Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919495D/8DE2E4BA326111EC8C4FDE26C4F9AE02/B2903504A8D111EE8BABC25CC4F9AE02.roa
File: B2903504A8D111EE8BABC25CC4F9AE02.roa (raw, json)
Hash identifier: rrqPUHWHHmH5W82zE3OMT9kWcZIq6gdBnvKj4LUKCyY=
Subject key identifier: 5D:ED:8B:DE:FB:A7:5E:E3:06:41:6B:BD:86:69:EA:7D:DE:9F:33:D1
Certificate issuer: /CN=A919495D/serialNumber=272F9FDF301454EB6C81F3016C205AF443CABD5C
Certificate serial: 03A8
Authority key identifier: 27:2F:9F:DF:30:14:54:EB:6C:81:F3:01:6C:20:5A:F4:43:CA:BD:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jy-f3zAUVOtsgfMBbCBa9EPKvVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919495D/8DE2E4BA326111EC8C4FDE26C4F9AE02/B2903504A8D111EE8BABC25CC4F9AE02.roa
Signing time: Mon 01 Jan 2024 18:15:09 +0000
ROA not before: Mon 01 Jan 2024 18:15:09 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 141432
IP address blocks: 103.174.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 19:13:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 936 (0x3a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919495D/serialNumber=272F9FDF301454EB6C81F3016C205AF443CABD5C
Validity
Not Before: Jan 1 18:15:09 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6593012d-5db6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d6:01:33:ae:d4:fd:79:83:62:b0:8d:4c:f5:
af:d9:36:c6:16:db:4e:90:21:f2:77:10:26:44:6c:
9f:c4:0a:e6:e0:83:b4:ce:1e:75:1d:4a:be:f7:8c:
a5:d1:8e:df:5a:80:0c:9e:89:4d:f1:86:01:3f:a9:
63:3e:47:4d:f9:1b:1e:6e:13:20:97:d0:c0:dd:61:
3b:5c:43:b3:e1:69:78:31:e1:87:e6:60:c5:c8:62:
98:c8:77:45:1d:44:a7:2c:29:59:57:58:d3:50:84:
91:6f:84:24:34:63:b3:75:ab:bf:e6:14:86:1b:46:
8b:82:62:68:2c:8b:6e:28:ad:87:47:b6:f4:12:53:
cd:85:87:fa:68:b4:f5:df:56:b5:96:1e:f1:2a:71:
0c:14:ea:10:2b:d5:17:1c:3a:c5:bd:e2:70:a4:e3:
b8:04:26:e3:f0:9d:00:4e:c0:92:76:fb:d5:0a:28:
48:ea:9c:9e:6e:f2:f0:5e:83:1c:3d:df:e5:bb:83:
56:82:06:34:01:ba:a9:77:a1:5b:2e:f6:8a:a5:25:
d0:74:56:d7:37:15:84:b0:f2:3c:c1:72:8a:fd:ad:
4d:1f:c1:3c:8a:79:35:51:63:e8:96:32:ce:eb:d5:
f5:1f:59:71:ab:5b:99:9e:c6:73:5c:94:36:54:4a:
1d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:ED:8B:DE:FB:A7:5E:E3:06:41:6B:BD:86:69:EA:7D:DE:9F:33:D1
X509v3 Authority Key Identifier:
keyid:27:2F:9F:DF:30:14:54:EB:6C:81:F3:01:6C:20:5A:F4:43:CA:BD:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919495D/8DE2E4BA326111EC8C4FDE26C4F9AE02/Jy-f3zAUVOtsgfMBbCBa9EPKvVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jy-f3zAUVOtsgfMBbCBa9EPKvVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919495D/8DE2E4BA326111EC8C4FDE26C4F9AE02/B2903504A8D111EE8BABC25CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.207.0/24
Signature Algorithm: sha256WithRSAEncryption
42:a4:f4:1d:65:5f:7d:71:be:2d:85:b5:2a:c0:2a:3f:b5:42:
ff:c1:31:2f:1f:eb:a3:c3:ad:09:bb:84:da:29:45:a3:02:48:
1a:cb:7d:73:2c:12:af:71:cc:b1:be:24:fa:c9:85:63:44:aa:
d7:4e:07:9b:d6:3c:a6:01:f4:89:b1:4d:81:43:74:88:3e:71:
d7:38:35:ea:4f:cf:74:98:60:3f:6a:b4:b0:82:d0:10:a0:5e:
1f:c7:52:32:a1:e3:db:a5:1a:1e:04:5e:a6:54:e5:80:ba:7f:
9d:d2:4a:ac:ae:f8:63:62:b7:24:6f:ea:63:ba:d5:91:62:a4:
38:a6:6b:1c:a4:11:92:bd:55:41:13:9d:4c:18:ae:08:03:cd:
df:fd:3f:b0:6d:45:3a:6c:52:a1:71:d9:d0:be:e3:ab:14:3a:
1f:6a:9b:c0:12:ac:61:57:cc:18:1b:4d:18:23:76:f5:95:67:
5a:9f:ce:b5:b7:44:b9:e4:a4:a2:59:93:a7:f9:ea:b5:f5:6c:
51:d7:11:88:f6:8c:c2:e3:6c:21:81:ea:dc:f3:bc:96:fb:69:
9b:bb:93:3a:b2:1f:47:20:66:38:aa:54:89:70:95:6a:f6:44:
1e:e0:8f:f4:ce:cd:00:50:40:dd:e2:23:b3:b1:a9:c5:f5:36:
cb:65:15:87
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA6gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTQ5NUQxMTAvBgNVBAUTKDI3MkY5RkRGMzAxNDU0RUI2QzgxRjMwMTZDMjA1QUY0
NDNDQUJENUMwHhcNMjQwMTAxMTgxNTA5WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTkzMDEyZC01ZGI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3tYBM67U/XmDYrCNTPWv2TbGFttOkCHydxAmRGyfxArm4IO0zh51HUq+94yl
0Y7fWoAMnolN8YYBP6ljPkdN+RsebhMgl9DA3WE7XEOz4Wl4MeGH5mDFyGKYyHdF
HUSnLClZV1jTUISRb4QkNGOzdau/5hSGG0aLgmJoLItuKK2HR7b0ElPNhYf6aLT1
31a1lh7xKnEMFOoQK9UXHDrFveJwpOO4BCbj8J0ATsCSdvvVCihI6pyebvLwXoMc
Pd/lu4NWggY0Abqpd6FbLvaKpSXQdFbXNxWEsPI8wXKK/a1NH8E8ink1UWPoljLO
69X1H1lxq1uZnsZzXJQ2VEodbQIDAQABo4IClTCCApEwHQYDVR0OBBYEFF3ti977
p17jBkFrvYZp6n3enzPRMB8GA1UdIwQYMBaAFCcvn98wFFTrbIHzAWwgWvRDyr1c
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDk1RC84REUyRTRCQTMy
NjExMUVDOEM0RkRFMjZDNEY5QUUwMi9KeS1mM3pBVVZPdHNnZk1CYkNCYTlFUEt2
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0p5LWYzekFVVk90c2dmTUJiQ0JhOUVQS3ZWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTQ5NUQvOERFMkU0QkEzMjYxMTFFQzhDNEZERTI2QzRGOUFFMDIvQjI5MDM1MDRB
OEQxMTFFRThCQUJDMjVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnrs8wDQYJKoZIhvcNAQELBQADggEBAEKk9B1lX31xvi2F
tSrAKj+1Qv/BMS8f66PDrQm7hNopRaMCSBrLfXMsEq9xzLG+JPrJhWNEqtdOB5vW
PKYB9ImxTYFDdIg+cdc4NepPz3SYYD9qtLCC0BCgXh/HUjKh49ulGh4EXqZU5YC6
f53SSqyu+GNityRv6mO61ZFipDimaxykEZK9VUETnUwYrggDzd/9P7BtRTpsUqFx
2dC+46sUOh9qm8ASrGFXzBgbTRgjdvWVZ1qfzrW3RLnkpKJZk6f56rX1bFHXEYj2
jMLjbCGB6tzzvJb7aZu7kzqyH0cgZjiqVIlwlWr2RB7gj/TOzQBQQN3iI7OxqcX1
NstlFYc=
-----END CERTIFICATE-----
Generated at Thu Jan 11 23:43:59 2024 by rpki-client on console-ams.rpki-client.org