Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9116DDB/E1CDCDD2BE1B11EDA61ACD84C4F9AE02/61C04BF8545911EF9F7D2E48C4F9AE02.roa
File: 61C04BF8545911EF9F7D2E48C4F9AE02.roa (raw, json)
Hash identifier: 1ko/Aq4zCZ/5PGGkXWp9pUjbHvw/D29i54linnjVhkM=
Subject key identifier: 6F:6B:E3:BA:F7:5D:D5:1B:EA:D5:DF:C5:FD:F8:A8:47:54:BD:1C:BE
Certificate issuer: /CN=A9116DDB/serialNumber=0C769DA44982F61650362943E6DFEF951B9777FA
Certificate serial: 0141
Authority key identifier: 0C:76:9D:A4:49:82:F6:16:50:36:29:43:E6:DF:EF:95:1B:97:77:FA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DHadpEmC9hZQNilD5t_vlRuXd_o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9116DDB/E1CDCDD2BE1B11EDA61ACD84C4F9AE02/61C04BF8545911EF9F7D2E48C4F9AE02.roa
Signing time: Wed 07 Aug 2024 01:07:46 +0000
ROA not before: Wed 07 Aug 2024 01:07:46 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 5065
IP address blocks: 103.71.93.0/24 maxlen: 24
103.71.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 14:15:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 321 (0x141)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9116DDB/serialNumber=0C769DA44982F61650362943E6DFEF951B9777FA
Validity
Not Before: Aug 7 01:07:46 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=66b2c8e2-ea83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:15:01:c4:2d:25:c3:a6:97:29:2e:24:d7:f8:
ba:b9:4f:e7:41:1f:50:1b:38:24:42:8d:94:d9:fc:
69:79:cc:5c:74:a6:ec:81:b9:8b:7a:ec:f9:6b:85:
cf:8b:4b:50:79:c5:ed:17:9c:46:86:a8:20:9e:bc:
e2:e2:6c:ba:a2:7e:a1:c1:0e:5f:a4:d9:f3:66:cd:
a1:2b:ae:55:6e:03:8e:e5:66:81:aa:28:5d:8b:08:
03:88:f4:1a:45:98:19:18:48:32:ff:d3:d4:36:13:
46:3d:1b:47:62:1a:a3:b1:8c:1e:53:2d:af:e1:81:
3f:f7:99:33:27:54:be:9d:0a:a7:3b:c4:7d:ab:28:
f3:3d:66:b0:d5:a9:d8:39:9c:34:eb:3f:5c:5a:53:
3c:72:4f:56:8e:8f:7a:2c:3e:79:e5:80:b5:0c:b5:
35:cc:99:e9:c3:4e:c1:fb:21:cf:47:9b:5a:9e:56:
2c:64:1f:5c:66:5c:33:dc:6a:96:b6:0f:3b:46:0c:
b7:19:b8:21:a3:cc:41:d6:7d:a9:c2:f6:78:9c:47:
36:6b:9b:67:49:b8:d1:3a:96:cd:20:45:69:44:98:
da:21:3a:7c:d6:84:cf:f9:99:2f:12:62:63:f2:e7:
da:be:f1:81:63:3b:63:ed:45:8f:03:2d:a8:8e:87:
60:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:6B:E3:BA:F7:5D:D5:1B:EA:D5:DF:C5:FD:F8:A8:47:54:BD:1C:BE
X509v3 Authority Key Identifier:
keyid:0C:76:9D:A4:49:82:F6:16:50:36:29:43:E6:DF:EF:95:1B:97:77:FA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9116DDB/E1CDCDD2BE1B11EDA61ACD84C4F9AE02/DHadpEmC9hZQNilD5t_vlRuXd_o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DHadpEmC9hZQNilD5t_vlRuXd_o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9116DDB/E1CDCDD2BE1B11EDA61ACD84C4F9AE02/61C04BF8545911EF9F7D2E48C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.71.93.0/24
103.71.95.0/24
Signature Algorithm: sha256WithRSAEncryption
41:81:8e:17:cd:8b:3d:43:07:28:65:8e:dd:e2:c6:26:b4:4d:
b5:d1:d3:6a:2f:c5:4a:45:4d:d7:89:cc:d7:e7:ee:29:24:9f:
60:db:4c:c6:e9:bd:6f:8a:f0:3b:32:f9:d8:ba:c4:6c:c0:02:
fc:a7:f4:3d:10:2d:c5:69:93:31:2f:3c:b5:f3:fc:5c:80:d8:
53:26:54:22:a7:40:aa:b8:4d:35:df:4a:69:86:6a:25:55:d7:
26:d6:52:fe:9d:bd:5a:2a:4f:b6:97:8f:8d:ca:1d:88:78:8c:
fa:96:ff:df:2e:24:27:5e:ef:fb:34:c3:9b:b0:1f:90:bf:4e:
26:d7:8d:d2:2b:8e:d3:99:b6:fe:fe:5d:22:f1:9f:fe:21:72:
d6:71:63:ce:b3:38:d2:cb:44:be:d7:dc:8b:e4:db:64:0f:6b:
e8:0f:e6:fc:48:0b:ca:80:fe:b3:9a:e2:9e:cd:62:00:5e:5d:
8b:7c:5a:72:dc:3d:e2:ca:f4:f4:a8:e9:c7:b6:fe:07:8f:c6:
5b:7f:be:1b:52:5e:b1:0c:a4:eb:5a:f6:b8:7b:98:bf:25:a7:
e8:65:90:f6:f3:76:b6:54:21:cc:ac:43:70:f8:43:39:94:8c:
b7:0d:2b:71:92:ec:c7:0e:35:ad:0b:c8:a0:0c:32:0a:d3:8b:
11:05:6c:d8
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAUEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTZEREIxMTAvBgNVBAUTKDBDNzY5REE0NDk4MkY2MTY1MDM2Mjk0M0U2REZFRjk1
MUI5Nzc3RkEwHhcNMjQwODA3MDEwNzQ2WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmIyYzhlMi1lYTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0BUBxC0lw6aXKS4k1/i6uU/nQR9QGzgkQo2U2fxpecxcdKbsgbmLeuz5a4XP
i0tQecXtF5xGhqggnrzi4my6on6hwQ5fpNnzZs2hK65VbgOO5WaBqihdiwgDiPQa
RZgZGEgy/9PUNhNGPRtHYhqjsYweUy2v4YE/95kzJ1S+nQqnO8R9qyjzPWaw1anY
OZw06z9cWlM8ck9Wjo96LD555YC1DLU1zJnpw07B+yHPR5tanlYsZB9cZlwz3GqW
tg87Rgy3Gbgho8xB1n2pwvZ4nEc2a5tnSbjROpbNIEVpRJjaITp81oTP+ZkvEmJj
8ufavvGBYztj7UWPAy2ojodgJQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFG9r47r3
XdUb6tXfxf34qEdUvRy+MB8GA1UdIwQYMBaAFAx2naRJgvYWUDYpQ+bf75Ubl3f6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNkREQi9FMUNEQ0REMkJF
MUIxMUVEQTYxQUNEODRDNEY5QUUwMi9ESGFkcEVtQzloWlFOaWxENXRfdmxSdVhk
X28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RIYWRwRW1DOWhaUU5pbEQ1dF92bFJ1WGRfby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTZEREIvRTFDRENERDJCRTFCMTFFREE2MUFDRDg0QzRGOUFFMDIvNjFDMDRCRjg1
NDU5MTFFRjlGN0QyRTQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnR10DBABnR18wDQYJKoZIhvcNAQELBQADggEBAEGBjhfN
iz1DByhljt3ixia0TbXR02ovxUpFTdeJzNfn7ikkn2DbTMbpvW+K8Dsy+di6xGzA
Avyn9D0QLcVpkzEvPLXz/FyA2FMmVCKnQKq4TTXfSmmGaiVV1ybWUv6dvVoqT7aX
j43KHYh4jPqW/98uJCde7/s0w5uwH5C/TibXjdIrjtOZtv7+XSLxn/4hctZxY86z
ONLLRL7X3Ivk22QPa+gP5vxIC8qA/rOa4p7NYgBeXYt8WnLcPeLK9PSo6ce2/geP
xlt/vhtSXrEMpOta9rh7mL8lp+hlkPbzdrZUIcysQ3D4QzmUjLcNK3GS7McONa0L
yKAMMgrTixEFbNg=
-----END CERTIFICATE-----
Generated at Tue Sep 24 17:14:22 2024 by rpki-client on console-ams.rpki-client.org