Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/4F45AB0610A511EEB3AC184DC4F9AE02.roa
File: 4F45AB0610A511EEB3AC184DC4F9AE02.roa (raw, json)
Hash identifier: Z+k1kHHClhqywvB0/ydR2sfct900juL/aHp8UYqaWmg=
Subject key identifier: F3:F6:8A:3E:65:1B:0C:61:58:D3:B8:AF:61:CE:04:C6:C2:39:CD:62
Certificate issuer: /CN=A91187FD/serialNumber=68852AB7F2714FCF54D75F0AAE3068ADC38B35CC
Certificate serial: 7D
Authority key identifier: 68:85:2A:B7:F2:71:4F:CF:54:D7:5F:0A:AE:30:68:AD:C3:8B:35:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIUqt_JxT89U118KrjBorcOLNcw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/4F45AB0610A511EEB3AC184DC4F9AE02.roa
Signing time: Mon 27 Nov 2023 12:51:10 +0000
ROA not before: Mon 27 Nov 2023 12:51:10 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 151420
IP address blocks: 103.115.3.0/24 maxlen: 24
2001:df2:9b40::/48 maxlen: 48
2401:3fa0:1::/48 maxlen: 48
2401:3fa0:fd00::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 30 Jan 2024 13:08:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125 (0x7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91187FD/serialNumber=68852AB7F2714FCF54D75F0AAE3068ADC38B35CC
Validity
Not Before: Nov 27 12:51:10 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=656490be-0d70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:76:60:7d:dd:3c:c0:9a:d4:6c:97:f5:3c:28:
35:16:a0:d7:0f:35:dd:26:a8:9e:07:15:a8:c0:3c:
9e:8a:92:25:f8:78:0a:1c:7d:08:ef:a1:73:f6:10:
3b:9c:0e:de:81:04:37:43:20:4c:96:80:e8:cd:91:
fb:92:db:a7:9c:d0:13:9c:65:83:9b:4b:b0:96:d0:
b4:44:85:39:06:b8:5d:8d:2a:cc:e1:9e:61:1f:0e:
e8:64:90:b0:3d:74:a6:ef:e2:fc:0c:4b:a9:d5:ed:
d2:4e:bf:a5:85:6f:a6:d1:05:ed:ef:7c:6d:75:09:
3d:20:2f:48:4e:8b:a7:77:1b:02:c7:a1:f2:9d:d9:
07:c6:b6:f5:59:29:18:1d:98:f6:b2:79:05:f2:56:
4d:e7:d9:69:0e:93:61:5b:49:33:1b:78:27:83:34:
46:76:c1:75:a6:68:9f:b7:37:89:f3:47:4e:b5:48:
17:eb:0a:c6:7d:a0:f0:45:5d:2a:33:a5:b2:9f:d1:
c8:d8:f7:b8:36:bb:63:2c:b4:37:2b:38:2b:b1:1c:
f7:ba:a8:9f:d4:4b:56:a7:61:1a:e1:7e:bc:88:5b:
8e:2e:a1:b8:c8:46:e6:91:23:cf:e6:0c:74:af:2f:
7d:c9:8c:1a:d5:0d:e7:20:9f:81:6e:91:55:04:ac:
60:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:F6:8A:3E:65:1B:0C:61:58:D3:B8:AF:61:CE:04:C6:C2:39:CD:62
X509v3 Authority Key Identifier:
keyid:68:85:2A:B7:F2:71:4F:CF:54:D7:5F:0A:AE:30:68:AD:C3:8B:35:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/aIUqt_JxT89U118KrjBorcOLNcw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIUqt_JxT89U118KrjBorcOLNcw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/4F45AB0610A511EEB3AC184DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.115.3.0/24
IPv6:
2001:df2:9b40::/48
2401:3fa0:1::/48
2401:3fa0:fd00::/40
Signature Algorithm: sha256WithRSAEncryption
23:d6:5f:0d:05:bc:7e:8b:e1:87:ec:13:81:73:26:08:65:97:
0c:1a:99:05:34:60:88:a3:8d:ae:0a:c1:15:93:a4:2f:03:f6:
39:5e:fb:73:06:e5:d0:bf:52:b2:ad:51:b7:f7:71:3c:f3:e5:
f5:10:e9:b1:e6:44:e9:10:2f:0e:14:a1:4f:a0:23:8c:35:67:
88:01:ac:b0:5e:16:0e:ea:f8:06:3a:8b:39:0f:a3:a9:93:cc:
f1:3e:71:57:e5:e4:1f:ae:1b:cb:4a:15:31:57:1d:02:d5:a1:
48:3e:3d:f1:ed:fa:bc:05:07:ac:95:a1:74:ba:7a:a3:af:30:
2f:91:1a:cc:33:6f:a9:44:c0:02:17:63:21:ae:c5:0a:e9:db:
ba:f0:4a:85:9b:d8:af:13:46:3d:a5:b8:14:81:08:78:89:a1:
95:61:70:82:78:d6:be:bd:57:e4:e2:83:51:d0:9c:e4:6f:69:
50:22:17:e7:a4:ee:9a:2b:49:90:38:a1:b1:5c:1e:c4:aa:eb:
3d:6b:58:c7:b1:ec:c3:a2:2e:38:78:9c:0a:93:ae:4c:05:77:
16:39:2b:2a:a8:cd:5d:d4:60:da:e6:8d:2f:4d:29:d2:97:c4:
b9:8a:ad:c0:ac:92:88:1e:41:28:48:a7:d9:01:43:5b:e3:f1:
17:b0:9a:b0
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIBfTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
ODdGRDExMC8GA1UEBRMoNjg4NTJBQjdGMjcxNEZDRjU0RDc1RjBBQUUzMDY4QURD
MzhCMzVDQzAeFw0yMzExMjcxMjUxMTBaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NjQ5MGJlLTBkNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDUdmB93TzAmtRsl/U8KDUWoNcPNd0mqJ4HFajAPJ6KkiX4eAocfQjvoXP2EDuc
Dt6BBDdDIEyWgOjNkfuS26ec0BOcZYObS7CW0LREhTkGuF2NKszhnmEfDuhkkLA9
dKbv4vwMS6nV7dJOv6WFb6bRBe3vfG11CT0gL0hOi6d3GwLHofKd2QfGtvVZKRgd
mPayeQXyVk3n2WkOk2FbSTMbeCeDNEZ2wXWmaJ+3N4nzR061SBfrCsZ9oPBFXSoz
pbKf0cjY97g2u2MstDcrOCuxHPe6qJ/US1anYRrhfryIW44uobjIRuaRI8/mDHSv
L33JjBrVDecgn4FukVUErGBPAgMBAAGjggK3MIICszAdBgNVHQ4EFgQU8/aKPmUb
DGFY07ivYc4ExsI5zWIwHwYDVR0jBBgwFoAUaIUqt/JxT89U118KrjBorcOLNcww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE4N0ZELzU1RUQ2QTE2MTBB
MDExRUU5MzQ5M0M1MkM0RjlBRTAyL2FJVXF0X0p4VDg5VTExOEtyakJvcmNPTE5j
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYUlVcXRfSnhUODlVMTE4S3JqQm9yY09MTmN3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
ODdGRC81NUVENkExNjEwQTAxMUVFOTM0OTNDNTJDNEY5QUUwMi80RjQ1QUIwNjEw
QTUxMUVFQjNBQzE4NERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBBBggrBgEFBQcBBwEB/wQy
MDAwDAQCAAEwBgMEAGdzAzAgBAIAAjAaAwcAIAEN8ptAAwcAJAE/oAABAwYAJAE/
oP0wDQYJKoZIhvcNAQELBQADggEBACPWXw0FvH6L4YfsE4FzJghllwwamQU0YIij
ja4KwRWTpC8D9jle+3MG5dC/UrKtUbf3cTzz5fUQ6bHmROkQLw4UoU+gI4w1Z4gB
rLBeFg7q+AY6izkPo6mTzPE+cVfl5B+uG8tKFTFXHQLVoUg+PfHt+rwFB6yVoXS6
eqOvMC+RGswzb6lEwAIXYyGuxQrp27rwSoWb2K8TRj2luBSBCHiJoZVhcIJ41r69
V+Tig1HQnORvaVAiF+ek7porSZA4obFcHsSq6z1rWMex7MOiLjh4nAqTrkwFdxY5
KyqozV3UYNrmjS9NKdKXxLmKrcCskogeQShIp9kBQ1vj8RewmrA=
-----END CERTIFICATE-----
Generated at Tue Jan 30 17:11:02 2024 by rpki-client on console-ams.rpki-client.org