Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/F4F8B970D2F811ED97773D4DC4F9AE02.roa
File: F4F8B970D2F811ED97773D4DC4F9AE02.roa (raw, json)
Hash identifier: 9C0UPm+aRrLXC+1l6SRxM1kSD9FGUuVrX4t+zGUV2LQ=
Subject key identifier: 78:2C:91:0A:25:57:ED:7F:CD:E2:FE:AE:A9:5B:58:64:52:73:92:96
Certificate issuer: /CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B
Certificate serial: 0C3B
Authority key identifier: FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/F4F8B970D2F811ED97773D4DC4F9AE02.roa
Signing time: Thu 14 Mar 2024 19:07:38 +0000
ROA not before: Thu 14 Mar 2024 19:07:38 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 137453
IP address blocks: 103.109.93.0/24 maxlen: 24
103.109.94.0/24 maxlen: 24
103.109.95.0/24 maxlen: 24
144.48.151.0/24 maxlen: 24
2404:4c0:a::/48 maxlen: 48
2404:4c0:b::/48 maxlen: 48
2404:4c0:c::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 21 Apr 2024 10:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3131 (0xc3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B
Validity
Not Before: Mar 14 19:07:38 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65f34afa-e4de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:34:79:81:d2:17:ec:71:db:03:e5:19:ed:cc:
f5:35:7e:d6:6e:e1:7d:8c:25:12:b0:88:df:d8:15:
1a:e1:01:b1:4d:0b:f2:e8:77:7f:65:ee:c4:28:15:
6c:0f:af:67:47:6d:f5:ab:d3:14:2a:d7:34:38:8f:
9f:19:b1:5d:b0:0e:86:16:0d:6e:80:e9:c4:8a:38:
69:7c:33:25:d7:c9:09:2d:87:d3:f2:56:b8:94:d8:
29:40:7d:62:ff:8b:13:89:81:1a:7a:be:d8:a3:15:
9e:e4:3a:10:2c:71:f3:56:9f:b7:73:99:25:20:37:
20:aa:b8:b5:15:70:b7:73:b2:21:02:fb:49:f7:4e:
54:f1:91:7a:b6:3b:e8:d2:31:a1:d7:60:e4:e5:9e:
d0:8f:55:12:08:a6:4f:92:ca:1d:c9:9b:e6:14:c5:
d7:d2:a4:fc:cc:c0:5e:58:22:5c:50:25:34:c4:9b:
56:ac:ee:d1:e5:f7:30:57:01:14:5d:72:af:85:5b:
5b:37:e2:0d:cc:75:2e:46:e4:9a:14:7f:a3:4f:c9:
8d:43:64:b9:75:6f:48:45:61:6e:00:09:74:3d:bc:
4b:b9:93:fe:6b:59:88:a3:af:e9:bc:7e:56:59:3b:
90:16:9f:26:98:55:e0:b3:cf:c6:80:3f:6f:5d:57:
d5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:2C:91:0A:25:57:ED:7F:CD:E2:FE:AE:A9:5B:58:64:52:73:92:96
X509v3 Authority Key Identifier:
keyid:FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/F4F8B970D2F811ED97773D4DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.109.93.0-103.109.95.255
144.48.151.0/24
IPv6:
2404:4c0:a::-2404:4c0:c:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7f:a3:da:e2:b9:af:c4:4b:eb:db:ec:b3:65:3c:91:63:a8:66:
8a:96:56:ac:fa:2f:ad:c2:d6:0c:ec:fd:34:69:2c:4c:89:ac:
83:39:79:81:18:70:5f:8f:93:ad:d6:dc:86:37:fb:67:f6:ac:
5a:7d:a0:65:99:8b:aa:9e:e0:1e:39:63:e8:82:ac:36:33:90:
a6:50:00:8b:59:69:35:e8:b6:bf:c8:70:bd:51:97:8b:62:ac:
62:2a:83:64:15:85:f9:41:26:a3:a1:e2:3e:e3:69:e5:03:74:
e8:54:e0:33:0f:d3:10:3f:91:c4:b5:ba:ce:24:37:74:3f:bd:
31:e7:b3:c9:32:2d:eb:85:99:1b:26:b0:32:41:23:fb:2e:b0:
41:c9:c7:d6:be:99:44:58:1b:63:8a:02:72:39:c0:64:b4:3e:
bd:f5:7c:b9:73:37:43:a8:47:aa:93:3a:c9:2e:dd:2a:a8:73:
52:7e:c6:92:ca:5a:ee:83:dd:e6:13:10:c5:73:54:93:1a:dc:
81:0d:c7:8d:f6:ac:86:a0:73:7c:64:cf:90:f8:d1:57:c4:29:
5d:c9:4c:5b:5a:b6:2e:2a:02:ec:2f:24:f5:e4:17:0e:bf:e5:
64:e1:17:e6:f0:8f:07:96:26:c1:d2:ba:76:dd:5a:a0:5a:8a:
8e:a9:e2:53
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICDDswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODhGNkQxMTAvBgNVBAUTKEZEMDZCMTUwODU1N0Y2NUY2OENDQkEzQzIwM0VDQUFE
MDc1REQxOUIwHhcNMjQwMzE0MTkwNzM4WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWYzNGFmYS1lNGRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsDR5gdIX7HHbA+UZ7cz1NX7WbuF9jCUSsIjf2BUa4QGxTQvy6Hd/Ze7EKBVs
D69nR231q9MUKtc0OI+fGbFdsA6GFg1ugOnEijhpfDMl18kJLYfT8la4lNgpQH1i
/4sTiYEaer7YoxWe5DoQLHHzVp+3c5klIDcgqri1FXC3c7IhAvtJ905U8ZF6tjvo
0jGh12Dk5Z7Qj1USCKZPksodyZvmFMXX0qT8zMBeWCJcUCU0xJtWrO7R5fcwVwEU
XXKvhVtbN+INzHUuRuSaFH+jT8mNQ2S5dW9IRWFuAAl0PbxLuZP+a1mIo6/pvH5W
WTuQFp8mmFXgs8/GgD9vXVfViwIDAQABo4ICvzCCArswHQYDVR0OBBYEFHgskQol
V+1/zeL+rqlbWGRSc5KWMB8GA1UdIwQYMBaAFP0GsVCFV/ZfaMy6PCA+yq0HXdGb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OEY2RC85QTVCMUE5RUY2
NkExMUU5QkY1MDY5N0FDNEY5QUUwMi9fUWF4VUlWWDlsOW96TG84SUQ3S3JRZGQw
WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19RYXhVSVZYOWw5b3pMbzhJRDdLclFkZDBacy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODhGNkQvOUE1QjFBOUVGNjZBMTFFOUJGNTA2OTdBQzRGOUFFMDIvRjRGOEI5NzBE
MkY4MTFFRDk3NzczRDREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MBoEAgABMBQwDAMEAGdtXQMEBWdtQAMEAJAwlzAaBAIAAjAUMBIDBwEkBATA
AAoDBwAkBATAAAwwDQYJKoZIhvcNAQELBQADggEBAH+j2uK5r8RL69vss2U8kWOo
ZoqWVqz6L63C1gzs/TRpLEyJrIM5eYEYcF+Pk63W3IY3+2f2rFp9oGWZi6qe4B45
Y+iCrDYzkKZQAItZaTXotr/IcL1Rl4tirGIqg2QVhflBJqOh4j7jaeUDdOhU4DMP
0xA/kcS1us4kN3Q/vTHns8kyLeuFmRsmsDJBI/susEHJx9a+mURYG2OKAnI5wGS0
Pr31fLlzN0OoR6qTOsku3Sqoc1J+xpLKWu6D3eYTEMVzVJMa3IENx432rIagc3xk
z5D40VfEKV3JTFtati4qAuwvJPXkFw6/5WThF+bwjweWJsHSunbdWqBaio6p4lM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:14 2024 by rpki-client on console-fra.rpki-client.org