Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FD8BE/C68EFF9EE5D611EE8B356739C4F9AE02/7BC334D0032211EFB6663D61C4F9AE02.roa
File: 7BC334D0032211EFB6663D61C4F9AE02.roa (raw, json)
Hash identifier: KLsaxmsptpjAeDm+b0JJ1w1XqIuCXPvLuQmzINtbEbo=
Subject key identifier: 68:37:CD:53:A1:CC:56:81:F1:35:E0:4C:55:0A:CF:19:48:DD:C8:60
Certificate issuer: /CN=A91FD8BE/serialNumber=E3F18D412026F31BA443EA33F56706FFB2F0F162
Certificate serial: 20
Authority key identifier: E3:F1:8D:41:20:26:F3:1B:A4:43:EA:33:F5:67:06:FF:B2:F0:F1:62
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4_GNQSAm8xukQ-oz9WcG_7Lw8WI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FD8BE/C68EFF9EE5D611EE8B356739C4F9AE02/7BC334D0032211EFB6663D61C4F9AE02.roa
Signing time: Thu 25 Apr 2024 16:40:11 +0000
ROA not before: Thu 25 Apr 2024 16:40:11 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 150315
IP address blocks: 103.67.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 May 2024 11:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32 (0x20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FD8BE/serialNumber=E3F18D412026F31BA443EA33F56706FFB2F0F162
Validity
Not Before: Apr 25 16:40:11 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=662a876b-e82b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ad:b4:c0:32:d6:7e:46:2c:e4:58:8d:f2:37:
1e:e3:d0:c7:8a:b1:0c:f0:18:1c:a8:87:be:b0:34:
27:1a:ad:eb:5b:86:d2:d8:7c:c8:bc:ce:71:4b:77:
4e:e9:10:ce:70:9f:49:4f:d5:23:96:be:80:97:ae:
3d:86:15:cb:b3:a5:b9:4e:1e:67:6a:9e:3b:23:cc:
a2:73:84:e8:55:03:15:c0:a7:06:60:37:f3:5a:f2:
7d:46:43:1a:a5:9a:6b:46:d1:1d:bc:39:ca:da:da:
8a:2e:47:ba:3f:12:6f:d7:0d:83:45:9f:07:28:1b:
21:aa:74:ae:2e:cf:d3:26:01:29:fb:08:5e:27:8a:
53:e4:09:fd:f1:db:1d:cd:50:b5:99:21:92:98:5b:
76:19:68:bd:dc:1f:1f:59:49:0f:ae:8a:44:22:e3:
3f:3b:de:42:7b:4b:a4:07:aa:a8:ce:63:c5:01:bc:
95:7e:1e:77:3a:74:2b:ac:65:2b:b1:0e:92:6c:96:
c0:8d:fe:fc:0e:1e:e9:5e:be:9b:a5:53:03:c6:8a:
48:1d:89:d3:04:04:7b:fb:de:e9:b5:38:c1:87:a1:
de:9a:61:0b:ea:87:c7:14:c4:60:29:34:0e:26:a2:
a8:6a:7d:19:5d:b5:42:b2:76:6f:5f:b3:1c:95:ee:
58:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:37:CD:53:A1:CC:56:81:F1:35:E0:4C:55:0A:CF:19:48:DD:C8:60
X509v3 Authority Key Identifier:
keyid:E3:F1:8D:41:20:26:F3:1B:A4:43:EA:33:F5:67:06:FF:B2:F0:F1:62
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FD8BE/C68EFF9EE5D611EE8B356739C4F9AE02/4_GNQSAm8xukQ-oz9WcG_7Lw8WI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4_GNQSAm8xukQ-oz9WcG_7Lw8WI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FD8BE/C68EFF9EE5D611EE8B356739C4F9AE02/7BC334D0032211EFB6663D61C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.67.55.0/24
Signature Algorithm: sha256WithRSAEncryption
37:81:c3:98:00:65:05:3d:86:1d:80:92:5e:b5:4e:ec:1a:62:
35:71:7c:e0:53:78:66:31:e7:5f:1e:42:7c:16:d8:ab:04:d0:
26:86:3e:d5:ed:73:97:78:fb:69:f5:3e:c4:61:5d:50:8b:45:
94:62:da:7d:4f:f8:ed:81:f2:7e:b6:17:7f:54:4c:a8:90:a7:
fc:45:c5:20:fe:a2:d0:8a:b2:35:dd:eb:ee:9f:c5:6d:4d:3f:
25:1e:22:1b:a9:c2:c6:3a:f2:67:fa:14:dd:24:db:2a:83:d7:
f4:d8:fa:cd:f7:43:e8:73:98:ce:4c:1d:e6:11:f6:cd:2c:80:
c2:f7:88:67:82:85:f1:03:36:b8:c0:dd:5c:70:0f:a1:d9:4f:
0a:df:0f:c1:af:29:85:56:5a:f9:d1:cf:b8:ce:8e:0e:c8:11:
15:36:94:82:54:ad:d3:2e:43:e2:fb:65:eb:62:6e:7b:df:b6:
1d:20:c4:ec:ad:5b:38:73:de:df:ff:59:14:c1:28:cd:89:95:
9a:33:65:35:c0:e8:71:e0:df:16:40:23:8f:b2:45:61:03:68:
fe:0e:4e:b9:aa:72:46:c3:f2:b4:9f:3a:94:ec:4b:91:80:fc:
e7:51:a0:24:83:34:dd:3b:4d:95:54:73:23:b3:48:b8:a8:3f:
85:cf:18:66
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBIDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
RDhCRTExMC8GA1UEBRMoRTNGMThENDEyMDI2RjMxQkE0NDNFQTMzRjU2NzA2RkZC
MkYwRjE2MjAeFw0yNDA0MjUxNjQwMTFaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MmE4NzZiLWU4MmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDbrbTAMtZ+RizkWI3yNx7j0MeKsQzwGByoh76wNCcaretbhtLYfMi8znFLd07p
EM5wn0lP1SOWvoCXrj2GFcuzpblOHmdqnjsjzKJzhOhVAxXApwZgN/Na8n1GQxql
mmtG0R28Ocra2oouR7o/Em/XDYNFnwcoGyGqdK4uz9MmASn7CF4nilPkCf3x2x3N
ULWZIZKYW3YZaL3cHx9ZSQ+uikQi4z873kJ7S6QHqqjOY8UBvJV+Hnc6dCusZSux
DpJslsCN/vwOHulevpulUwPGikgdidMEBHv73um1OMGHod6aYQvqh8cUxGApNA4m
oqhqfRldtUKydm9fsxyV7liRAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUaDfNU6HM
VoHxNeBMVQrPGUjdyGAwHwYDVR0jBBgwFoAU4/GNQSAm8xukQ+oz9WcG/7Lw8WIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZEOEJFL0M2OEVGRjlFRTVE
NjExRUU4QjM1NjczOUM0RjlBRTAyLzRfR05RU0FtOHh1a1Etb3o5V2NHXzdMdzhX
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNF9HTlFTQW04eHVrUS1vejlXY0dfN0x3OFdJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
RDhCRS9DNjhFRkY5RUU1RDYxMUVFOEIzNTY3MzlDNEY5QUUwMi83QkMzMzREMDAz
MjIxMUVGQjY2NjNENjFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdDNzANBgkqhkiG9w0BAQsFAAOCAQEAN4HDmABlBT2GHYCS
XrVO7BpiNXF84FN4ZjHnXx5CfBbYqwTQJoY+1e1zl3j7afU+xGFdUItFlGLafU/4
7YHyfrYXf1RMqJCn/EXFIP6i0IqyNd3r7p/FbU0/JR4iG6nCxjryZ/oU3STbKoPX
9Nj6zfdD6HOYzkwd5hH2zSyAwveIZ4KF8QM2uMDdXHAPodlPCt8Pwa8phVZa+dHP
uM6ODsgRFTaUglSt0y5D4vtl62Jue9+2HSDE7K1bOHPe3/9ZFMEozYmVmjNlNcDo
ceDfFkAjj7JFYQNo/g5OuapyRsPytJ86lOxLkYD851GgJIM03TtNlVRzI7NIuKg/
hc8YZg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org