Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/6404C4A6AB6D11EEB64BA80DC4F9AE02.roa
File: 6404C4A6AB6D11EEB64BA80DC4F9AE02.roa (raw, json)
Hash identifier: wLeQB7cADrBEtHw+P0Q1u6g0z7tbOkPGeKBuxbRp3NU=
Subject key identifier: 8A:FF:40:DD:DF:89:5F:6E:08:E5:1C:0D:EC:9D:38:8D:5C:27:17:D0
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4618
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/6404C4A6AB6D11EEB64BA80DC4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:35:08 +0000
ROA not before: Thu 05 Sep 2024 03:35:08 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 150912
IP address blocks: 103.213.216.0/23 maxlen: 23
2401:3ee0::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 19 Sep 2024 15:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17944 (0x4618)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Sep 5 03:35:08 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d926ec-c2a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:32:93:14:17:73:83:4b:39:05:ee:c5:1f:e9:
f7:6a:a6:6f:c8:59:e5:b9:6b:71:21:b9:5a:6e:57:
59:de:60:89:18:85:5c:33:6e:37:5d:c9:70:80:2c:
11:f9:1f:9d:a2:12:4f:d6:af:b2:e3:c7:f0:a9:56:
bf:2b:90:78:53:c9:cd:12:5d:94:0a:4d:f1:ac:db:
6b:1f:4d:8e:a7:85:07:3a:b0:34:14:ca:28:df:40:
bb:be:3a:4d:aa:b2:ba:df:81:29:fa:ac:57:f7:08:
92:d2:7f:c8:6e:b7:0a:e4:33:e6:60:9e:1c:36:21:
83:4f:e4:67:de:4b:3e:02:20:05:4f:ba:69:b4:59:
52:92:ad:77:0f:3f:30:25:f5:3d:65:5b:ef:df:74:
93:28:95:d6:65:91:94:40:0b:29:12:56:cb:be:ea:
c6:dc:72:4c:c0:04:b3:8d:a1:26:04:fd:8e:41:49:
e7:17:28:14:f3:3b:11:f2:44:43:37:c2:9b:ce:28:
86:3f:e9:15:53:18:c0:19:40:53:5f:57:e6:de:13:
fa:28:59:29:c2:6d:7a:81:3b:2a:b3:ad:6a:e3:55:
6b:84:a0:37:40:18:d1:28:03:b2:12:8e:45:a4:ce:
76:55:a8:f3:ee:e2:0c:e5:cc:ca:5e:32:9b:05:b5:
2d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:FF:40:DD:DF:89:5F:6E:08:E5:1C:0D:EC:9D:38:8D:5C:27:17:D0
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/6404C4A6AB6D11EEB64BA80DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.213.216.0/23
IPv6:
2401:3ee0::/48
Signature Algorithm: sha256WithRSAEncryption
c1:1d:30:ec:de:77:21:f9:35:21:bc:3b:e3:bc:6c:e1:36:21:
f1:74:ac:b2:70:7c:1e:02:e7:9f:4c:04:9a:e0:bf:66:ca:af:
81:0e:ff:2e:91:0e:e9:9e:b3:ab:25:1a:55:23:66:39:f1:0e:
b7:d9:26:0d:4e:85:9d:bf:2f:91:81:43:81:d9:cf:16:9b:79:
8b:51:1c:13:11:b8:2b:dd:31:44:12:65:4b:dd:31:5c:ae:ac:
dc:e0:71:cb:e3:9f:e3:d9:30:5a:28:c4:05:45:b5:65:c8:a8:
7f:6f:98:47:ec:fd:df:41:de:cd:b9:05:22:b7:d5:ee:52:98:
13:da:b4:6b:53:20:2c:89:e4:33:64:4b:10:05:60:85:8f:bc:
0c:88:17:29:dd:b3:e7:07:a1:36:a7:14:57:0a:5d:47:fb:2d:
71:9e:5d:a6:30:3d:b6:58:ee:03:52:be:ae:97:76:22:61:cb:
ba:31:84:d9:46:8b:4e:8d:38:f1:08:fd:6b:66:e2:0b:eb:1d:
97:98:b1:bb:41:84:3a:f5:c3:d9:25:ce:0d:7e:7b:04:17:48:
d2:53:fd:a8:ce:49:45:25:31:96:37:0a:70:38:dc:62:d4:b6:
ca:af:66:13:9c:07:66:2a:82:c9:d9:da:73:3b:93:40:cd:39:
da:4a:e0:74
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICRhgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzNTA4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjZlYy1jMmEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvzKTFBdzg0s5Be7FH+n3aqZvyFnluWtxIblabldZ3mCJGIVcM243XclwgCwR
+R+dohJP1q+y48fwqVa/K5B4U8nNEl2UCk3xrNtrH02Op4UHOrA0FMoo30C7vjpN
qrK634Ep+qxX9wiS0n/IbrcK5DPmYJ4cNiGDT+Rn3ks+AiAFT7pptFlSkq13Dz8w
JfU9ZVvv33STKJXWZZGUQAspElbLvurG3HJMwASzjaEmBP2OQUnnFygU8zsR8kRD
N8KbziiGP+kVUxjAGUBTX1fm3hP6KFkpwm16gTsqs61q41VrhKA3QBjRKAOyEo5F
pM52Vajz7uIM5czKXjKbBbUt4QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFIr/QN3f
iV9uCOUcDeydOI1cJxfQMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNjQwNEM0QTZB
QjZEMTFFRUI2NEJBODBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFn1dgwDwQCAAIwCQMHACQBPuAAADANBgkqhkiG9w0BAQsF
AAOCAQEAwR0w7N53Ifk1Ibw747xs4TYh8XSssnB8HgLnn0wEmuC/ZsqvgQ7/LpEO
6Z6zqyUaVSNmOfEOt9kmDU6Fnb8vkYFDgdnPFpt5i1EcExG4K90xRBJlS90xXK6s
3OBxy+Of49kwWijEBUW1Zciof2+YR+z930HezbkFIrfV7lKYE9q0a1MgLInkM2RL
EAVghY+8DIgXKd2z5wehNqcUVwpdR/stcZ5dpjA9tljuA1K+rpd2ImHLujGE2UaL
To048Qj9a2biC+sdl5ixu0GEOvXD2SXODX57BBdI0lP9qM5JRSUxljcKcDjcYtS2
yq9mE5wHZiqCydnaczuTQM052krgdA==
-----END CERTIFICATE-----
Generated at Thu Sep 19 20:31:47 2024 by rpki-client on console-ams.rpki-client.org