0FE3891DB0CEB2EC8
Certificate serial: 043D
Authority key identifier: EA:26:D3:23:83:1C:DA:1A:38:4E:91:E0:FE:38:91:DB:0C:EB:2E:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6ibTI4Mc2ho4TpHg_jiR2wzrLsg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F6C39/7BF0F274CE7011EBA7E09B1AC4F9AE02/49E70B34F87B11ECA0B67138C4F9AE02.roa
Signing time: Thu 29 Jun 2023 00:17:13 +0000
ROA not before: Thu 29 Jun 2023 00:17:13 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 63526
IP address blocks: 103.166.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Sep 2023 07:07:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1085 (0x43d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F6C39/serialNumber=EA26D323831CDA1A384E91E0FE3891DB0CEB2EC8
Validity
Not Before: Jun 29 00:17:13 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=649ccd89-b735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:69:51:44:8c:97:d4:78:51:75:fa:d9:33:dc:
1d:e4:50:64:ad:b8:e1:06:b3:27:0e:07:ed:61:db:
83:5f:78:23:32:19:e7:32:f1:88:10:16:df:9f:35:
c4:bd:d6:50:77:00:7b:45:90:38:5f:d5:45:f0:69:
16:58:c7:be:04:23:bc:34:84:0f:a2:6d:e0:2f:18:
fc:d9:ca:6e:26:66:67:bb:0b:6a:88:33:a9:6b:a9:
1b:1f:fb:41:66:03:65:ad:a5:07:e3:56:45:16:70:
ac:df:a7:04:8d:94:9b:92:08:d2:ad:68:6f:e3:c5:
80:14:34:97:4b:9e:16:52:22:61:89:c3:cb:cf:31:
ea:94:53:49:d0:eb:9d:b3:5f:a3:e0:53:b0:d5:9b:
86:0c:37:57:23:52:f1:fc:07:a4:96:99:da:87:49:
c3:d8:de:a8:30:da:5d:74:72:ff:38:ee:15:6e:87:
3c:49:42:e1:01:42:eb:9d:2d:6e:42:a7:5f:80:99:
ee:5b:dc:0f:8b:99:8a:83:e9:97:88:8b:a3:0e:22:
1f:d1:31:f3:d3:cf:63:f3:f0:c3:f7:01:ee:a3:10:
3f:17:46:a3:4d:0e:cb:c1:9b:f5:c7:11:9d:27:1d:
72:45:80:f0:08:54:00:29:85:4b:da:08:c6:d3:b6:
38:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:28:EE:64:66:A5:30:71:47:B4:E9:69:C5:DF:08:AF:1C:DA:44:78
X509v3 Authority Key Identifier:
keyid:EA:26:D3:23:83:1C:DA:1A:38:4E:91:E0:FE:38:91:DB:0C:EB:2E:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F6C39/7BF0F274CE7011EBA7E09B1AC4F9AE02/6ibTI4Mc2ho4TpHg_jiR2wzrLsg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6ibTI4Mc2ho4TpHg_jiR2wzrLsg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6C39/7BF0F274CE7011EBA7E09B1AC4F9AE02/49E70B34F87B11ECA0B67138C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.166.187.0/24
Signature Algorithm: sha256WithRSAEncryption
78:b6:39:89:a3:d7:40:cf:8a:48:0b:48:8a:c0:38:41:f4:cd:
6b:8b:ee:11:34:e4:8c:eb:c4:a8:6f:51:7a:66:94:11:bb:57:
d4:9e:74:fa:21:04:44:3a:eb:c2:7d:d6:3f:86:c5:fc:63:3b:
75:3b:cf:3e:d7:24:48:10:c8:a0:5a:8c:2e:21:e6:58:b9:d7:
5a:ab:95:3d:5b:ae:e5:85:cc:c3:6a:6b:0b:ec:eb:1b:a0:b3:
67:95:64:fc:65:71:a6:93:18:6d:f9:76:b5:3c:e8:7c:76:b5:
b2:6f:da:51:1b:79:77:fb:ab:19:a0:6a:3d:d8:e8:29:3f:cc:
30:96:fd:24:e9:80:50:ea:67:5f:12:eb:92:12:84:fa:a4:32:
27:18:9c:cf:81:8b:f2:6a:c1:f3:50:73:fe:38:eb:81:83:6e:
69:c7:02:5b:62:be:67:55:9c:d9:d7:b5:bc:dc:b3:9e:00:d0:
2f:b3:a6:8c:ac:03:50:47:07:47:f8:8f:45:e5:32:73:b2:d8:
7d:8c:d5:70:13:d7:5a:d9:3c:07:71:36:d9:39:02:d1:85:72:
88:ea:93:e1:25:c8:f9:c6:37:d2:f3:18:6e:54:ec:da:ae:a2:
63:90:7e:0f:fc:f2:19:f0:1b:69:d5:41:72:00:a6:f2:e3:8c:
e3:76:b0:d3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBD0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjZDMzkxMTAvBgNVBAUTKEVBMjZEMzIzODMxQ0RBMUEzODRFOTFFMEZFMzg5MURC
MENFQjJFQzgwHhcNMjMwNjI5MDAxNzEzWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDljY2Q4OS1iNzM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsGlRRIyX1HhRdfrZM9wd5FBkrbjhBrMnDgftYduDX3gjMhnnMvGIEBbfnzXE
vdZQdwB7RZA4X9VF8GkWWMe+BCO8NIQPom3gLxj82cpuJmZnuwtqiDOpa6kbH/tB
ZgNlraUH41ZFFnCs36cEjZSbkgjSrWhv48WAFDSXS54WUiJhicPLzzHqlFNJ0Oud
s1+j4FOw1ZuGDDdXI1Lx/Aeklpnah0nD2N6oMNpddHL/OO4Vboc8SULhAULrnS1u
QqdfgJnuW9wPi5mKg+mXiIujDiIf0THz089j8/DD9wHuoxA/F0ajTQ7LwZv1xxGd
Jx1yRYDwCFQAKYVL2gjG07Y4HQIDAQABo4IClTCCApEwHQYDVR0OBBYEFK0o7mRm
pTBxR7TpacXfCK8c2kR4MB8GA1UdIwQYMBaAFOom0yODHNoaOE6R4P44kdsM6y7I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNkMzOS83QkYwRjI3NENF
NzAxMUVCQTdFMDlCMUFDNEY5QUUwMi82aWJUSTRNYzJobzRUcEhnX2ppUjJ3enJM
c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZpYlRJNE1jMmhvNFRwSGdfamlSMnd6ckxzZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjZDMzkvN0JGMEYyNzRDRTcwMTFFQkE3RTA5QjFBQzRGOUFFMDIvNDlFNzBCMzRG
ODdCMTFFQ0EwQjY3MTM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnprswDQYJKoZIhvcNAQELBQADggEBAHi2OYmj10DPikgL
SIrAOEH0zWuL7hE05IzrxKhvUXpmlBG7V9SedPohBEQ668J91j+GxfxjO3U7zz7X
JEgQyKBajC4h5li511qrlT1bruWFzMNqawvs6xugs2eVZPxlcaaTGG35drU86Hx2
tbJv2lEbeXf7qxmgaj3Y6Ck/zDCW/STpgFDqZ18S65IShPqkMicYnM+Bi/JqwfNQ
c/4464GDbmnHAltivmdVnNnXtbzcs54A0C+zpoysA1BHB0f4j0XlMnOy2H2M1XAT
11rZPAdxNtk5AtGFcojqk+ElyPnGN9LzGG5U7NquomOQfg/88hnwG2nVQXIApvLj
jON2sNM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:38 2024 by rpki-client on console-ams.rpki-client.org