Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/873D1792F93A11ED9A23733BC4F9AE02.roa
File: 873D1792F93A11ED9A23733BC4F9AE02.roa (raw, json)
Hash identifier: QwMBi7CHbnPhKlYAERZUIzReNJBtb6Vqe7OVf4UoflY=
Subject key identifier: AD:A3:3F:7F:63:74:2C:47:30:11:50:FD:24:CE:0A:9B:42:42:45:12
Certificate issuer: /CN=A91590E3/serialNumber=BB976A598E5ECB05E37FAC00A5B7888E57F51C52
Certificate serial: 179D
Authority key identifier: BB:97:6A:59:8E:5E:CB:05:E3:7F:AC:00:A5:B7:88:8E:57:F5:1C:52
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/873D1792F93A11ED9A23733BC4F9AE02.roa
Signing time: Fri 22 Sep 2023 16:54:07 +0000
ROA not before: Fri 22 Sep 2023 16:54:07 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 136948
IP address blocks: 103.99.249.0/24 maxlen: 24
103.99.250.0/24 maxlen: 24
103.99.251.0/24 maxlen: 24
2401:b640::/32 maxlen: 32
2401:b640::/48 maxlen: 48
2401:b640:1::/48 maxlen: 48
2401:b640:2::/48 maxlen: 48
2401:b640:3::/48 maxlen: 48
2401:b640:4::/48 maxlen: 48
2401:b640:5::/48 maxlen: 48
2401:b640:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 26 Feb 2024 11:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6045 (0x179d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91590E3/serialNumber=BB976A598E5ECB05E37FAC00A5B7888E57F51C52
Validity
Not Before: Sep 22 16:54:07 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=650dc6af-7f35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3b:1f:f5:df:63:b0:e0:20:11:3f:98:b0:f8:
77:9a:71:07:15:85:cc:c7:2b:6d:5d:bd:08:0c:08:
89:a2:82:43:19:15:c7:11:17:1e:1b:3b:f9:f6:14:
c6:66:42:80:8b:87:2d:aa:8b:d1:45:11:0e:8a:b7:
0c:93:db:1b:78:4d:b3:87:8e:e5:41:1b:01:32:99:
5e:24:0a:53:46:47:b5:fa:9f:5c:03:e9:e9:a2:35:
f7:c9:8d:2d:02:68:97:d6:9f:28:84:5a:41:9b:53:
ed:f8:85:3b:f4:84:c9:69:d7:cf:72:c8:d3:9b:8d:
95:67:1c:f1:ae:a6:da:7d:2c:71:62:c0:93:6c:fd:
43:dc:14:22:55:6a:30:3f:dc:98:8c:22:33:0f:12:
00:0b:dc:94:43:d6:0e:2f:db:c4:06:ff:39:e8:44:
42:9c:47:2e:78:e4:94:cd:b6:1d:56:ad:41:7d:da:
ff:8e:0e:f9:c9:fe:89:08:76:41:f3:4a:38:e8:46:
77:a8:af:71:a2:9a:65:80:1b:1a:bd:0a:89:a3:03:
39:d6:4e:f9:96:17:a1:63:4f:28:6e:d6:d9:c8:3f:
8e:2e:28:8b:49:44:fa:d3:f4:fb:5f:b3:d1:07:45:
6b:1a:0b:65:41:4e:2e:37:76:0a:6f:49:ca:c0:58:
67:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A3:3F:7F:63:74:2C:47:30:11:50:FD:24:CE:0A:9B:42:42:45:12
X509v3 Authority Key Identifier:
keyid:BB:97:6A:59:8E:5E:CB:05:E3:7F:AC:00:A5:B7:88:8E:57:F5:1C:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/873D1792F93A11ED9A23733BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.249.0-103.99.251.255
IPv6:
2401:b640::/32
Signature Algorithm: sha256WithRSAEncryption
8a:7a:a4:09:8e:bb:6a:a4:cd:2c:36:27:3b:e2:5e:fe:c6:c6:
33:f7:37:d5:58:da:e9:0a:81:33:e0:04:c9:26:63:07:98:88:
37:b9:bc:51:23:eb:0d:0e:72:2f:55:b3:74:72:28:31:83:6b:
61:fa:13:48:2f:5e:73:9a:fa:7c:1e:60:d0:c0:95:13:15:17:
4b:b6:ed:1d:6b:70:78:b6:e4:8e:b7:3e:87:5a:1f:80:22:0b:
ee:9e:83:6c:4c:4d:7d:de:41:9c:df:8f:85:10:30:bf:36:3e:
32:3d:52:39:f4:45:06:59:6d:6f:19:79:ac:40:36:7d:14:43:
2d:2e:65:ec:52:62:17:23:37:93:90:e3:6f:4d:d7:aa:09:1a:
19:49:7f:c9:66:f7:f3:8d:08:26:d5:7f:50:f1:d3:eb:db:4e:
67:47:91:de:f9:27:e4:74:10:e7:a4:38:88:9d:5b:4b:d3:71:
94:42:55:7c:66:2d:52:bd:4b:1f:ea:1d:f9:a1:3e:a5:85:b7:
5e:4b:95:d3:a2:68:ce:e3:6a:86:61:3b:f0:90:24:89:27:6f:
cf:f7:9a:6f:4f:d8:c1:f3:48:ab:49:6e:1d:a9:8e:0b:22:cb:
c9:7b:fe:31:bc:d5:2e:31:5b:eb:ba:80:a0:23:6a:89:fe:56:
58:ce:52:9d
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICF50wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTkwRTMxMTAvBgNVBAUTKEJCOTc2QTU5OEU1RUNCMDVFMzdGQUMwMEE1Qjc4ODhF
NTdGNTFDNTIwHhcNMjMwOTIyMTY1NDA3WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTBkYzZhZi03ZjM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtTsf9d9jsOAgET+YsPh3mnEHFYXMxyttXb0IDAiJooJDGRXHERceGzv59hTG
ZkKAi4ctqovRRREOircMk9sbeE2zh47lQRsBMpleJApTRke1+p9cA+npojX3yY0t
AmiX1p8ohFpBm1Pt+IU79ITJadfPcsjTm42VZxzxrqbafSxxYsCTbP1D3BQiVWow
P9yYjCIzDxIAC9yUQ9YOL9vEBv856ERCnEcueOSUzbYdVq1Bfdr/jg75yf6JCHZB
80o46EZ3qK9xopplgBsavQqJowM51k75lhehY08obtbZyD+OLiiLSUT60/T7X7PR
B0VrGgtlQU4uN3YKb0nKwFhnawIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFK2jP39j
dCxHMBFQ/STOCptCQkUSMB8GA1UdIwQYMBaAFLuXalmOXssF43+sAKW3iI5X9RxS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTBFMy9EQTE4QjE4NDlB
NDkxMUU3OUE5RjMwMzBDNEY5QUUwMi91NWRxV1k1ZXl3WGpmNndBcGJlSWpsZjFI
RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3U1ZHFXWTVleXdYamY2d0FwYmVJamxmMUhGSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTkwRTMvREExOEIxODQ5QTQ5MTFFNzlBOUYzMDMwQzRGOUFFMDIvODczRDE3OTJG
OTNBMTFFRDlBMjM3MzNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBQEAgABMA4wDAMEAGdj+QMEAmdj+DANBAIAAjAHAwUAJAG2QDANBgkqhkiG
9w0BAQsFAAOCAQEAinqkCY67aqTNLDYnO+Je/sbGM/c31Vja6QqBM+AEySZjB5iI
N7m8USPrDQ5yL1WzdHIoMYNrYfoTSC9ec5r6fB5g0MCVExUXS7btHWtweLbkjrc+
h1ofgCIL7p6DbExNfd5BnN+PhRAwvzY+Mj1SOfRFBlltbxl5rEA2fRRDLS5l7FJi
FyM3k5Djb03XqgkaGUl/yWb3840IJtV/UPHT69tOZ0eR3vkn5HQQ56Q4iJ1bS9Nx
lEJVfGYtUr1LH+od+aE+pYW3XkuV06JozuNqhmE78JAkiSdvz/eab0/YwfNIq0lu
HamOCyLLyXv+MbzVLjFb67qAoCNqif5WWM5SnQ==
-----END CERTIFICATE-----
Generated at Mon Feb 26 14:19:00 2024 by rpki-client on console-ams.rpki-client.org