Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/9FA2CF44976211EF9400460AC4F9AE02.roa
File: 9FA2CF44976211EF9400460AC4F9AE02.roa (raw, json)
Hash identifier: U0rkCLtiNpVRMOl8JtPBbySQHbBZc/Ikyrdz+TjkZC4=
Subject key identifier: D1:5D:DA:B3:2F:16:FA:29:62:36:B8:F6:73:1B:69:70:2B:61:85:21
Certificate issuer: /CN=A91623B9/serialNumber=98E1ECBD45D7879F9BC9439F4C6C2F2714AD36F5
Certificate serial: 046D
Authority key identifier: 98:E1:EC:BD:45:D7:87:9F:9B:C9:43:9F:4C:6C:2F:27:14:AD:36:F5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mOHsvUXXh5-byUOfTGwvJxStNvU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/9FA2CF44976211EF9400460AC4F9AE02.roa
Signing time: Thu 31 Oct 2024 08:32:11 +0000
ROA not before: Thu 31 Oct 2024 08:32:11 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 400342
IP address blocks: 103.174.96.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 11 Nov 2024 15:34:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1133 (0x46d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91623B9/serialNumber=98E1ECBD45D7879F9BC9439F4C6C2F2714AD36F5
Validity
Not Before: Oct 31 08:32:11 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6723408b-db2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5d:8c:ec:d1:bb:c5:31:26:df:1f:ba:26:c7:
b6:11:29:2c:77:b1:b0:9d:ed:3b:2f:c8:00:7f:77:
4f:79:01:92:0b:7f:6d:3c:a1:2e:3c:dc:0b:6a:98:
be:aa:8a:f3:13:86:62:05:21:e6:6d:e3:56:24:47:
e2:0b:2a:a9:3d:e2:2e:c4:cb:ec:36:74:03:42:d2:
17:4a:70:e7:78:79:65:ed:67:01:f3:95:0f:be:70:
de:13:5d:57:db:27:0f:0d:8b:ce:8d:1a:ee:79:3b:
a8:63:a2:87:38:37:53:9b:5a:32:17:8a:80:4c:8f:
82:ae:e9:81:fc:f7:ff:91:26:c9:c7:b4:d3:9f:68:
a3:cc:05:d4:3d:c7:1d:cd:84:a1:81:48:a0:a6:7f:
13:2b:dd:ff:19:af:bb:ba:a5:94:2f:02:12:cf:f4:
22:ba:00:f7:ea:df:6f:77:f1:5e:ae:0d:b6:59:d1:
7d:f6:45:b5:46:be:73:e2:9f:f6:96:cb:1a:71:76:
50:3f:55:aa:29:1f:6e:17:e8:3d:d8:70:33:18:50:
96:2e:59:39:48:f1:d3:df:5e:a6:e6:dc:82:30:a8:
30:81:27:01:6c:ac:36:a2:57:ec:08:a3:ee:ab:4f:
2c:77:8d:2e:72:40:7d:86:e7:d1:0b:0d:9d:b0:de:
f1:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:5D:DA:B3:2F:16:FA:29:62:36:B8:F6:73:1B:69:70:2B:61:85:21
X509v3 Authority Key Identifier:
keyid:98:E1:EC:BD:45:D7:87:9F:9B:C9:43:9F:4C:6C:2F:27:14:AD:36:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/mOHsvUXXh5-byUOfTGwvJxStNvU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mOHsvUXXh5-byUOfTGwvJxStNvU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/9FA2CF44976211EF9400460AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.96.0/23
Signature Algorithm: sha256WithRSAEncryption
48:c8:41:55:af:4b:13:f5:a1:b6:06:e6:8e:4b:76:14:99:c6:
06:d2:5a:f5:7a:af:32:5f:9e:b4:f0:5d:b2:ac:a6:31:05:50:
e3:68:4c:9a:5a:f4:c4:43:e0:4e:a1:7a:85:00:ad:8e:45:25:
f5:c8:ba:e4:8c:7c:75:c2:ee:ec:51:3d:35:66:91:7a:9c:be:
94:6e:7c:ab:72:8c:81:b6:66:5d:89:eb:ba:b3:85:71:39:a6:
2b:78:23:b6:8d:84:fe:f6:f8:0e:7c:97:44:e7:61:17:15:56:
f6:cf:9b:6f:1a:15:e3:83:ab:d6:cb:3f:b5:c2:06:32:ad:75:
2b:ad:0a:4c:df:b0:ae:91:85:e8:17:0f:80:67:36:f6:0b:67:
25:21:72:f0:42:58:79:83:2c:43:5c:51:8e:f0:d0:b3:b4:69:
a3:88:8d:7c:25:24:a0:ff:c5:2d:56:d6:76:ff:60:47:95:4e:
e5:24:b2:f4:5e:38:04:c0:49:ef:57:87:52:c5:86:de:51:f7:
22:a7:0d:d6:23:32:e1:2d:b8:3b:87:22:f1:73:6b:17:d2:00:
79:36:40:b7:0c:a0:a6:81:1a:5f:98:96:bc:0e:1a:c6:45:e5:
bd:fb:4d:dd:1d:7b:e0:4e:7a:08:aa:49:8f:49:bb:e0:e1:82:
19:7a:02:35
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBG0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjIzQjkxMTAvBgNVBAUTKDk4RTFFQ0JENDVENzg3OUY5QkM5NDM5RjRDNkMyRjI3
MTRBRDM2RjUwHhcNMjQxMDMxMDgzMjExWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzIzNDA4Yi1kYjJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu12M7NG7xTEm3x+6Jse2ESksd7Gwne07L8gAf3dPeQGSC39tPKEuPNwLapi+
qorzE4ZiBSHmbeNWJEfiCyqpPeIuxMvsNnQDQtIXSnDneHll7WcB85UPvnDeE11X
2ycPDYvOjRrueTuoY6KHODdTm1oyF4qATI+CrumB/Pf/kSbJx7TTn2ijzAXUPccd
zYShgUigpn8TK93/Ga+7uqWULwISz/QiugD36t9vd/Ferg22WdF99kW1Rr5z4p/2
lssacXZQP1WqKR9uF+g92HAzGFCWLlk5SPHT316m5tyCMKgwgScBbKw2olfsCKPu
q08sd40uckB9hufRCw2dsN7xwwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNFd2rMv
FvopYja49nMbaXArYYUhMB8GA1UdIwQYMBaAFJjh7L1F14efm8lDn0xsLycUrTb1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjNCOS83OENFQUNCQzJC
MzYxMUVDQUQ1OTVCN0NDNEY5QUUwMi9tT0hzdlVYWGg1LWJ5VU9mVEd3dkp4U3RO
dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21PSHN2VVhYaDUtYnlVT2ZUR3d2SnhTdE52VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjIzQjkvNzhDRUFDQkMyQjM2MTFFQ0FENTk1QjdDQzRGOUFFMDIvOUZBMkNGNDQ5
NzYyMTFFRjk0MDA0NjBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnrmAwDQYJKoZIhvcNAQELBQADggEBAEjIQVWvSxP1obYG
5o5LdhSZxgbSWvV6rzJfnrTwXbKspjEFUONoTJpa9MRD4E6heoUArY5FJfXIuuSM
fHXC7uxRPTVmkXqcvpRufKtyjIG2Zl2J67qzhXE5pit4I7aNhP72+A58l0TnYRcV
VvbPm28aFeODq9bLP7XCBjKtdSutCkzfsK6RhegXD4BnNvYLZyUhcvBCWHmDLENc
UY7w0LO0aaOIjXwlJKD/xS1W1nb/YEeVTuUksvReOATASe9Xh1LFht5R9yKnDdYj
MuEtuDuHIvFzaxfSAHk2QLcMoKaBGl+YlrwOGsZF5b37Td0de+BOegiqSY9Ju+Dh
ghl6AjU=
-----END CERTIFICATE-----
Generated at Mon Nov 11 19:06:54 2024 by rpki-client on console-ams.rpki-client.org