Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91799A0/40EDA11E9AE811EC974B491CC4F9AE02/2545DB327C3811EF82375E4DC4F9AE02.roa
File: 2545DB327C3811EF82375E4DC4F9AE02.roa (raw, json)
Hash identifier: BLjkdxiXO6Ol8xcej/EqOUWh8XrILBw1vferOKbfYrI=
Subject key identifier: 64:B7:F8:36:20:71:B2:57:BA:39:93:43:ED:89:2B:46:B4:78:12:0F
Certificate issuer: /CN=A91799A0/serialNumber=37E03524B5847DBEAD00FE378C46ABD0CA7045F8
Certificate serial: 0319
Authority key identifier: 37:E0:35:24:B5:84:7D:BE:AD:00:FE:37:8C:46:AB:D0:CA:70:45:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/N-A1JLWEfb6tAP43jEar0MpwRfg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91799A0/40EDA11E9AE811EC974B491CC4F9AE02/2545DB327C3811EF82375E4DC4F9AE02.roa
Signing time: Thu 26 Sep 2024 18:50:06 +0000
ROA not before: Thu 26 Sep 2024 18:50:06 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 133793
IP address blocks: 103.43.20.0/24 maxlen: 24
103.43.21.0/24 maxlen: 24
103.43.22.0/24 maxlen: 24
103.43.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 28 Sep 2024 14:41:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 793 (0x319)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91799A0/serialNumber=37E03524B5847DBEAD00FE378C46ABD0CA7045F8
Validity
Not Before: Sep 26 18:50:06 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=66f5acdd-e169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c6:c7:44:a0:9a:33:b4:29:76:fc:e9:af:16:
56:16:b2:0a:ac:9c:f7:4f:46:2f:f5:e8:cc:47:cd:
83:59:20:ec:a7:62:3c:7c:22:c0:a5:96:d5:d2:8c:
9d:36:92:0a:00:7f:58:a4:1a:44:7e:b4:ce:6c:3b:
19:12:58:77:55:1d:3f:c5:56:68:81:20:a4:ec:4f:
72:fd:ee:b1:32:dd:c6:08:ae:7d:3b:3b:85:a8:39:
c0:99:4e:ef:11:ae:c5:56:a1:22:a8:ee:03:b5:43:
d9:86:7b:2d:39:fd:93:e4:7e:73:b3:f9:d2:55:23:
69:0c:d6:39:83:d3:fc:0a:d2:13:21:ee:ce:29:f4:
c3:46:65:ca:3e:f7:d9:d4:f1:88:76:84:15:61:05:
f7:d9:bd:e7:b7:e6:30:94:a3:6d:9b:f4:c4:ca:07:
26:1a:50:ca:d9:38:c5:85:ef:16:f6:0e:bd:59:77:
48:7f:7e:f2:13:5f:d1:b0:60:b3:85:66:1d:6e:a1:
2d:21:90:38:1d:b1:7f:c1:2a:a9:de:a2:52:30:2f:
2c:7c:a4:42:14:42:a0:d2:c2:57:17:2f:d4:56:09:
87:cc:c4:69:7e:96:be:f3:8f:b5:5d:7f:52:a1:07:
0c:be:56:82:6f:5e:ff:c7:ae:1f:04:8a:40:3c:1d:
d0:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:B7:F8:36:20:71:B2:57:BA:39:93:43:ED:89:2B:46:B4:78:12:0F
X509v3 Authority Key Identifier:
keyid:37:E0:35:24:B5:84:7D:BE:AD:00:FE:37:8C:46:AB:D0:CA:70:45:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91799A0/40EDA11E9AE811EC974B491CC4F9AE02/N-A1JLWEfb6tAP43jEar0MpwRfg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/N-A1JLWEfb6tAP43jEar0MpwRfg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91799A0/40EDA11E9AE811EC974B491CC4F9AE02/2545DB327C3811EF82375E4DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.43.20.0/22
Signature Algorithm: sha256WithRSAEncryption
12:64:ad:9f:34:f6:2d:4c:5d:2c:a3:f2:96:85:72:32:f0:ae:
0b:c0:ed:15:93:3b:c3:c4:31:13:17:03:35:35:91:cc:83:69:
01:d5:21:86:95:0b:9c:92:b6:e9:b2:5a:0e:00:84:72:a6:90:
0d:7a:df:03:38:f3:18:28:a0:58:a1:47:64:8e:37:71:48:d3:
07:af:56:e8:6b:7b:ca:0a:0d:45:9c:6f:f5:5b:cc:ed:cc:da:
b7:29:eb:09:c7:63:c3:b2:22:f1:ed:d9:cb:3e:a8:38:39:92:
ea:af:74:5b:44:87:98:0e:40:29:a2:45:37:39:a2:b4:78:11:
85:a4:3c:9b:80:52:f2:26:4d:b2:8f:5e:b8:1f:78:c5:25:76:
0b:16:b1:90:c2:33:e0:a9:bb:61:18:fa:58:62:cd:e8:88:b4:
5c:c9:2e:d3:11:b3:98:e9:bd:98:46:c5:3c:e7:aa:e4:7d:1b:
10:3d:00:15:0c:71:47:43:99:b9:18:5d:37:73:7e:bd:cd:c2:
74:9a:7c:f8:98:ae:93:ff:02:ab:a3:05:d7:e9:b4:a7:cb:d7:
30:6d:09:57:5a:27:2c:e5:50:ac:a9:62:ba:56:95:a1:61:ac:
4a:5e:d5:1c:7c:8c:25:39:bb:be:cf:1b:f8:3b:f5:85:04:7c:
43:3c:4e:8b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAxkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzk5QTAxMTAvBgNVBAUTKDM3RTAzNTI0QjU4NDdEQkVBRDAwRkUzNzhDNDZBQkQw
Q0E3MDQ1RjgwHhcNMjQwOTI2MTg1MDA2WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY1YWNkZC1lMTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0cbHRKCaM7QpdvzprxZWFrIKrJz3T0Yv9ejMR82DWSDsp2I8fCLApZbV0oyd
NpIKAH9YpBpEfrTObDsZElh3VR0/xVZogSCk7E9y/e6xMt3GCK59OzuFqDnAmU7v
Ea7FVqEiqO4DtUPZhnstOf2T5H5zs/nSVSNpDNY5g9P8CtITIe7OKfTDRmXKPvfZ
1PGIdoQVYQX32b3nt+YwlKNtm/TEygcmGlDK2TjFhe8W9g69WXdIf37yE1/RsGCz
hWYdbqEtIZA4HbF/wSqp3qJSMC8sfKRCFEKg0sJXFy/UVgmHzMRpfpa+84+1XX9S
oQcMvlaCb17/x64fBIpAPB3QZQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGS3+DYg
cbJXujmTQ+2JK0a0eBIPMB8GA1UdIwQYMBaAFDfgNSS1hH2+rQD+N4xGq9DKcEX4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OTlBMC80MEVEQTExRTlB
RTgxMUVDOTc0QjQ5MUNDNEY5QUUwMi9OLUExSkxXRWZiNnRBUDQzakVhcjBNcHdS
ZmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL04tQTFKTFdFZmI2dEFQNDNqRWFyME1wd1JmZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzk5QTAvNDBFREExMUU5QUU4MTFFQzk3NEI0OTFDQzRGOUFFMDIvMjU0NURCMzI3
QzM4MTFFRjgyMzc1RTREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnKxQwDQYJKoZIhvcNAQELBQADggEBABJkrZ809i1MXSyj
8paFcjLwrgvA7RWTO8PEMRMXAzU1kcyDaQHVIYaVC5yStumyWg4AhHKmkA163wM4
8xgooFihR2SON3FI0wevVuhre8oKDUWcb/VbzO3M2rcp6wnHY8OyIvHt2cs+qDg5
kuqvdFtEh5gOQCmiRTc5orR4EYWkPJuAUvImTbKPXrgfeMUldgsWsZDCM+Cpu2EY
+lhizeiItFzJLtMRs5jpvZhGxTznquR9GxA9ABUMcUdDmbkYXTdzfr3NwnSafPiY
rpP/AqujBdfptKfL1zBtCVdaJyzlUKypYrpWlaFhrEpe1Rx8jCU5u77PG/g79YUE
fEM8Tos=
-----END CERTIFICATE-----
Generated at Sat Sep 28 16:26:41 2024 by rpki-client on console-fra.rpki-client.org