Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/884AA4800F4F11EEB585645CC4F9AE02.roa
File: 884AA4800F4F11EEB585645CC4F9AE02.roa (raw, json)
Hash identifier: 8tgwj2wTY/3bx18mAbk7GazrAbtnnJmHWnHJ6JLglmw=
Subject key identifier: 08:31:5F:CA:F6:9F:5B:43:85:53:33:32:AE:47:12:80:00:E7:3D:92
Certificate issuer: /CN=A91383F0/serialNumber=1036C1E0FFE1CFC37D655D89FA65D65FE22E1F7A
Certificate serial: 93
Authority key identifier: 10:36:C1:E0:FF:E1:CF:C3:7D:65:5D:89:FA:65:D6:5F:E2:2E:1F:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/884AA4800F4F11EEB585645CC4F9AE02.roa
Signing time: Sun 18 Feb 2024 05:16:22 +0000
ROA not before: Sun 18 Feb 2024 05:16:22 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 138362
IP address blocks: 103.221.66.0/23 maxlen: 23
103.221.66.0/24 maxlen: 24
103.221.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 14:51:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147 (0x93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91383F0/serialNumber=1036C1E0FFE1CFC37D655D89FA65D65FE22E1F7A
Validity
Not Before: Feb 18 05:16:22 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65d192a6-23e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:38:09:8b:46:4a:9f:32:85:4d:50:de:29:b1:
f8:b2:ee:42:2f:ef:57:48:8c:b0:51:de:c8:86:85:
3a:92:18:be:4b:e3:dd:02:f5:57:f6:b2:76:40:d0:
82:ae:3b:e8:4d:98:38:14:8e:be:7e:51:2a:48:1a:
94:93:4d:ea:0b:c7:ed:b1:1d:19:44:0d:0e:9e:48:
02:97:34:2f:25:eb:4b:be:09:f4:d8:bb:ad:c5:85:
ae:bf:b4:62:20:6e:d3:5a:c7:0f:5b:41:6d:d2:1a:
a0:c1:1d:34:e7:bf:b3:65:92:fe:7e:6b:69:c4:fa:
41:92:6c:39:d4:1a:7f:af:6d:bb:c4:a9:41:26:e1:
91:f9:81:fc:fa:9d:76:71:53:99:e1:bb:ae:4f:4f:
f1:24:52:c4:45:aa:74:c8:88:94:0f:e5:33:fe:85:
3d:69:19:35:48:5d:4f:50:f1:15:40:ff:e4:31:b9:
8c:97:58:de:2d:56:62:31:ac:72:8f:43:aa:48:bc:
2a:dc:70:14:f9:4b:67:32:50:ea:a6:39:5c:c4:cd:
f3:45:7b:99:fd:a1:cb:ae:8f:27:e0:f8:13:04:c8:
a5:52:2a:3e:1a:94:ca:1e:9a:f2:42:0f:e7:9d:d5:
4b:71:b1:0b:fb:64:39:8c:51:7d:f7:28:74:e5:5f:
60:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:31:5F:CA:F6:9F:5B:43:85:53:33:32:AE:47:12:80:00:E7:3D:92
X509v3 Authority Key Identifier:
keyid:10:36:C1:E0:FF:E1:CF:C3:7D:65:5D:89:FA:65:D6:5F:E2:2E:1F:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/884AA4800F4F11EEB585645CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.66.0/23
Signature Algorithm: sha256WithRSAEncryption
74:8c:76:30:07:9e:b5:c5:54:00:12:ae:1a:5a:75:9a:70:d5:
85:3d:16:d3:4d:c4:98:ac:38:70:da:b9:93:83:9d:11:41:47:
8d:6c:39:b0:8a:b8:84:73:f2:83:f4:45:16:56:8f:73:b4:07:
9e:ca:4b:c8:84:a2:80:18:b3:d6:d2:0d:3d:d6:57:7b:d3:7b:
e8:10:a1:88:46:80:fc:d2:25:2b:2d:73:8c:2c:8a:31:38:24:
e3:11:3d:f4:74:7c:a3:ae:5e:6a:2d:2b:81:71:eb:6f:75:a8:
81:02:f4:57:22:62:17:88:b0:09:27:5c:b5:3b:f6:33:cc:27:
c6:31:76:39:f7:5d:d8:97:43:c5:f2:86:8a:da:ad:21:e8:3a:
63:4c:65:2f:95:b8:34:18:8f:7a:1e:4e:66:e7:2e:62:31:eb:
83:2b:03:71:16:e9:71:9b:02:9b:3f:37:a2:35:a0:50:cb:6a:
f6:06:6b:6d:03:a5:3f:ec:da:3c:61:44:3c:ec:c6:26:dd:35:
f7:b0:82:b9:ac:91:33:dc:4a:d3:9b:81:51:5e:e6:bd:c4:8c:
0d:53:54:d5:78:2b:b2:2d:0e:77:31:6e:3e:c5:6f:5a:86:77:
99:89:fc:a3:de:3b:1b:7c:ac:29:99:95:7a:bb:9e:6a:65:96:
49:af:b3:12
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAJMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzgzRjAxMTAvBgNVBAUTKDEwMzZDMUUwRkZFMUNGQzM3RDY1NUQ4OUZBNjVENjVG
RTIyRTFGN0EwHhcNMjQwMjE4MDUxNjIyWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQxOTJhNi0yM2UyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuzgJi0ZKnzKFTVDeKbH4su5CL+9XSIywUd7IhoU6khi+S+PdAvVX9rJ2QNCC
rjvoTZg4FI6+flEqSBqUk03qC8ftsR0ZRA0OnkgClzQvJetLvgn02LutxYWuv7Ri
IG7TWscPW0Ft0hqgwR0057+zZZL+fmtpxPpBkmw51Bp/r227xKlBJuGR+YH8+p12
cVOZ4buuT0/xJFLERap0yIiUD+Uz/oU9aRk1SF1PUPEVQP/kMbmMl1jeLVZiMaxy
j0OqSLwq3HAU+UtnMlDqpjlcxM3zRXuZ/aHLro8n4PgTBMilUio+GpTKHpryQg/n
ndVLcbEL+2Q5jFF99yh05V9gTQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAgxX8r2
n1tDhVMzMq5HEoAA5z2SMB8GA1UdIwQYMBaAFBA2weD/4c/DfWVdifpl1l/iLh96
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzODNGMC9EQ0ZDQTZBMjBB
ODMxMUVFOUU2QTkyNTBDNEY5QUUwMi9FRGJCNFBfaHo4TjlaVjJKLW1YV1gtSXVI
M28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VEYkI0UF9oejhOOVpWMkotbVhXWC1JdUgzby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzgzRjAvRENGQ0E2QTIwQTgzMTFFRTlFNkE5MjUwQzRGOUFFMDIvODg0QUE0ODAw
RjRGMTFFRUI1ODU2NDVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn3UIwDQYJKoZIhvcNAQELBQADggEBAHSMdjAHnrXFVAAS
rhpadZpw1YU9FtNNxJisOHDauZODnRFBR41sObCKuIRz8oP0RRZWj3O0B57KS8iE
ooAYs9bSDT3WV3vTe+gQoYhGgPzSJSstc4wsijE4JOMRPfR0fKOuXmotK4Fx6291
qIEC9FciYheIsAknXLU79jPMJ8Yxdjn3XdiXQ8XyhorarSHoOmNMZS+VuDQYj3oe
TmbnLmIx64MrA3EW6XGbAps/N6I1oFDLavYGa20DpT/s2jxhRDzsxibdNfewgrms
kTPcStObgVFe5r3EjA1TVNV4K7ItDncxbj7Fb1qGd5mJ/KPeOxt8rCmZlXq7nmpl
lkmvsxI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org