Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/71C876763DBE11EF8028315AC4F9AE02.roa
File: 71C876763DBE11EF8028315AC4F9AE02.roa (raw, json)
Hash identifier: k9NNvQh+T/BkNvv2Do0jBrgXBLYyC6Ns2oXWQkD983I=
Subject key identifier: F5:8F:F3:36:9D:EB:55:AF:B2:80:3F:9D:80:64:BB:B3:E2:5B:41:A8
Certificate issuer: /CN=A911AB17/serialNumber=42F2791EEAC1FC7D7EC10B69F25E9EE95DAB34E1
Certificate serial: A8
Authority key identifier: 42:F2:79:1E:EA:C1:FC:7D:7E:C1:0B:69:F2:5E:9E:E9:5D:AB:34:E1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QvJ5HurB_H1-wQtp8l6e6V2rNOE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/71C876763DBE11EF8028315AC4F9AE02.roa
Signing time: Tue 09 Jul 2024 06:42:44 +0000
ROA not before: Tue 09 Jul 2024 06:42:44 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 151805
IP address blocks: 103.218.226.0/24 maxlen: 24
2401:56a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 30 Sep 2024 17:27:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168 (0xa8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911AB17/serialNumber=42F2791EEAC1FC7D7EC10B69F25E9EE95DAB34E1
Validity
Not Before: Jul 9 06:42:44 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=668cdbe3-0509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fd:93:d4:3b:56:f6:9e:64:e3:17:0b:d6:41:
49:ad:d8:bd:e2:e9:35:15:1d:83:f7:0d:98:4b:6d:
39:ed:a0:86:b6:8a:91:91:6b:b2:4a:8f:e2:32:d8:
d7:43:ca:88:d3:ef:f9:a8:2d:76:50:96:9d:db:61:
f5:05:bc:b4:7f:0d:f6:8e:ae:99:c0:1f:b5:f6:b9:
b2:c9:74:5b:c3:70:8c:8e:b8:2a:6b:da:53:01:c6:
6b:ba:07:f6:75:e7:cf:a8:4a:d5:21:42:ff:6f:bf:
bf:4c:c4:1c:69:c9:d0:9e:71:44:a9:e9:00:43:01:
f1:88:92:46:06:37:a2:01:b5:c7:d9:e4:f7:53:7b:
42:0e:39:c2:c0:3c:28:74:74:10:30:f8:ed:b1:46:
2d:7a:5e:e4:3c:1b:c7:9c:49:cf:62:31:00:4e:58:
52:aa:ea:0b:13:30:d9:3e:07:ea:f2:c5:ca:4c:88:
a0:a9:29:a2:72:94:83:94:9a:3f:8e:9b:59:98:51:
96:00:e0:78:71:14:9b:44:44:f5:d7:44:39:fb:af:
6d:a3:13:db:85:e3:a6:fc:94:91:8c:6f:40:45:3e:
be:3f:2b:15:1f:e6:d1:14:54:78:3d:cd:c6:6a:13:
fb:03:4b:59:28:c3:0f:b8:35:1a:24:66:45:63:32:
9e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:8F:F3:36:9D:EB:55:AF:B2:80:3F:9D:80:64:BB:B3:E2:5B:41:A8
X509v3 Authority Key Identifier:
keyid:42:F2:79:1E:EA:C1:FC:7D:7E:C1:0B:69:F2:5E:9E:E9:5D:AB:34:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/QvJ5HurB_H1-wQtp8l6e6V2rNOE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QvJ5HurB_H1-wQtp8l6e6V2rNOE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/71C876763DBE11EF8028315AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.218.226.0/24
IPv6:
2401:56a0::/32
Signature Algorithm: sha256WithRSAEncryption
52:b0:62:44:3c:50:26:68:51:33:a4:99:59:68:ce:47:66:88:
8a:ca:70:aa:12:bd:bb:6b:87:56:f2:11:24:44:c3:de:0e:fe:
7c:5d:fb:36:e9:6e:4c:45:3d:ba:01:3a:99:cb:50:55:41:4c:
ec:4a:7a:18:ff:22:a9:3a:d7:88:7d:c8:87:ff:42:35:0e:5d:
0a:b0:10:a3:fc:7b:90:95:af:ca:e0:6b:c6:49:f9:de:1d:5a:
d5:16:7c:1f:5b:de:1b:65:35:35:f4:46:57:89:2a:4d:42:7b:
81:5d:8c:ee:26:a5:cc:bc:31:f7:49:78:69:76:ae:5f:63:f5:
77:a6:59:8b:e1:6e:ea:1d:87:a0:64:bf:35:1a:5b:49:f3:12:
f7:21:a0:9d:23:89:f6:f9:98:a2:30:9b:fb:23:7e:b2:e0:40:
a6:3c:a8:e4:e3:b0:6d:f8:bd:ac:d6:32:14:f3:d9:a9:70:51:
96:43:39:49:09:4a:57:f0:9e:0b:60:55:36:91:63:2b:2b:ca:
be:bc:dc:1d:b9:db:38:d2:58:94:86:7c:27:9a:4e:32:b0:8c:
9c:7b:eb:d6:d8:58:16:56:ba:6d:26:fa:f5:e7:9f:7a:79:ae:
45:1f:d6:f7:e6:66:7c:3c:ce:4b:ca:e1:0e:f0:9c:3a:6e:fe:
fc:68:b6:aa
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAKgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUFCMTcxMTAvBgNVBAUTKDQyRjI3OTFFRUFDMUZDN0Q3RUMxMEI2OUYyNUU5RUU5
NURBQjM0RTEwHhcNMjQwNzA5MDY0MjQ0WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjhjZGJlMy0wNTA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwf2T1DtW9p5k4xcL1kFJrdi94uk1FR2D9w2YS2057aCGtoqRkWuySo/iMtjX
Q8qI0+/5qC12UJad22H1Bby0fw32jq6ZwB+19rmyyXRbw3CMjrgqa9pTAcZrugf2
defPqErVIUL/b7+/TMQcacnQnnFEqekAQwHxiJJGBjeiAbXH2eT3U3tCDjnCwDwo
dHQQMPjtsUYtel7kPBvHnEnPYjEATlhSquoLEzDZPgfq8sXKTIigqSmicpSDlJo/
jptZmFGWAOB4cRSbRET110Q5+69toxPbheOm/JSRjG9ART6+PysVH+bRFFR4Pc3G
ahP7A0tZKMMPuDUaJGZFYzKepQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPWP8zad
61WvsoA/nYBku7PiW0GoMB8GA1UdIwQYMBaAFELyeR7qwfx9fsELafJenuldqzTh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQUIxNy81OTY2REQyNjcy
QTcxMUVFQjEwQkU4NTJDNEY5QUUwMi9Rdko1SHVyQl9IMS13UXRwOGw2ZTZWMnJO
T0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1F2SjVIdXJCX0gxLXdRdHA4bDZlNlYyck5PRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUFCMTcvNTk2NkREMjY3MkE3MTFFRUIxMEJFODUyQzRGOUFFMDIvNzFDODc2NzYz
REJFMTFFRjgwMjgzMTVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABn2uIwDQQCAAIwBwMFACQBVqAwDQYJKoZIhvcNAQELBQAD
ggEBAFKwYkQ8UCZoUTOkmVlozkdmiIrKcKoSvbtrh1byESREw94O/nxd+zbpbkxF
PboBOpnLUFVBTOxKehj/Iqk614h9yIf/QjUOXQqwEKP8e5CVr8rga8ZJ+d4dWtUW
fB9b3htlNTX0RleJKk1Ce4FdjO4mpcy8MfdJeGl2rl9j9XemWYvhbuodh6BkvzUa
W0nzEvchoJ0jifb5mKIwm/sjfrLgQKY8qOTjsG34vazWMhTz2alwUZZDOUkJSlfw
ngtgVTaRYysryr683B252zjSWJSGfCeaTjKwjJx769bYWBZWum0m+vXnn3p5rkUf
1vfmZnw8zkvK4Q7wnDpu/vxotqo=
-----END CERTIFICATE-----
Generated at Mon Sep 30 20:13:07 2024 by rpki-client on console-ams.rpki-client.org