Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91688D4/2F58E4722E5011ECA04B6C25C4F9AE02/3C8E86C68A3F11EFA631EE3BC4F9AE02.roa
File: 3C8E86C68A3F11EFA631EE3BC4F9AE02.roa (raw, json)
Hash identifier: Z+FpwMBkcn19rGWXz/8ZWMzROk6FFIUPNJ3vFsWvPUc=
Subject key identifier: 9A:8C:92:E4:43:A9:54:3E:11:D1:CD:D2:EF:8F:0F:0C:6F:EF:E3:FF
Certificate issuer: /CN=A91688D4/serialNumber=9C8AE3DC7B05B385396790CA7323D3A0906FED82
Certificate serial: 044B
Authority key identifier: 9C:8A:E3:DC:7B:05:B3:85:39:67:90:CA:73:23:D3:A0:90:6F:ED:82
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nIrj3HsFs4U5Z5DKcyPToJBv7YI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91688D4/2F58E4722E5011ECA04B6C25C4F9AE02/3C8E86C68A3F11EFA631EE3BC4F9AE02.roa
Signing time: Mon 14 Oct 2024 15:16:08 +0000
ROA not before: Mon 14 Oct 2024 15:16:08 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 834
IP address blocks: 103.73.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Oct 2024 08:40:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1099 (0x44b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91688D4/serialNumber=9C8AE3DC7B05B385396790CA7323D3A0906FED82
Validity
Not Before: Oct 14 15:16:08 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=670d35b7-06d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:44:f2:47:12:5a:ca:2f:38:85:55:44:4b:c2:
f6:95:34:5d:cc:4c:f3:4a:b2:56:5b:9d:05:72:b6:
42:9c:e0:fe:b5:3f:1a:df:d1:a8:fc:76:51:6d:d7:
fd:8d:42:0a:18:e6:4a:fc:f4:49:41:89:6b:1f:f6:
c3:d7:3a:88:5c:3c:94:4f:36:f9:d9:a1:b6:73:ee:
b9:09:e5:81:a0:38:6d:c6:30:91:af:a4:b7:cb:3f:
81:ff:c5:b3:7b:62:5b:76:c0:a9:00:29:4f:76:66:
f2:ef:db:e6:27:35:c1:60:1b:6d:19:93:ef:0d:0a:
85:29:9c:2c:7c:9e:31:86:e5:e6:40:ff:a6:7c:ac:
97:c8:04:58:0e:d6:ca:05:b5:61:0f:f5:ef:e8:2f:
31:b7:db:a1:20:e8:f3:d9:49:c1:d4:e4:b2:9c:28:
c9:9a:a3:8c:87:e4:20:e1:c5:b5:eb:27:87:f6:57:
ef:d7:ef:2d:d0:bd:77:ff:c7:25:83:a0:c1:1f:ae:
85:90:1f:73:ed:ef:e8:9a:ea:a4:55:f4:e2:48:0b:
bd:3c:ca:c0:82:8c:2a:8e:04:c3:cb:83:5d:5e:f5:
60:ed:59:56:a7:47:9c:db:ab:7d:48:40:4b:9e:21:
92:1f:08:ed:1c:e8:42:61:70:42:3d:85:10:76:a3:
93:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:8C:92:E4:43:A9:54:3E:11:D1:CD:D2:EF:8F:0F:0C:6F:EF:E3:FF
X509v3 Authority Key Identifier:
keyid:9C:8A:E3:DC:7B:05:B3:85:39:67:90:CA:73:23:D3:A0:90:6F:ED:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91688D4/2F58E4722E5011ECA04B6C25C4F9AE02/nIrj3HsFs4U5Z5DKcyPToJBv7YI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nIrj3HsFs4U5Z5DKcyPToJBv7YI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91688D4/2F58E4722E5011ECA04B6C25C4F9AE02/3C8E86C68A3F11EFA631EE3BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.73.223.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:5b:0a:f3:40:c5:87:90:38:fe:28:ba:e0:e0:96:b7:63:c8:
a2:e0:11:8a:04:0a:0a:a5:6b:a6:68:18:ee:ed:79:9d:ac:37:
29:2c:fb:fc:6b:91:cb:1d:91:f3:ed:a9:39:7e:11:42:18:6e:
31:f1:c4:f1:70:79:56:88:db:6b:16:e4:cd:cc:a1:46:7d:2d:
89:c3:ac:6b:d6:e4:9b:34:0c:d4:e7:a5:13:f2:9e:c9:9c:35:
78:e6:71:0a:b9:c4:87:d9:36:c2:73:2f:5d:a2:c9:57:1e:3a:
1a:3e:1f:52:7c:07:49:05:db:47:fc:62:14:a1:98:cd:f7:f6:
07:77:b5:10:8c:e5:64:e9:a0:48:f5:ed:01:70:7d:32:a0:e1:
d5:88:74:16:83:5c:07:3c:52:eb:47:d7:d8:29:9f:e0:4c:38:
1f:38:8f:02:3a:8c:5b:94:23:d1:a5:83:9e:e0:a6:55:73:1a:
a2:8c:c3:2d:03:89:00:97:e8:26:8f:88:d2:3b:1b:cb:51:75:
0b:ed:a1:68:3f:75:1c:50:59:d9:df:61:71:ef:73:03:19:47:
cb:f6:88:97:28:da:b1:d7:c9:c3:2d:a4:2c:d7:97:ac:16:c7:
a9:95:a7:83:a6:4f:96:03:4b:bf:2c:d2:fe:a2:a5:80:55:05:
f1:00:8a:87
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBEswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njg4RDQxMTAvBgNVBAUTKDlDOEFFM0RDN0IwNUIzODUzOTY3OTBDQTczMjNEM0Ew
OTA2RkVEODIwHhcNMjQxMDE0MTUxNjA4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzBkMzViNy0wNmQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoETyRxJayi84hVVES8L2lTRdzEzzSrJWW50FcrZCnOD+tT8a39Go/HZRbdf9
jUIKGOZK/PRJQYlrH/bD1zqIXDyUTzb52aG2c+65CeWBoDhtxjCRr6S3yz+B/8Wz
e2JbdsCpAClPdmby79vmJzXBYBttGZPvDQqFKZwsfJ4xhuXmQP+mfKyXyARYDtbK
BbVhD/Xv6C8xt9uhIOjz2UnB1OSynCjJmqOMh+Qg4cW16yeH9lfv1+8t0L13/8cl
g6DBH66FkB9z7e/omuqkVfTiSAu9PMrAgowqjgTDy4NdXvVg7VlWp0ec26t9SEBL
niGSHwjtHOhCYXBCPYUQdqOTrwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJqMkuRD
qVQ+EdHN0u+PDwxv7+P/MB8GA1UdIwQYMBaAFJyK49x7BbOFOWeQynMj06CQb+2C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODhENC8yRjU4RTQ3MjJF
NTAxMUVDQTA0QjZDMjVDNEY5QUUwMi9uSXJqM0hzRnM0VTVaNURLY3lQVG9KQnY3
WUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25JcmozSHNGczRVNVo1REtjeVBUb0pCdjdZSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njg4RDQvMkY1OEU0NzIyRTUwMTFFQ0EwNEI2QzI1QzRGOUFFMDIvM0M4RTg2QzY4
QTNGMTFFRkE2MzFFRTNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnSd8wDQYJKoZIhvcNAQELBQADggEBAC9bCvNAxYeQOP4o
uuDglrdjyKLgEYoECgqla6ZoGO7teZ2sNyks+/xrkcsdkfPtqTl+EUIYbjHxxPFw
eVaI22sW5M3MoUZ9LYnDrGvW5Js0DNTnpRPynsmcNXjmcQq5xIfZNsJzL12iyVce
Oho+H1J8B0kF20f8YhShmM339gd3tRCM5WTpoEj17QFwfTKg4dWIdBaDXAc8UutH
19gpn+BMOB84jwI6jFuUI9Glg57gplVzGqKMwy0DiQCX6CaPiNI7G8tRdQvtoWg/
dRxQWdnfYXHvcwMZR8v2iJco2rHXycMtpCzXl6wWx6mVp4OmT5YDS78s0v6ipYBV
BfEAioc=
-----END CERTIFICATE-----
Generated at Wed Oct 23 10:37:17 2024 by rpki-client on console-ams.rpki-client.org