Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/CAFCE232D1B111EE8ABB4561C4F9AE02.roa
File: CAFCE232D1B111EE8ABB4561C4F9AE02.roa (raw, json)
Hash identifier: prxj8ye3ueB55s8/TBZ0TVWRihmWVH9JSkiDvdAApSQ=
Subject key identifier: 25:1E:71:00:84:E7:AD:CD:AB:67:A4:D6:D8:59:2B:6E:82:12:74:E1
Certificate issuer: /CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Certificate serial: 0425
Authority key identifier: 61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/CAFCE232D1B111EE8ABB4561C4F9AE02.roa
Signing time: Mon 26 Feb 2024 16:21:10 +0000
ROA not before: Mon 26 Feb 2024 16:21:10 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 30938
IP address blocks: 103.101.84.0/24 maxlen: 24
103.101.85.0/24 maxlen: 24
103.101.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 16:37:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1061 (0x425)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Validity
Not Before: Feb 26 16:21:10 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65dcba75-3dae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:27:0c:6c:a0:fd:97:33:9c:9a:b4:fc:fc:29:
7d:50:ee:28:60:4f:ba:f1:8e:14:06:de:4c:e9:e6:
23:9f:07:27:34:57:d9:1b:dc:0f:31:6f:a2:2d:a1:
e2:3e:df:f8:18:4a:2e:62:cb:ac:61:8c:83:09:25:
99:49:c0:fc:c5:99:3f:4a:2e:70:c5:93:7e:38:8b:
7d:2a:56:0a:19:ed:f6:de:a5:11:1d:eb:a5:bc:7e:
b5:f6:5e:2a:be:57:59:f7:63:b6:ee:34:01:32:e0:
b5:dc:16:56:c4:51:19:81:13:5c:1d:6f:b7:76:df:
70:d3:d9:76:1d:1d:ca:2a:a3:4d:eb:cc:41:e0:f5:
87:7a:c0:55:51:1b:f7:38:49:3d:a3:38:5f:91:ce:
bc:62:4d:e2:b3:50:2e:46:79:19:11:7c:39:73:9d:
9e:6b:92:b3:f8:b4:1f:60:2f:91:48:65:9a:89:0e:
af:b7:24:cd:4f:ba:fc:e5:a6:ae:96:13:1c:fe:73:
d3:e0:f5:31:63:4c:77:55:70:23:16:33:9e:43:af:
d2:fc:f3:89:a5:a6:b8:d8:17:db:78:31:bd:33:f1:
86:3c:87:76:28:60:b8:5e:82:82:55:bd:2a:82:c1:
0f:97:14:6f:bf:6a:00:a2:3a:92:52:76:04:82:73:
b4:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:1E:71:00:84:E7:AD:CD:AB:67:A4:D6:D8:59:2B:6E:82:12:74:E1
X509v3 Authority Key Identifier:
keyid:61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/YYQdHtq_n_D2AYxhEBevcZYnok0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/CAFCE232D1B111EE8ABB4561C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.101.84.0-103.101.86.255
Signature Algorithm: sha256WithRSAEncryption
8c:21:f1:70:1d:35:91:dd:3c:03:8a:37:42:2e:06:7b:6f:02:
61:c6:47:8d:fe:70:7c:4d:fc:f3:fd:ab:20:f4:d1:dd:87:53:
d1:f8:b2:43:c9:5a:62:49:df:23:e5:ab:d2:c1:31:b1:96:f6:
ab:e2:5c:34:b5:6c:f6:e7:19:0f:93:b9:b5:0b:3a:c4:7b:f9:
e6:4d:8e:4e:c8:52:e6:7f:1b:f7:b0:31:d3:ba:d5:b1:39:de:
28:30:91:9b:ab:77:e7:d2:3e:c0:91:22:4b:7c:14:2d:a5:cb:
05:9d:41:17:29:a8:98:fa:30:c2:29:24:93:71:cc:5f:ca:98:
ff:08:21:14:9d:78:b4:97:e5:a8:7d:67:8f:44:14:71:a1:24:
9e:ed:b9:c1:3c:38:5d:4a:8e:bf:82:58:ae:97:30:ef:79:e0:
94:0b:c4:25:53:c4:7d:d0:28:31:e5:be:4a:8c:3a:51:3a:9d:
43:5b:0d:c0:80:94:12:8b:24:2f:e3:ad:6f:df:fa:e7:a1:03:
21:5e:6a:d2:1c:2c:9b:df:b0:0a:ae:d6:72:6d:5a:c9:4e:c5:
05:61:ad:0b:81:ff:33:e1:0e:04:05:1d:a7:da:19:b6:5f:58:
a4:da:e7:87:88:e9:6b:cd:4c:7b:70:35:15:05:e6:e6:41:ac:
ba:cf:90:20
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICBCUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTczNzMxMTAvBgNVBAUTKDYxODQxRDFFREFCRjlGRjBGNjAxOEM2MTEwMTdBRjcx
OTYyN0EyNEQwHhcNMjQwMjI2MTYyMTEwWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWRjYmE3NS0zZGFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsScMbKD9lzOcmrT8/Cl9UO4oYE+68Y4UBt5M6eYjnwcnNFfZG9wPMW+iLaHi
Pt/4GEouYsusYYyDCSWZScD8xZk/Si5wxZN+OIt9KlYKGe323qURHeulvH619l4q
vldZ92O27jQBMuC13BZWxFEZgRNcHW+3dt9w09l2HR3KKqNN68xB4PWHesBVURv3
OEk9ozhfkc68Yk3is1AuRnkZEXw5c52ea5Kz+LQfYC+RSGWaiQ6vtyTNT7r85aau
lhMc/nPT4PUxY0x3VXAjFjOeQ6/S/POJpaa42BfbeDG9M/GGPId2KGC4XoKCVb0q
gsEPlxRvv2oAojqSUnYEgnO06QIDAQABo4ICnTCCApkwHQYDVR0OBBYEFCUecQCE
563Nq2ek1thZK26CEnThMB8GA1UdIwQYMBaAFGGEHR7av5/w9gGMYRAXr3GWJ6JN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzM3My9CRkE5QzM2MjIz
QUExMUVDQTgxMTZCMjdDNEY5QUUwMi9ZWVFkSHRxX25fRDJBWXhoRUJldmNaWW5v
azAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lZUWRIdHFfbl9EMkFZeGhFQmV2Y1pZbm9rMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTczNzMvQkZBOUMzNjIyM0FBMTFFQ0E4MTE2QjI3QzRGOUFFMDIvQ0FGQ0UyMzJE
MUIxMTFFRThBQkI0NTYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAmdlVAMEAGdlVjANBgkqhkiG9w0BAQsFAAOCAQEAjCHx
cB01kd08A4o3Qi4Ge28CYcZHjf5wfE388/2rIPTR3YdT0fiyQ8laYknfI+Wr0sEx
sZb2q+JcNLVs9ucZD5O5tQs6xHv55k2OTshS5n8b97Ax07rVsTneKDCRm6t359I+
wJEiS3wULaXLBZ1BFymomPowwikkk3HMX8qY/wghFJ14tJflqH1nj0QUcaEknu25
wTw4XUqOv4JYrpcw73nglAvEJVPEfdAoMeW+Sow6UTqdQ1sNwICUEoskL+Otb9/6
56EDIV5q0hwsm9+wCq7Wcm1ayU7FBWGtC4H/M+EOBAUdp9oZtl9YpNrnh4jpa81M
e3A1FQXm5kGsus+QIA==
-----END CERTIFICATE-----
Generated at Wed Feb 28 20:12:24 2024 by rpki-client on console-fra.rpki-client.org