Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A2E6A/AE373D84323011EF9E532156C4F9AE02/61EF68BA323111EFBE1C7F57C4F9AE02.roa
File: 61EF68BA323111EFBE1C7F57C4F9AE02.roa (raw, json)
Hash identifier: mKn6o38uuSUTVWev0nzQbEw/RxFWooVgcynEK7kJ8Pc=
Subject key identifier: 0E:C4:2F:E4:28:5F:A9:13:28:1A:8A:0E:B9:8B:2E:CA:57:70:CA:9A
Certificate issuer: /CN=A91A2E6A/serialNumber=823100B75E5DD41A1E7C3281C35713F44BE86C98
Certificate serial: 02
Authority key identifier: 82:31:00:B7:5E:5D:D4:1A:1E:7C:32:81:C3:57:13:F4:4B:E8:6C:98
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gjEAt15d1BoefDKBw1cT9EvobJg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A2E6A/AE373D84323011EF9E532156C4F9AE02/61EF68BA323111EFBE1C7F57C4F9AE02.roa
Signing time: Mon 24 Jun 2024 13:55:15 +0000
ROA not before: Mon 24 Jun 2024 13:55:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 150806
IP address blocks: 103.109.184.0/24 maxlen: 24
103.109.185.0/24 maxlen: 24
2001:df2:1840::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Jun 2024 18:21:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A2E6A/serialNumber=823100B75E5DD41A1E7C3281C35713F44BE86C98
Validity
Not Before: Jun 24 13:55:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66797ac3-3523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:5b:93:99:b4:98:b4:20:8a:8d:76:ff:0b:85:
1c:8b:d3:fb:e5:07:6d:75:60:b5:1f:6b:1d:c1:46:
9d:05:dd:59:c4:bb:52:f1:1d:72:7a:48:8b:f9:62:
8c:f3:38:c8:d6:58:02:84:51:78:9b:35:e8:26:36:
a5:8c:a6:2b:a8:a3:02:21:ae:13:83:6c:51:72:ca:
83:64:11:0a:2b:3c:e0:df:fd:00:f2:44:1a:e9:21:
7e:c2:8b:aa:c0:38:06:50:30:ce:2c:b9:d3:ce:29:
ca:aa:7a:1c:d9:6a:06:73:13:88:63:12:98:88:0d:
23:d3:1b:a2:0e:94:91:93:64:6f:f8:8c:02:3c:b6:
06:64:37:ea:32:1e:55:7c:6e:66:d5:37:fd:83:99:
6e:d7:46:1e:99:a9:f7:ed:18:ed:cb:47:17:68:a0:
cf:44:d3:5f:6b:6f:2d:2c:83:96:ae:22:15:0f:01:
0a:44:1c:04:81:84:25:a9:75:67:fd:9c:8c:d4:da:
fc:f0:c8:db:df:62:cc:ec:42:4a:f7:88:7a:01:f0:
c2:a0:66:d9:3e:d9:11:3a:67:cd:5c:df:ce:41:c0:
35:4f:0f:9e:5b:72:86:43:11:50:ff:92:55:7d:c1:
37:c1:85:82:0e:35:05:ce:41:23:47:4d:1b:78:da:
11:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:C4:2F:E4:28:5F:A9:13:28:1A:8A:0E:B9:8B:2E:CA:57:70:CA:9A
X509v3 Authority Key Identifier:
keyid:82:31:00:B7:5E:5D:D4:1A:1E:7C:32:81:C3:57:13:F4:4B:E8:6C:98
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A2E6A/AE373D84323011EF9E532156C4F9AE02/gjEAt15d1BoefDKBw1cT9EvobJg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gjEAt15d1BoefDKBw1cT9EvobJg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A2E6A/AE373D84323011EF9E532156C4F9AE02/61EF68BA323111EFBE1C7F57C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.109.184.0/23
IPv6:
2001:df2:1840::/48
Signature Algorithm: sha256WithRSAEncryption
39:f3:5b:b8:75:21:ea:4f:56:f6:3b:3b:c7:91:f9:98:97:86:
99:8b:f4:20:ee:f8:b7:5d:fa:e0:01:fc:6c:37:c8:f7:8e:62:
c3:2c:cd:28:41:f1:a8:4e:fa:66:f7:fe:b6:f7:fe:8b:1e:70:
5a:48:3f:48:7c:79:5a:db:53:5c:2f:24:76:16:2f:b4:b3:62:
57:e3:9e:55:58:55:2b:d9:3d:ec:e9:0e:33:3a:b0:3c:c9:4d:
a4:ff:07:40:e0:e9:fb:5c:ec:02:d7:c7:c0:ff:ea:ce:88:f7:
4b:6d:ea:7a:6c:ac:ac:35:a5:ff:25:16:50:b7:b9:87:79:79:
14:ce:df:73:5c:9c:f6:39:c9:a4:2f:d7:24:3b:60:2a:0e:b8:
07:eb:3c:67:c8:f2:26:51:7a:20:b7:b0:43:97:2b:6e:e2:97:
fc:1e:a2:a3:dc:3a:c1:07:93:50:5d:eb:15:56:8b:6c:fe:93:
d7:99:f7:04:b2:61:e5:6b:10:ac:54:98:b9:61:b5:2c:c5:eb:
20:52:c0:c6:17:be:a5:a1:82:86:3e:aa:ff:12:32:92:c4:06:
81:6f:60:e5:c5:18:d3:98:be:53:d2:fd:32:84:28:9d:1f:d1:
fb:55:81:45:f7:ec:12:a6:80:80:6e:db:34:1d:78:c0:95:c9:
6c:22:1b:80
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MkU2QTExMC8GA1UEBRMoODIzMTAwQjc1RTVERDQxQTFFN0MzMjgxQzM1NzEzRjQ0
QkU4NkM5ODAeFw0yNDA2MjQxMzU1MTVaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2Nzk3YWMzLTM1MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDYW5OZtJi0IIqNdv8LhRyL0/vlB211YLUfax3BRp0F3VnEu1LxHXJ6SIv5Yozz
OMjWWAKEUXibNegmNqWMpiuoowIhrhODbFFyyoNkEQorPODf/QDyRBrpIX7Ci6rA
OAZQMM4sudPOKcqqehzZagZzE4hjEpiIDSPTG6IOlJGTZG/4jAI8tgZkN+oyHlV8
bmbVN/2DmW7XRh6ZqfftGO3LRxdooM9E019rby0sg5auIhUPAQpEHASBhCWpdWf9
nIzU2vzwyNvfYszsQkr3iHoB8MKgZtk+2RE6Z81c385BwDVPD55bcoZDEVD/klV9
wTfBhYIONQXOQSNHTRt42hHNAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUDsQv5Chf
qRMoGooOuYsuyldwypowHwYDVR0jBBgwFoAUgjEAt15d1BoefDKBw1cT9EvobJgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEyRTZBL0FFMzczRDg0MzIz
MDExRUY5RTUzMjE1NkM0RjlBRTAyL2dqRUF0MTVkMUJvZWZES0J3MWNUOUV2b2JK
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZ2pFQXQxNWQxQm9lZkRLQncxY1Q5RXZvYkpnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MkU2QS9BRTM3M0Q4NDMyMzAxMUVGOUU1MzIxNTZDNEY5QUUwMi82MUVGNjhCQTMy
MzExMUVGQkUxQzdGNTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWdtuDAPBAIAAjAJAwcAIAEN8hhAMA0GCSqGSIb3DQEBCwUA
A4IBAQA581u4dSHqT1b2OzvHkfmYl4aZi/Qg7vi3XfrgAfxsN8j3jmLDLM0oQfGo
Tvpm9/629/6LHnBaSD9IfHla21NcLyR2Fi+0s2JX455VWFUr2T3s6Q4zOrA8yU2k
/wdA4On7XOwC18fA/+rOiPdLbep6bKysNaX/JRZQt7mHeXkUzt9zXJz2OcmkL9ck
O2AqDrgH6zxnyPImUXogt7BDlytu4pf8HqKj3DrBB5NQXesVVots/pPXmfcEsmHl
axCsVJi5YbUsxesgUsDGF76loYKGPqr/EjKSxAaBb2DlxRjTmL5T0v0yhCidH9H7
VYFF9+wSpoCAbts0HXjAlclsIhuA
-----END CERTIFICATE-----
Generated at Mon Jun 24 20:01:20 2024 by rpki-client on console-fra.rpki-client.org