Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/E73C9538C13E11EEAED6055EC4F9AE02.roa
File: E73C9538C13E11EEAED6055EC4F9AE02.roa (raw, json)
Hash identifier: kHivVIxSiZEo3+R4gQHZwV749oJTSAkkLVZt31kQr6E=
Subject key identifier: 0C:71:35:32:21:D4:9F:A4:14:DA:26:BA:C2:D1:6A:54:73:99:CF:85
Certificate issuer: /CN=A91A6943/serialNumber=0AB99F52C9AD9BE0B9C04470CFB1B6C2360FD0F5
Certificate serial: 08C4
Authority key identifier: 0A:B9:9F:52:C9:AD:9B:E0:B9:C0:44:70:CF:B1:B6:C2:36:0F:D0:F5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrmfUsmtm-C5wERwz7G2wjYP0PU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/E73C9538C13E11EEAED6055EC4F9AE02.roa
Signing time: Thu 01 Feb 2024 20:17:46 +0000
ROA not before: Thu 01 Feb 2024 20:17:46 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 141342
IP address blocks: 103.74.21.0/24 maxlen: 24
103.235.76.0/24 maxlen: 24
103.235.78.0/24 maxlen: 24
103.235.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 16:58:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2244 (0x8c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A6943/serialNumber=0AB99F52C9AD9BE0B9C04470CFB1B6C2360FD0F5
Validity
Not Before: Feb 1 20:17:46 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65bbfc6a-630d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:78:10:57:fc:24:38:5a:8a:18:62:8b:10:60:
22:2a:a5:d8:31:7d:f7:30:95:6a:fa:61:a1:0e:1c:
b4:12:58:36:83:cc:8f:e2:61:29:c5:43:d3:6d:9e:
28:c8:d4:9f:94:ce:56:c3:dd:e9:8a:d8:a2:c3:69:
55:4a:44:51:c8:c5:40:7d:7b:f7:9c:22:ce:c4:cc:
28:2d:d1:c5:4b:98:ca:e3:75:fe:41:31:fd:4c:ca:
d1:84:e7:b1:8d:10:71:c8:61:b2:39:42:2b:1e:32:
6c:fb:73:5d:92:41:e6:80:83:64:82:5c:42:4f:fa:
df:5c:aa:3e:79:e0:91:15:af:8f:54:1b:af:08:b7:
16:65:42:9f:2f:2a:ea:84:22:c2:b6:af:bd:9f:61:
37:8e:2c:89:31:85:21:2b:43:e1:d5:bc:54:85:38:
3d:e2:50:18:42:3b:bf:0b:ec:11:f7:63:56:1e:b6:
27:7c:8b:7f:0e:2c:14:4f:db:5e:6c:09:66:d8:f2:
37:65:68:9c:57:15:64:73:7e:88:ee:cf:f9:d3:c5:
8c:fc:d1:b1:c6:db:1e:8b:48:0e:8b:ac:0f:da:8b:
b2:fb:86:25:9a:ec:9f:e7:5d:e5:38:82:4b:e5:49:
71:56:d6:db:95:14:ba:fc:fc:9a:84:b5:32:ea:7e:
a0:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:71:35:32:21:D4:9F:A4:14:DA:26:BA:C2:D1:6A:54:73:99:CF:85
X509v3 Authority Key Identifier:
keyid:0A:B9:9F:52:C9:AD:9B:E0:B9:C0:44:70:CF:B1:B6:C2:36:0F:D0:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/CrmfUsmtm-C5wERwz7G2wjYP0PU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrmfUsmtm-C5wERwz7G2wjYP0PU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/E73C9538C13E11EEAED6055EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.74.21.0/24
103.235.76.0/24
103.235.78.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:d6:d2:7c:85:39:e5:b5:31:65:c8:ea:dd:ea:e2:5f:5d:47:
00:1f:e8:ff:ee:0f:3e:3f:52:a8:92:7c:d5:a2:cd:d9:da:57:
29:05:c4:52:0a:63:6b:63:b7:58:aa:ed:e8:9f:e9:37:0e:72:
b1:62:cf:d5:77:12:86:b8:fa:eb:20:27:be:f9:a7:1b:6c:74:
c2:05:5e:03:6a:6e:77:c3:6e:d9:79:bb:03:90:55:e1:44:89:
df:33:f6:52:61:c1:2c:bd:c9:6b:27:3f:38:2a:74:08:49:32:
75:c3:87:bd:36:37:f5:59:a2:3a:fa:24:ef:3d:c2:6c:b8:24:
a9:6b:9c:4b:82:c3:b3:32:46:29:b5:18:29:61:ff:70:f1:8d:
68:f3:71:78:c4:fb:a3:ed:9f:18:40:73:1a:e2:73:00:d4:30:
9a:4e:f4:83:1c:3a:a1:47:91:34:2a:c3:92:66:a0:ae:b0:86:
70:5f:d1:ed:df:58:25:e9:80:ee:04:33:91:e0:fe:4f:cf:2d:
2b:37:99:8c:0b:dc:f9:74:cf:68:9b:ea:89:cf:a6:84:91:ca:
b6:44:87:eb:ce:8c:25:03:6a:06:c8:0b:80:35:54:56:eb:68:
cd:07:c5:4c:46:12:b1:5e:bf:b9:8c:64:99:4f:22:b1:10:69:
25:b9:ba:2e
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCMQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTY5NDMxMTAvBgNVBAUTKDBBQjk5RjUyQzlBRDlCRTBCOUMwNDQ3MENGQjFCNkMy
MzYwRkQwRjUwHhcNMjQwMjAxMjAxNzQ2WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWJiZmM2YS02MzBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu3gQV/wkOFqKGGKLEGAiKqXYMX33MJVq+mGhDhy0Elg2g8yP4mEpxUPTbZ4o
yNSflM5Ww93pitiiw2lVSkRRyMVAfXv3nCLOxMwoLdHFS5jK43X+QTH9TMrRhOex
jRBxyGGyOUIrHjJs+3NdkkHmgINkglxCT/rfXKo+eeCRFa+PVBuvCLcWZUKfLyrq
hCLCtq+9n2E3jiyJMYUhK0Ph1bxUhTg94lAYQju/C+wR92NWHrYnfIt/DiwUT9te
bAlm2PI3ZWicVxVkc36I7s/508WM/NGxxtsei0gOi6wP2ouy+4Ylmuyf513lOIJL
5UlxVtbblRS6/PyahLUy6n6giQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFAxxNTIh
1J+kFNomusLRalRzmc+FMB8GA1UdIwQYMBaAFAq5n1LJrZvgucBEcM+xtsI2D9D1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjk0My9CNzE4MTE2ODhE
NTExMUVBQjhCMjYzODRDNEY5QUUwMi9Dcm1mVXNtdG0tQzV3RVJ3ejdHMndqWVAw
UFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NybWZVc210bS1DNXdFUnd6N0cyd2pZUDBQVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTY5NDMvQjcxODExNjg4RDUxMTFFQUI4QjI2Mzg0QzRGOUFFMDIvRTczQzk1MzhD
MTNFMTFFRUFFRDYwNTVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABnShUDBABn60wDBAFn604wDQYJKoZIhvcNAQELBQADggEB
AL3W0nyFOeW1MWXI6t3q4l9dRwAf6P/uDz4/UqiSfNWizdnaVykFxFIKY2tjt1iq
7eif6TcOcrFiz9V3Eoa4+usgJ775pxtsdMIFXgNqbnfDbtl5uwOQVeFEid8z9lJh
wSy9yWsnPzgqdAhJMnXDh702N/VZojr6JO89wmy4JKlrnEuCw7MyRim1GClh/3Dx
jWjzcXjE+6PtnxhAcxricwDUMJpO9IMcOqFHkTQqw5JmoK6whnBf0e3fWCXpgO4E
M5Hg/k/PLSs3mYwL3Pl0z2ib6onPpoSRyrZEh+vOjCUDagbIC4A1VFbraM0HxUxG
ErFev7mMZJlPIrEQaSW5ui4=
-----END CERTIFICATE-----
Generated at Thu Feb 22 20:07:05 2024 by rpki-client on console-ams.rpki-client.org