Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A93B6/70BCFCE07C5711EDA8107866C4F9AE02/6634C6EC7C5A11EDB5D8DA67C4F9AE02.roa
File: 6634C6EC7C5A11EDB5D8DA67C4F9AE02.roa (raw, json)
Hash identifier: RuNZx60wu7+9fpCLyduc0LsdUcXzajMyu8cG1fJ7LVs=
Subject key identifier: 43:77:2C:22:0E:E2:BA:A2:38:84:D3:37:4A:D8:B3:AD:37:32:9A:8F
Certificate issuer: /CN=A91A93B6/serialNumber=EDFD14DB6FD3B02A7935DAAD47FC029F3A704C40
Certificate serial: C8
Authority key identifier: ED:FD:14:DB:6F:D3:B0:2A:79:35:DA:AD:47:FC:02:9F:3A:70:4C:40
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7f0U22_TsCp5NdqtR_wCnzpwTEA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A93B6/70BCFCE07C5711EDA8107866C4F9AE02/6634C6EC7C5A11EDB5D8DA67C4F9AE02.roa
Signing time: Fri 05 Jan 2024 05:06:21 +0000
ROA not before: Fri 05 Jan 2024 05:06:21 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 58955
IP address blocks: 103.52.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 12:10:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 200 (0xc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A93B6/serialNumber=EDFD14DB6FD3B02A7935DAAD47FC029F3A704C40
Validity
Not Before: Jan 5 05:06:21 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65978e4d-2554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:09:e8:12:76:68:a8:df:35:7b:83:0a:f1:72:
b2:68:a4:e2:dd:93:01:4a:db:8d:55:00:25:eb:b0:
ef:e2:7d:1e:16:ec:5c:8a:74:b6:70:a7:5d:4a:bf:
51:92:78:c5:e7:3a:24:a6:86:6a:ca:35:53:53:42:
06:77:38:4d:ee:61:65:3f:49:f6:98:81:de:96:e2:
f3:d0:6d:fd:17:bf:cf:bb:de:22:96:43:a3:fe:8a:
61:08:1b:a2:d0:28:cc:1a:88:1a:5b:a9:31:0a:d6:
a9:db:e7:0a:b2:43:7d:2a:57:f1:aa:b6:7e:fd:a1:
eb:61:32:03:68:69:6c:d5:6a:52:ad:be:1e:21:d3:
c9:20:d7:d3:61:0b:7f:95:9a:39:53:6e:61:29:7f:
b1:b9:7e:b9:ba:f7:ee:34:c2:fe:98:ee:fb:4f:27:
0f:6c:28:dc:ba:b1:6c:c0:65:c4:8d:fa:fe:96:02:
b4:56:c2:0f:94:de:4c:b8:2b:0e:12:1b:ba:c5:ef:
2d:9d:df:95:5c:92:8f:62:b7:5b:9a:77:86:f3:94:
a2:85:0b:88:c8:89:ca:18:ce:d0:a6:51:b7:5f:d3:
6d:65:ef:ea:85:35:da:c8:db:82:a0:1c:09:f2:ca:
40:75:83:12:60:34:b8:9f:04:84:35:1b:fe:91:80:
c8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:77:2C:22:0E:E2:BA:A2:38:84:D3:37:4A:D8:B3:AD:37:32:9A:8F
X509v3 Authority Key Identifier:
keyid:ED:FD:14:DB:6F:D3:B0:2A:79:35:DA:AD:47:FC:02:9F:3A:70:4C:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A93B6/70BCFCE07C5711EDA8107866C4F9AE02/7f0U22_TsCp5NdqtR_wCnzpwTEA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7f0U22_TsCp5NdqtR_wCnzpwTEA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A93B6/70BCFCE07C5711EDA8107866C4F9AE02/6634C6EC7C5A11EDB5D8DA67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.52.108.0/24
Signature Algorithm: sha256WithRSAEncryption
00:c4:a1:5a:fa:1c:7f:18:b2:46:20:86:c4:d2:14:63:85:1f:
00:45:53:da:11:c1:57:d9:8a:c9:5c:72:e1:bb:77:f2:86:23:
2e:2b:2d:2d:7b:19:8b:2c:e5:09:cf:48:c6:5a:d1:28:68:b0:
8c:4e:11:0e:87:3d:96:8d:a7:0f:58:21:b8:71:4d:7b:4a:6d:
8a:40:f9:ce:a9:56:74:b4:ca:b7:fa:66:7e:96:a0:da:77:88:
3c:ad:4d:a3:67:41:e8:66:53:68:4e:07:30:af:3f:cb:8e:de:
e4:b5:57:e2:cb:31:74:c6:d6:14:3e:51:c8:c6:0f:41:87:bf:
9d:81:8f:04:7b:a4:16:67:4a:f7:d9:97:8e:a6:b0:77:38:8e:
d3:f9:bc:b3:29:fd:c5:83:94:27:23:6f:e3:39:03:5f:f4:22:
95:90:c7:b9:2f:32:5c:96:26:a8:c5:af:10:34:f7:b3:94:eb:
a3:09:cc:52:3a:15:47:f5:22:45:b4:6e:3e:03:30:ef:24:86:
ba:90:c3:fd:68:0d:7a:49:21:44:8b:8a:92:30:60:ce:83:84:
15:2e:cd:a9:52:a9:53:92:ec:c5:8b:72:43:70:c5:6a:64:df:
0d:22:f0:a2:78:26:da:d8:de:77:ff:56:30:e8:b9:5e:d7:39:
49:f2:f3:72
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTkzQjYxMTAvBgNVBAUTKEVERkQxNERCNkZEM0IwMkE3OTM1REFBRDQ3RkMwMjlG
M0E3MDRDNDAwHhcNMjQwMTA1MDUwNjIxWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk3OGU0ZC0yNTU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAugnoEnZoqN81e4MK8XKyaKTi3ZMBStuNVQAl67Dv4n0eFuxcinS2cKddSr9R
knjF5zokpoZqyjVTU0IGdzhN7mFlP0n2mIHeluLz0G39F7/Pu94ilkOj/ophCBui
0CjMGogaW6kxCtap2+cKskN9KlfxqrZ+/aHrYTIDaGls1WpSrb4eIdPJINfTYQt/
lZo5U25hKX+xuX65uvfuNML+mO77TycPbCjcurFswGXEjfr+lgK0VsIPlN5MuCsO
Ehu6xe8tnd+VXJKPYrdbmneG85SihQuIyInKGM7QplG3X9NtZe/qhTXayNuCoBwJ
8spAdYMSYDS4nwSENRv+kYDI/QIDAQABo4IClTCCApEwHQYDVR0OBBYEFEN3LCIO
4rqiOITTN0rYs603MpqPMB8GA1UdIwQYMBaAFO39FNtv07AqeTXarUf8Ap86cExA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOTNCNi83MEJDRkNFMDdD
NTcxMUVEQTgxMDc4NjZDNEY5QUUwMi83ZjBVMjJfVHNDcDVOZHF0Ul93Q256cHdU
RUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdmMFUyMl9Uc0NwNU5kcXRSX3dDbnpwd1RFQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTkzQjYvNzBCQ0ZDRTA3QzU3MTFFREE4MTA3ODY2QzRGOUFFMDIvNjYzNEM2RUM3
QzVBMTFFREI1RDhEQTY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnNGwwDQYJKoZIhvcNAQELBQADggEBAADEoVr6HH8YskYg
hsTSFGOFHwBFU9oRwVfZislccuG7d/KGIy4rLS17GYss5QnPSMZa0ShosIxOEQ6H
PZaNpw9YIbhxTXtKbYpA+c6pVnS0yrf6Zn6WoNp3iDytTaNnQehmU2hOBzCvP8uO
3uS1V+LLMXTG1hQ+UcjGD0GHv52BjwR7pBZnSvfZl46msHc4jtP5vLMp/cWDlCcj
b+M5A1/0IpWQx7kvMlyWJqjFrxA097OU66MJzFI6FUf1IkW0bj4DMO8khrqQw/1o
DXpJIUSLipIwYM6DhBUuzalSqVOS7MWLckNwxWpk3w0i8KJ4JtrY3nf/VjDouV7X
OUny83I=
-----END CERTIFICATE-----
Generated at Wed Feb 14 15:10:43 2024 by rpki-client on console-ams.rpki-client.org