Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/2D3750185FC911EFA7A8DB87C4F9AE02.roa
File: 2D3750185FC911EFA7A8DB87C4F9AE02.roa (raw, json)
Hash identifier: Tfc/NkNSz7WH/ESBLwheZGXo8o9Xc8CmTAWsqGZ9i0U=
Subject key identifier: 0C:0C:7C:6E:35:FB:50:7A:AE:85:DB:0B:8C:47:00:A9:D8:C7:E4:D2
Certificate issuer: /CN=A91623B9/serialNumber=98E1ECBD45D7879F9BC9439F4C6C2F2714AD36F5
Certificate serial: 0439
Authority key identifier: 98:E1:EC:BD:45:D7:87:9F:9B:C9:43:9F:4C:6C:2F:27:14:AD:36:F5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mOHsvUXXh5-byUOfTGwvJxStNvU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/2D3750185FC911EFA7A8DB87C4F9AE02.roa
Signing time: Wed 21 Aug 2024 14:25:12 +0000
ROA not before: Wed 21 Aug 2024 14:25:12 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 60223
IP address blocks: 103.174.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Aug 2024 13:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1081 (0x439)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91623B9/serialNumber=98E1ECBD45D7879F9BC9439F4C6C2F2714AD36F5
Validity
Not Before: Aug 21 14:25:12 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66c5f8c8-1570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:82:ba:3e:6a:2f:17:15:26:d0:cd:bc:a8:13:
5b:79:9e:af:49:43:91:71:c5:e1:17:63:1f:1e:b0:
51:77:6b:db:15:e4:04:59:73:b9:60:9a:b2:05:23:
0c:dc:88:a8:60:13:26:eb:41:a3:e7:61:b4:14:40:
da:45:75:cc:a9:ba:d1:f4:f0:cd:81:1a:d9:c9:f2:
6f:2d:08:70:6c:b4:d3:d8:05:9d:fe:c5:e0:6b:81:
be:ad:38:e8:09:e7:35:31:cb:cf:b2:3c:eb:14:0f:
78:e9:29:4b:f9:ec:f3:12:df:f9:bc:f4:86:31:3a:
b6:3d:2c:ab:85:c7:20:89:f8:60:09:d1:b6:9e:bc:
58:54:97:c7:4a:19:4b:6d:53:8a:ca:f3:d2:04:70:
03:9b:64:4d:a4:b6:96:cc:49:a8:c7:be:92:a4:e6:
3c:04:8b:6a:cb:2f:23:fc:b7:56:07:a2:45:20:3e:
ca:4e:ea:18:57:07:a0:08:49:22:a2:f7:67:91:e3:
be:a5:06:f2:ff:eb:b4:59:b3:5a:75:6b:07:db:c3:
be:ad:a6:23:c4:2f:1e:47:fb:a8:00:a8:42:35:78:
a3:61:13:23:76:1c:29:ff:91:96:8b:16:b2:1b:15:
42:47:4d:81:4a:e6:a5:83:27:51:64:13:0d:42:bb:
b6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:0C:7C:6E:35:FB:50:7A:AE:85:DB:0B:8C:47:00:A9:D8:C7:E4:D2
X509v3 Authority Key Identifier:
keyid:98:E1:EC:BD:45:D7:87:9F:9B:C9:43:9F:4C:6C:2F:27:14:AD:36:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/mOHsvUXXh5-byUOfTGwvJxStNvU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mOHsvUXXh5-byUOfTGwvJxStNvU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/2D3750185FC911EFA7A8DB87C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.96.0/24
Signature Algorithm: sha256WithRSAEncryption
13:39:06:63:c3:7a:33:c0:76:a0:97:d8:75:3c:cc:07:3a:98:
88:64:be:86:5d:ba:2b:bf:66:51:ef:11:1a:25:37:42:be:fc:
39:15:b2:2f:f3:ef:30:9e:fc:9a:df:ce:38:8f:e0:8e:62:b4:
78:82:a0:1a:0b:e0:37:e8:52:47:d3:59:dc:6f:19:1a:eb:3e:
c3:1b:97:82:59:84:aa:15:2d:f5:5a:b1:c5:0e:9a:d1:10:d7:
d5:67:06:bc:87:d9:70:a6:72:33:00:04:ad:97:a5:a9:16:da:
bb:97:71:c8:4a:df:3f:17:ea:cb:ee:5c:ee:cc:9b:89:59:f1:
76:a9:17:88:ca:0e:b6:39:2a:f2:55:ae:02:61:3b:f4:e2:53:
51:6b:9e:60:29:1c:3a:d2:34:00:06:9c:f7:16:64:22:93:68:
c8:51:b6:83:11:65:ad:60:f1:b5:30:e9:8a:ea:4b:31:ac:c1:
df:f0:12:00:d8:bc:d8:f3:ca:bb:91:fc:2d:a9:78:6b:dd:95:
35:dc:a6:9f:2a:31:0b:7c:a4:ad:a5:ea:e8:b4:3d:1d:fe:8f:
6c:2d:23:d5:c3:94:77:23:02:3e:c8:42:0b:a5:94:d5:d3:7c:
60:b9:59:56:8a:3a:8d:e3:b3:25:10:a7:d8:5a:56:63:f5:77:
c8:bf:31:96
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBDkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjIzQjkxMTAvBgNVBAUTKDk4RTFFQ0JENDVENzg3OUY5QkM5NDM5RjRDNkMyRjI3
MTRBRDM2RjUwHhcNMjQwODIxMTQyNTEyWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM1ZjhjOC0xNTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv4K6PmovFxUm0M28qBNbeZ6vSUORccXhF2MfHrBRd2vbFeQEWXO5YJqyBSMM
3IioYBMm60Gj52G0FEDaRXXMqbrR9PDNgRrZyfJvLQhwbLTT2AWd/sXga4G+rTjo
Cec1McvPsjzrFA946SlL+ezzEt/5vPSGMTq2PSyrhccgifhgCdG2nrxYVJfHShlL
bVOKyvPSBHADm2RNpLaWzEmox76SpOY8BItqyy8j/LdWB6JFID7KTuoYVwegCEki
ovdnkeO+pQby/+u0WbNadWsH28O+raYjxC8eR/uoAKhCNXijYRMjdhwp/5GWixay
GxVCR02BSualgydRZBMNQru2GwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAwMfG41
+1B6roXbC4xHAKnYx+TSMB8GA1UdIwQYMBaAFJjh7L1F14efm8lDn0xsLycUrTb1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjNCOS83OENFQUNCQzJC
MzYxMUVDQUQ1OTVCN0NDNEY5QUUwMi9tT0hzdlVYWGg1LWJ5VU9mVEd3dkp4U3RO
dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21PSHN2VVhYaDUtYnlVT2ZUR3d2SnhTdE52VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjIzQjkvNzhDRUFDQkMyQjM2MTFFQ0FENTk1QjdDQzRGOUFFMDIvMkQzNzUwMTg1
RkM5MTFFRkE3QThEQjg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnrmAwDQYJKoZIhvcNAQELBQADggEBABM5BmPDejPAdqCX
2HU8zAc6mIhkvoZduiu/ZlHvERolN0K+/DkVsi/z7zCe/JrfzjiP4I5itHiCoBoL
4DfoUkfTWdxvGRrrPsMbl4JZhKoVLfVascUOmtEQ19VnBryH2XCmcjMABK2XpakW
2ruXcchK3z8X6svuXO7Mm4lZ8XapF4jKDrY5KvJVrgJhO/TiU1FrnmApHDrSNAAG
nPcWZCKTaMhRtoMRZa1g8bUw6YrqSzGswd/wEgDYvNjzyruR/C2peGvdlTXcpp8q
MQt8pK2l6ui0PR3+j2wtI9XDlHcjAj7IQgullNXTfGC5WVaKOo3jsyUQp9haVmP1
d8i/MZY=
-----END CERTIFICATE-----
Generated at Thu Aug 22 17:02:48 2024 by rpki-client on console-fra.rpki-client.org