Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91688D4/2F58E4722E5011ECA04B6C25C4F9AE02/014716782E5311EC9FD3C928C4F9AE02.roa
File: 014716782E5311EC9FD3C928C4F9AE02.roa (raw, json)
Hash identifier: vYX/mXqW7tRyk42X98q6fB7ee7kEQJjYwejvp7KCkiM=
Subject key identifier: F8:8B:8C:9F:9E:F0:E0:94:2F:34:54:DD:9D:A4:A5:D7:9E:F5:C7:1A
Certificate issuer: /CN=A91688D4/serialNumber=9C8AE3DC7B05B385396790CA7323D3A0906FED82
Certificate serial: 0376
Authority key identifier: 9C:8A:E3:DC:7B:05:B3:85:39:67:90:CA:73:23:D3:A0:90:6F:ED:82
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nIrj3HsFs4U5Z5DKcyPToJBv7YI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91688D4/2F58E4722E5011ECA04B6C25C4F9AE02/014716782E5311EC9FD3C928C4F9AE02.roa
Signing time: Sun 17 Sep 2023 01:22:49 +0000
ROA not before: Sun 17 Sep 2023 01:22:49 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 132729
IP address blocks: 103.73.220.0/24 maxlen: 24
103.73.221.0/24 maxlen: 24
103.73.222.0/24 maxlen: 24
103.73.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Oct 2024 10:45:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 886 (0x376)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91688D4/serialNumber=9C8AE3DC7B05B385396790CA7323D3A0906FED82
Validity
Not Before: Sep 17 01:22:49 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=650654e9-76f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:7a:a8:0d:c5:bb:4f:49:0e:cf:5a:14:35:7b:
34:93:e7:fe:50:60:be:6e:c2:32:c3:a5:8b:f9:bd:
ae:34:09:fe:38:8e:20:e9:ac:dc:5b:d4:ed:b1:a5:
d7:ce:31:9e:db:68:23:f2:b8:a6:c2:65:79:0d:da:
33:95:e1:3d:8e:10:ca:77:9f:4d:80:5d:75:22:6f:
eb:ca:fe:4f:8e:52:8c:2a:71:92:d7:21:63:70:6f:
1e:f5:6c:cc:28:ec:ad:0b:a6:5b:8d:a0:b7:43:da:
3b:d5:86:9a:31:02:3a:eb:68:5c:4d:98:bf:5d:cd:
b7:ab:13:ee:53:17:3a:b6:21:57:07:b7:82:45:12:
64:9f:60:83:de:30:c8:6b:e9:e6:5a:e5:eb:42:ce:
ef:b2:6a:94:e0:1d:6e:4a:e8:62:eb:ca:f4:87:d4:
4a:dd:b9:76:a9:81:24:75:73:b9:55:f5:b4:bc:58:
e1:6a:53:3a:51:72:27:85:6b:fa:e6:55:e1:2c:67:
ac:8e:97:db:c1:d5:00:cf:b7:31:2b:39:98:9d:4d:
84:bc:e9:ee:30:9f:bf:6a:28:59:9a:e2:15:d4:26:
d7:79:23:aa:9a:05:c0:85:e0:42:00:2d:53:0b:b0:
28:a3:33:83:a3:44:6d:23:ca:7d:00:6b:b1:3e:25:
41:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:8B:8C:9F:9E:F0:E0:94:2F:34:54:DD:9D:A4:A5:D7:9E:F5:C7:1A
X509v3 Authority Key Identifier:
keyid:9C:8A:E3:DC:7B:05:B3:85:39:67:90:CA:73:23:D3:A0:90:6F:ED:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91688D4/2F58E4722E5011ECA04B6C25C4F9AE02/nIrj3HsFs4U5Z5DKcyPToJBv7YI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nIrj3HsFs4U5Z5DKcyPToJBv7YI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91688D4/2F58E4722E5011ECA04B6C25C4F9AE02/014716782E5311EC9FD3C928C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.73.220.0/22
Signature Algorithm: sha256WithRSAEncryption
39:de:6b:dc:d6:9c:fd:33:d4:f0:ae:a0:5b:75:07:af:d3:a4:
a7:c7:3f:dc:a0:89:a7:f6:c4:fc:f2:70:97:fc:cc:ea:5f:f5:
73:e3:d9:1e:6e:41:6a:a8:1c:d2:bf:66:68:7d:e8:2e:90:e3:
9e:c0:26:55:b4:28:98:ec:3e:4b:7c:6c:48:d2:36:d9:b7:dd:
74:df:c2:ae:91:7c:be:38:69:5e:eb:4f:59:6d:aa:38:b5:c8:
7c:26:c8:b3:6d:68:3d:5d:b6:52:41:1a:be:af:d8:88:df:65:
fa:a8:fe:5b:05:f6:ef:29:53:47:08:7b:41:c9:2e:16:39:21:
4d:00:fa:b6:20:0c:a9:40:46:8e:d5:b0:0f:98:19:bd:ff:ab:
2b:bb:ad:2f:01:4d:8a:79:04:90:ca:4e:88:d1:11:12:90:1c:
a9:18:98:ef:c1:c9:3a:d8:cf:6c:25:3d:1f:52:b6:46:32:1b:
09:f8:49:26:01:49:61:83:20:c4:ac:5f:36:4c:7e:30:be:13:
da:dd:6e:b1:1a:49:dd:69:45:b9:4a:bb:ad:f4:be:5a:90:68:
65:45:a5:3c:97:3f:4c:6d:e6:61:07:7e:31:51:c6:bc:cf:95:
56:c9:ce:08:fb:7c:2b:e6:33:16:5d:8f:5a:55:97:68:35:5b:
63:b5:63:33
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA3YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njg4RDQxMTAvBgNVBAUTKDlDOEFFM0RDN0IwNUIzODUzOTY3OTBDQTczMjNEM0Ew
OTA2RkVEODIwHhcNMjMwOTE3MDEyMjQ5WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTA2NTRlOS03NmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm3qoDcW7T0kOz1oUNXs0k+f+UGC+bsIyw6WL+b2uNAn+OI4g6azcW9TtsaXX
zjGe22gj8rimwmV5DdozleE9jhDKd59NgF11Im/ryv5PjlKMKnGS1yFjcG8e9WzM
KOytC6ZbjaC3Q9o71YaaMQI662hcTZi/Xc23qxPuUxc6tiFXB7eCRRJkn2CD3jDI
a+nmWuXrQs7vsmqU4B1uSuhi68r0h9RK3bl2qYEkdXO5VfW0vFjhalM6UXInhWv6
5lXhLGesjpfbwdUAz7cxKzmYnU2EvOnuMJ+/aihZmuIV1CbXeSOqmgXAheBCAC1T
C7AoozODo0RtI8p9AGuxPiVB5wIDAQABo4IClTCCApEwHQYDVR0OBBYEFPiLjJ+e
8OCULzRU3Z2kpdee9ccaMB8GA1UdIwQYMBaAFJyK49x7BbOFOWeQynMj06CQb+2C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODhENC8yRjU4RTQ3MjJF
NTAxMUVDQTA0QjZDMjVDNEY5QUUwMi9uSXJqM0hzRnM0VTVaNURLY3lQVG9KQnY3
WUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25JcmozSHNGczRVNVo1REtjeVBUb0pCdjdZSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njg4RDQvMkY1OEU0NzIyRTUwMTFFQ0EwNEI2QzI1QzRGOUFFMDIvMDE0NzE2Nzgy
RTUzMTFFQzlGRDNDOTI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnSdwwDQYJKoZIhvcNAQELBQADggEBADnea9zWnP0z1PCu
oFt1B6/TpKfHP9ygiaf2xPzycJf8zOpf9XPj2R5uQWqoHNK/Zmh96C6Q457AJlW0
KJjsPkt8bEjSNtm33XTfwq6RfL44aV7rT1ltqji1yHwmyLNtaD1dtlJBGr6v2Ijf
Zfqo/lsF9u8pU0cIe0HJLhY5IU0A+rYgDKlARo7VsA+YGb3/qyu7rS8BTYp5BJDK
TojRERKQHKkYmO/ByTrYz2wlPR9StkYyGwn4SSYBSWGDIMSsXzZMfjC+E9rdbrEa
Sd1pRblKu630vlqQaGVFpTyXP0xt5mEHfjFRxrzPlVbJzgj7fCvmMxZdj1pVl2g1
W2O1YzM=
-----END CERTIFICATE-----
Generated at Tue Oct 1 14:39:05 2024 by rpki-client on console-ams.rpki-client.org