Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/B103D236E70111EE9A148E44C4F9AE02.roa
File: B103D236E70111EE9A148E44C4F9AE02.roa (raw, json)
Hash identifier: vECfV3xSuI3g0Qpg5wnzJ8OJlHho6llqqdu3SG9EN1Q=
Subject key identifier: 9F:FC:1C:C7:1F:95:04:62:7A:99:9A:4E:6D:72:AF:CE:A1:00:6A:B8
Certificate issuer: /CN=A91A6943/serialNumber=0AB99F52C9AD9BE0B9C04470CFB1B6C2360FD0F5
Certificate serial: 08E6
Authority key identifier: 0A:B9:9F:52:C9:AD:9B:E0:B9:C0:44:70:CF:B1:B6:C2:36:0F:D0:F5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrmfUsmtm-C5wERwz7G2wjYP0PU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/B103D236E70111EE9A148E44C4F9AE02.roa
Signing time: Wed 20 Mar 2024 21:34:55 +0000
ROA not before: Wed 20 Mar 2024 21:34:55 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 133141
IP address blocks: 103.74.20.0/24 maxlen: 24
103.74.21.0/24 maxlen: 24
103.74.22.0/24 maxlen: 24
103.74.23.0/24 maxlen: 24
103.235.76.0/24 maxlen: 24
103.235.77.0/24 maxlen: 24
2407:1ec0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 28 Mar 2024 21:11:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2278 (0x8e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A6943/serialNumber=0AB99F52C9AD9BE0B9C04470CFB1B6C2360FD0F5
Validity
Not Before: Mar 20 21:34:55 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65fb567e-1d88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e5:9a:fb:ed:08:48:be:95:b3:4b:9a:41:10:
2b:bb:79:f2:5f:51:1d:5e:87:cc:52:2b:c1:17:cd:
cf:51:30:db:c1:8c:1f:50:3a:3a:3b:4c:bf:f4:5f:
1e:4b:09:01:bc:ca:2c:86:a3:c6:98:b3:e8:d3:83:
d2:91:00:8a:b6:4d:c1:a8:ea:92:a4:4d:a4:a8:87:
ec:5d:1e:fc:08:b5:f6:2b:85:ca:b8:0f:a9:d7:d5:
91:0b:70:0b:99:44:29:69:2f:98:d7:1f:f4:e5:d1:
c9:0d:22:8b:e8:62:fe:0d:72:ca:1b:bc:f4:44:02:
f3:d1:0f:49:86:d4:1d:d5:f9:66:15:91:5b:01:07:
27:e0:0f:76:79:ee:dc:d7:92:a8:26:b4:32:29:de:
c7:c2:52:99:c8:b3:28:cd:41:d7:97:91:4d:c9:c4:
c2:20:91:94:43:94:47:64:35:00:41:5c:df:99:4b:
54:e1:44:5e:9a:31:12:6d:45:26:14:aa:62:82:1f:
60:83:b8:d3:d8:7b:99:3d:b1:bf:d5:62:0c:dc:87:
a2:60:10:18:fc:01:87:14:e0:9f:2f:9c:66:a0:5a:
b2:c4:e4:c9:7a:30:d7:65:f5:ab:f8:9b:9f:22:c1:
c5:d1:b6:c0:a3:c3:d3:eb:2a:25:fe:7d:70:e9:7f:
0e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:FC:1C:C7:1F:95:04:62:7A:99:9A:4E:6D:72:AF:CE:A1:00:6A:B8
X509v3 Authority Key Identifier:
keyid:0A:B9:9F:52:C9:AD:9B:E0:B9:C0:44:70:CF:B1:B6:C2:36:0F:D0:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/CrmfUsmtm-C5wERwz7G2wjYP0PU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrmfUsmtm-C5wERwz7G2wjYP0PU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/B103D236E70111EE9A148E44C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.74.20.0/22
103.235.76.0/23
IPv6:
2407:1ec0::/32
Signature Algorithm: sha256WithRSAEncryption
53:5b:e3:39:2f:a5:89:5b:c5:22:db:68:52:cf:a2:ee:0c:5a:
b4:b5:64:20:ca:1a:a8:9e:2d:0a:b5:ba:a0:49:69:3f:40:f0:
68:0a:d4:dc:4f:50:32:db:15:8c:cc:46:9f:90:23:90:6f:9c:
1d:c6:5d:30:a7:42:7f:ac:90:35:53:9b:4d:40:45:a6:83:9c:
c4:ae:73:43:f1:d3:43:b4:7b:b9:87:a4:9d:32:fc:cd:6a:de:
d2:aa:7a:f8:6c:ff:a5:ff:d9:6c:6a:14:99:63:88:20:aa:5e:
6c:9a:98:04:ff:91:57:16:60:08:de:c7:9c:ad:0d:93:4d:86:
d7:5c:2f:3d:ff:3e:a1:77:f1:ce:2a:d5:ae:40:e3:49:1c:ea:
fd:4b:5b:2d:91:5d:93:58:ee:47:32:bd:9e:96:47:4a:86:18:
af:da:46:4b:1f:04:9c:39:f3:57:ef:de:51:86:f4:d0:8a:c9:
8f:a8:d5:52:76:07:05:45:ea:84:4a:ee:f8:fe:c4:32:2f:6f:
62:3c:f7:42:42:0d:e6:1a:88:e1:cb:d3:6a:79:8f:a6:6b:2f:
58:60:6f:76:24:b4:9b:84:48:14:aa:b5:27:44:42:ff:24:48:
27:a9:13:35:fc:17:95:71:ea:25:d2:da:f1:36:80:86:9e:87:
10:4a:0c:cf
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCOYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTY5NDMxMTAvBgNVBAUTKDBBQjk5RjUyQzlBRDlCRTBCOUMwNDQ3MENGQjFCNkMy
MzYwRkQwRjUwHhcNMjQwMzIwMjEzNDU1WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWZiNTY3ZS0xZDg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuuWa++0ISL6Vs0uaQRAru3nyX1EdXofMUivBF83PUTDbwYwfUDo6O0y/9F8e
SwkBvMoshqPGmLPo04PSkQCKtk3BqOqSpE2kqIfsXR78CLX2K4XKuA+p19WRC3AL
mUQpaS+Y1x/05dHJDSKL6GL+DXLKG7z0RALz0Q9JhtQd1flmFZFbAQcn4A92ee7c
15KoJrQyKd7HwlKZyLMozUHXl5FNycTCIJGUQ5RHZDUAQVzfmUtU4URemjESbUUm
FKpigh9gg7jT2HuZPbG/1WIM3IeiYBAY/AGHFOCfL5xmoFqyxOTJejDXZfWr+Juf
IsHF0bbAo8PT6yol/n1w6X8OtwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJ/8HMcf
lQRiepmaTm1yr86hAGq4MB8GA1UdIwQYMBaAFAq5n1LJrZvgucBEcM+xtsI2D9D1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjk0My9CNzE4MTE2ODhE
NTExMUVBQjhCMjYzODRDNEY5QUUwMi9Dcm1mVXNtdG0tQzV3RVJ3ejdHMndqWVAw
UFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NybWZVc210bS1DNXdFUnd6N0cyd2pZUDBQVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTY5NDMvQjcxODExNjg4RDUxMTFFQUI4QjI2Mzg0QzRGOUFFMDIvQjEwM0QyMzZF
NzAxMTFFRTlBMTQ4RTQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnShQDBAFn60wwDQQCAAIwBwMFACQHHsAwDQYJKoZIhvcN
AQELBQADggEBAFNb4zkvpYlbxSLbaFLPou4MWrS1ZCDKGqieLQq1uqBJaT9A8GgK
1NxPUDLbFYzMRp+QI5BvnB3GXTCnQn+skDVTm01ARaaDnMSuc0Px00O0e7mHpJ0y
/M1q3tKqevhs/6X/2WxqFJljiCCqXmyamAT/kVcWYAjex5ytDZNNhtdcLz3/PqF3
8c4q1a5A40kc6v1LWy2RXZNY7kcyvZ6WR0qGGK/aRksfBJw581fv3lGG9NCKyY+o
1VJ2BwVF6oRK7vj+xDIvb2I890JCDeYaiOHL02p5j6ZrL1hgb3YktJuESBSqtSdE
Qv8kSCepEzX8F5Vx6iXS2vE2gIaehxBKDM8=
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:10:48 2024 by rpki-client on console-ams.rpki-client.org