Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/8A5589F6976211EFADBCBC09C4F9AE02.roa
File: 8A5589F6976211EFADBCBC09C4F9AE02.roa (raw, json)
Hash identifier: xceWwG3pzNbXd2EE1pTolyBvqvdbCsHpBWXeIz0sEjM=
Subject key identifier: 91:F8:3F:74:5B:25:28:19:B7:B4:BF:79:A9:D9:47:A0:8A:2E:01:8C
Certificate issuer: /CN=A91623B9/serialNumber=98E1ECBD45D7879F9BC9439F4C6C2F2714AD36F5
Certificate serial: 046B
Authority key identifier: 98:E1:EC:BD:45:D7:87:9F:9B:C9:43:9F:4C:6C:2F:27:14:AD:36:F5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mOHsvUXXh5-byUOfTGwvJxStNvU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/8A5589F6976211EFADBCBC09C4F9AE02.roa
Signing time: Thu 31 Oct 2024 08:31:35 +0000
ROA not before: Thu 31 Oct 2024 08:31:35 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 9232
IP address blocks: 103.174.96.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 11 Nov 2024 15:33:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1131 (0x46b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91623B9/serialNumber=98E1ECBD45D7879F9BC9439F4C6C2F2714AD36F5
Validity
Not Before: Oct 31 08:31:35 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=67234067-0457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:96:45:69:ad:6a:fd:82:20:82:e1:0b:11:f2:
75:c0:43:89:d0:dc:e0:1f:60:b5:56:14:97:27:10:
fe:73:8d:a2:09:1a:7d:df:15:c3:f4:b7:54:d0:df:
cd:3e:6d:30:b8:8f:ee:24:83:3b:b3:d0:b3:6c:c7:
fc:b1:d0:02:53:cc:43:16:8f:6a:df:8c:96:15:bc:
62:e3:33:1e:93:8e:4c:24:9e:d5:ec:1b:9b:5a:dc:
03:33:42:72:71:4a:d4:cc:d6:fa:82:e7:a7:d9:75:
75:2d:aa:56:2d:62:67:fb:8f:a4:91:38:ce:b6:c6:
dd:61:75:b2:af:7a:1a:fb:8b:80:29:08:a7:74:1d:
fc:d3:0c:5e:41:e9:98:2b:eb:96:7c:be:e8:28:b3:
80:fc:0e:98:b9:37:98:7a:ac:45:ef:71:a5:92:7a:
2b:5b:f5:81:77:69:3d:aa:74:e2:a8:ff:91:69:bd:
af:41:d5:02:70:5f:42:f0:94:74:34:bf:04:54:bb:
40:d1:ed:25:e1:5c:ac:da:09:f2:f8:f6:d8:8b:e6:
2a:00:4c:88:f0:3d:0e:55:c0:b9:1f:1f:39:fc:c7:
16:a8:09:89:d8:b5:e6:f3:b9:63:eb:e2:1c:cd:f3:
d6:2f:65:fa:c8:4d:0c:6c:e5:1f:8b:f5:73:88:6d:
e2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F8:3F:74:5B:25:28:19:B7:B4:BF:79:A9:D9:47:A0:8A:2E:01:8C
X509v3 Authority Key Identifier:
keyid:98:E1:EC:BD:45:D7:87:9F:9B:C9:43:9F:4C:6C:2F:27:14:AD:36:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/mOHsvUXXh5-byUOfTGwvJxStNvU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mOHsvUXXh5-byUOfTGwvJxStNvU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/8A5589F6976211EFADBCBC09C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.96.0/23
Signature Algorithm: sha256WithRSAEncryption
49:05:a6:50:74:bf:df:bb:7e:bf:9a:e2:37:30:da:67:d6:9e:
2e:f1:66:b8:8b:71:5e:4e:0c:f5:07:6c:2f:38:87:82:52:c9:
fb:25:cd:f1:4a:08:43:85:8d:60:9f:96:42:62:6c:9e:ca:f5:
45:89:4f:47:77:ef:7a:4d:3e:5c:64:02:47:c9:2a:0b:b8:25:
03:ca:2f:9a:e8:36:bc:08:f2:fc:07:fa:c4:e1:60:c5:be:3a:
f2:90:10:f6:b8:f8:1a:1b:d2:e4:c1:f0:b7:16:54:ea:5a:7a:
18:01:49:93:1b:ef:6f:ab:2f:f3:47:03:c3:9f:ad:50:71:18:
15:26:77:7c:59:0d:dd:95:4f:de:bb:ce:d6:87:ca:6b:16:f4:
c6:1a:6b:2d:2b:4f:36:de:8d:83:cf:ad:a9:c5:ce:9a:97:90:
6a:23:61:fd:c2:87:f0:45:f8:c7:d4:99:b4:a8:30:27:88:8c:
1f:5b:f5:46:16:36:6c:d4:de:c1:3c:76:c9:1a:86:29:f2:d3:
42:9a:f7:85:07:37:b0:9d:cd:cb:dd:eb:ab:e9:35:98:eb:9b:
1b:70:b6:53:8c:b0:e3:28:08:61:a5:5a:2a:fe:01:3c:33:fb:
12:51:50:63:e1:37:ce:d0:da:8a:87:9e:c7:c0:be:27:b0:6c:
e6:78:fe:23
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBGswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjIzQjkxMTAvBgNVBAUTKDk4RTFFQ0JENDVENzg3OUY5QkM5NDM5RjRDNkMyRjI3
MTRBRDM2RjUwHhcNMjQxMDMxMDgzMTM1WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzIzNDA2Ny0wNDU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2JZFaa1q/YIgguELEfJ1wEOJ0NzgH2C1VhSXJxD+c42iCRp93xXD9LdU0N/N
Pm0wuI/uJIM7s9CzbMf8sdACU8xDFo9q34yWFbxi4zMek45MJJ7V7BubWtwDM0Jy
cUrUzNb6guen2XV1LapWLWJn+4+kkTjOtsbdYXWyr3oa+4uAKQindB380wxeQemY
K+uWfL7oKLOA/A6YuTeYeqxF73GlknorW/WBd2k9qnTiqP+Rab2vQdUCcF9C8JR0
NL8EVLtA0e0l4Vys2gny+PbYi+YqAEyI8D0OVcC5Hx85/McWqAmJ2LXm87lj6+Ic
zfPWL2X6yE0MbOUfi/VziG3ilwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJH4P3Rb
JSgZt7S/eanZR6CKLgGMMB8GA1UdIwQYMBaAFJjh7L1F14efm8lDn0xsLycUrTb1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjNCOS83OENFQUNCQzJC
MzYxMUVDQUQ1OTVCN0NDNEY5QUUwMi9tT0hzdlVYWGg1LWJ5VU9mVEd3dkp4U3RO
dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21PSHN2VVhYaDUtYnlVT2ZUR3d2SnhTdE52VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjIzQjkvNzhDRUFDQkMyQjM2MTFFQ0FENTk1QjdDQzRGOUFFMDIvOEE1NTg5RjY5
NzYyMTFFRkFEQkNCQzA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnrmAwDQYJKoZIhvcNAQELBQADggEBAEkFplB0v9+7fr+a
4jcw2mfWni7xZriLcV5ODPUHbC84h4JSyfslzfFKCEOFjWCflkJibJ7K9UWJT0d3
73pNPlxkAkfJKgu4JQPKL5roNrwI8vwH+sThYMW+OvKQEPa4+Bob0uTB8LcWVOpa
ehgBSZMb72+rL/NHA8OfrVBxGBUmd3xZDd2VT967ztaHymsW9MYaay0rTzbejYPP
ranFzpqXkGojYf3Ch/BF+MfUmbSoMCeIjB9b9UYWNmzU3sE8dskahiny00Ka94UH
N7Cdzcvd66vpNZjrmxtwtlOMsOMoCGGlWir+ATwz+xJRUGPhN87Q2oqHnsfAview
bOZ4/iM=
-----END CERTIFICATE-----
Generated at Mon Nov 11 19:06:54 2024 by rpki-client on console-ams.rpki-client.org