Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/884589160C8111EFAB44CA1CC4F9AE02.roa
File: 884589160C8111EFAB44CA1CC4F9AE02.roa (raw, json)
Hash identifier: YigpwCVGDZnK5hCgSml5P7+NQ66DipsKmW51izYu9zU=
Subject key identifier: 12:FE:36:C7:60:05:EE:67:9C:01:02:A3:F1:63:DD:29:C9:14:5E:03
Certificate issuer: /CN=A91383F0/serialNumber=1036C1E0FFE1CFC37D655D89FA65D65FE22E1F7A
Certificate serial: C3
Authority key identifier: 10:36:C1:E0:FF:E1:CF:C3:7D:65:5D:89:FA:65:D6:5F:E2:2E:1F:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/884589160C8111EFAB44CA1CC4F9AE02.roa
Signing time: Tue 07 May 2024 14:53:15 +0000
ROA not before: Tue 07 May 2024 14:53:15 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 138362
IP address blocks: 103.221.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 07:15:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 195 (0xc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91383F0/serialNumber=1036C1E0FFE1CFC37D655D89FA65D65FE22E1F7A
Validity
Not Before: May 7 14:53:15 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=663a405b-04ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:54:90:ab:12:47:af:30:82:9b:96:fc:ee:26:
dc:70:23:b2:09:19:b0:eb:b5:23:ba:26:a1:ea:23:
dd:7e:7f:aa:3b:02:08:1d:1e:12:83:dd:53:62:ee:
a4:30:53:25:fe:63:76:de:85:a3:99:71:2f:25:4a:
5a:e8:37:52:bc:e6:2c:b2:bb:c6:8e:4b:68:7d:71:
79:63:3f:ca:60:7a:ef:2d:7a:1d:04:5b:d6:5f:a2:
eb:82:e8:a1:57:f3:09:c0:48:7c:87:e1:1c:12:80:
2a:13:83:33:9d:21:1b:3e:4f:c8:78:fe:a4:a4:b0:
c0:01:9c:9e:24:7d:10:00:ed:26:c4:5b:1d:38:c8:
fb:fd:ec:f7:d4:87:c1:be:72:d5:2b:21:78:fa:1d:
f8:da:f0:3b:91:bc:1d:22:3a:bb:9e:de:25:97:99:
87:69:fa:d2:f1:13:2f:1b:f6:7c:6b:3c:bb:fc:88:
3f:58:e1:f2:65:91:a4:af:0a:62:f0:6a:e3:b7:eb:
ba:c3:9d:ad:38:b9:c8:ce:6d:85:ee:5e:54:55:6e:
19:0f:ce:10:c9:78:40:df:ea:02:8e:12:5d:39:51:
59:96:9e:dd:a0:ec:d5:88:c3:e7:d5:6e:b8:0f:7d:
c8:33:81:a6:b9:85:ff:8f:a6:8b:1c:1f:02:b0:db:
91:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:FE:36:C7:60:05:EE:67:9C:01:02:A3:F1:63:DD:29:C9:14:5E:03
X509v3 Authority Key Identifier:
keyid:10:36:C1:E0:FF:E1:CF:C3:7D:65:5D:89:FA:65:D6:5F:E2:2E:1F:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/884589160C8111EFAB44CA1CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.66.0/24
Signature Algorithm: sha256WithRSAEncryption
79:1f:b6:a4:21:22:b0:87:6e:c2:ec:bc:23:b7:37:bf:8b:86:
3d:ca:a1:2a:a8:9e:49:94:42:5f:24:60:9d:2b:5e:c0:76:1b:
dd:8f:52:04:e9:87:a9:f5:23:5d:09:71:ce:9b:91:43:d8:51:
78:3b:db:f5:29:d5:4f:d2:ef:8d:0a:0c:ca:00:34:c6:fb:4d:
92:bb:ee:99:41:2a:dc:1a:33:a7:b1:6f:e0:8a:39:8d:39:f8:
30:71:54:1b:24:8e:17:b0:55:7f:ae:70:3d:5d:e5:57:27:39:
0d:9d:f3:13:fc:cd:df:09:88:1b:24:4d:bc:33:82:76:11:c9:
54:dd:75:19:7c:e6:a5:91:84:36:30:d5:bb:ca:2c:5c:ab:30:
e0:60:4c:94:cf:17:b2:44:77:4e:b8:d8:ce:58:07:0d:47:50:
07:35:64:7e:6e:7f:21:2b:39:35:4a:79:a4:ba:a5:03:57:6d:
8b:c8:29:c0:9c:05:9f:0e:ba:81:b2:65:28:4d:61:7e:bf:f4:
61:14:41:e2:5f:f9:ba:3a:ca:b1:33:5e:1a:a1:0f:40:f8:32:
31:0b:c7:5b:be:3b:4c:22:88:ac:fb:3f:15:ed:98:5b:e7:db:
b1:88:6e:22:35:dd:b4:51:af:5d:f6:82:52:65:25:82:8d:3d:
eb:ae:7b:66
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzgzRjAxMTAvBgNVBAUTKDEwMzZDMUUwRkZFMUNGQzM3RDY1NUQ4OUZBNjVENjVG
RTIyRTFGN0EwHhcNMjQwNTA3MTQ1MzE1WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNhNDA1Yi0wNGVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAplSQqxJHrzCCm5b87ibccCOyCRmw67Ujuiah6iPdfn+qOwIIHR4Sg91TYu6k
MFMl/mN23oWjmXEvJUpa6DdSvOYssrvGjktofXF5Yz/KYHrvLXodBFvWX6Lrguih
V/MJwEh8h+EcEoAqE4MznSEbPk/IeP6kpLDAAZyeJH0QAO0mxFsdOMj7/ez31IfB
vnLVKyF4+h342vA7kbwdIjq7nt4ll5mHafrS8RMvG/Z8azy7/Ig/WOHyZZGkrwpi
8Grjt+u6w52tOLnIzm2F7l5UVW4ZD84QyXhA3+oCjhJdOVFZlp7doOzViMPn1W64
D33IM4GmuYX/j6aLHB8CsNuRqwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBL+Nsdg
Be5nnAECo/Fj3SnJFF4DMB8GA1UdIwQYMBaAFBA2weD/4c/DfWVdifpl1l/iLh96
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzODNGMC9EQ0ZDQTZBMjBB
ODMxMUVFOUU2QTkyNTBDNEY5QUUwMi9FRGJCNFBfaHo4TjlaVjJKLW1YV1gtSXVI
M28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VEYkI0UF9oejhOOVpWMkotbVhXWC1JdUgzby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzgzRjAvRENGQ0E2QTIwQTgzMTFFRTlFNkE5MjUwQzRGOUFFMDIvODg0NTg5MTYw
QzgxMTFFRkFCNDRDQTFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn3UIwDQYJKoZIhvcNAQELBQADggEBAHkftqQhIrCHbsLs
vCO3N7+Lhj3KoSqonkmUQl8kYJ0rXsB2G92PUgTph6n1I10Jcc6bkUPYUXg72/Up
1U/S740KDMoANMb7TZK77plBKtwaM6exb+CKOY05+DBxVBskjhewVX+ucD1d5Vcn
OQ2d8xP8zd8JiBskTbwzgnYRyVTddRl85qWRhDYw1bvKLFyrMOBgTJTPF7JEd064
2M5YBw1HUAc1ZH5ufyErOTVKeaS6pQNXbYvIKcCcBZ8OuoGyZShNYX6/9GEUQeJf
+bo6yrEzXhqhD0D4MjELx1u+O0wiiKz7PxXtmFvn27GIbiI13bRRr132glJlJYKN
Peuue2Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org