Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/043E74F86A9F11EF8A887851C4F9AE02.roa
File: 043E74F86A9F11EF8A887851C4F9AE02.roa (raw, json)
Hash identifier: 3mACd6dYhLC1ccqVE0e5opYeM9Fk2dsDs5pOhk3h+0Q=
Subject key identifier: 6A:08:1A:27:50:90:37:BC:88:6D:B5:75:D6:F3:C3:FB:80:16:F5:CB
Certificate issuer: /CN=A91BF28F/serialNumber=86CD8B4218A9B9A1BCE2FAC5EE6DC785B00A931D
Certificate serial: 019C
Authority key identifier: 86:CD:8B:42:18:A9:B9:A1:BC:E2:FA:C5:EE:6D:C7:85:B0:0A:93:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hs2LQhipuaG84vrF7m3HhbAKkx0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/043E74F86A9F11EF8A887851C4F9AE02.roa
Signing time: Wed 04 Sep 2024 09:21:08 +0000
ROA not before: Wed 04 Sep 2024 09:21:08 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 150385
IP address blocks: 103.24.88.0/23 maxlen: 23
103.24.88.0/24 maxlen: 24
103.24.89.0/24 maxlen: 24
2400:baa0::/32 maxlen: 32
2400:baa0:1::/48 maxlen: 48
2400:baa0:2::/48 maxlen: 48
2400:baa0:3::/48 maxlen: 48
2400:baa0:1000::/48 maxlen: 48
2400:baa0:1111::/48 maxlen: 48
2400:baa0:2000::/48 maxlen: 48
2400:baa0:2222::/48 maxlen: 48
2400:baa0:3000::/48 maxlen: 48
2400:baa0:3333::/48 maxlen: 48
2400:baa0:4000::/48 maxlen: 48
2400:baa0:4444::/48 maxlen: 48
2400:baa0:5000::/48 maxlen: 48
2400:baa0:5555::/48 maxlen: 48
2400:baa0:6000::/48 maxlen: 48
2400:baa0:6666::/48 maxlen: 48
2400:baa0:7000::/48 maxlen: 48
2400:baa0:7777::/48 maxlen: 48
2400:baa0:8000::/48 maxlen: 48
2400:baa0:8888::/48 maxlen: 48
2400:baa0:9000::/48 maxlen: 48
2400:baa0:9999::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 20 Sep 2024 18:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 412 (0x19c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BF28F/serialNumber=86CD8B4218A9B9A1BCE2FAC5EE6DC785B00A931D
Validity
Not Before: Sep 4 09:21:08 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66d82683-451b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3c:a7:5c:23:b5:55:ed:85:c0:77:b1:f0:02:
5d:eb:04:aa:08:5f:1e:28:02:a3:15:ae:27:58:a9:
b3:55:37:4d:58:db:fb:51:1a:c0:f4:5b:39:6d:19:
63:e0:ec:6b:88:08:31:d6:31:67:7d:7f:15:56:fb:
3c:a1:b2:30:2e:87:49:47:74:be:e2:cc:8e:20:57:
69:ec:e2:24:19:55:97:dc:45:78:43:94:9f:39:54:
08:a3:46:b2:3b:b7:ac:af:00:8e:b9:2c:e1:be:d5:
0c:40:a8:fe:db:61:96:74:63:eb:a7:5f:d6:b9:98:
5c:fd:bd:b9:ab:66:7a:2e:96:da:9b:99:80:f9:22:
38:56:da:70:8f:c1:21:7a:00:90:94:61:03:3c:4b:
0c:4c:15:5e:6e:d4:38:a9:cd:77:5c:37:b0:e9:63:
28:99:cb:42:bb:6b:ce:77:a1:f6:07:f4:d9:29:02:
6e:0c:de:19:f8:27:c9:90:fb:47:6d:ce:b8:c8:5b:
d8:46:6a:0c:4d:29:13:81:96:28:6a:13:c3:37:db:
11:a8:69:a5:a7:37:a9:fa:6d:a4:1d:4e:f0:39:80:
8c:8f:d7:bb:70:5c:59:20:8e:fa:73:b6:d2:47:1c:
c1:a1:9e:ea:89:6e:e0:76:b8:ab:b8:3b:bc:6b:ca:
50:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:08:1A:27:50:90:37:BC:88:6D:B5:75:D6:F3:C3:FB:80:16:F5:CB
X509v3 Authority Key Identifier:
keyid:86:CD:8B:42:18:A9:B9:A1:BC:E2:FA:C5:EE:6D:C7:85:B0:0A:93:1D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hs2LQhipuaG84vrF7m3HhbAKkx0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/043E74F86A9F11EF8A887851C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.24.88.0/23
IPv6:
2400:baa0::/32
Signature Algorithm: sha256WithRSAEncryption
18:b1:4f:47:c8:12:ab:f9:2f:f4:e9:6c:94:1b:c9:d0:7e:84:
69:13:1d:ce:39:ab:2d:76:b4:fb:30:b9:70:e7:85:45:97:d5:
2f:7c:87:1e:cb:5f:43:93:c8:6b:3a:56:6b:83:7d:65:b8:65:
ab:e1:dd:5a:c7:b1:0b:2d:5e:6b:f7:8c:e1:af:82:85:95:ae:
d9:c9:eb:4a:a2:fb:ef:6a:19:70:5c:ff:34:74:bd:25:60:55:
2e:13:68:08:1a:b8:9a:1e:d6:c4:b2:99:7d:10:85:47:65:db:
4f:98:d1:f7:53:9a:ed:23:d3:4c:36:c7:bf:e3:9c:e6:e4:e2:
d1:86:00:a1:ad:ce:83:44:95:e6:f7:68:83:95:6a:6e:54:59:
bd:d7:25:65:37:8a:6a:7c:5c:47:15:61:fa:ef:9a:37:21:13:
e8:89:c7:26:ed:15:99:4f:00:f3:e9:75:4a:28:18:ae:36:5a:
3d:85:bb:90:9a:c6:6c:98:a8:19:b6:cc:04:61:f8:a8:bd:49:
88:1f:a5:f1:bc:e6:f7:84:49:bb:a1:5c:ce:fc:97:4f:21:c6:
ef:c0:e3:71:d5:04:79:cc:fd:28:26:85:a7:49:db:c6:88:91:
df:4d:1d:ff:36:12:15:9c:87:de:b0:61:0d:35:60:67:99:da:
b5:21:4f:c5
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAZwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkYyOEYxMTAvBgNVBAUTKDg2Q0Q4QjQyMThBOUI5QTFCQ0UyRkFDNUVFNkRDNzg1
QjAwQTkzMUQwHhcNMjQwOTA0MDkyMTA4WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ4MjY4My00NTFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzzynXCO1Ve2FwHex8AJd6wSqCF8eKAKjFa4nWKmzVTdNWNv7URrA9Fs5bRlj
4OxriAgx1jFnfX8VVvs8obIwLodJR3S+4syOIFdp7OIkGVWX3EV4Q5SfOVQIo0ay
O7esrwCOuSzhvtUMQKj+22GWdGPrp1/WuZhc/b25q2Z6Lpbam5mA+SI4Vtpwj8Eh
egCQlGEDPEsMTBVebtQ4qc13XDew6WMomctCu2vOd6H2B/TZKQJuDN4Z+CfJkPtH
bc64yFvYRmoMTSkTgZYoahPDN9sRqGmlpzep+m2kHU7wOYCMj9e7cFxZII76c7bS
RxzBoZ7qiW7gdriruDu8a8pQawIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFGoIGidQ
kDe8iG21ddbzw/uAFvXLMB8GA1UdIwQYMBaAFIbNi0IYqbmhvOL6xe5tx4WwCpMd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjI4Ri83RERDNUEyRTU1
NDcxMUVEQjQ3QjMzMkJDNEY5QUUwMi9oczJMUWhpcHVhRzg0dnJGN20zSGhiQUtr
eDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hzMkxRaGlwdWFHODR2ckY3bTNIaGJBS2t4MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkYyOEYvN0REQzVBMkU1NTQ3MTFFREI0N0IzMzJCQzRGOUFFMDIvMDQzRTc0Rjg2
QTlGMTFFRjhBODg3ODUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnGFgwDQQCAAIwBwMFACQAuqAwDQYJKoZIhvcNAQELBQAD
ggEBABixT0fIEqv5L/TpbJQbydB+hGkTHc45qy12tPswuXDnhUWX1S98hx7LX0OT
yGs6VmuDfWW4Zavh3VrHsQstXmv3jOGvgoWVrtnJ60qi++9qGXBc/zR0vSVgVS4T
aAgauJoe1sSymX0QhUdl20+Y0fdTmu0j00w2x7/jnObk4tGGAKGtzoNEleb3aIOV
am5UWb3XJWU3imp8XEcVYfrvmjchE+iJxybtFZlPAPPpdUooGK42Wj2Fu5CaxmyY
qBm2zARh+Ki9SYgfpfG85veESbuhXM78l08hxu/A43HVBHnM/SgmhadJ28aIkd9N
Hf82EhWch96wYQ01YGeZ2rUhT8U=
-----END CERTIFICATE-----
Generated at Fri Sep 20 21:35:09 2024 by rpki-client on console-ams.rpki-client.org