Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1ABC/E30BF5DA222911EE8444C621C4F9AE02/EAF3AA12222A11EE9FF85B26C4F9AE02.roa
File: EAF3AA12222A11EE9FF85B26C4F9AE02.roa (raw, json)
Hash identifier: 0/mWWRfxM1CNHfBpcAjjr+X9spIGQMC2LB0nBFQWGAI=
Subject key identifier: 2F:0A:51:50:60:A2:1D:9D:7B:2F:09:1E:3C:BC:30:5B:44:27:DA:08
Certificate issuer: /CN=A91A1ABC/serialNumber=21D7B872105481ED82A9E6223B25406BB7522F23
Certificate serial: F0
Authority key identifier: 21:D7:B8:72:10:54:81:ED:82:A9:E6:22:3B:25:40:6B:B7:52:2F:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ide4chBUge2CqeYiOyVAa7dSLyM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A1ABC/E30BF5DA222911EE8444C621C4F9AE02/EAF3AA12222A11EE9FF85B26C4F9AE02.roa
Signing time: Tue 01 Oct 2024 04:47:45 +0000
ROA not before: Tue 01 Oct 2024 04:47:45 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 140630
IP address blocks: 103.97.156.0/24 maxlen: 24
103.97.157.0/24 maxlen: 24
103.97.158.0/24 maxlen: 24
103.97.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 23:06:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 240 (0xf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A1ABC/serialNumber=21D7B872105481ED82A9E6223B25406BB7522F23
Validity
Not Before: Oct 1 04:47:45 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66fb7ef1-9e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:31:b5:e8:99:4f:e8:57:51:c2:af:6d:53:9d:
03:5f:54:38:c6:36:2b:07:9c:41:45:18:9f:a0:91:
45:26:86:8a:12:67:31:41:60:dd:6c:b0:81:ed:5b:
e3:87:56:a6:9a:0a:83:78:41:01:3e:c9:a7:8b:89:
85:0b:18:17:0d:74:36:a4:07:87:d7:85:f2:d8:c1:
5a:c1:eb:af:84:99:c8:3f:2f:03:c6:89:9a:be:20:
d2:5a:05:c5:da:39:49:f1:8d:e0:e7:e8:23:2f:f7:
df:a2:1e:dd:ae:bc:2e:85:24:d0:52:ab:15:6e:85:
cb:4b:92:a8:76:3c:af:e2:96:f3:46:92:b1:1a:d5:
35:8e:b0:9a:ab:ef:e0:0d:a6:71:82:e5:dc:2c:95:
d5:9a:14:7c:cd:60:1e:ee:58:25:be:2d:48:cf:ae:
e3:5a:b4:90:86:c9:85:38:f9:b9:e1:05:74:dd:4e:
3e:d5:f2:e9:7d:d1:c1:af:1a:9c:55:77:e7:a9:b0:
12:e9:54:39:23:ac:2b:e5:8a:2d:79:aa:5c:98:fc:
dd:aa:d9:60:de:75:00:ba:dd:19:6a:f2:f9:e2:5c:
1e:c0:73:0c:ce:11:79:11:2f:74:29:b5:ea:9a:9d:
83:da:98:02:78:d4:9e:b8:52:68:ac:46:e1:d3:a7:
4f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:0A:51:50:60:A2:1D:9D:7B:2F:09:1E:3C:BC:30:5B:44:27:DA:08
X509v3 Authority Key Identifier:
keyid:21:D7:B8:72:10:54:81:ED:82:A9:E6:22:3B:25:40:6B:B7:52:2F:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A1ABC/E30BF5DA222911EE8444C621C4F9AE02/Ide4chBUge2CqeYiOyVAa7dSLyM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ide4chBUge2CqeYiOyVAa7dSLyM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1ABC/E30BF5DA222911EE8444C621C4F9AE02/EAF3AA12222A11EE9FF85B26C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.97.156.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:1b:62:88:73:82:48:26:90:d8:b0:89:6c:90:96:c4:7e:b4:
5c:14:73:89:97:36:f5:7c:64:4a:c6:10:a2:9b:60:41:14:dc:
95:8a:e8:3b:f9:72:ac:28:35:4b:e3:ac:45:e6:4e:46:54:16:
31:f9:33:ef:e2:a2:4b:d4:5e:64:89:8b:c4:a2:1d:71:5f:2a:
3c:b0:8c:f4:64:4b:bd:11:b9:1a:b7:fb:58:a0:d0:42:44:65:
50:39:4b:bd:bf:70:ac:32:ac:cc:15:97:9d:e6:2c:0c:b3:99:
f9:28:85:db:89:bd:de:51:f4:bb:2e:6c:55:64:f9:79:92:94:
20:f9:f0:8a:3c:53:15:b1:16:b3:db:f1:cf:ac:e6:10:8d:cc:
e7:a2:9d:98:f2:55:d7:fd:b7:2e:9e:41:40:9b:06:bb:5e:94:
7d:77:f1:ce:43:08:02:af:05:a4:51:81:4c:14:2b:81:9a:22:
0b:ac:08:62:dd:d7:b3:3e:c9:65:5e:fc:06:62:0d:9c:93:e6:
2d:33:e9:6d:17:f0:a8:b5:38:00:0d:25:70:41:64:30:97:90:
c4:63:15:46:14:5d:32:fe:b1:9e:db:d0:16:e4:a1:f7:cf:b2:
ed:91:af:23:1a:ce:ca:24:19:3a:b3:a5:44:f1:70:2a:7a:f3:
55:4d:f4:bc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAPAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTFBQkMxMTAvBgNVBAUTKDIxRDdCODcyMTA1NDgxRUQ4MkE5RTYyMjNCMjU0MDZC
Qjc1MjJGMjMwHhcNMjQxMDAxMDQ0NzQ1WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZiN2VmMS05ZTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuTG16JlP6FdRwq9tU50DX1Q4xjYrB5xBRRifoJFFJoaKEmcxQWDdbLCB7Vvj
h1ammgqDeEEBPsmni4mFCxgXDXQ2pAeH14Xy2MFaweuvhJnIPy8DxomaviDSWgXF
2jlJ8Y3g5+gjL/ffoh7drrwuhSTQUqsVboXLS5Kodjyv4pbzRpKxGtU1jrCaq+/g
DaZxguXcLJXVmhR8zWAe7lglvi1Iz67jWrSQhsmFOPm54QV03U4+1fLpfdHBrxqc
VXfnqbAS6VQ5I6wr5YoteapcmPzdqtlg3nUAut0ZavL54lwewHMMzhF5ES90KbXq
mp2D2pgCeNSeuFJorEbh06dPKwIDAQABo4IClTCCApEwHQYDVR0OBBYEFC8KUVBg
oh2dey8JHjy8MFtEJ9oIMB8GA1UdIwQYMBaAFCHXuHIQVIHtgqnmIjslQGu3Ui8j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUFCQy9FMzBCRjVEQTIy
MjkxMUVFODQ0NEM2MjFDNEY5QUUwMi9JZGU0Y2hCVWdlMkNxZVlpT3lWQWE3ZFNM
eU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lkZTRjaEJVZ2UyQ3FlWWlPeVZBYTdkU0x5TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTFBQkMvRTMwQkY1REEyMjI5MTFFRTg0NDRDNjIxQzRGOUFFMDIvRUFGM0FBMTIy
MjJBMTFFRTlGRjg1QjI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnYZwwDQYJKoZIhvcNAQELBQADggEBAI4bYohzgkgmkNiw
iWyQlsR+tFwUc4mXNvV8ZErGEKKbYEEU3JWK6Dv5cqwoNUvjrEXmTkZUFjH5M+/i
okvUXmSJi8SiHXFfKjywjPRkS70RuRq3+1ig0EJEZVA5S72/cKwyrMwVl53mLAyz
mfkohduJvd5R9LsubFVk+XmSlCD58Io8UxWxFrPb8c+s5hCNzOeinZjyVdf9ty6e
QUCbBrtelH138c5DCAKvBaRRgUwUK4GaIgusCGLd17M+yWVe/AZiDZyT5i0z6W0X
8Ki1OAANJXBBZDCXkMRjFUYUXTL+sZ7b0BbkoffPsu2RryMazsokGTqzpUTxcCp6
81VN9Lw=
-----END CERTIFICATE-----
Generated at Tue Nov 19 00:48:05 2024 by rpki-client on console-fra.rpki-client.org