Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9790/71805BAC5AE211EFAEB0312EC4F9AE02/F3FBFA765AE411EF9A9DD176C4F9AE02.roa
File: F3FBFA765AE411EF9A9DD176C4F9AE02.roa (raw, json)
Hash identifier: 8Xf6jt2kMwkuHKzsBxOPM5iAwtrmjsLIKY/nK7dzi5g=
Subject key identifier: 4B:46:23:FE:0D:D8:85:54:5F:EC:18:D9:C3:1F:26:C8:C1:BF:CE:F6
Certificate issuer: /CN=A91B9790/serialNumber=894289AD40EE7E626F5CD82FCEC5406DB91E1E71
Certificate serial: 02
Authority key identifier: 89:42:89:AD:40:EE:7E:62:6F:5C:D8:2F:CE:C5:40:6D:B9:1E:1E:71
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iUKJrUDufmJvXNgvzsVAbbkeHnE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9790/71805BAC5AE211EFAEB0312EC4F9AE02/F3FBFA765AE411EF9A9DD176C4F9AE02.roa
Signing time: Thu 15 Aug 2024 09:01:26 +0000
ROA not before: Thu 15 Aug 2024 09:01:26 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 26658
IP address blocks: 103.199.244.0/24 maxlen: 24
103.199.245.0/24 maxlen: 24
103.199.246.0/24 maxlen: 24
103.199.247.0/24 maxlen: 24
203.82.28.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 19 Aug 2024 04:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9790/serialNumber=894289AD40EE7E626F5CD82FCEC5406DB91E1E71
Validity
Not Before: Aug 15 09:01:26 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66bdc3e6-f789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:14:1e:91:57:2f:60:b1:2d:ef:3a:48:00:b4:
ba:58:d6:ed:4d:aa:55:54:ce:9a:d4:16:45:3e:91:
65:14:a1:69:ab:86:a7:97:80:7a:cd:98:ba:a4:57:
f3:42:d6:4b:62:9a:49:75:b0:fa:6f:96:bd:d1:a8:
42:f9:f4:9d:91:72:dd:d6:f6:f5:44:36:4c:3e:bb:
9f:2f:9b:e7:34:73:54:54:c2:b7:6e:55:9e:dc:40:
a3:e6:63:a5:1d:a7:15:3c:64:e8:9b:5f:c8:cc:d4:
78:d9:c7:53:d1:52:40:e0:15:3f:64:96:b0:a8:2a:
9c:54:f7:9e:0b:e7:90:6f:89:a2:00:3a:0c:d9:47:
99:bc:13:69:8f:a5:05:40:3c:34:45:56:8f:c4:1f:
b8:d2:51:e0:e4:c3:c0:b5:05:fb:10:c2:bc:6d:9e:
6a:ef:8a:67:35:4f:c7:88:09:52:1b:0d:20:c4:ba:
6c:0a:92:58:4f:c5:92:a6:37:f7:bc:0b:b7:12:37:
d0:0a:00:1a:9a:81:09:3d:86:69:89:c8:80:de:2b:
ec:04:1b:10:44:0e:96:d0:59:c2:97:23:de:38:7c:
20:e7:09:b1:d5:5b:34:a9:a6:91:11:92:6b:87:ab:
35:81:9f:19:9a:99:23:5a:5c:c1:1d:e3:1a:c2:1c:
c0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:46:23:FE:0D:D8:85:54:5F:EC:18:D9:C3:1F:26:C8:C1:BF:CE:F6
X509v3 Authority Key Identifier:
keyid:89:42:89:AD:40:EE:7E:62:6F:5C:D8:2F:CE:C5:40:6D:B9:1E:1E:71
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9790/71805BAC5AE211EFAEB0312EC4F9AE02/iUKJrUDufmJvXNgvzsVAbbkeHnE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iUKJrUDufmJvXNgvzsVAbbkeHnE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9790/71805BAC5AE211EFAEB0312EC4F9AE02/F3FBFA765AE411EF9A9DD176C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.199.244.0/22
203.82.28.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:6f:b2:0c:ec:a9:42:f9:fa:02:09:a8:1c:b1:31:9b:e3:e9:
34:47:59:d1:0f:0a:96:84:6d:f0:f3:0c:c3:57:29:b0:44:9d:
42:90:4b:54:fa:43:84:93:b5:92:60:e1:c7:77:4c:fc:0a:51:
ab:90:4a:73:4f:df:1a:d0:65:5c:45:e3:fa:45:08:9d:63:ec:
ac:bb:4f:65:78:46:c5:0c:f9:94:99:0a:ac:d5:99:cd:6d:0e:
0d:78:25:bf:43:9f:63:a9:6a:90:9c:a4:7a:2e:be:d4:45:b4:
90:70:45:53:34:8a:0d:0c:85:e7:05:6c:27:04:7a:59:9f:42:
23:d6:3d:3a:09:d8:ab:fc:17:64:22:ed:ce:b8:8a:ea:f6:8b:
da:f6:2b:5b:be:61:be:fd:80:30:30:d2:51:6c:bc:f9:f9:a1:
22:96:ff:18:fe:fc:b4:bf:f7:d1:3d:ef:e2:b7:c7:88:31:1b:
0c:ce:94:a0:b0:36:92:27:8a:ac:39:78:72:c6:d8:ae:89:18:
e2:9d:30:1a:78:c1:93:1c:ae:ad:1b:f4:50:87:45:96:46:eb:
bc:07:d2:4b:12:e9:87:0c:a6:62:76:bf:8a:d8:ce:28:55:09:
d7:8b:54:1d:42:5f:24:c9:c3:68:a1:07:04:e3:f7:28:dc:7e:
08:e3:78:a9
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
OTc5MDExMC8GA1UEBRMoODk0Mjg5QUQ0MEVFN0U2MjZGNUNEODJGQ0VDNTQwNkRC
OTFFMUU3MTAeFw0yNDA4MTUwOTAxMjZaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YmRjM2U2LWY3ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCqFB6RVy9gsS3vOkgAtLpY1u1NqlVUzprUFkU+kWUUoWmrhqeXgHrNmLqkV/NC
1ktimkl1sPpvlr3RqEL59J2Rct3W9vVENkw+u58vm+c0c1RUwrduVZ7cQKPmY6Ud
pxU8ZOibX8jM1HjZx1PRUkDgFT9klrCoKpxU954L55BviaIAOgzZR5m8E2mPpQVA
PDRFVo/EH7jSUeDkw8C1BfsQwrxtnmrvimc1T8eICVIbDSDEumwKklhPxZKmN/e8
C7cSN9AKABqagQk9hmmJyIDeK+wEGxBEDpbQWcKXI944fCDnCbHVWzSpppERkmuH
qzWBnxmamSNaXMEd4xrCHMC9AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUS0Yj/g3Y
hVRf7BjZwx8myMG/zvYwHwYDVR0jBBgwFoAUiUKJrUDufmJvXNgvzsVAbbkeHnEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI5NzkwLzcxODA1QkFDNUFF
MjExRUZBRUIwMzEyRUM0RjlBRTAyL2lVS0pyVUR1Zm1KdlhOZ3Z6c1ZBYmJrZUhu
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaVVLSnJVRHVmbUp2WE5ndnpzVkFiYmtlSG5FLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
OTc5MC83MTgwNUJBQzVBRTIxMUVGQUVCMDMxMkVDNEY5QUUwMi9GM0ZCRkE3NjVB
RTQxMUVGOUE5REQxNzZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAmfH9AMEAstSHDANBgkqhkiG9w0BAQsFAAOCAQEAHW+yDOyp
Qvn6AgmoHLExm+PpNEdZ0Q8KloRt8PMMw1cpsESdQpBLVPpDhJO1kmDhx3dM/ApR
q5BKc0/fGtBlXEXj+kUInWPsrLtPZXhGxQz5lJkKrNWZzW0ODXglv0OfY6lqkJyk
ei6+1EW0kHBFUzSKDQyF5wVsJwR6WZ9CI9Y9OgnYq/wXZCLtzriK6vaL2vYrW75h
vv2AMDDSUWy8+fmhIpb/GP78tL/30T3v4rfHiDEbDM6UoLA2kieKrDl4csbYrokY
4p0wGnjBkxyurRv0UIdFlkbrvAfSSxLphwymYna/itjOKFUJ14tUHUJfJMnDaKEH
BOP3KNx+CON4qQ==
-----END CERTIFICATE-----
Generated at Mon Aug 19 07:18:33 2024 by rpki-client on console-fra.rpki-client.org