Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1ABC/E30BF5DA222911EE8444C621C4F9AE02/EA66A39C222A11EE9FF85B26C4F9AE02.roa
File: EA66A39C222A11EE9FF85B26C4F9AE02.roa (raw, json)
Hash identifier: L/yK11E22zz5I/OkHf0+tmfeW98rhxEL3RSw2AVXfg4=
Subject key identifier: 23:E7:24:91:84:4E:AE:E8:B3:EB:5C:ED:FF:AA:FD:A3:6D:37:CC:38
Certificate issuer: /CN=A91A1ABC/serialNumber=21D7B872105481ED82A9E6223B25406BB7522F23
Certificate serial: EF
Authority key identifier: 21:D7:B8:72:10:54:81:ED:82:A9:E6:22:3B:25:40:6B:B7:52:2F:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ide4chBUge2CqeYiOyVAa7dSLyM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A1ABC/E30BF5DA222911EE8444C621C4F9AE02/EA66A39C222A11EE9FF85B26C4F9AE02.roa
Signing time: Tue 01 Oct 2024 04:47:44 +0000
ROA not before: Tue 01 Oct 2024 04:47:44 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 134428
IP address blocks: 103.97.156.0/24 maxlen: 24
103.97.157.0/24 maxlen: 24
103.97.158.0/24 maxlen: 24
103.97.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 23:06:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 239 (0xef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A1ABC/serialNumber=21D7B872105481ED82A9E6223B25406BB7522F23
Validity
Not Before: Oct 1 04:47:44 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66fb7ef0-f62f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:35:7d:2a:db:96:bb:2f:bd:69:a5:21:34:35:
ef:a8:d6:93:c6:9c:30:57:7f:23:9e:26:52:a0:4c:
17:33:72:34:06:a9:fe:51:8b:47:cf:cd:15:f9:c8:
ee:4b:05:89:c9:dc:46:88:44:0e:bf:ba:86:42:d9:
a2:90:30:6a:a7:e3:0d:1c:09:ac:9a:29:40:99:c6:
06:58:4b:1b:19:43:7d:12:1e:c9:f3:2e:c5:c9:a5:
41:24:b1:d4:99:58:cd:93:42:1d:57:82:90:6f:a9:
fa:c8:94:c6:c7:76:84:b2:03:5a:fb:ed:55:47:4f:
f1:cc:ae:da:0e:44:b2:99:46:fa:80:92:16:2e:12:
10:8c:45:15:19:3b:d6:31:76:e1:b8:36:fb:46:38:
00:de:c2:a1:57:9c:ae:6a:bb:68:3c:3c:c1:7a:01:
95:ba:3f:41:6c:15:81:08:ff:45:ac:a6:6b:cf:19:
c7:af:d3:37:82:02:58:d3:f3:05:f0:46:c0:ab:ad:
c7:ba:0e:b3:b6:91:cd:63:24:04:38:96:1e:40:4f:
70:3b:c0:96:75:d4:ad:de:91:63:d4:7a:48:4d:c0:
44:ef:38:10:af:a1:fc:8b:10:86:85:44:23:5c:a4:
af:4e:53:44:d1:fd:5e:4f:a0:69:4d:20:c4:f9:a0:
d2:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E7:24:91:84:4E:AE:E8:B3:EB:5C:ED:FF:AA:FD:A3:6D:37:CC:38
X509v3 Authority Key Identifier:
keyid:21:D7:B8:72:10:54:81:ED:82:A9:E6:22:3B:25:40:6B:B7:52:2F:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A1ABC/E30BF5DA222911EE8444C621C4F9AE02/Ide4chBUge2CqeYiOyVAa7dSLyM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ide4chBUge2CqeYiOyVAa7dSLyM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1ABC/E30BF5DA222911EE8444C621C4F9AE02/EA66A39C222A11EE9FF85B26C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.97.156.0/22
Signature Algorithm: sha256WithRSAEncryption
26:38:4b:8f:14:c1:df:0a:2f:ae:35:72:b8:76:f2:55:6d:99:
5f:c5:78:c6:6a:49:e0:5e:8d:b9:1b:74:67:e1:d6:71:07:18:
1c:36:af:11:cf:9b:9c:5b:52:2a:e6:dd:8e:d9:2b:40:79:96:
f6:e0:54:c4:1c:2b:09:e6:6c:bf:56:3c:41:04:9f:0b:40:07:
22:68:80:ec:6d:0f:64:73:a2:f1:12:2c:0f:4c:6f:3a:e3:63:
48:4f:72:3d:9f:3a:48:ca:c6:54:08:f5:0e:fa:98:90:07:1d:
46:0f:30:16:30:9a:96:78:66:be:7c:d8:5b:59:ee:d6:c8:c6:
bf:ba:ca:60:a9:39:cc:f6:fa:1e:22:5b:55:8a:85:bb:a7:1f:
c4:77:40:d7:36:e9:90:df:98:3f:13:16:ad:0e:b9:e2:22:a0:
24:44:8d:87:ec:e3:a0:a7:63:b2:cd:84:a8:84:34:8f:e1:97:
4f:b5:15:0b:1d:82:e0:2b:14:80:ff:42:b3:dd:da:d9:1e:31:
09:53:32:c3:c0:67:95:fb:c1:d3:e2:da:62:4b:a2:65:77:2f:
d9:18:2f:24:c5:8c:c7:0f:ca:e3:30:7a:30:d3:dc:04:ff:80:
83:c1:0b:b5:54:af:47:95:bb:89:5f:da:8f:b0:55:a4:58:ea:
2e:91:eb:7a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAO8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTFBQkMxMTAvBgNVBAUTKDIxRDdCODcyMTA1NDgxRUQ4MkE5RTYyMjNCMjU0MDZC
Qjc1MjJGMjMwHhcNMjQxMDAxMDQ0NzQ0WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZiN2VmMC1mNjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAszV9KtuWuy+9aaUhNDXvqNaTxpwwV38jniZSoEwXM3I0Bqn+UYtHz80V+cju
SwWJydxGiEQOv7qGQtmikDBqp+MNHAmsmilAmcYGWEsbGUN9Eh7J8y7FyaVBJLHU
mVjNk0IdV4KQb6n6yJTGx3aEsgNa++1VR0/xzK7aDkSymUb6gJIWLhIQjEUVGTvW
MXbhuDb7RjgA3sKhV5yuartoPDzBegGVuj9BbBWBCP9FrKZrzxnHr9M3ggJY0/MF
8EbAq63Hug6ztpHNYyQEOJYeQE9wO8CWddSt3pFj1HpITcBE7zgQr6H8ixCGhUQj
XKSvTlNE0f1eT6BpTSDE+aDS0QIDAQABo4IClTCCApEwHQYDVR0OBBYEFCPnJJGE
Tq7os+tc7f+q/aNtN8w4MB8GA1UdIwQYMBaAFCHXuHIQVIHtgqnmIjslQGu3Ui8j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUFCQy9FMzBCRjVEQTIy
MjkxMUVFODQ0NEM2MjFDNEY5QUUwMi9JZGU0Y2hCVWdlMkNxZVlpT3lWQWE3ZFNM
eU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lkZTRjaEJVZ2UyQ3FlWWlPeVZBYTdkU0x5TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTFBQkMvRTMwQkY1REEyMjI5MTFFRTg0NDRDNjIxQzRGOUFFMDIvRUE2NkEzOUMy
MjJBMTFFRTlGRjg1QjI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnYZwwDQYJKoZIhvcNAQELBQADggEBACY4S48Uwd8KL641
crh28lVtmV/FeMZqSeBejbkbdGfh1nEHGBw2rxHPm5xbUirm3Y7ZK0B5lvbgVMQc
KwnmbL9WPEEEnwtAByJogOxtD2RzovESLA9MbzrjY0hPcj2fOkjKxlQI9Q76mJAH
HUYPMBYwmpZ4Zr582FtZ7tbIxr+6ymCpOcz2+h4iW1WKhbunH8R3QNc26ZDfmD8T
Fq0OueIioCREjYfs46CnY7LNhKiENI/hl0+1FQsdguArFID/QrPd2tkeMQlTMsPA
Z5X7wdPi2mJLomV3L9kYLyTFjMcPyuMwejDT3AT/gIPBC7VUr0eVu4lf2o+wVaRY
6i6R63o=
-----END CERTIFICATE-----
Generated at Tue Nov 19 00:48:05 2024 by rpki-client on console-fra.rpki-client.org