Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91228BC/0E7D64D6DF0D11EBB1130D81C4F9AE02/8CEF235C365811ECBB903E57C4F9AE02.roa
File: 8CEF235C365811ECBB903E57C4F9AE02.roa (raw, json)
Hash identifier: tcnXibPYi/iV2Jx0BwHs7IbByEmicSrxBcOQgquDoxw=
Subject key identifier: E4:1D:C3:AF:57:70:2F:99:B1:45:06:23:F1:1B:55:34:CE:A8:BA:A7
Certificate issuer: /CN=A91228BC/serialNumber=98B5C6147618FCB64C214DCCC0777413087E9770
Certificate serial: 0448
Authority key identifier: 98:B5:C6:14:76:18:FC:B6:4C:21:4D:CC:C0:77:74:13:08:7E:97:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mLXGFHYY_LZMIU3MwHd0Ewh-l3A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91228BC/0E7D64D6DF0D11EBB1130D81C4F9AE02/8CEF235C365811ECBB903E57C4F9AE02.roa
Signing time: Sun 24 Sep 2023 12:49:32 +0000
ROA not before: Sun 24 Sep 2023 12:49:31 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 142559
IP address blocks: 103.169.98.0/24 maxlen: 24
103.169.99.0/24 maxlen: 24
2001:df6:f580::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 30 Apr 2024 12:24:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1096 (0x448)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91228BC/serialNumber=98B5C6147618FCB64C214DCCC0777413087E9770
Validity
Not Before: Sep 24 12:49:31 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=6510305b-8cb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:03:a4:35:9a:ea:4b:3d:1f:8c:a6:5d:ac:1f:
78:d2:b3:5d:ba:3b:55:88:bb:b6:7b:fd:97:e7:d3:
70:31:68:61:44:75:7c:bd:ec:21:62:5f:6b:de:e1:
48:7b:79:6e:e5:ff:31:6a:8b:c2:d8:eb:6c:8c:55:
b8:75:fb:2b:02:dc:5b:7b:26:2f:67:05:9b:86:d4:
ae:cf:fa:f9:53:0c:6b:5b:d2:79:7c:ca:87:8b:35:
08:67:50:52:0e:c1:a4:9a:b9:c2:e3:b5:a4:24:62:
63:38:48:bd:dc:7f:27:aa:c1:34:cc:77:34:80:0b:
05:cc:c2:8c:3b:79:6c:7e:f2:65:15:b9:2c:1b:71:
40:b6:43:a4:ba:c2:dd:70:49:f9:96:39:d1:cb:2f:
f3:2e:2d:66:b4:e7:39:b7:3f:bd:42:7a:db:7c:4a:
1f:c6:81:b6:dd:7e:43:1e:29:1d:76:ca:a0:5e:fc:
82:b2:cc:13:b5:3e:bb:8e:91:a0:16:40:b1:11:89:
05:19:ed:6f:35:97:e1:31:21:15:d7:81:fe:4e:f7:
23:df:b5:19:98:24:b9:1d:42:ec:06:ad:68:5f:b6:
0f:e8:94:3f:ba:63:37:94:34:d4:18:7d:c9:1a:4f:
2f:03:4d:46:e1:84:d6:ee:82:a4:d2:21:e7:77:72:
10:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:1D:C3:AF:57:70:2F:99:B1:45:06:23:F1:1B:55:34:CE:A8:BA:A7
X509v3 Authority Key Identifier:
keyid:98:B5:C6:14:76:18:FC:B6:4C:21:4D:CC:C0:77:74:13:08:7E:97:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91228BC/0E7D64D6DF0D11EBB1130D81C4F9AE02/mLXGFHYY_LZMIU3MwHd0Ewh-l3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mLXGFHYY_LZMIU3MwHd0Ewh-l3A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91228BC/0E7D64D6DF0D11EBB1130D81C4F9AE02/8CEF235C365811ECBB903E57C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.169.98.0/23
IPv6:
2001:df6:f580::/48
Signature Algorithm: sha256WithRSAEncryption
23:ec:52:de:6b:9e:f8:18:94:cf:55:1f:42:81:08:cd:2c:63:
cf:13:cb:d6:d4:90:94:2a:21:4a:cc:b3:dd:f7:26:b0:07:ee:
66:c7:85:3a:ac:76:3c:02:fa:f6:52:72:00:73:04:cb:68:d0:
fc:20:7d:f6:04:b7:ec:fa:93:7b:60:17:46:42:53:b5:07:d0:
dc:b1:b9:95:c4:d7:1c:1e:76:fc:d7:e3:56:dc:1d:74:02:84:
b4:39:b1:a4:ff:f9:57:e9:c0:ee:c5:a4:43:91:e6:f3:3c:37:
de:f5:9e:0c:27:20:a4:b4:b9:94:04:5b:a0:d7:2b:5c:12:1b:
d4:a7:5d:b4:8e:de:b1:de:97:51:f7:f3:d2:fb:5b:c1:63:00:
f2:85:24:93:8f:d8:24:85:32:9f:f1:34:20:2b:ce:ca:75:10:
5a:47:37:8b:47:64:78:ba:f4:fe:58:1d:1a:18:dc:a0:d1:f5:
dc:eb:7b:f3:59:26:11:49:9a:b2:73:17:60:ea:dd:c7:8b:38:
d0:0e:d7:08:93:ec:11:10:f5:2b:8f:f4:ba:f9:eb:3e:45:0c:
4f:9b:49:c6:e0:43:4e:81:4a:a1:ef:ff:3f:f2:3c:3b:d3:0f:
5d:e1:cf:57:e4:ab:34:a8:3d:bf:c3:5d:e2:2c:aa:ed:0b:0c:
f5:dc:fd:c5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBEgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjI4QkMxMTAvBgNVBAUTKDk4QjVDNjE0NzYxOEZDQjY0QzIxNERDQ0MwNzc3NDEz
MDg3RTk3NzAwHhcNMjMwOTI0MTI0OTMxWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTEwMzA1Yi04Y2I5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqAOkNZrqSz0fjKZdrB940rNdujtViLu2e/2X59NwMWhhRHV8vewhYl9r3uFI
e3lu5f8xaovC2OtsjFW4dfsrAtxbeyYvZwWbhtSuz/r5UwxrW9J5fMqHizUIZ1BS
DsGkmrnC47WkJGJjOEi93H8nqsE0zHc0gAsFzMKMO3lsfvJlFbksG3FAtkOkusLd
cEn5ljnRyy/zLi1mtOc5tz+9QnrbfEofxoG23X5DHikddsqgXvyCsswTtT67jpGg
FkCxEYkFGe1vNZfhMSEV14H+Tvcj37UZmCS5HULsBq1oX7YP6JQ/umM3lDTUGH3J
Gk8vA01G4YTW7oKk0iHnd3IQAQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFOQdw69X
cC+ZsUUGI/EbVTTOqLqnMB8GA1UdIwQYMBaAFJi1xhR2GPy2TCFNzMB3dBMIfpdw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMjhCQy8wRTdENjRENkRG
MEQxMUVCQjExMzBEODFDNEY5QUUwMi9tTFhHRkhZWV9MWk1JVTNNd0hkMEV3aC1s
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21MWEdGSFlZX0xaTUlVM013SGQwRXdoLWwzQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjI4QkMvMEU3RDY0RDZERjBEMTFFQkIxMTMwRDgxQzRGOUFFMDIvOENFRjIzNUMz
NjU4MTFFQ0JCOTAzRTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnqWIwDwQCAAIwCQMHACABDfb1gDANBgkqhkiG9w0BAQsF
AAOCAQEAI+xS3mue+BiUz1UfQoEIzSxjzxPL1tSQlCohSsyz3fcmsAfuZseFOqx2
PAL69lJyAHMEy2jQ/CB99gS37PqTe2AXRkJTtQfQ3LG5lcTXHB52/NfjVtwddAKE
tDmxpP/5V+nA7sWkQ5Hm8zw33vWeDCcgpLS5lARboNcrXBIb1KddtI7esd6XUffz
0vtbwWMA8oUkk4/YJIUyn/E0ICvOynUQWkc3i0dkeLr0/lgdGhjcoNH13Ot781km
EUmasnMXYOrdx4s40A7XCJPsERD1K4/0uvnrPkUMT5tJxuBDToFKoe//P/I8O9MP
XeHPV+SrNKg9v8Nd4iyq7QsM9dz9xQ==
-----END CERTIFICATE-----
Generated at Tue Apr 30 15:11:54 2024 by rpki-client on console-fra.rpki-client.org