Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/FF257770927511EE80A1D16CC4F9AE02.roa
File: FF257770927511EE80A1D16CC4F9AE02.roa (raw, json)
Hash identifier: Kpu1QVCOvbZQ9vi9pjbzdNOK5VxfnHzoGDHxc1gwfCE=
Subject key identifier: A1:8D:A8:6D:02:EC:86:E9:38:CF:87:A8:00:F1:4B:81:5C:B3:1C:D0
Certificate issuer: /CN=A91B74E8/serialNumber=6C080A2BA7DAAC95D4D93488A900151AE3A59DF8
Certificate serial: 037B
Authority key identifier: 6C:08:0A:2B:A7:DA:AC:95:D4:D9:34:88:A9:00:15:1A:E3:A5:9D:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bAgKK6farJXU2TSIqQAVGuOlnfg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/FF257770927511EE80A1D16CC4F9AE02.roa
Signing time: Mon 04 Dec 2023 07:23:18 +0000
ROA not before: Mon 04 Dec 2023 07:23:18 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 139604
IP address blocks: 103.176.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 10:57:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 891 (0x37b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B74E8/serialNumber=6C080A2BA7DAAC95D4D93488A900151AE3A59DF8
Validity
Not Before: Dec 4 07:23:18 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=656d7e66-e043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:49:ef:03:5e:91:17:de:3f:2e:16:03:22:a5:
d7:2d:82:97:a6:34:f4:11:59:7a:27:78:ed:38:1a:
1d:cb:18:b4:77:40:3f:78:cf:77:ef:c8:35:b9:2c:
67:db:8f:01:6c:1f:ff:7f:bc:c7:86:b1:10:db:a4:
18:2d:e3:3e:3f:2f:3a:17:3a:6c:c6:96:df:9a:8c:
c9:3c:16:c0:ab:d5:58:86:a8:84:e1:cb:2c:e2:70:
44:12:ed:43:95:38:76:66:65:e5:11:f8:02:8b:21:
9c:ac:ec:51:e5:3b:5b:4c:96:4a:a3:b3:b3:dc:3b:
1a:de:38:0e:72:b0:c2:3b:aa:e0:92:dc:17:dc:dc:
0d:2c:24:56:6c:69:fd:77:58:62:1b:ee:fb:4e:48:
31:36:f1:74:6f:39:d4:91:07:18:9a:9c:ed:10:c8:
1c:c9:a4:5a:bf:25:8f:f5:c9:e6:92:8d:a0:6b:95:
6a:e1:1c:10:a4:cb:cd:42:57:3e:65:c0:82:88:2a:
88:c0:fc:e6:37:b9:c7:34:9f:f4:95:92:f1:46:51:
55:bd:98:8d:4b:b7:c7:c6:d9:41:c9:12:14:6c:36:
8a:d5:16:10:5d:b7:53:cf:d8:cf:c4:2b:a1:b2:a7:
14:70:96:67:9b:ad:e0:c4:f7:60:48:2f:af:8f:07:
16:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:8D:A8:6D:02:EC:86:E9:38:CF:87:A8:00:F1:4B:81:5C:B3:1C:D0
X509v3 Authority Key Identifier:
keyid:6C:08:0A:2B:A7:DA:AC:95:D4:D9:34:88:A9:00:15:1A:E3:A5:9D:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/bAgKK6farJXU2TSIqQAVGuOlnfg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bAgKK6farJXU2TSIqQAVGuOlnfg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/FF257770927511EE80A1D16CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.176.2.0/24
Signature Algorithm: sha256WithRSAEncryption
48:27:44:23:79:d8:7b:f9:24:88:54:43:4e:48:01:30:2e:fc:
0e:43:97:cf:ce:87:a7:8b:98:30:82:ca:b9:5c:22:75:b9:b7:
b0:ab:3f:76:3e:82:ec:33:8a:cc:a7:21:76:7e:a9:b5:7d:cd:
7f:b0:76:da:7e:b8:58:60:b0:b5:75:6a:18:68:44:95:5e:84:
3e:4f:bf:cb:36:5d:89:2c:cb:93:5d:8c:bb:7f:a8:13:7a:1e:
f3:d3:b5:84:e4:cd:3b:cd:0a:de:60:cd:50:57:9a:2d:c1:63:
73:bf:35:69:a6:ce:c5:54:76:f4:5d:93:b6:9e:9b:c3:94:f8:
ee:39:2c:ab:fc:8d:3d:34:2f:d5:11:5d:80:e0:35:94:7b:74:
8e:d6:56:eb:d8:3d:1f:38:4b:9b:30:71:1f:e4:16:16:d4:1d:
a5:e2:75:6e:eb:5f:0a:e6:a7:1a:46:73:38:18:f6:28:50:af:
ac:ee:d1:41:7b:13:34:9a:16:6e:e4:d5:24:df:50:28:b0:ba:
ce:ad:a4:05:7d:fd:95:c3:99:ba:9c:0e:08:1e:19:8d:81:f6:
99:2d:a9:54:36:34:11:f4:33:1d:bc:36:c5:67:e9:81:e0:d4:
c6:7a:76:4c:49:73:35:cc:77:6b:91:cb:f1:99:6e:08:0e:b2:
f9:01:9e:ad
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA3swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjc0RTgxMTAvBgNVBAUTKDZDMDgwQTJCQTdEQUFDOTVENEQ5MzQ4OEE5MDAxNTFB
RTNBNTlERjgwHhcNMjMxMjA0MDcyMzE4WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTZkN2U2Ni1lMDQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxUnvA16RF94/LhYDIqXXLYKXpjT0EVl6J3jtOBodyxi0d0A/eM9378g1uSxn
248BbB//f7zHhrEQ26QYLeM+Py86FzpsxpbfmozJPBbAq9VYhqiE4css4nBEEu1D
lTh2ZmXlEfgCiyGcrOxR5TtbTJZKo7Oz3Dsa3jgOcrDCO6rgktwX3NwNLCRWbGn9
d1hiG+77TkgxNvF0bznUkQcYmpztEMgcyaRavyWP9cnmko2ga5Vq4RwQpMvNQlc+
ZcCCiCqIwPzmN7nHNJ/0lZLxRlFVvZiNS7fHxtlByRIUbDaK1RYQXbdTz9jPxCuh
sqcUcJZnm63gxPdgSC+vjwcWwQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKGNqG0C
7IbpOM+HqADxS4FcsxzQMB8GA1UdIwQYMBaAFGwICiun2qyV1Nk0iKkAFRrjpZ34
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzRFOC80N0Y2MjAxMjQz
RUExMUVDODRBQjYzNDdDNEY5QUUwMi9iQWdLSzZmYXJKWFUyVFNJcVFBVkd1T2xu
ZmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JBZ0tLNmZhckpYVTJUU0lxUUFWR3VPbG5mZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjc0RTgvNDdGNjIwMTI0M0VBMTFFQzg0QUI2MzQ3QzRGOUFFMDIvRkYyNTc3NzA5
Mjc1MTFFRTgwQTFEMTZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnsAIwDQYJKoZIhvcNAQELBQADggEBAEgnRCN52Hv5JIhU
Q05IATAu/A5Dl8/Oh6eLmDCCyrlcInW5t7CrP3Y+guwzisynIXZ+qbV9zX+wdtp+
uFhgsLV1ahhoRJVehD5Pv8s2XYksy5NdjLt/qBN6HvPTtYTkzTvNCt5gzVBXmi3B
Y3O/NWmmzsVUdvRdk7aem8OU+O45LKv8jT00L9URXYDgNZR7dI7WVuvYPR84S5sw
cR/kFhbUHaXidW7rXwrmpxpGczgY9ihQr6zu0UF7EzSaFm7k1STfUCiwus6tpAV9
/ZXDmbqcDggeGY2B9pktqVQ2NBH0Mx28NsVn6YHg1MZ6dkxJczXMd2uRy/GZbggO
svkBnq0=
-----END CERTIFICATE-----
Generated at Thu Feb 29 14:06:36 2024 by rpki-client on console-fra.rpki-client.org