Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91602BE/38218332A21D11E99C9DC77DC4F9AE02/17A3A4D8C98611E9AC175947C4F9AE02.roa
File: 17A3A4D8C98611E9AC175947C4F9AE02.roa (raw, json)
Hash identifier: AKxNurzM1xAwUrb36jFvjKVvg5QaA9UU2hF5r3BYTK0=
Subject key identifier: 4B:13:F0:DF:D0:E6:62:16:A1:AD:F2:94:AB:79:DB:DC:5D:40:B8:9C
Certificate issuer: /CN=A91602BE/serialNumber=17F951844051448C89061404CFB41EAAE0473A7A
Certificate serial: 0D88
Authority key identifier: 17:F9:51:84:40:51:44:8C:89:06:14:04:CF:B4:1E:AA:E0:47:3A:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F_lRhEBRRIyJBhQEz7QequBHOno.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91602BE/38218332A21D11E99C9DC77DC4F9AE02/17A3A4D8C98611E9AC175947C4F9AE02.roa
Signing time: Thu 18 Apr 2024 18:56:56 +0000
ROA not before: Thu 18 Apr 2024 18:56:56 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 136787
IP address blocks: 103.86.96.0/24 maxlen: 24
103.86.99.0/24 maxlen: 24
116.204.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Aug 2024 13:20:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3464 (0xd88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91602BE/serialNumber=17F951844051448C89061404CFB41EAAE0473A7A
Validity
Not Before: Apr 18 18:56:56 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66216cf7-cdf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:77:f6:d7:9b:42:c1:d2:87:db:82:01:36:56:
64:e8:d1:37:40:44:71:3c:ff:ca:27:d1:18:f9:79:
ec:26:4d:72:1f:22:e1:68:74:81:07:11:30:07:bb:
1e:a4:13:ce:d7:2b:db:9d:8d:3f:ff:63:90:59:7e:
19:f6:e2:81:a1:e2:6d:f4:9e:cd:0d:c3:37:81:0f:
fc:8e:ad:c8:fa:30:55:d0:ac:7d:f1:4f:b3:32:5c:
59:3b:59:fc:78:27:9f:52:0d:b0:ba:fa:ed:19:f3:
6b:cd:a4:65:19:70:03:4d:c2:2d:cc:b7:f6:47:69:
b8:ca:88:89:a9:4d:d9:d4:d6:45:3c:48:61:02:31:
59:f0:6c:82:f3:32:b4:a7:42:5c:e2:a0:3e:e5:b2:
99:1a:6b:b6:af:99:f8:18:63:54:db:b4:dd:7a:24:
4c:04:46:7b:8a:1c:53:5a:29:fd:7e:e4:34:28:45:
75:38:77:d8:8a:f1:39:18:8d:c0:b8:6f:44:f2:eb:
4d:04:78:1f:a2:b9:36:b2:29:0d:c9:95:c4:fa:a2:
94:7f:4a:2c:a4:8c:02:97:8b:7c:a0:24:85:ec:b5:
c8:e2:ba:8f:3f:e1:89:d0:67:9b:43:dc:ac:d1:2e:
8d:00:3f:33:c7:2d:cf:02:c1:01:69:47:21:67:1d:
58:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:13:F0:DF:D0:E6:62:16:A1:AD:F2:94:AB:79:DB:DC:5D:40:B8:9C
X509v3 Authority Key Identifier:
keyid:17:F9:51:84:40:51:44:8C:89:06:14:04:CF:B4:1E:AA:E0:47:3A:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91602BE/38218332A21D11E99C9DC77DC4F9AE02/F_lRhEBRRIyJBhQEz7QequBHOno.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F_lRhEBRRIyJBhQEz7QequBHOno.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91602BE/38218332A21D11E99C9DC77DC4F9AE02/17A3A4D8C98611E9AC175947C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.86.96.0/24
103.86.99.0/24
116.204.192.0/24
Signature Algorithm: sha256WithRSAEncryption
48:3d:48:1c:c5:c6:6b:e8:06:e3:ea:41:04:ff:0b:bf:e7:39:
6d:ff:6a:e8:62:29:a6:d2:a5:9b:c0:b6:9e:d2:c2:60:17:9f:
85:ea:48:f4:dc:b9:5a:41:a7:a9:b5:fa:5c:88:d0:ff:6a:d3:
2f:e4:cb:12:59:82:ae:0b:08:96:b1:52:88:e2:e9:6c:e7:c4:
29:06:57:ef:21:61:b4:bf:a7:c2:14:00:61:f5:9e:cb:bc:0c:
5c:8e:42:03:6c:76:90:57:fd:db:54:30:45:f9:0c:c7:fb:cb:
da:05:62:1b:18:33:d6:54:43:68:ab:6e:f9:ca:0a:18:c6:64:
37:3f:b1:ed:28:93:c9:74:42:4f:ca:3b:9c:26:ba:0f:a3:20:
ea:e2:cd:4a:a7:97:77:bf:88:0c:1a:9f:6b:ce:dd:77:ea:03:
b2:d3:34:18:a5:9c:a6:25:39:fe:c8:13:b5:7f:6c:2d:92:2f:
a3:63:7b:8b:0d:f8:3e:5a:5a:e5:a2:29:e5:28:8b:bd:8b:98:
3a:f6:0c:30:d7:df:d2:f2:21:69:3c:01:5d:a2:8d:c3:00:c0:
a5:21:ea:76:4c:3b:39:fc:bc:e5:26:f4:07:1c:4e:cc:77:4f:
ba:04:90:7a:9b:bf:42:72:46:2e:30:b9:e7:26:f3:fb:b3:4b:
a7:2f:1f:e6
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICDYgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjAyQkUxMTAvBgNVBAUTKDE3Rjk1MTg0NDA1MTQ0OEM4OTA2MTQwNENGQjQxRUFB
RTA0NzNBN0EwHhcNMjQwNDE4MTg1NjU2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjIxNmNmNy1jZGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArHf215tCwdKH24IBNlZk6NE3QERxPP/KJ9EY+XnsJk1yHyLhaHSBBxEwB7se
pBPO1yvbnY0//2OQWX4Z9uKBoeJt9J7NDcM3gQ/8jq3I+jBV0Kx98U+zMlxZO1n8
eCefUg2wuvrtGfNrzaRlGXADTcItzLf2R2m4yoiJqU3Z1NZFPEhhAjFZ8GyC8zK0
p0Jc4qA+5bKZGmu2r5n4GGNU27TdeiRMBEZ7ihxTWin9fuQ0KEV1OHfYivE5GI3A
uG9E8utNBHgfork2sikNyZXE+qKUf0ospIwCl4t8oCSF7LXI4rqPP+GJ0GebQ9ys
0S6NAD8zxy3PAsEBaUchZx1YiwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFEsT8N/Q
5mIWoa3ylKt529xdQLicMB8GA1UdIwQYMBaAFBf5UYRAUUSMiQYUBM+0HqrgRzp6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MDJCRS8zODIxODMzMkEy
MUQxMUU5OUM5REM3N0RDNEY5QUUwMi9GX2xSaEVCUlJJeUpCaFFFejdRZXF1QkhP
bm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZfbFJoRUJSUkl5SkJoUUV6N1FlcXVCSE9uby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjAyQkUvMzgyMTgzMzJBMjFEMTFFOTlDOURDNzdEQzRGOUFFMDIvMTdBM0E0RDhD
OTg2MTFFOUFDMTc1OTQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABnVmADBABnVmMDBAB0zMAwDQYJKoZIhvcNAQELBQADggEB
AEg9SBzFxmvoBuPqQQT/C7/nOW3/auhiKabSpZvAtp7SwmAXn4XqSPTcuVpBp6m1
+lyI0P9q0y/kyxJZgq4LCJaxUoji6WznxCkGV+8hYbS/p8IUAGH1nsu8DFyOQgNs
dpBX/dtUMEX5DMf7y9oFYhsYM9ZUQ2irbvnKChjGZDc/se0ok8l0Qk/KO5wmug+j
IOrizUqnl3e/iAwan2vO3XfqA7LTNBilnKYlOf7IE7V/bC2SL6Nje4sN+D5aWuWi
KeUoi72LmDr2DDDX39LyIWk8AV2ijcMAwKUh6nZMOzn8vOUm9AccTsx3T7oEkHqb
v0JyRi4wuecm8/uzS6cvH+Y=
-----END CERTIFICATE-----
Generated at Fri Aug 16 15:30:37 2024 by rpki-client on console-ams.rpki-client.org