Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/D82B2C40675111EEBC4E4740C4F9AE02.roa
File: D82B2C40675111EEBC4E4740C4F9AE02.roa (raw, json)
Hash identifier: 573c5BYhbUlr6XzDm51zRWQw5hx/VjdH/P/SvgDPOvY=
Subject key identifier: EC:A0:AA:9A:F6:E0:D1:2A:B8:4B:53:70:98:62:93:FF:CB:E0:36:61
Certificate issuer: /CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Certificate serial: 0412
Authority key identifier: 61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/D82B2C40675111EEBC4E4740C4F9AE02.roa
Signing time: Thu 22 Feb 2024 10:03:34 +0000
ROA not before: Thu 22 Feb 2024 10:03:34 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 30938
IP address blocks: 103.101.84.0/24 maxlen: 24
103.101.85.0/24 maxlen: 24
103.101.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 18:38:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1042 (0x412)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Validity
Not Before: Feb 22 10:03:34 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65d71bf5-a1db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c8:19:4d:27:40:c6:69:08:a3:5d:8e:b7:58:
a6:de:c1:bd:da:23:c6:1a:2f:1c:36:db:6a:95:fe:
b2:e0:96:49:3b:63:58:99:07:9a:ef:5c:3e:2c:d6:
bb:21:9d:66:c6:ce:f1:72:52:31:15:a1:8f:38:8b:
a6:7d:f2:66:55:33:26:c8:82:85:be:d4:fa:2d:f0:
e6:c3:03:54:10:a5:5a:8e:0b:07:27:56:9e:24:60:
f7:7e:5d:3e:87:28:5e:39:42:af:6d:93:d5:19:d6:
1a:6b:ca:21:04:92:0b:94:37:e0:ba:ff:12:e9:23:
c4:00:7b:9d:57:bd:42:a6:f3:fe:74:98:53:1b:61:
41:40:36:34:70:82:ff:32:0f:46:c8:51:46:ae:9b:
ec:af:03:fa:a2:c5:d1:a7:5d:e4:c3:47:ca:55:59:
fb:32:5a:86:cd:0a:9a:73:d1:26:e0:ce:4d:75:f7:
68:22:5f:37:cc:94:37:85:70:70:2b:ce:bb:e9:69:
84:a9:25:da:1d:b7:7c:68:a3:c7:92:e6:07:fe:d9:
64:87:84:e8:34:c7:ad:63:21:dc:ad:05:92:a1:c0:
5d:de:09:16:16:4e:3a:35:06:9f:03:3e:4d:86:39:
3f:14:09:1f:55:86:f5:14:23:2d:87:77:c9:27:26:
0f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:A0:AA:9A:F6:E0:D1:2A:B8:4B:53:70:98:62:93:FF:CB:E0:36:61
X509v3 Authority Key Identifier:
keyid:61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/YYQdHtq_n_D2AYxhEBevcZYnok0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/D82B2C40675111EEBC4E4740C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.101.84.0-103.101.86.255
Signature Algorithm: sha256WithRSAEncryption
69:a4:b2:a0:ea:e1:ab:eb:94:99:57:7f:d2:fb:04:28:57:38:
99:38:56:e9:95:9a:b9:2c:4f:01:78:2e:5b:d5:12:8b:93:4b:
6f:00:ec:22:48:e4:aa:8b:6e:ff:15:78:ce:80:53:2c:ca:77:
2e:65:b1:04:0b:1e:67:98:26:80:68:65:59:72:8c:ca:cb:9a:
5f:3a:8a:ab:43:57:c1:f1:f5:bc:e6:f4:66:d9:4e:7f:1e:78:
09:29:de:48:2b:56:e2:f0:75:8c:2d:40:dc:26:44:18:95:11:
5d:58:bd:96:8f:8a:7b:00:5c:49:95:d5:5a:cd:b9:e8:79:ee:
f0:70:0b:f5:92:e4:fc:eb:34:d0:8b:07:14:35:16:e3:ea:c9:
3a:92:24:3a:0d:e0:20:d9:33:f5:24:f5:3b:67:a6:a9:69:23:
e5:59:54:1d:54:01:74:bb:0a:d1:92:0b:99:1f:93:4f:f8:b9:
bb:85:75:86:85:09:cd:b6:01:98:50:55:21:49:d3:86:b8:af:
11:53:35:35:c7:db:71:8b:fa:69:ec:8f:bf:d5:0e:35:11:19:
a0:69:b2:95:ad:c6:6e:9e:c4:80:a3:4d:6e:27:7c:b2:78:b0:
e4:4a:e6:49:36:ed:ba:65:e7:ed:b7:b0:84:a5:e0:2d:31:92:
08:c5:2b:75
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICBBIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTczNzMxMTAvBgNVBAUTKDYxODQxRDFFREFCRjlGRjBGNjAxOEM2MTEwMTdBRjcx
OTYyN0EyNEQwHhcNMjQwMjIyMTAwMzM0WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQ3MWJmNS1hMWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwcgZTSdAxmkIo12Ot1im3sG92iPGGi8cNttqlf6y4JZJO2NYmQea71w+LNa7
IZ1mxs7xclIxFaGPOIumffJmVTMmyIKFvtT6LfDmwwNUEKVajgsHJ1aeJGD3fl0+
hyheOUKvbZPVGdYaa8ohBJILlDfguv8S6SPEAHudV71CpvP+dJhTG2FBQDY0cIL/
Mg9GyFFGrpvsrwP6osXRp13kw0fKVVn7MlqGzQqac9Em4M5NdfdoIl83zJQ3hXBw
K8676WmEqSXaHbd8aKPHkuYH/tlkh4ToNMetYyHcrQWSocBd3gkWFk46NQafAz5N
hjk/FAkfVYb1FCMth3fJJyYPGQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFOygqpr2
4NEquEtTcJhik//L4DZhMB8GA1UdIwQYMBaAFGGEHR7av5/w9gGMYRAXr3GWJ6JN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzM3My9CRkE5QzM2MjIz
QUExMUVDQTgxMTZCMjdDNEY5QUUwMi9ZWVFkSHRxX25fRDJBWXhoRUJldmNaWW5v
azAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lZUWRIdHFfbl9EMkFZeGhFQmV2Y1pZbm9rMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTczNzMvQkZBOUMzNjIyM0FBMTFFQ0E4MTE2QjI3QzRGOUFFMDIvRDgyQjJDNDA2
NzUxMTFFRUJDNEU0NzQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAmdlVAMEAGdlVjANBgkqhkiG9w0BAQsFAAOCAQEAaaSy
oOrhq+uUmVd/0vsEKFc4mThW6ZWauSxPAXguW9USi5NLbwDsIkjkqotu/xV4zoBT
LMp3LmWxBAseZ5gmgGhlWXKMysuaXzqKq0NXwfH1vOb0ZtlOfx54CSneSCtW4vB1
jC1A3CZEGJURXVi9lo+KewBcSZXVWs256Hnu8HAL9ZLk/Os00IsHFDUW4+rJOpIk
Og3gINkz9ST1O2emqWkj5VlUHVQBdLsK0ZILmR+TT/i5u4V1hoUJzbYBmFBVIUnT
hrivEVM1NcfbcYv6aeyPv9UONREZoGmyla3Gbp7EgKNNbid8sniw5ErmSTbtumXn
7bewhKXgLTGSCMUrdQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org