Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/EE3C48C8D1B111EEBEAD8861C4F9AE02.roa
File: EE3C48C8D1B111EEBEAD8861C4F9AE02.roa (raw, json)
Hash identifier: APJFDP4DeBIQ00SRsxlP5xYERxol/gH4rlzvEv+zB78=
Subject key identifier: 2D:2C:7D:95:2F:32:38:D8:A1:EA:B7:CD:EE:14:F4:10:5D:F0:D3:60
Certificate issuer: /CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Certificate serial: 041B
Authority key identifier: 61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/EE3C48C8D1B111EEBEAD8861C4F9AE02.roa
Signing time: Thu 22 Feb 2024 18:41:39 +0000
ROA not before: Thu 22 Feb 2024 18:41:39 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 43260
IP address blocks: 103.101.84.0/24 maxlen: 24
103.101.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 16:19:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1051 (0x41b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Validity
Not Before: Feb 22 18:41:39 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65d79563-9235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9e:f1:70:d2:a4:39:31:11:71:1d:2e:dc:67:
29:f2:39:f1:8e:bd:39:a2:5e:6d:34:8f:ee:ef:dc:
42:32:23:40:83:27:21:06:85:7d:da:54:56:b2:85:
e8:b9:8e:68:16:22:a1:f7:c2:0f:8d:5e:5e:22:64:
b4:0b:3e:4e:2f:98:da:98:ec:9b:9d:03:21:39:49:
62:e6:32:e4:1e:08:15:b9:f0:0b:1d:90:d2:95:63:
0e:9d:f9:f7:ab:23:67:de:1d:5d:35:b6:2e:1f:cb:
c2:61:ba:a9:98:d4:23:71:af:71:50:a7:a9:35:52:
c2:c3:67:f0:d3:f9:46:d8:44:22:ab:bb:00:16:a8:
02:27:f4:69:6b:ce:12:29:25:43:27:c8:3e:fd:b1:
7a:56:cf:21:ca:f9:80:a5:27:51:25:a3:41:b5:c6:
8a:fe:6a:80:e3:1e:41:f3:66:12:a5:60:6a:9f:08:
f1:7b:72:df:64:68:e4:22:b8:2d:89:73:cf:f6:e7:
7b:85:df:19:1d:f3:99:76:62:25:92:2e:4b:57:a4:
6e:ff:50:37:6f:d7:7b:26:72:94:4f:2a:03:d1:24:
9e:cc:00:2e:7c:49:20:cc:cb:cf:cc:23:27:e2:f2:
9b:f0:de:02:c3:7d:1f:8f:81:3e:af:7a:f7:01:87:
86:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:2C:7D:95:2F:32:38:D8:A1:EA:B7:CD:EE:14:F4:10:5D:F0:D3:60
X509v3 Authority Key Identifier:
keyid:61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/YYQdHtq_n_D2AYxhEBevcZYnok0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/EE3C48C8D1B111EEBEAD8861C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.101.84.0/24
103.101.86.0/24
Signature Algorithm: sha256WithRSAEncryption
74:54:4b:0f:4c:b2:88:1c:d3:24:aa:df:d8:25:05:4d:91:04:
fb:f2:c6:aa:b4:23:25:3b:58:86:db:54:27:14:de:7c:fe:0f:
ea:c5:f0:cc:22:b1:98:30:93:98:f3:1f:12:e7:33:4b:19:d7:
4e:7e:61:b2:67:22:58:fb:75:d0:30:cb:86:91:66:99:37:ef:
ec:65:32:42:15:80:28:f7:68:71:ae:94:07:a3:de:a3:5c:47:
a5:3a:90:55:81:36:6e:02:69:1d:48:8b:d2:c9:e1:68:0e:51:
ea:52:2c:65:41:08:7c:6d:0a:1b:3c:b4:67:40:98:8f:aa:58:
fe:d2:6a:8f:cc:ed:18:76:a0:0d:57:d2:72:3b:15:b7:2c:fa:
01:3f:1a:fe:44:6f:3f:4f:1a:09:e5:b7:67:52:59:e2:fc:de:
7a:35:77:aa:e7:cd:b8:61:d2:0a:2d:a5:6f:cd:30:3e:81:7d:
17:6b:d8:1d:0b:fb:37:51:1d:b9:76:3d:e1:8e:cd:34:5d:90:
96:15:b2:e2:07:9a:17:18:dc:d3:7a:af:5e:2e:e4:8f:00:82:
83:28:32:52:43:30:e1:64:75:5c:98:82:15:6a:d8:d6:fd:3f:
14:8d:31:10:e1:75:41:75:b2:f6:2a:fe:fe:73:8b:6f:be:5d:
51:e4:65:d1
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBBswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTczNzMxMTAvBgNVBAUTKDYxODQxRDFFREFCRjlGRjBGNjAxOEM2MTEwMTdBRjcx
OTYyN0EyNEQwHhcNMjQwMjIyMTg0MTM5WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQ3OTU2My05MjM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv57xcNKkOTERcR0u3Gcp8jnxjr05ol5tNI/u79xCMiNAgychBoV92lRWsoXo
uY5oFiKh98IPjV5eImS0Cz5OL5jamOybnQMhOUli5jLkHggVufALHZDSlWMOnfn3
qyNn3h1dNbYuH8vCYbqpmNQjca9xUKepNVLCw2fw0/lG2EQiq7sAFqgCJ/Rpa84S
KSVDJ8g+/bF6Vs8hyvmApSdRJaNBtcaK/mqA4x5B82YSpWBqnwjxe3LfZGjkIrgt
iXPP9ud7hd8ZHfOZdmIlki5LV6Ru/1A3b9d7JnKUTyoD0SSezAAufEkgzMvPzCMn
4vKb8N4Cw30fj4E+r3r3AYeG7QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFC0sfZUv
MjjYoeq3ze4U9BBd8NNgMB8GA1UdIwQYMBaAFGGEHR7av5/w9gGMYRAXr3GWJ6JN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzM3My9CRkE5QzM2MjIz
QUExMUVDQTgxMTZCMjdDNEY5QUUwMi9ZWVFkSHRxX25fRDJBWXhoRUJldmNaWW5v
azAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lZUWRIdHFfbl9EMkFZeGhFQmV2Y1pZbm9rMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTczNzMvQkZBOUMzNjIyM0FBMTFFQ0E4MTE2QjI3QzRGOUFFMDIvRUUzQzQ4QzhE
MUIxMTFFRUJFQUQ4ODYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnZVQDBABnZVYwDQYJKoZIhvcNAQELBQADggEBAHRUSw9M
sogc0ySq39glBU2RBPvyxqq0IyU7WIbbVCcU3nz+D+rF8MwisZgwk5jzHxLnM0sZ
105+YbJnIlj7ddAwy4aRZpk37+xlMkIVgCj3aHGulAej3qNcR6U6kFWBNm4CaR1I
i9LJ4WgOUepSLGVBCHxtChs8tGdAmI+qWP7Sao/M7Rh2oA1X0nI7Fbcs+gE/Gv5E
bz9PGgnlt2dSWeL83no1d6rnzbhh0gotpW/NMD6BfRdr2B0L+zdRHbl2PeGOzTRd
kJYVsuIHmhcY3NN6r14u5I8AgoMoMlJDMOFkdVyYghVq2Nb9PxSNMRDhdUF1svYq
/v5zi2++XVHkZdE=
-----END CERTIFICATE-----
Generated at Mon Feb 26 20:06:08 2024 by rpki-client on console-ams.rpki-client.org