Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/EA099F1E678811EEA721E020C4F9AE02.roa
File: EA099F1E678811EEA721E020C4F9AE02.roa (raw, json)
Hash identifier: zuJJHAPZs3dvbeTIOu/tP+Le2DkKoIxrVTkaORwbbPE=
Subject key identifier: CA:84:49:02:B4:75:80:AB:5A:C8:17:64:10:0C:D2:91:06:73:5F:2A
Certificate issuer: /CN=A91A6943/serialNumber=0AB99F52C9AD9BE0B9C04470CFB1B6C2360FD0F5
Certificate serial: 0899
Authority key identifier: 0A:B9:9F:52:C9:AD:9B:E0:B9:C0:44:70:CF:B1:B6:C2:36:0F:D0:F5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrmfUsmtm-C5wERwz7G2wjYP0PU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/EA099F1E678811EEA721E020C4F9AE02.roa
Signing time: Wed 22 Nov 2023 21:28:59 +0000
ROA not before: Wed 22 Nov 2023 21:28:59 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 139879
IP address blocks: 103.74.22.0/24 maxlen: 24
103.74.23.0/24 maxlen: 24
103.235.77.0/24 maxlen: 24
103.235.78.0/24 maxlen: 24
103.235.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 20:15:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2201 (0x899)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A6943/serialNumber=0AB99F52C9AD9BE0B9C04470CFB1B6C2360FD0F5
Validity
Not Before: Nov 22 21:28:59 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=655e729b-2194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:86:ee:e2:e4:04:c0:15:21:27:d0:87:1d:ff:
55:1b:c3:c6:c0:42:c8:1b:d2:b8:a2:73:ae:74:9e:
75:8b:c8:b8:c2:1f:64:6c:e3:56:77:05:ab:f7:d5:
e7:99:f5:80:c6:9d:2b:fd:28:ea:55:b6:09:dc:23:
8e:4c:7d:1f:f8:2d:ed:04:3c:80:81:ef:07:f8:9d:
68:98:8e:58:53:a9:89:8f:53:8b:15:cb:9e:36:fd:
d5:d4:95:2c:93:97:f5:12:3b:b6:5d:0c:07:5b:34:
64:82:cd:ef:84:de:26:7f:8f:a8:00:62:d3:13:bc:
34:12:28:e2:8b:e5:0f:25:88:e8:97:27:9a:ae:ea:
9d:1c:45:f4:5b:9f:e1:54:52:c3:34:ac:09:33:09:
04:44:28:71:96:56:bd:7e:4d:ea:ac:ea:4a:23:ef:
82:e3:99:a6:d3:60:2c:33:12:c8:de:f7:37:01:5e:
93:55:32:de:38:6f:bb:91:05:f6:f6:96:a0:98:38:
0d:0a:12:bb:57:97:5f:23:36:52:97:a2:b4:c7:ac:
02:dc:7f:75:66:bb:b3:14:e9:49:1c:98:7f:5d:79:
0f:48:1f:ea:43:e6:dd:c0:8e:a9:be:e3:0e:a8:08:
4c:ff:14:5e:01:73:6b:ad:69:23:0b:b1:a2:e6:1d:
a9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:84:49:02:B4:75:80:AB:5A:C8:17:64:10:0C:D2:91:06:73:5F:2A
X509v3 Authority Key Identifier:
keyid:0A:B9:9F:52:C9:AD:9B:E0:B9:C0:44:70:CF:B1:B6:C2:36:0F:D0:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/CrmfUsmtm-C5wERwz7G2wjYP0PU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrmfUsmtm-C5wERwz7G2wjYP0PU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/EA099F1E678811EEA721E020C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.74.22.0/23
103.235.77.0-103.235.79.255
Signature Algorithm: sha256WithRSAEncryption
af:ec:1b:3d:d5:ee:74:b6:67:b4:d3:4c:46:9a:d8:50:3b:51:
93:57:ae:e9:25:f1:59:f3:87:51:12:53:62:fd:c6:2a:bd:c6:
84:14:82:d4:a8:65:e4:85:ad:f7:b8:a7:f6:36:68:b1:1f:67:
33:b3:36:60:d1:53:cb:be:90:1a:b6:8a:5e:93:b5:1f:0d:f6:
b7:28:10:67:78:24:5e:de:43:9c:70:95:9d:64:0a:26:98:0f:
de:ea:c1:c9:38:43:82:df:ba:05:9a:ee:53:e8:ef:ba:e6:fd:
38:70:6b:ac:74:3a:41:e3:9f:2f:76:bc:b1:0d:70:1b:e0:c1:
fa:21:f3:eb:37:15:7e:48:41:d1:1e:34:e6:f6:c7:d5:9a:02:
12:a9:cf:ea:06:1a:b6:a4:a0:b5:96:f1:51:2f:c8:77:f9:66:
18:0f:6a:9b:0b:1b:6c:08:0e:07:18:ed:b4:5b:c5:c4:a8:0a:
49:8d:65:ae:9f:e7:7e:06:6a:8f:4d:ae:76:a1:4f:40:be:b6:
02:be:96:fb:8e:a0:a4:6a:2b:f1:ac:91:ce:8d:1e:c8:d6:94:
a3:f7:fc:4d:bb:5e:41:a0:fe:9d:d2:7c:00:25:41:01:35:2b:
17:f0:f5:db:c7:7d:d1:50:76:b3:2e:1f:4d:df:1b:54:4b:e2:
36:66:20:89
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICCJkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTY5NDMxMTAvBgNVBAUTKDBBQjk5RjUyQzlBRDlCRTBCOUMwNDQ3MENGQjFCNkMy
MzYwRkQwRjUwHhcNMjMxMTIyMjEyODU5WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVlNzI5Yi0yMTk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArYbu4uQEwBUhJ9CHHf9VG8PGwELIG9K4onOudJ51i8i4wh9kbONWdwWr99Xn
mfWAxp0r/SjqVbYJ3COOTH0f+C3tBDyAge8H+J1omI5YU6mJj1OLFcueNv3V1JUs
k5f1Eju2XQwHWzRkgs3vhN4mf4+oAGLTE7w0Eijii+UPJYjolyearuqdHEX0W5/h
VFLDNKwJMwkERChxlla9fk3qrOpKI++C45mm02AsMxLI3vc3AV6TVTLeOG+7kQX2
9pagmDgNChK7V5dfIzZSl6K0x6wC3H91ZruzFOlJHJh/XXkPSB/qQ+bdwI6pvuMO
qAhM/xReAXNrrWkjC7Gi5h2pSQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFMqESQK0
dYCrWsgXZBAM0pEGc18qMB8GA1UdIwQYMBaAFAq5n1LJrZvgucBEcM+xtsI2D9D1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjk0My9CNzE4MTE2ODhE
NTExMUVBQjhCMjYzODRDNEY5QUUwMi9Dcm1mVXNtdG0tQzV3RVJ3ejdHMndqWVAw
UFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NybWZVc210bS1DNXdFUnd6N0cyd2pZUDBQVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTY5NDMvQjcxODExNjg4RDUxMTFFQUI4QjI2Mzg0QzRGOUFFMDIvRUEwOTlGMUU2
Nzg4MTFFRUE3MjFFMDIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBAFnShYwDAMEAGfrTQMEBGfrQDANBgkqhkiG9w0BAQsFAAOC
AQEAr+wbPdXudLZntNNMRprYUDtRk1eu6SXxWfOHURJTYv3GKr3GhBSC1Khl5IWt
97in9jZosR9nM7M2YNFTy76QGraKXpO1Hw32tygQZ3gkXt5DnHCVnWQKJpgP3urB
yThDgt+6BZruU+jvuub9OHBrrHQ6QeOfL3a8sQ1wG+DB+iHz6zcVfkhB0R405vbH
1ZoCEqnP6gYatqSgtZbxUS/Id/lmGA9qmwsbbAgOBxjttFvFxKgKSY1lrp/nfgZq
j02udqFPQL62Ar6W+46gpGor8ayRzo0eyNaUo/f8TbteQaD+ndJ8ACVBATUrF/D1
28d90VB2sy4fTd8bVEviNmYgiQ==
-----END CERTIFICATE-----
Generated at Fri Feb 2 00:26:11 2024 by rpki-client on console-fra.rpki-client.org