Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/1D8EEEDC72A811EE9490AA0BC4F9AE02.roa
File: 1D8EEEDC72A811EE9490AA0BC4F9AE02.roa (raw, json)
Hash identifier: IxS9re18xKpZLupHPEAR6ufDzm5wUZ4CepCDaVFew4w=
Subject key identifier: 8F:54:4A:CE:AA:32:32:A4:A0:99:FB:AC:BD:E6:D3:E1:9E:9C:8C:98
Certificate issuer: /CN=A911AB17/serialNumber=42F2791EEAC1FC7D7EC10B69F25E9EE95DAB34E1
Certificate serial: 02
Authority key identifier: 42:F2:79:1E:EA:C1:FC:7D:7E:C1:0B:69:F2:5E:9E:E9:5D:AB:34:E1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QvJ5HurB_H1-wQtp8l6e6V2rNOE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/1D8EEEDC72A811EE9490AA0BC4F9AE02.roa
Signing time: Tue 24 Oct 2023 20:01:27 +0000
ROA not before: Tue 24 Oct 2023 20:01:27 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 139008
IP address blocks: 103.218.226.0/24 maxlen: 24
103.218.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Nov 2023 19:57:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911AB17/serialNumber=42F2791EEAC1FC7D7EC10B69F25E9EE95DAB34E1
Validity
Not Before: Oct 24 20:01:27 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65382297-1dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:78:67:61:50:d2:25:2f:10:5b:22:da:f9:48:
7f:f5:1a:0a:cf:55:a4:85:17:2d:35:b3:3b:8b:02:
f5:8b:f9:98:4d:e2:1a:c6:90:70:07:21:b3:21:b1:
95:40:63:2b:99:01:0a:c6:27:81:e6:84:8d:a4:2d:
7d:30:5a:3a:2c:9c:06:1c:8e:25:49:fa:9a:13:86:
0e:9d:61:dd:7a:dd:3c:c7:78:71:bd:aa:65:31:db:
8b:20:94:83:3b:f8:3d:0f:cf:ed:68:80:e7:ab:79:
cc:c2:b5:20:47:0a:3a:c4:6c:db:87:b7:56:4d:9b:
d4:b1:e9:16:a1:7e:bc:67:c0:6b:f4:4a:ea:55:6e:
30:5c:75:c8:c3:89:03:c9:31:37:8e:9a:bb:fb:fb:
58:61:9e:d3:a2:9a:fe:0b:b5:5e:c7:53:4d:09:d5:
38:ef:32:76:05:f3:67:51:20:1d:7d:0a:e9:56:c6:
76:04:0a:6b:81:62:6d:59:4f:91:6c:ea:d9:4f:ea:
48:cf:62:5b:8d:a5:1b:bb:ca:98:21:2f:f9:ca:18:
5b:53:f8:09:21:8e:8a:63:53:36:5d:50:27:4f:89:
18:24:2f:ca:21:16:94:51:6a:14:19:be:17:27:68:
a8:ae:26:ab:3c:6d:55:ed:6b:7b:93:68:c2:96:ce:
93:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:54:4A:CE:AA:32:32:A4:A0:99:FB:AC:BD:E6:D3:E1:9E:9C:8C:98
X509v3 Authority Key Identifier:
keyid:42:F2:79:1E:EA:C1:FC:7D:7E:C1:0B:69:F2:5E:9E:E9:5D:AB:34:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/QvJ5HurB_H1-wQtp8l6e6V2rNOE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QvJ5HurB_H1-wQtp8l6e6V2rNOE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/1D8EEEDC72A811EE9490AA0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.218.226.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:4b:c5:50:d9:4e:ab:73:f7:b4:bf:26:6a:a1:0e:e2:65:c9:
4d:38:8d:d0:db:76:01:9b:2e:dc:21:60:5e:72:fa:23:84:81:
c2:29:b9:1f:76:97:e2:83:63:a6:2e:54:46:60:4d:59:7d:ab:
76:61:c7:b6:d3:70:f2:a0:38:4e:59:56:53:25:cc:e1:d8:87:
f3:9a:f1:8f:bd:83:cd:5a:bb:60:84:c1:19:4e:e1:32:35:71:
6d:15:89:9b:30:60:0a:5b:60:ff:04:b6:73:4a:f9:6f:65:ff:
22:68:fe:ce:cf:9e:c4:78:fc:8a:06:10:29:78:00:79:f9:14:
15:ba:ea:70:9b:05:59:b8:b4:98:3b:b9:5c:32:b5:2e:71:57:
fd:de:88:65:00:bc:87:b5:cb:7b:28:f0:fe:79:50:81:96:fa:
a7:83:57:29:9a:c1:da:6d:a3:9d:24:44:6f:1d:ef:06:66:26:
81:32:28:0f:03:51:08:1a:79:ab:63:43:47:b6:17:1b:46:e8:
7c:a3:6e:55:44:7b:a4:1a:c4:88:65:96:4f:8d:c9:02:a8:23:
d3:94:20:3a:95:83:82:46:7c:80:98:a0:78:e4:84:9c:53:07:
54:45:f7:f6:31:8a:f2:f3:54:c8:1e:81:5a:4d:a0:24:64:8e:
d2:25:db:87
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
QUIxNzExMC8GA1UEBRMoNDJGMjc5MUVFQUMxRkM3RDdFQzEwQjY5RjI1RTlFRTk1
REFCMzRFMTAeFw0yMzEwMjQyMDAxMjdaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MzgyMjk3LTFkYzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCieGdhUNIlLxBbItr5SH/1GgrPVaSFFy01szuLAvWL+ZhN4hrGkHAHIbMhsZVA
YyuZAQrGJ4HmhI2kLX0wWjosnAYcjiVJ+poThg6dYd163TzHeHG9qmUx24sglIM7
+D0Pz+1ogOereczCtSBHCjrEbNuHt1ZNm9Sx6RahfrxnwGv0SupVbjBcdcjDiQPJ
MTeOmrv7+1hhntOimv4LtV7HU00J1TjvMnYF82dRIB19CulWxnYECmuBYm1ZT5Fs
6tlP6kjPYluNpRu7ypghL/nKGFtT+AkhjopjUzZdUCdPiRgkL8ohFpRRahQZvhcn
aKiuJqs8bVXta3uTaMKWzpMrAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUj1RKzqoy
MqSgmfusvebT4Z6cjJgwHwYDVR0jBBgwFoAUQvJ5HurB/H1+wQtp8l6e6V2rNOEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFBQjE3LzU5NjZERDI2NzJB
NzExRUVCMTBCRTg1MkM0RjlBRTAyL1F2SjVIdXJCX0gxLXdRdHA4bDZlNlYyck5P
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUXZKNUh1ckJfSDEtd1F0cDhsNmU2VjJyTk9FLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
QUIxNy81OTY2REQyNjcyQTcxMUVFQjEwQkU4NTJDNEY5QUUwMi8xRDhFRUVEQzcy
QTgxMUVFOTQ5MEFBMEJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWfa4jANBgkqhkiG9w0BAQsFAAOCAQEAmkvFUNlOq3P3tL8m
aqEO4mXJTTiN0Nt2AZsu3CFgXnL6I4SBwim5H3aX4oNjpi5URmBNWX2rdmHHttNw
8qA4TllWUyXM4diH85rxj72DzVq7YITBGU7hMjVxbRWJmzBgCltg/wS2c0r5b2X/
Imj+zs+exHj8igYQKXgAefkUFbrqcJsFWbi0mDu5XDK1LnFX/d6IZQC8h7XLeyjw
/nlQgZb6p4NXKZrB2m2jnSREbx3vBmYmgTIoDwNRCBp5q2NDR7YXG0bofKNuVUR7
pBrEiGWWT43JAqgj05QgOpWDgkZ8gJigeOSEnFMHVEX39jGK8vNUyB6BWk2gJGSO
0iXbhw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org