Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91688D4/2F58E4722E5011ECA04B6C25C4F9AE02/A6D6AAEA911A11EFB21FE25DC4F9AE02.roa
File: A6D6AAEA911A11EFB21FE25DC4F9AE02.roa (raw, json)
Hash identifier: 8vNVfjTvduqk9qlJVQU1W7LxanfIW5yXVHiw7O4Xwb0=
Subject key identifier: 4C:D7:34:A2:97:35:5B:15:75:93:3D:F5:C1:02:0D:ED:6F:98:D8:9D
Certificate issuer: /CN=A91688D4/serialNumber=9C8AE3DC7B05B385396790CA7323D3A0906FED82
Certificate serial: 0455
Authority key identifier: 9C:8A:E3:DC:7B:05:B3:85:39:67:90:CA:73:23:D3:A0:90:6F:ED:82
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nIrj3HsFs4U5Z5DKcyPToJBv7YI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91688D4/2F58E4722E5011ECA04B6C25C4F9AE02/A6D6AAEA911A11EFB21FE25DC4F9AE02.roa
Signing time: Wed 23 Oct 2024 08:41:53 +0000
ROA not before: Wed 23 Oct 2024 08:41:53 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 834
IP address blocks: 103.73.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 27 Oct 2024 01:27:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1109 (0x455)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91688D4/serialNumber=9C8AE3DC7B05B385396790CA7323D3A0906FED82
Validity
Not Before: Oct 23 08:41:53 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=6718b6d0-9aa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:9e:bf:6a:4e:67:dc:19:23:58:5f:d0:ff:a5:
5d:f2:48:90:cf:ef:bd:a6:b0:74:68:e1:de:8d:ea:
53:22:a9:12:8a:40:36:d0:5a:1e:f7:32:a9:af:54:
ef:8a:e7:41:23:bc:e4:ac:ca:17:43:ed:61:f9:b3:
de:2d:0c:e3:79:91:73:3c:4b:5b:d4:80:a6:94:b6:
bc:ff:19:a8:ec:76:b5:e2:f3:65:6d:73:e7:bf:f3:
f0:66:b5:14:cb:90:fd:bf:24:0d:25:86:7b:d5:a5:
db:c5:e8:c2:c9:ab:ea:5f:99:08:73:3c:e6:15:67:
e7:cf:5a:8b:b1:5b:bb:85:dc:25:bc:ba:7a:71:43:
40:e2:28:3b:2b:f3:f8:9c:f7:3b:68:5b:c3:be:52:
9e:91:2a:38:6b:f3:68:30:5a:cd:3e:a1:35:88:07:
53:af:fe:78:94:30:fe:9c:7c:c5:ed:12:df:b1:30:
a6:3e:aa:4a:14:2d:7d:47:6a:3b:9d:f8:36:85:28:
2d:0f:8a:15:0d:27:97:55:b1:a7:c6:08:2f:19:65:
72:b6:ae:a8:a7:c9:00:7d:05:e0:d3:7a:15:99:e0:
74:4d:3b:f0:08:98:c3:12:11:85:ac:24:db:53:1d:
f6:f2:ae:be:e1:db:fd:6c:4f:20:73:7a:e7:61:06:
c5:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D7:34:A2:97:35:5B:15:75:93:3D:F5:C1:02:0D:ED:6F:98:D8:9D
X509v3 Authority Key Identifier:
keyid:9C:8A:E3:DC:7B:05:B3:85:39:67:90:CA:73:23:D3:A0:90:6F:ED:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91688D4/2F58E4722E5011ECA04B6C25C4F9AE02/nIrj3HsFs4U5Z5DKcyPToJBv7YI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nIrj3HsFs4U5Z5DKcyPToJBv7YI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91688D4/2F58E4722E5011ECA04B6C25C4F9AE02/A6D6AAEA911A11EFB21FE25DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.73.221.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:06:fb:c5:2e:34:6f:f9:8d:72:91:2e:e5:a2:9d:a5:36:75:
35:90:cc:95:b7:21:0c:f4:4d:65:80:d7:cb:d9:73:99:12:98:
87:3b:36:a2:56:0e:60:fc:81:7a:d7:6c:65:d2:c1:c1:4f:bc:
2c:55:fa:87:38:f5:43:e3:f0:98:f5:79:38:89:63:49:b4:80:
b7:50:a9:11:85:a6:30:5a:d8:2c:39:7d:88:58:d6:9d:2a:9d:
fe:05:34:cb:10:8d:5f:07:39:1b:55:a4:0f:fb:72:f9:79:8d:
f3:67:91:55:87:57:f6:1c:8a:02:69:34:67:0f:f4:c7:c8:7c:
38:ce:ff:db:f6:33:f2:26:1d:6c:e7:f5:fb:4f:5d:58:ef:52:
57:ff:fe:96:5e:d8:58:74:eb:8a:be:fc:55:d9:1a:c7:88:0a:
54:3c:29:cc:60:78:82:6c:eb:38:4e:05:b7:41:40:b4:99:3f:
df:e7:ef:29:b9:6f:d8:cb:1f:75:83:1d:14:67:7a:92:17:d9:
dd:ea:31:7e:51:3b:39:eb:ce:56:64:48:97:ae:05:ce:36:42:
e1:7e:9b:98:6c:b2:c8:d5:d2:7a:e9:0a:2d:19:1b:4d:03:54:
1c:e6:75:6f:c4:80:fe:98:e3:fa:3d:fa:64:4b:5b:c4:48:3c:
93:d9:12:95
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBFUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njg4RDQxMTAvBgNVBAUTKDlDOEFFM0RDN0IwNUIzODUzOTY3OTBDQTczMjNEM0Ew
OTA2RkVEODIwHhcNMjQxMDIzMDg0MTUzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzE4YjZkMC05YWE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1J6/ak5n3BkjWF/Q/6Vd8kiQz++9prB0aOHejepTIqkSikA20Foe9zKpr1Tv
iudBI7zkrMoXQ+1h+bPeLQzjeZFzPEtb1ICmlLa8/xmo7Ha14vNlbXPnv/PwZrUU
y5D9vyQNJYZ71aXbxejCyavqX5kIczzmFWfnz1qLsVu7hdwlvLp6cUNA4ig7K/P4
nPc7aFvDvlKekSo4a/NoMFrNPqE1iAdTr/54lDD+nHzF7RLfsTCmPqpKFC19R2o7
nfg2hSgtD4oVDSeXVbGnxggvGWVytq6op8kAfQXg03oVmeB0TTvwCJjDEhGFrCTb
Ux328q6+4dv9bE8gc3rnYQbFxQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEzXNKKX
NVsVdZM99cECDe1vmNidMB8GA1UdIwQYMBaAFJyK49x7BbOFOWeQynMj06CQb+2C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODhENC8yRjU4RTQ3MjJF
NTAxMUVDQTA0QjZDMjVDNEY5QUUwMi9uSXJqM0hzRnM0VTVaNURLY3lQVG9KQnY3
WUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25JcmozSHNGczRVNVo1REtjeVBUb0pCdjdZSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njg4RDQvMkY1OEU0NzIyRTUwMTFFQ0EwNEI2QzI1QzRGOUFFMDIvQTZENkFBRUE5
MTFBMTFFRkIyMUZFMjVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnSd0wDQYJKoZIhvcNAQELBQADggEBALwG+8UuNG/5jXKR
LuWinaU2dTWQzJW3IQz0TWWA18vZc5kSmIc7NqJWDmD8gXrXbGXSwcFPvCxV+oc4
9UPj8Jj1eTiJY0m0gLdQqRGFpjBa2Cw5fYhY1p0qnf4FNMsQjV8HORtVpA/7cvl5
jfNnkVWHV/YcigJpNGcP9MfIfDjO/9v2M/ImHWzn9ftPXVjvUlf//pZe2Fh064q+
/FXZGseIClQ8KcxgeIJs6zhOBbdBQLSZP9/n7ym5b9jLH3WDHRRnepIX2d3qMX5R
OznrzlZkSJeuBc42QuF+m5hsssjV0nrpCi0ZG00DVBzmdW/EgP6Y4/o9+mRLW8RI
PJPZEpU=
Generated at Sun Oct 27 03:00:45 2024 by rpki-client on console-fra.rpki-client.org