Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91776E4/47428870E9F011ECA8358A84C4F9AE02/3661952C344511EFAAF77B52C4F9AE02.roa
File: 3661952C344511EFAAF77B52C4F9AE02.roa (raw, json)
Hash identifier: 5I5VBQGd6Fzsl9y+YKB1QBTNTpOn3wUGlYHGRrUO7PQ=
Subject key identifier: 58:38:66:B5:9F:04:B2:0B:B2:30:81:47:27:35:A6:AD:9E:EB:8D:E2
Certificate issuer: /CN=A91776E4/serialNumber=5699A6F52F90057382CDE96F76526F7FCA0193A3
Certificate serial: 0242
Authority key identifier: 56:99:A6:F5:2F:90:05:73:82:CD:E9:6F:76:52:6F:7F:CA:01:93:A3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vpmm9S-QBXOCzelvdlJvf8oBk6M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91776E4/47428870E9F011ECA8358A84C4F9AE02/3661952C344511EFAAF77B52C4F9AE02.roa
Signing time: Thu 27 Jun 2024 05:22:14 +0000
ROA not before: Thu 27 Jun 2024 05:22:14 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 132721
IP address blocks: 103.93.46.0/24 maxlen: 24
103.98.112.0/24 maxlen: 24
103.98.114.0/24 maxlen: 24
103.98.115.0/24 maxlen: 24
103.194.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jun 2024 10:18:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 578 (0x242)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91776E4/serialNumber=5699A6F52F90057382CDE96F76526F7FCA0193A3
Validity
Not Before: Jun 27 05:22:14 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=667cf706-7960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d4:80:b8:ef:7c:c4:ce:e1:10:99:c7:52:34:
71:a1:96:d2:6f:b5:e2:d4:30:dd:12:e4:79:06:9a:
a7:99:a3:a7:92:37:55:82:1c:48:95:71:be:56:a5:
d5:c9:f0:02:89:a7:6d:e2:95:b8:cc:50:53:0a:e0:
e6:95:9e:f8:f4:74:93:c4:83:45:7f:d1:e3:8e:50:
f4:71:7a:d3:8a:7a:30:a4:8e:53:9c:3a:c1:ea:a2:
9e:33:8d:fa:95:13:7c:5c:42:99:71:b5:0f:88:52:
a3:90:7b:d6:47:75:ef:de:b9:eb:c0:d0:fd:0e:26:
42:57:25:10:3c:9f:5f:4f:06:43:d3:49:52:2e:cc:
ae:19:e3:c9:c6:94:ba:82:2e:e6:4c:78:fc:2d:c0:
7a:c0:27:e5:10:d5:90:55:52:5a:e9:13:28:5c:1a:
87:56:8e:10:ae:95:cb:98:9b:72:0f:30:25:8e:43:
a3:0a:a8:c0:40:e0:1f:2c:7d:1d:9b:25:9d:b4:cd:
9b:7a:09:16:c9:ad:99:05:86:a9:15:58:92:95:55:
d5:79:ff:8b:bd:91:54:71:61:14:3f:6f:47:f8:c5:
8d:bd:7e:7e:8b:19:91:ae:13:d8:83:d6:33:dd:82:
6e:09:4b:f9:69:c3:22:a2:64:ca:06:ee:51:53:84:
51:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:38:66:B5:9F:04:B2:0B:B2:30:81:47:27:35:A6:AD:9E:EB:8D:E2
X509v3 Authority Key Identifier:
keyid:56:99:A6:F5:2F:90:05:73:82:CD:E9:6F:76:52:6F:7F:CA:01:93:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91776E4/47428870E9F011ECA8358A84C4F9AE02/Vpmm9S-QBXOCzelvdlJvf8oBk6M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vpmm9S-QBXOCzelvdlJvf8oBk6M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91776E4/47428870E9F011ECA8358A84C4F9AE02/3661952C344511EFAAF77B52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.93.46.0/24
103.98.112.0/24
103.98.114.0/23
103.194.105.0/24
Signature Algorithm: sha256WithRSAEncryption
13:66:90:04:9b:e7:31:e1:9b:46:cf:2f:ea:92:a7:68:67:f8:
3d:7c:32:d5:82:ce:f6:41:6b:5f:63:8d:60:24:d4:3c:f4:d8:
95:09:42:a3:f5:b3:6a:73:1e:45:c4:2c:46:21:cc:8c:f5:cb:
62:ad:19:99:4b:f0:6e:51:94:d0:61:18:78:00:70:4b:ed:2d:
d4:26:10:18:fc:94:79:c3:0e:31:b2:01:6b:72:b2:a6:70:4f:
0f:29:8f:0f:d5:df:2f:bd:50:64:71:cf:de:2e:03:b8:ad:70:
f0:7c:12:66:c5:72:a9:09:6d:bb:cf:77:4b:39:78:36:f9:2a:
4b:52:fc:c8:bc:f1:3d:1b:74:ad:72:32:dc:b2:ea:41:b2:8e:
e1:ee:d6:75:1f:10:61:a4:ea:21:4a:46:09:89:ac:59:db:ff:
2c:cf:9d:75:9f:ed:3a:b2:59:03:45:2a:a1:dd:3c:21:60:bc:
26:08:29:d5:a1:a5:b8:62:03:c9:70:a1:59:2b:48:e9:d3:0e:
ee:6d:b8:a3:d9:74:55:3b:c9:3c:9b:5b:96:8c:f4:45:bc:4d:
6e:35:33:b1:bd:e2:ef:4c:30:c8:ad:f4:f8:b5:59:e4:d5:0d:
5c:59:10:bb:fe:2e:50:2c:b2:44:75:7e:d9:d7:aa:0b:f0:e5:
b1:74:0a:ed
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAkIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzc2RTQxMTAvBgNVBAUTKDU2OTlBNkY1MkY5MDA1NzM4MkNERTk2Rjc2NTI2RjdG
Q0EwMTkzQTMwHhcNMjQwNjI3MDUyMjE0WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjdjZjcwNi03OTYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArtSAuO98xM7hEJnHUjRxoZbSb7Xi1DDdEuR5BpqnmaOnkjdVghxIlXG+VqXV
yfACiadt4pW4zFBTCuDmlZ749HSTxINFf9HjjlD0cXrTinowpI5TnDrB6qKeM436
lRN8XEKZcbUPiFKjkHvWR3Xv3rnrwND9DiZCVyUQPJ9fTwZD00lSLsyuGePJxpS6
gi7mTHj8LcB6wCflENWQVVJa6RMoXBqHVo4QrpXLmJtyDzAljkOjCqjAQOAfLH0d
myWdtM2begkWya2ZBYapFViSlVXVef+LvZFUcWEUP29H+MWNvX5+ixmRrhPYg9Yz
3YJuCUv5acMiomTKBu5RU4RRzwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFFg4ZrWf
BLILsjCBRyc1pq2e643iMB8GA1UdIwQYMBaAFFaZpvUvkAVzgs3pb3ZSb3/KAZOj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzZFNC80NzQyODg3MEU5
RjAxMUVDQTgzNThBODRDNEY5QUUwMi9WcG1tOVMtUUJYT0N6ZWx2ZGxKdmY4b0Jr
Nk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZwbW05Uy1RQlhPQ3plbHZkbEp2ZjhvQms2TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzc2RTQvNDc0Mjg4NzBFOUYwMTFFQ0E4MzU4QTg0QzRGOUFFMDIvMzY2MTk1MkMz
NDQ1MTFFRkFBRjc3QjUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBABnXS4DBABnYnADBAFnYnIDBABnwmkwDQYJKoZIhvcNAQEL
BQADggEBABNmkASb5zHhm0bPL+qSp2hn+D18MtWCzvZBa19jjWAk1Dz02JUJQqP1
s2pzHkXELEYhzIz1y2KtGZlL8G5RlNBhGHgAcEvtLdQmEBj8lHnDDjGyAWtysqZw
Tw8pjw/V3y+9UGRxz94uA7itcPB8EmbFcqkJbbvPd0s5eDb5KktS/Mi88T0bdK1y
Mtyy6kGyjuHu1nUfEGGk6iFKRgmJrFnb/yzPnXWf7TqyWQNFKqHdPCFgvCYIKdWh
pbhiA8lwoVkrSOnTDu5tuKPZdFU7yTybW5aM9EW8TW41M7G94u9MMMit9Pi1WeTV
DVxZELv+LlAsskR1ftnXqgvw5bF0Cu0=
-----END CERTIFICATE-----
Generated at Thu Jun 27 13:47:32 2024 by rpki-client on console-fra.rpki-client.org