Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB383/8CC2A9AADE7711EB8739EC11C4F9AE02/A7153AC6E1AE11EC87A73482C4F9AE02.roa
File: A7153AC6E1AE11EC87A73482C4F9AE02.roa (raw, json)
Hash identifier: PcyI/lBKAOuo5bObn3F615M95NFV1BbNmUEPjUMJl9A=
Subject key identifier: 2D:48:A4:6B:2E:36:3B:74:EA:38:E1:64:78:EF:F3:78:05:5B:05:C2
Certificate issuer: /CN=A91AB383/serialNumber=9C2351D45A97D71D03D6BC385B37DD9BFB80CF5E
Certificate serial: 04D7
Authority key identifier: 9C:23:51:D4:5A:97:D7:1D:03:D6:BC:38:5B:37:DD:9B:FB:80:CF:5E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nCNR1FqX1x0D1rw4Wzfdm_uAz14.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB383/8CC2A9AADE7711EB8739EC11C4F9AE02/A7153AC6E1AE11EC87A73482C4F9AE02.roa
Signing time: Wed 19 Jun 2024 02:09:00 +0000
ROA not before: Wed 19 Jun 2024 02:09:00 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 55933
IP address blocks: 103.214.172.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 16:12:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1239 (0x4d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB383
Validity
Not Before: Jun 19 02:09:00 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66723dbc-a049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:96:c2:1f:37:3c:fb:2f:35:ab:a4:dd:85:93:
e6:31:89:57:ac:ab:2f:7f:f0:67:f2:b0:d2:ee:ec:
58:c9:c5:f7:70:f9:77:dc:9e:9a:cf:b9:0c:7e:9d:
31:08:15:a2:ee:81:31:f9:64:57:32:68:dc:a6:59:
e4:f9:dc:01:45:bc:5d:4c:50:30:a1:6e:5b:3d:34:
bf:b2:1a:d5:76:d2:ea:1a:f7:dc:24:87:5b:f1:75:
41:71:94:29:ea:8d:99:45:4b:98:02:6e:b0:29:9d:
4f:65:f6:7b:c4:49:15:2e:86:a6:67:aa:7e:52:08:
48:cd:be:71:39:9f:d4:d6:9e:56:09:0c:7a:74:b4:
0e:2d:33:a4:a6:98:8e:7a:c4:95:83:0b:a2:0f:a0:
cb:b2:a3:92:c7:04:46:b4:7c:fa:b4:e7:76:8c:c1:
67:17:8b:5c:31:6c:a2:cd:f1:36:a3:0c:4c:bf:d5:
bb:f0:dc:a5:99:52:3c:7e:80:49:52:66:07:e3:84:
ca:a9:c9:43:7b:45:03:a6:9f:58:df:92:3c:a4:93:
b4:0c:f2:1d:8e:16:d1:a2:a2:b3:4d:3f:8b:81:f4:
05:4b:11:70:4f:7d:25:5a:70:6d:dc:0f:63:a8:1f:
21:83:65:c2:54:f6:d2:17:39:e0:a6:ad:77:c7:ab:
9f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:48:A4:6B:2E:36:3B:74:EA:38:E1:64:78:EF:F3:78:05:5B:05:C2
X509v3 Authority Key Identifier:
keyid:9C:23:51:D4:5A:97:D7:1D:03:D6:BC:38:5B:37:DD:9B:FB:80:CF:5E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB383/8CC2A9AADE7711EB8739EC11C4F9AE02/nCNR1FqX1x0D1rw4Wzfdm_uAz14.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nCNR1FqX1x0D1rw4Wzfdm_uAz14.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB383/8CC2A9AADE7711EB8739EC11C4F9AE02/A7153AC6E1AE11EC87A73482C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.214.172.0/23
Signature Algorithm: sha256WithRSAEncryption
d5:e0:6f:89:33:18:2e:fe:d6:59:6d:cf:40:98:17:41:70:94:
1d:f4:c0:0b:bf:9b:cb:a7:de:dd:86:cc:23:0f:02:02:07:e5:
f3:f4:0f:9f:af:a5:0c:31:10:e4:ce:83:50:e2:c4:04:c6:50:
7d:7f:24:91:ff:0e:f3:75:c2:d9:ee:20:1e:ae:9e:5c:04:e5:
c0:ed:2c:5e:89:4f:d4:e7:66:11:15:77:b7:3f:2f:85:6c:15:
ba:be:ac:8f:fc:83:19:c9:2f:b6:6d:01:be:b1:50:53:f2:91:
f5:71:6e:a4:b4:64:c2:dc:09:72:d7:63:01:1c:f0:93:3f:56:
56:a2:e1:48:51:e8:2d:a6:ed:7a:7c:93:87:c9:05:7b:00:21:
d1:89:8b:1e:6b:be:82:08:b6:fc:7c:5c:cd:e9:96:08:10:bc:
9d:28:06:16:14:d0:f8:89:dc:da:17:f3:13:2b:40:fd:19:6b:
8b:8f:97:01:89:be:40:f5:ac:f8:64:6a:8b:9e:ac:7d:6a:c6:
29:3a:34:98:e0:ef:d2:d3:7b:d7:df:53:44:9d:49:56:66:ed:
d7:77:92:9f:17:93:41:99:6d:4d:b1:fd:2e:88:e3:55:8a:c4:
19:b4:fd:94:ad:1b:8d:a5:89:8f:20:2f:0f:65:5b:b3:95:1b:
d3:4f:00:09
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBNcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUIzODMxMTAvBgNVBAUTKDlDMjM1MUQ0NUE5N0Q3MUQwM0Q2QkMzODVCMzdERDlC
RkI4MENGNUUwHhcNMjQwNjE5MDIwOTAwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjcyM2RiYy1hMDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuJbCHzc8+y81q6TdhZPmMYlXrKsvf/Bn8rDS7uxYycX3cPl33J6az7kMfp0x
CBWi7oEx+WRXMmjcplnk+dwBRbxdTFAwoW5bPTS/shrVdtLqGvfcJIdb8XVBcZQp
6o2ZRUuYAm6wKZ1PZfZ7xEkVLoamZ6p+UghIzb5xOZ/U1p5WCQx6dLQOLTOkppiO
esSVgwuiD6DLsqOSxwRGtHz6tOd2jMFnF4tcMWyizfE2owxMv9W78NylmVI8foBJ
UmYH44TKqclDe0UDpp9Y35I8pJO0DPIdjhbRoqKzTT+LgfQFSxFwT30lWnBt3A9j
qB8hg2XCVPbSFzngpq13x6uf/wIDAQABo4IClTCCApEwHQYDVR0OBBYEFC1IpGsu
Njt06jjhZHjv83gFWwXCMB8GA1UdIwQYMBaAFJwjUdRal9cdA9a8OFs33Zv7gM9e
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjM4My84Q0MyQTlBQURF
NzcxMUVCODczOUVDMTFDNEY5QUUwMi9uQ05SMUZxWDF4MEQxcnc0V3pmZG1fdUF6
MTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25DTlIxRnFYMXgwRDFydzRXemZkbV91QXoxNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUIzODMvOENDMkE5QUFERTc3MTFFQjg3MzlFQzExQzRGOUFFMDIvQTcxNTNBQzZF
MUFFMTFFQzg3QTczNDgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn1qwwDQYJKoZIhvcNAQELBQADggEBANXgb4kzGC7+1llt
z0CYF0FwlB30wAu/m8un3t2GzCMPAgIH5fP0D5+vpQwxEOTOg1DixATGUH1/JJH/
DvN1wtnuIB6unlwE5cDtLF6JT9TnZhEVd7c/L4VsFbq+rI/8gxnJL7ZtAb6xUFPy
kfVxbqS0ZMLcCXLXYwEc8JM/Vlai4UhR6C2m7Xp8k4fJBXsAIdGJix5rvoIItvx8
XM3plggQvJ0oBhYU0PiJ3NoX8xMrQP0Za4uPlwGJvkD1rPhkaouerH1qxik6NJjg
79LTe9ffU0SdSVZm7dd3kp8Xk0GZbU2x/S6I41WKxBm0/ZStG42liY8gLw9lW7OV
G9NPAAk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:26 2025 by rpki-client