Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91211D4/A9F4965286CD11EBA4AFF609C4F9AE02/2D9FD3FE7D6A11EF838AF331C4F9AE02.roa
File: 2D9FD3FE7D6A11EF838AF331C4F9AE02.roa (raw, json)
Hash identifier: JslAR31LHJv9SiX6924ODN+9d9CwMR0GW1nVFhuvwj0=
Subject key identifier: C5:E3:D8:D5:48:8F:C5:7C:D9:A1:8B:4E:1C:8E:CC:E3:32:5E:EA:DF
Certificate issuer: /CN=A91211D4/serialNumber=968D2AAA6168CB496944A727018AFB42A26E31E1
Certificate serial: 0605
Authority key identifier: 96:8D:2A:AA:61:68:CB:49:69:44:A7:27:01:8A:FB:42:A2:6E:31:E1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lo0qqmFoy0lpRKcnAYr7QqJuMeE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91211D4/A9F4965286CD11EBA4AFF609C4F9AE02/2D9FD3FE7D6A11EF838AF331C4F9AE02.roa
Signing time: Sat 28 Sep 2024 07:25:35 +0000
ROA not before: Sat 28 Sep 2024 07:25:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 142006
IP address blocks: 103.164.86.0/23 maxlen: 23
103.164.86.0/24 maxlen: 24
103.164.87.0/24 maxlen: 24
2001:df6:4280::/48 maxlen: 52
Validation: Failed, certificate revoked on Thu 03 Oct 2024 05:20:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1541 (0x605)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91211D4/serialNumber=968D2AAA6168CB496944A727018AFB42A26E31E1
Validity
Not Before: Sep 28 07:25:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66f7af6f-b314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:37:c8:73:05:0c:d3:30:3e:d1:f0:b3:14:cc:
b9:a2:90:c4:08:8f:7c:20:48:b8:84:8f:ba:3f:8a:
37:42:95:85:9c:9d:01:68:82:f9:19:84:3d:ef:87:
d3:c2:b6:81:75:c4:d4:09:a0:67:d3:b8:96:ce:e5:
f6:21:5e:b4:54:f6:10:94:2d:43:f8:1f:af:f1:5c:
66:2b:38:6c:af:fe:b4:ca:b6:1d:1e:19:af:51:5a:
24:62:08:7e:0e:4b:25:8f:43:f5:28:08:ac:fc:30:
ac:a6:09:25:75:7e:8a:1d:94:bc:18:66:4d:0b:52:
75:1e:f8:2f:72:55:3c:a3:1a:c6:c0:bd:cf:65:76:
41:45:fd:2d:4b:f8:e5:0b:03:80:b9:c6:e4:b3:e7:
b3:97:ac:4e:bf:f2:a5:06:b8:a5:f8:1d:01:e2:74:
94:c8:45:31:ca:8d:83:bb:f8:1d:31:43:98:03:c0:
5f:08:c7:61:42:65:b5:93:9a:79:72:0a:10:5b:46:
7a:5e:27:1b:8b:3d:5a:71:3f:de:dd:c3:56:f8:89:
1b:ff:1f:67:06:96:a7:d3:bf:72:d2:43:70:a2:63:
5a:11:07:2e:ba:49:61:87:a9:5b:c0:cb:6d:60:99:
7c:44:21:99:c4:b5:af:04:e1:a0:be:73:6e:7d:e9:
cc:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E3:D8:D5:48:8F:C5:7C:D9:A1:8B:4E:1C:8E:CC:E3:32:5E:EA:DF
X509v3 Authority Key Identifier:
keyid:96:8D:2A:AA:61:68:CB:49:69:44:A7:27:01:8A:FB:42:A2:6E:31:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91211D4/A9F4965286CD11EBA4AFF609C4F9AE02/lo0qqmFoy0lpRKcnAYr7QqJuMeE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lo0qqmFoy0lpRKcnAYr7QqJuMeE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91211D4/A9F4965286CD11EBA4AFF609C4F9AE02/2D9FD3FE7D6A11EF838AF331C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.164.86.0/23
IPv6:
2001:df6:4280::/48
Signature Algorithm: sha256WithRSAEncryption
40:11:2d:3e:38:6a:fb:3a:bf:9f:b1:9d:ad:c6:13:90:20:ba:
8f:40:29:70:31:a2:a0:12:c8:52:9d:29:fc:cf:a4:15:3c:65:
38:9e:41:e8:f1:03:f9:44:1b:3b:5c:38:88:e6:60:da:1d:0a:
17:c0:92:11:42:69:e4:e5:60:d3:8f:5a:cc:48:39:32:3c:b9:
c7:b3:d3:3a:a3:ea:2b:37:ba:11:d3:45:65:e7:ca:7b:9c:44:
fb:cb:cb:77:55:eb:08:df:f6:f5:ba:ae:28:bd:e9:6f:f0:69:
14:e5:d1:83:53:62:bc:c1:3f:ce:b1:52:e7:93:d5:20:3a:70:
52:39:47:9c:d2:a9:92:11:b5:52:70:43:9d:4b:54:a8:a6:7a:
1b:55:3b:3c:87:33:be:81:5b:d2:07:db:9d:35:ce:52:f1:ad:
a2:60:32:cf:07:65:00:a3:05:dc:71:fc:71:c9:20:a1:f1:57:
90:7a:34:bb:61:28:52:d9:51:c1:e5:c3:b1:41:0c:6b:c0:f6:
d1:10:61:96:1d:8a:a2:bf:55:11:bf:07:16:ad:0a:de:ed:d1:
06:47:5f:cc:b9:06:c7:6d:8f:3c:77:7d:20:f1:66:63:c5:d9:
0a:64:99:26:93:2d:fc:a1:97:3b:31:ae:80:49:db:0b:4a:7f:
27:ed:ef:d8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBgUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjExRDQxMTAvBgNVBAUTKDk2OEQyQUFBNjE2OENCNDk2OTQ0QTcyNzAxOEFGQjQy
QTI2RTMxRTEwHhcNMjQwOTI4MDcyNTM1WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY3YWY2Zi1iMzE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9jfIcwUM0zA+0fCzFMy5opDECI98IEi4hI+6P4o3QpWFnJ0BaIL5GYQ974fT
wraBdcTUCaBn07iWzuX2IV60VPYQlC1D+B+v8VxmKzhsr/60yrYdHhmvUVokYgh+
Dkslj0P1KAis/DCspgkldX6KHZS8GGZNC1J1HvgvclU8oxrGwL3PZXZBRf0tS/jl
CwOAucbks+ezl6xOv/KlBril+B0B4nSUyEUxyo2Du/gdMUOYA8BfCMdhQmW1k5p5
cgoQW0Z6Xicbiz1acT/e3cNW+Ikb/x9nBpan079y0kNwomNaEQcuuklhh6lbwMtt
YJl8RCGZxLWvBOGgvnNufenMEQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFMXj2NVI
j8V82aGLThyOzOMyXurfMB8GA1UdIwQYMBaAFJaNKqphaMtJaUSnJwGK+0KibjHh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMTFENC9BOUY0OTY1Mjg2
Q0QxMUVCQTRBRkY2MDlDNEY5QUUwMi9sbzBxcW1Gb3kwbHBSS2NuQVlyN1FxSnVN
ZUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xvMHFxbUZveTBscFJLY25BWXI3UXFKdU1lRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjExRDQvQTlGNDk2NTI4NkNEMTFFQkE0QUZGNjA5QzRGOUFFMDIvMkQ5RkQzRkU3
RDZBMTFFRjgzOEFGMzMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnpFYwDwQCAAIwCQMHACABDfZCgDANBgkqhkiG9w0BAQsF
AAOCAQEAQBEtPjhq+zq/n7GdrcYTkCC6j0ApcDGioBLIUp0p/M+kFTxlOJ5B6PED
+UQbO1w4iOZg2h0KF8CSEUJp5OVg049azEg5Mjy5x7PTOqPqKze6EdNFZefKe5xE
+8vLd1XrCN/29bquKL3pb/BpFOXRg1NivME/zrFS55PVIDpwUjlHnNKpkhG1UnBD
nUtUqKZ6G1U7PIczvoFb0gfbnTXOUvGtomAyzwdlAKMF3HH8cckgofFXkHo0u2Eo
UtlRweXDsUEMa8D20RBhlh2Kor9VEb8HFq0K3u3RBkdfzLkGx22PPHd9IPFmY8XZ
CmSZJpMt/KGXOzGugEnbC0p/J+3v2A==
-----END CERTIFICATE-----
Generated at Thu Oct 3 07:10:29 2024 by rpki-client on console-ams.rpki-client.org