Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/D84A739CAEEC11EE913EC471C4F9AE02.roa
File: D84A739CAEEC11EE913EC471C4F9AE02.roa (raw, json)
Hash identifier: QsISPpyj7m+HmiOIDzVHKOYQTBnz2KNpEmzl5DONNy4=
Subject key identifier: DB:6A:2C:1E:C9:F8:FB:A7:3C:80:03:9E:A2:AB:5C:F9:0C:14:E3:09
Certificate issuer: /CN=A91C0C9B/serialNumber=494202B031E9F427643157A06EFAA4C070C7F3ED
Certificate serial: 03B6
Authority key identifier: 49:42:02:B0:31:E9:F4:27:64:31:57:A0:6E:FA:A4:C0:70:C7:F3:ED
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SUICsDHp9CdkMVegbvqkwHDH8-0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/D84A739CAEEC11EE913EC471C4F9AE02.roa
Signing time: Tue 09 Jan 2024 12:44:36 +0000
ROA not before: Tue 09 Jan 2024 12:44:36 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 216358
IP address blocks: 103.134.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Mar 2024 12:21:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 950 (0x3b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C0C9B/serialNumber=494202B031E9F427643157A06EFAA4C070C7F3ED
Validity
Not Before: Jan 9 12:44:36 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=659d3fb4-53c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d2:11:c7:75:58:4e:12:7c:3a:98:d0:ca:66:
bb:6a:40:cd:9b:1e:d9:e2:4b:da:09:ce:74:20:ef:
50:fe:4f:2b:91:57:30:99:6d:87:65:13:05:24:00:
df:04:24:e8:e2:20:17:9b:fb:2a:cc:8a:ff:7e:31:
21:52:10:b1:55:90:f1:0d:91:08:f6:92:dc:69:fd:
fe:51:27:ca:5a:73:f9:50:09:37:38:84:3f:e0:69:
f9:00:24:45:f8:2c:4b:11:fd:20:78:36:f4:12:5b:
e3:ab:fd:17:4c:f2:71:c8:da:56:4e:19:95:7a:39:
93:61:d0:b3:3f:28:57:1e:5d:60:ad:9c:1b:35:12:
54:12:fe:3f:33:7e:75:1a:38:9e:e7:27:b4:65:dc:
48:4d:37:68:9d:a8:98:0e:2b:15:d0:e2:8c:76:ff:
1f:25:08:23:13:4b:98:c7:28:49:3e:8d:4a:15:64:
40:d0:1f:c2:5a:9f:be:24:de:12:10:dd:01:7c:a1:
21:df:57:2d:a8:06:b5:10:7a:cd:cc:46:71:24:38:
c4:f3:ac:63:fa:c3:33:fd:cc:bc:c7:6e:d5:a7:f2:
f8:42:bc:65:5d:f0:0e:8c:b4:03:b1:bb:1a:7e:f0:
63:17:e2:28:41:9a:a2:7c:77:0f:e1:e2:35:0f:64:
94:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:6A:2C:1E:C9:F8:FB:A7:3C:80:03:9E:A2:AB:5C:F9:0C:14:E3:09
X509v3 Authority Key Identifier:
keyid:49:42:02:B0:31:E9:F4:27:64:31:57:A0:6E:FA:A4:C0:70:C7:F3:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/SUICsDHp9CdkMVegbvqkwHDH8-0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SUICsDHp9CdkMVegbvqkwHDH8-0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/D84A739CAEEC11EE913EC471C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.74.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:7d:88:f9:82:5a:ff:53:a7:a7:c2:c2:88:94:02:89:e2:92:
93:ff:7f:f7:45:71:a0:ed:c7:93:1c:38:c2:38:0c:64:60:e7:
11:9c:25:b2:ca:11:ce:f8:81:0c:52:20:19:c7:09:a4:7a:de:
46:45:4c:eb:cf:b8:45:f4:a1:c0:0a:41:99:f3:40:43:57:2a:
12:5c:8a:db:ca:e4:a4:3b:d2:0d:89:08:fd:a5:86:10:31:44:
2b:fb:83:f0:a4:09:de:0c:23:c3:5e:53:d9:eb:3a:2f:52:a7:
3f:b3:39:a1:e1:43:7c:1d:90:c7:31:cc:4e:73:6d:b7:ac:a7:
50:29:bf:e1:a6:6d:de:dd:6b:0f:2b:d6:2f:0a:65:65:64:40:
10:7c:ef:7a:69:ae:b7:02:b3:6d:16:70:c1:36:38:34:52:19:
88:a9:19:bf:e6:d7:ae:9a:3d:e4:de:77:76:42:13:28:61:72:
e5:2d:8c:ab:56:ea:0a:1f:d6:30:26:7f:f4:a7:3c:bb:3f:93:
00:e8:b6:2c:9c:22:4e:22:55:d2:bc:30:ac:16:fb:ad:de:26:
d1:1c:41:89:a7:29:91:a8:60:bb:08:7e:4b:43:79:16:cb:f9:
5d:b1:eb:96:f5:4d:25:d0:31:5c:d4:1c:5a:a5:5a:c7:81:86:
91:64:c7:9c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA7YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzBDOUIxMTAvBgNVBAUTKDQ5NDIwMkIwMzFFOUY0Mjc2NDMxNTdBMDZFRkFBNEMw
NzBDN0YzRUQwHhcNMjQwMTA5MTI0NDM2WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTlkM2ZiNC01M2M3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt9IRx3VYThJ8OpjQyma7akDNmx7Z4kvaCc50IO9Q/k8rkVcwmW2HZRMFJADf
BCTo4iAXm/sqzIr/fjEhUhCxVZDxDZEI9pLcaf3+USfKWnP5UAk3OIQ/4Gn5ACRF
+CxLEf0geDb0Elvjq/0XTPJxyNpWThmVejmTYdCzPyhXHl1grZwbNRJUEv4/M351
Gjie5ye0ZdxITTdonaiYDisV0OKMdv8fJQgjE0uYxyhJPo1KFWRA0B/CWp++JN4S
EN0BfKEh31ctqAa1EHrNzEZxJDjE86xj+sMz/cy8x27Vp/L4QrxlXfAOjLQDsbsa
fvBjF+IoQZqifHcP4eI1D2SUxQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNtqLB7J
+PunPIADnqKrXPkMFOMJMB8GA1UdIwQYMBaAFElCArAx6fQnZDFXoG76pMBwx/Pt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEM5Qi9BNDZFOTg5QTMy
MkIxMUVDOTdGOENGN0NDNEY5QUUwMi9TVUlDc0RIcDlDZGtNVmVnYnZxa3dIREg4
LTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NVSUNzREhwOUNka01WZWdidnFrd0hESDgtMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzBDOUIvQTQ2RTk4OUEzMjJCMTFFQzk3RjhDRjdDQzRGOUFFMDIvRDg0QTczOUNB
RUVDMTFFRTkxM0VDNDcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnhkowDQYJKoZIhvcNAQELBQADggEBAC99iPmCWv9Tp6fC
woiUAonikpP/f/dFcaDtx5McOMI4DGRg5xGcJbLKEc74gQxSIBnHCaR63kZFTOvP
uEX0ocAKQZnzQENXKhJcitvK5KQ70g2JCP2lhhAxRCv7g/CkCd4MI8NeU9nrOi9S
pz+zOaHhQ3wdkMcxzE5zbbesp1Apv+Gmbd7daw8r1i8KZWVkQBB873pprrcCs20W
cME2ODRSGYipGb/m166aPeTed3ZCEyhhcuUtjKtW6gof1jAmf/SnPLs/kwDotiyc
Ik4iVdK8MKwW+63eJtEcQYmnKZGoYLsIfktDeRbL+V2x65b1TSXQMVzUHFqlWseB
hpFkx5w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:24 2024 by rpki-client on console-ams.rpki-client.org