Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/2E18370E5FC911EFA7A8DB87C4F9AE02.roa
File: 2E18370E5FC911EFA7A8DB87C4F9AE02.roa (raw, json)
Hash identifier: kWMwbp3xOyMdpWkTJ7cY2Pdb+hcWzVp5WhlMtrVRC60=
Subject key identifier: F7:F2:93:16:7A:DA:70:44:AE:6C:01:44:46:62:6F:85:FE:63:D7:AF
Certificate issuer: /CN=A91623B9/serialNumber=98E1ECBD45D7879F9BC9439F4C6C2F2714AD36F5
Certificate serial: 0455
Authority key identifier: 98:E1:EC:BD:45:D7:87:9F:9B:C9:43:9F:4C:6C:2F:27:14:AD:36:F5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mOHsvUXXh5-byUOfTGwvJxStNvU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/2E18370E5FC911EFA7A8DB87C4F9AE02.roa
Signing time: Thu 03 Oct 2024 13:23:55 +0000
ROA not before: Thu 03 Oct 2024 13:23:55 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 139660
IP address blocks: 103.174.96.0/24 maxlen: 24
103.174.97.0/24 maxlen: 24
2001:df7:c380::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 31 Oct 2024 08:30:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1109 (0x455)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91623B9/serialNumber=98E1ECBD45D7879F9BC9439F4C6C2F2714AD36F5
Validity
Not Before: Oct 3 13:23:55 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66fe9aea-c7ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:70:05:99:d5:97:69:79:d1:0b:7a:0b:34:02:
3d:2e:64:2e:a1:a6:db:d3:a9:aa:69:a6:4a:8c:fc:
28:6c:ac:14:92:dd:df:60:5a:12:b9:85:14:75:e1:
3f:70:77:f2:56:af:3a:04:7f:ee:8c:59:10:02:96:
89:b4:c0:a2:cd:9d:9c:a7:37:d3:4e:2a:fb:a5:2d:
cd:b3:a4:15:39:a9:61:07:cd:9f:d0:fe:97:86:5c:
91:83:c3:94:76:61:59:1a:93:a4:a0:58:14:a2:51:
19:37:fc:40:b6:06:af:10:88:1c:36:87:2a:9f:5d:
54:c3:41:02:39:a5:ef:77:56:7f:97:3c:91:5a:77:
3c:93:05:41:f0:18:c8:f3:82:b6:8e:cf:7f:ea:aa:
90:ef:ad:61:ae:fa:8c:91:16:a3:04:0d:db:c0:8b:
17:d7:d0:e9:8d:af:52:cb:e3:d3:09:39:09:c8:fb:
6b:bf:70:ba:53:94:05:73:8a:2b:61:ef:a5:a6:11:
12:47:90:8c:c2:53:97:88:51:e3:e7:6a:b1:bd:89:
25:f6:87:5a:e3:00:5a:ee:49:b4:0a:f0:1e:25:1c:
03:9f:17:e2:8c:4e:15:1a:fd:3f:8d:18:1b:bc:c0:
7f:74:33:8c:1d:71:1a:b4:b9:3d:91:2e:9a:f0:96:
9a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:F2:93:16:7A:DA:70:44:AE:6C:01:44:46:62:6F:85:FE:63:D7:AF
X509v3 Authority Key Identifier:
keyid:98:E1:EC:BD:45:D7:87:9F:9B:C9:43:9F:4C:6C:2F:27:14:AD:36:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/mOHsvUXXh5-byUOfTGwvJxStNvU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mOHsvUXXh5-byUOfTGwvJxStNvU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/2E18370E5FC911EFA7A8DB87C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.96.0/23
IPv6:
2001:df7:c380::/48
Signature Algorithm: sha256WithRSAEncryption
4f:60:83:e0:da:d5:28:1e:32:03:87:c2:53:c4:86:13:c5:03:
7e:bd:2f:06:00:14:ab:2c:bd:f7:1d:13:69:c2:50:d6:29:13:
76:5c:23:fe:68:24:ec:0d:40:74:27:65:bb:44:73:6a:e0:64:
62:90:cd:77:92:6a:4f:5e:49:6d:4f:86:a4:74:43:06:fd:7c:
05:98:57:54:94:40:d7:01:47:f8:66:52:6e:1a:87:96:cd:31:
4f:83:f2:d9:11:65:56:67:1f:58:66:47:fa:a8:96:df:44:07:
91:05:19:ea:bc:96:ef:65:51:99:a5:d0:5a:76:7c:99:15:d7:
41:cd:36:12:0b:54:28:34:80:9d:aa:ff:5a:e7:4c:ef:09:1b:
60:28:e4:a4:c9:21:70:c3:80:a3:16:37:c5:fa:78:85:b7:38:
42:5a:fa:a5:4f:b1:ec:15:e1:09:be:1a:54:bf:d9:f9:e7:3f:
8f:b0:48:88:3c:2d:ed:b2:32:ae:8b:16:3e:fb:96:68:3a:cd:
3b:d6:73:70:40:d7:db:a3:6a:dd:88:f5:ad:a9:37:8b:be:c2:
ec:1a:3f:04:d3:05:37:94:0e:97:b6:29:74:21:f7:e3:dd:e4:
ea:a9:a9:11:d8:b5:3b:5b:4b:e5:16:fd:03:62:25:3d:cf:e0:
d4:25:da:4c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBFUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjIzQjkxMTAvBgNVBAUTKDk4RTFFQ0JENDVENzg3OUY5QkM5NDM5RjRDNkMyRjI3
MTRBRDM2RjUwHhcNMjQxMDAzMTMyMzU1WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZlOWFlYS1jN2FkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvnAFmdWXaXnRC3oLNAI9LmQuoabb06mqaaZKjPwobKwUkt3fYFoSuYUUdeE/
cHfyVq86BH/ujFkQApaJtMCizZ2cpzfTTir7pS3Ns6QVOalhB82f0P6XhlyRg8OU
dmFZGpOkoFgUolEZN/xAtgavEIgcNocqn11Uw0ECOaXvd1Z/lzyRWnc8kwVB8BjI
84K2js9/6qqQ761hrvqMkRajBA3bwIsX19Dpja9Sy+PTCTkJyPtrv3C6U5QFc4or
Ye+lphESR5CMwlOXiFHj52qxvYkl9oda4wBa7km0CvAeJRwDnxfijE4VGv0/jRgb
vMB/dDOMHXEatLk9kS6a8JaaPwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFPfykxZ6
2nBErmwBREZib4X+Y9evMB8GA1UdIwQYMBaAFJjh7L1F14efm8lDn0xsLycUrTb1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjNCOS83OENFQUNCQzJC
MzYxMUVDQUQ1OTVCN0NDNEY5QUUwMi9tT0hzdlVYWGg1LWJ5VU9mVEd3dkp4U3RO
dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21PSHN2VVhYaDUtYnlVT2ZUR3d2SnhTdE52VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjIzQjkvNzhDRUFDQkMyQjM2MTFFQ0FENTk1QjdDQzRGOUFFMDIvMkUxODM3MEU1
RkM5MTFFRkE3QThEQjg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnrmAwDwQCAAIwCQMHACABDffDgDANBgkqhkiG9w0BAQsF
AAOCAQEAT2CD4NrVKB4yA4fCU8SGE8UDfr0vBgAUqyy99x0TacJQ1ikTdlwj/mgk
7A1AdCdlu0RzauBkYpDNd5JqT15JbU+GpHRDBv18BZhXVJRA1wFH+GZSbhqHls0x
T4Py2RFlVmcfWGZH+qiW30QHkQUZ6ryW72VRmaXQWnZ8mRXXQc02EgtUKDSAnar/
WudM7wkbYCjkpMkhcMOAoxY3xfp4hbc4Qlr6pU+x7BXhCb4aVL/Z+ec/j7BIiDwt
7bIyrosWPvuWaDrNO9ZzcEDX26Nq3Yj1rak3i77C7Bo/BNMFN5QOl7YpdCH3493k
6qmpEdi1O1tL5Rb9A2IlPc/g1CXaTA==
-----END CERTIFICATE-----
Generated at Thu Oct 31 11:02:22 2024 by rpki-client on console-ams.rpki-client.org