Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADDD5/8B0D0FF2E3F811EB9E08DB14C4F9AE02/C95714EEE3FB11EBB2CF7D19C4F9AE02.roa
File: C95714EEE3FB11EBB2CF7D19C4F9AE02.roa (raw, json)
Hash identifier: Yft7kx/kiTGwlYArUay0PF4TzUgNVhU9aGv8BybuZ7o=
Subject key identifier: 59:17:58:3F:3A:25:F5:9F:3E:5E:E6:1D:FF:B2:8B:F7:15:A7:4E:6B
Certificate issuer: /CN=A91ADDD5/serialNumber=FB112CAD56319BFAACA1AB28CE7BD7F4CB268CE9
Certificate serial: 0495
Authority key identifier: FB:11:2C:AD:56:31:9B:FA:AC:A1:AB:28:CE:7B:D7:F4:CB:26:8C:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-xEsrVYxm_qsoasoznvX9MsmjOk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ADDD5/8B0D0FF2E3F811EB9E08DB14C4F9AE02/C95714EEE3FB11EBB2CF7D19C4F9AE02.roa
Signing time: Wed 13 Mar 2024 14:29:41 +0000
ROA not before: Wed 13 Mar 2024 14:29:41 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 58955
IP address blocks: 103.78.31.0/24 maxlen: 24
103.169.66.0/23 maxlen: 23
103.169.66.0/24 maxlen: 24
103.169.67.0/24 maxlen: 24
2407:9c40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Mar 2024 18:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1173 (0x495)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ADDD5/serialNumber=FB112CAD56319BFAACA1AB28CE7BD7F4CB268CE9
Validity
Not Before: Mar 13 14:29:41 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65f1b855-9e5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:24:b1:2e:ca:cf:77:c9:d2:6b:1d:a2:12:74:
98:0d:a2:c5:71:1d:a8:ab:39:87:61:16:0f:e9:30:
b3:94:13:af:92:58:2c:bb:f0:08:26:f1:cb:05:83:
ae:e0:74:cb:25:b9:7e:b3:c4:4d:3e:af:68:98:da:
a2:7e:22:a4:f0:5b:71:46:a3:a7:73:2b:f2:6b:c9:
f4:33:9c:59:ca:9d:16:71:0c:db:61:38:22:36:38:
de:b2:56:ca:9e:21:bc:f9:78:36:8b:43:1b:1d:e4:
8d:ce:80:4b:79:e8:7b:6a:f2:25:b8:12:01:0c:c7:
68:98:86:0b:27:fe:31:dc:a7:27:9a:ad:c2:a3:04:
9a:22:cb:c3:e1:3a:f7:ac:35:f0:41:5d:f7:ae:52:
da:df:1e:17:c8:68:1a:9a:e7:d5:42:e3:dc:39:6e:
fd:9f:ed:a5:10:98:51:f2:b6:81:8e:a7:08:d5:d4:
8c:59:c9:cb:99:a7:ec:70:d7:3e:d5:fc:80:21:17:
ad:8f:e1:49:29:3f:d2:ba:8b:9e:0a:e5:70:67:21:
13:8f:fd:c9:df:a2:71:43:5b:96:60:6a:8a:69:86:
c9:5b:0c:e3:97:8c:11:39:aa:7d:8f:18:13:b6:a4:
82:50:97:a4:02:93:01:56:bd:6d:36:43:07:fa:53:
23:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:17:58:3F:3A:25:F5:9F:3E:5E:E6:1D:FF:B2:8B:F7:15:A7:4E:6B
X509v3 Authority Key Identifier:
keyid:FB:11:2C:AD:56:31:9B:FA:AC:A1:AB:28:CE:7B:D7:F4:CB:26:8C:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ADDD5/8B0D0FF2E3F811EB9E08DB14C4F9AE02/-xEsrVYxm_qsoasoznvX9MsmjOk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-xEsrVYxm_qsoasoznvX9MsmjOk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADDD5/8B0D0FF2E3F811EB9E08DB14C4F9AE02/C95714EEE3FB11EBB2CF7D19C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.78.31.0/24
103.169.66.0/23
IPv6:
2407:9c40::/32
Signature Algorithm: sha256WithRSAEncryption
58:ca:82:f8:ad:98:fe:e0:0a:11:aa:e0:cd:c5:3a:48:fe:eb:
25:8a:ac:11:7e:46:5a:73:8e:79:af:a8:dd:4c:b8:1e:3c:45:
ac:ab:cf:dc:25:32:e5:b1:64:b9:12:c2:66:6c:28:48:69:93:
c3:28:bc:a4:ff:fa:f3:01:c5:3c:e9:29:d9:44:f2:22:e0:5a:
fb:57:e8:ba:14:2f:b2:5c:06:df:e9:56:75:de:7a:6a:8f:8b:
9a:df:79:00:3d:62:4b:5c:ae:01:87:1e:b4:d8:b2:fb:64:d4:
ec:92:e0:5c:2e:76:24:93:f5:36:7d:b6:8d:13:a4:07:48:96:
c3:9f:68:14:5e:a2:d0:8c:c0:ac:79:72:e9:f2:40:54:49:88:
7f:83:8c:9e:d1:1e:30:f8:8b:7c:1f:20:3b:41:38:1b:6d:d3:
b1:d0:21:11:0f:fd:8d:ca:49:de:3e:b2:87:58:bd:1c:ab:aa:
90:ef:fd:3c:b0:fc:ba:58:9c:e5:81:7b:c6:00:72:40:1d:0c:
02:cf:e4:d5:bf:be:0a:7d:95:23:e7:d1:0a:23:4a:cb:ae:aa:
93:4f:d8:cb:64:27:8d:36:28:e8:bf:31:59:02:96:b2:97:cb:
63:bb:b5:e2:d8:d6:f4:ec:c3:c9:e6:ad:8f:83:f7:85:17:da:
c9:4f:22:ea
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBJUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QURERDUxMTAvBgNVBAUTKEZCMTEyQ0FENTYzMTlCRkFBQ0ExQUIyOENFN0JEN0Y0
Q0IyNjhDRTkwHhcNMjQwMzEzMTQyOTQxWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWYxYjg1NS05ZTVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzCSxLsrPd8nSax2iEnSYDaLFcR2oqzmHYRYP6TCzlBOvklgsu/AIJvHLBYOu
4HTLJbl+s8RNPq9omNqifiKk8FtxRqOncyvya8n0M5xZyp0WcQzbYTgiNjjeslbK
niG8+Xg2i0MbHeSNzoBLeeh7avIluBIBDMdomIYLJ/4x3Kcnmq3CowSaIsvD4Tr3
rDXwQV33rlLa3x4XyGgamufVQuPcOW79n+2lEJhR8raBjqcI1dSMWcnLmafscNc+
1fyAIRetj+FJKT/SuoueCuVwZyETj/3J36JxQ1uWYGqKaYbJWwzjl4wROap9jxgT
tqSCUJekApMBVr1tNkMH+lMjEQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFFkXWD86
JfWfPl7mHf+yi/cVp05rMB8GA1UdIwQYMBaAFPsRLK1WMZv6rKGrKM571/TLJozp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRERENS84QjBEMEZGMkUz
RjgxMUVCOUUwOERCMTRDNEY5QUUwMi8teEVzclZZeG1fcXNvYXNvem52WDlNc21q
T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy14RXNyVll4bV9xc29hc296bnZYOU1zbWpPay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QURERDUvOEIwRDBGRjJFM0Y4MTFFQjlFMDhEQjE0QzRGOUFFMDIvQzk1NzE0RUVF
M0ZCMTFFQkIyQ0Y3RDE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBABnTh8DBAFnqUIwDQQCAAIwBwMFACQHnEAwDQYJKoZIhvcN
AQELBQADggEBAFjKgvitmP7gChGq4M3FOkj+6yWKrBF+RlpzjnmvqN1MuB48Rayr
z9wlMuWxZLkSwmZsKEhpk8MovKT/+vMBxTzpKdlE8iLgWvtX6LoUL7JcBt/pVnXe
emqPi5rfeQA9YktcrgGHHrTYsvtk1OyS4FwudiST9TZ9to0TpAdIlsOfaBReotCM
wKx5cunyQFRJiH+DjJ7RHjD4i3wfIDtBOBtt07HQIREP/Y3KSd4+sodYvRyrqpDv
/Tyw/LpYnOWBe8YAckAdDALP5NW/vgp9lSPn0QojSsuuqpNP2MtkJ402KOi/MVkC
lrKXy2O7teLY1vTsw8nmrY+D94UX2slPIuo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org