Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/48110772C3FC11ED8526FC28C4F9AE02.roa
File: 48110772C3FC11ED8526FC28C4F9AE02.roa (raw, json)
Hash identifier: lrpXKi3mGPsB79UaD5dfLuX8qjMPpmHFOMrl0dP1nAI=
Subject key identifier: CA:A3:50:F0:7F:41:40:5F:CD:17:F1:33:E7:FA:5B:83:E4:EC:A0:CB
Certificate issuer: /CN=A91623B9/serialNumber=98E1ECBD45D7879F9BC9439F4C6C2F2714AD36F5
Certificate serial: 03FF
Authority key identifier: 98:E1:EC:BD:45:D7:87:9F:9B:C9:43:9F:4C:6C:2F:27:14:AD:36:F5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mOHsvUXXh5-byUOfTGwvJxStNvU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/48110772C3FC11ED8526FC28C4F9AE02.roa
Signing time: Sun 05 May 2024 13:42:20 +0000
ROA not before: Sun 05 May 2024 13:42:20 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 139660
IP address blocks: 103.174.96.0/24 maxlen: 24
103.174.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Aug 2024 14:25:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1023 (0x3ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91623B9/serialNumber=98E1ECBD45D7879F9BC9439F4C6C2F2714AD36F5
Validity
Not Before: May 5 13:42:20 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66378cbb-9c9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:eb:fd:ef:51:c5:d0:53:dc:cd:42:d4:c2:8a:
5f:5a:5b:23:6e:b2:35:9b:19:03:08:30:97:d7:0d:
6d:63:74:7a:07:66:10:86:92:5b:fe:9d:1d:1f:2d:
07:25:0b:a0:f9:3e:8a:2f:ed:eb:3d:31:1c:c4:58:
be:84:62:c2:00:59:18:af:49:a5:63:6f:94:4b:eb:
c5:d4:8f:e1:a2:df:e7:dc:0c:a1:f6:fd:98:42:18:
3a:05:1d:ce:e5:4f:7a:e9:ef:91:0a:de:0c:1a:c8:
55:74:7e:86:dd:63:a2:a2:8f:1b:0a:c2:b0:54:47:
39:97:bd:68:65:a6:ad:a1:b9:27:13:06:c3:ba:a7:
39:b6:25:4c:9b:26:a6:59:ab:0d:7d:80:c6:03:c0:
50:1f:5d:8a:e7:2e:3f:dd:f5:b0:46:9e:5f:11:4d:
a1:a9:b4:bf:83:5e:e5:46:67:72:32:f2:32:62:e5:
98:e6:1f:86:19:c7:c9:ae:1e:8a:d0:23:ff:14:1b:
fc:ac:a9:0f:9f:49:d9:b4:10:1e:6c:f9:31:14:6a:
d3:ec:80:f1:47:82:c6:e6:96:0b:07:a6:73:ca:ec:
e9:44:11:1e:c9:7f:37:af:14:24:0b:b8:74:e6:a8:
85:f5:8e:da:07:3c:cc:75:64:f2:52:23:15:70:66:
24:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:A3:50:F0:7F:41:40:5F:CD:17:F1:33:E7:FA:5B:83:E4:EC:A0:CB
X509v3 Authority Key Identifier:
keyid:98:E1:EC:BD:45:D7:87:9F:9B:C9:43:9F:4C:6C:2F:27:14:AD:36:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/mOHsvUXXh5-byUOfTGwvJxStNvU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mOHsvUXXh5-byUOfTGwvJxStNvU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/48110772C3FC11ED8526FC28C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.96.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:9c:4b:a4:11:00:0e:75:00:eb:35:f1:d7:1e:b5:34:79:f2:
b7:74:46:38:1b:95:8e:fb:b4:ea:e6:7c:c2:c6:01:fd:91:f8:
52:cc:74:6a:4f:5c:8f:3e:3e:f3:b9:7c:10:83:dc:c2:b7:ba:
37:a3:eb:61:8f:1a:20:b4:4e:7e:a5:4e:66:b7:e8:32:9d:64:
da:60:3b:4b:30:55:9b:32:19:3d:f6:f7:4f:43:ae:37:f7:e0:
c1:51:62:dd:e6:ea:f3:50:ae:c4:ff:a6:ca:10:b3:be:f6:2a:
e0:70:dd:1c:4c:f9:73:71:79:cf:77:10:ce:bc:be:1a:d7:5b:
c9:cd:dc:78:cf:a6:15:65:2f:a5:9e:82:b2:69:0c:8d:b0:9c:
53:cc:78:b7:c3:22:56:c6:e6:6e:2b:e4:fe:c6:c7:39:1d:18:
bb:ca:e0:9e:c9:b8:12:ee:c6:d0:d6:4e:b9:db:09:26:ee:81:
5e:3e:78:2c:ec:9a:6f:c6:6b:8e:b9:b9:7d:8b:24:a4:35:2d:
2f:af:17:fd:26:3a:a9:e8:df:b1:00:89:63:7d:cb:e1:2d:ca:
ff:e3:28:91:42:28:e4:fd:16:3f:b1:8c:55:20:a5:9f:25:5f:
e7:87:78:3a:4b:d1:80:f4:35:2f:08:5c:29:63:cb:f4:35:0e:
77:57:34:1c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA/8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjIzQjkxMTAvBgNVBAUTKDk4RTFFQ0JENDVENzg3OUY5QkM5NDM5RjRDNkMyRjI3
MTRBRDM2RjUwHhcNMjQwNTA1MTM0MjIwWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM3OGNiYi05YzlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3uv971HF0FPczULUwopfWlsjbrI1mxkDCDCX1w1tY3R6B2YQhpJb/p0dHy0H
JQug+T6KL+3rPTEcxFi+hGLCAFkYr0mlY2+US+vF1I/hot/n3Ayh9v2YQhg6BR3O
5U966e+RCt4MGshVdH6G3WOioo8bCsKwVEc5l71oZaatobknEwbDuqc5tiVMmyam
WasNfYDGA8BQH12K5y4/3fWwRp5fEU2hqbS/g17lRmdyMvIyYuWY5h+GGcfJrh6K
0CP/FBv8rKkPn0nZtBAebPkxFGrT7IDxR4LG5pYLB6ZzyuzpRBEeyX83rxQkC7h0
5qiF9Y7aBzzMdWTyUiMVcGYkCwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMqjUPB/
QUBfzRfxM+f6W4Pk7KDLMB8GA1UdIwQYMBaAFJjh7L1F14efm8lDn0xsLycUrTb1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjNCOS83OENFQUNCQzJC
MzYxMUVDQUQ1OTVCN0NDNEY5QUUwMi9tT0hzdlVYWGg1LWJ5VU9mVEd3dkp4U3RO
dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21PSHN2VVhYaDUtYnlVT2ZUR3d2SnhTdE52VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjIzQjkvNzhDRUFDQkMyQjM2MTFFQ0FENTk1QjdDQzRGOUFFMDIvNDgxMTA3NzJD
M0ZDMTFFRDg1MjZGQzI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnrmAwDQYJKoZIhvcNAQELBQADggEBADqcS6QRAA51AOs1
8dcetTR58rd0RjgblY77tOrmfMLGAf2R+FLMdGpPXI8+PvO5fBCD3MK3ujej62GP
GiC0Tn6lTma36DKdZNpgO0swVZsyGT32909Drjf34MFRYt3m6vNQrsT/psoQs772
KuBw3RxM+XNxec93EM68vhrXW8nN3HjPphVlL6WegrJpDI2wnFPMeLfDIlbG5m4r
5P7GxzkdGLvK4J7JuBLuxtDWTrnbCSbugV4+eCzsmm/Ga465uX2LJKQ1LS+vF/0m
Oqno37EAiWN9y+Etyv/jKJFCKOT9Fj+xjFUgpZ8lX+eHeDpL0YD0NS8IXCljy/Q1
DndXNBw=
-----END CERTIFICATE-----
Generated at Wed Aug 21 19:41:06 2024 by rpki-client on console-fra.rpki-client.org