Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0443/9C09BCA872D411E89B1EBA25C4F9AE02/3B4D071072D611E8A3CD6229C4F9AE02.roa
File: 3B4D071072D611E8A3CD6229C4F9AE02.roa (raw, json)
Hash identifier: aJPD1Rd7MG+Unsw89wtQzDV76uG9mIf8F/b8vQIhV9g=
Subject key identifier: 69:B8:01:D1:7D:65:D3:70:00:7A:B4:9F:14:56:9F:27:7E:41:8C:E6
Certificate issuer: /CN=A91C0443/serialNumber=4F437E171E59F781432C4EC2FAFE49BE7F157ECD
Certificate serial: 1361
Authority key identifier: 4F:43:7E:17:1E:59:F7:81:43:2C:4E:C2:FA:FE:49:BE:7F:15:7E:CD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T0N-Fx5Z94FDLE7C-v5Jvn8Vfs0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C0443/9C09BCA872D411E89B1EBA25C4F9AE02/3B4D071072D611E8A3CD6229C4F9AE02.roa
Signing time: Sat 02 Mar 2024 17:55:41 +0000
ROA not before: Sat 02 Mar 2024 17:55:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137275
IP address blocks: 103.106.146.0/23 maxlen: 24
2001:df3:ad00::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Apr 2024 23:25:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4961 (0x1361)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C0443/serialNumber=4F437E171E59F781432C4EC2FAFE49BE7F157ECD
Validity
Not Before: Mar 2 17:55:41 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65e3681d-cbb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:60:d7:da:74:dc:54:0b:51:5f:1b:6f:a1:17:
34:8e:37:af:c6:9f:36:55:89:c7:37:42:b7:71:4d:
32:97:33:b4:ea:c7:1b:e7:26:92:74:88:74:d6:71:
d3:e6:89:0d:85:47:e6:d9:84:f5:24:67:49:9d:a7:
4e:4d:51:a5:aa:58:dc:f6:57:41:49:55:eb:f5:34:
72:4a:f9:3f:83:99:3c:9c:5b:42:1a:bb:b4:65:df:
5a:20:ef:49:2b:1f:e6:88:01:c5:e8:5e:3f:0c:fc:
db:0b:bd:7d:0e:0c:10:a6:f9:8b:68:ec:ef:4e:9d:
a2:17:eb:ce:38:a7:db:eb:a0:47:da:4b:55:1d:8d:
86:4e:76:53:88:b7:89:b9:dd:52:2a:06:38:55:70:
d6:e0:42:c9:42:0e:05:01:b9:f1:73:8a:22:84:b0:
30:30:fc:65:82:4e:86:68:6f:94:a2:bc:93:8d:ea:
4b:ea:58:0c:b7:ff:cf:e2:1f:13:54:2a:9b:34:e3:
cf:59:8d:20:76:24:a8:a2:04:e4:8d:26:00:fc:a2:
0e:77:8e:2c:d3:7a:4e:ec:6a:bf:5b:1a:16:d1:6c:
c5:20:cf:77:8b:fb:00:4f:71:03:1e:2d:4f:9d:44:
09:48:37:85:62:ae:0c:85:8b:35:a9:9e:42:4f:5e:
e8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:B8:01:D1:7D:65:D3:70:00:7A:B4:9F:14:56:9F:27:7E:41:8C:E6
X509v3 Authority Key Identifier:
keyid:4F:43:7E:17:1E:59:F7:81:43:2C:4E:C2:FA:FE:49:BE:7F:15:7E:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C0443/9C09BCA872D411E89B1EBA25C4F9AE02/T0N-Fx5Z94FDLE7C-v5Jvn8Vfs0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T0N-Fx5Z94FDLE7C-v5Jvn8Vfs0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0443/9C09BCA872D411E89B1EBA25C4F9AE02/3B4D071072D611E8A3CD6229C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.146.0/23
IPv6:
2001:df3:ad00::/48
Signature Algorithm: sha256WithRSAEncryption
16:be:16:af:68:9e:04:29:13:44:c3:76:a1:84:f1:d6:10:fb:
bb:66:37:9b:cb:2f:9c:43:3c:e3:07:1c:b9:71:7c:d5:cb:35:
3d:bf:86:e4:97:8d:19:8f:48:05:bb:fa:59:37:1a:18:42:8f:
5a:f0:d3:e3:3e:52:7c:b1:19:0c:5c:41:8a:16:9b:eb:98:69:
df:35:f3:e7:34:31:8e:5b:96:a1:66:dc:67:8d:3d:b8:19:f5:
c3:a6:a2:c3:ff:8d:5e:2a:7b:39:a3:8a:d1:9e:a3:d0:6a:08:
a5:ab:d3:44:0a:c1:bd:95:41:27:3c:c3:99:a7:5e:c5:4b:56:
74:74:c9:40:00:fb:54:03:b4:23:3d:19:37:50:f3:ec:2b:87:
f1:e1:14:7c:2f:8e:c5:56:5f:9e:09:bf:6a:c3:dd:07:c4:4f:
d8:03:e0:17:b2:fb:5e:d1:36:cb:e9:0a:7a:5d:93:3c:be:e8:
ed:b2:68:1f:50:4a:c5:6b:48:69:3d:cb:00:85:ce:81:f0:a9:
42:69:fa:c6:f2:39:fe:4a:b2:f0:5e:b9:1a:62:15:37:be:c7:
07:2b:ee:34:10:ca:19:7b:66:37:6b:ce:81:5e:e3:cd:51:d8:
cb:f7:77:10:59:d4:01:e7:b7:c1:eb:ae:0b:cd:cc:a9:f6:33:
c1:65:1b:9b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICE2EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzA0NDMxMTAvBgNVBAUTKDRGNDM3RTE3MUU1OUY3ODE0MzJDNEVDMkZBRkU0OUJF
N0YxNTdFQ0QwHhcNMjQwMzAyMTc1NTQxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUzNjgxZC1jYmI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzmDX2nTcVAtRXxtvoRc0jjevxp82VYnHN0K3cU0ylzO06scb5yaSdIh01nHT
5okNhUfm2YT1JGdJnadOTVGlqljc9ldBSVXr9TRySvk/g5k8nFtCGru0Zd9aIO9J
Kx/miAHF6F4/DPzbC719DgwQpvmLaOzvTp2iF+vOOKfb66BH2ktVHY2GTnZTiLeJ
ud1SKgY4VXDW4ELJQg4FAbnxc4oihLAwMPxlgk6GaG+UoryTjepL6lgMt//P4h8T
VCqbNOPPWY0gdiSoogTkjSYA/KIOd44s03pO7Gq/WxoW0WzFIM93i/sAT3EDHi1P
nUQJSDeFYq4MhYs1qZ5CT17oowIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFGm4AdF9
ZdNwAHq0nxRWnyd+QYzmMB8GA1UdIwQYMBaAFE9DfhceWfeBQyxOwvr+Sb5/FX7N
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMDQ0My85QzA5QkNBODcy
RDQxMUU4OUIxRUJBMjVDNEY5QUUwMi9UME4tRng1Wjk0RkRMRTdDLXY1SnZuOFZm
czAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1QwTi1GeDVaOTRGRExFN0MtdjVKdm44VmZzMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzA0NDMvOUMwOUJDQTg3MkQ0MTFFODlCMUVCQTI1QzRGOUFFMDIvM0I0RDA3MTA3
MkQ2MTFFOEEzQ0Q2MjI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnapIwDwQCAAIwCQMHACABDfOtADANBgkqhkiG9w0BAQsF
AAOCAQEAFr4Wr2ieBCkTRMN2oYTx1hD7u2Y3m8svnEM84wccuXF81cs1Pb+G5JeN
GY9IBbv6WTcaGEKPWvDT4z5SfLEZDFxBihab65hp3zXz5zQxjluWoWbcZ409uBn1
w6aiw/+NXip7OaOK0Z6j0GoIpavTRArBvZVBJzzDmadexUtWdHTJQAD7VAO0Iz0Z
N1Dz7CuH8eEUfC+OxVZfngm/asPdB8RP2APgF7L7XtE2y+kKel2TPL7o7bJoH1BK
xWtIaT3LAIXOgfCpQmn6xvI5/kqy8F65GmIVN77HByvuNBDKGXtmN2vOgV7jzVHY
y/d3EFnUAee3weuuC83MqfYzwWUbmw==
-----END CERTIFICATE-----
Generated at Tue Apr 2 03:07:01 2024 by rpki-client on console-ams.rpki-client.org