Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7672/43764BECF72411E6ABF02B3CC4F9AE02/2A0DBD26973F11EEA24DBE15C4F9AE02.roa
File: 2A0DBD26973F11EEA24DBE15C4F9AE02.roa (raw, json)
Hash identifier: PFlHOV2gDFjgT08Hkkvn0tNMU5Y4lBtxKaUktB4jVkg=
Subject key identifier: AD:85:F8:C2:6A:D8:86:6B:7C:7B:5E:BE:4B:E2:E0:A8:1F:CC:BC:68
Certificate issuer: /CN=A91C7672/serialNumber=51569B48C03891454E469853A67DB909BEC2CAD6
Certificate serial: 1B08
Authority key identifier: 51:56:9B:48:C0:38:91:45:4E:46:98:53:A6:7D:B9:09:BE:C2:CA:D6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UVabSMA4kUVORphTpn25Cb7CytY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7672/43764BECF72411E6ABF02B3CC4F9AE02/2A0DBD26973F11EEA24DBE15C4F9AE02.roa
Signing time: Tue 30 Jan 2024 16:44:15 +0000
ROA not before: Tue 30 Jan 2024 16:44:15 +0000
ROA not after: Sat 01 Jun 2024 00:00:00 +0000
asID: 139029
IP address blocks: 103.78.254.0/24 maxlen: 24
103.78.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 08:38:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6920 (0x1b08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7672/serialNumber=51569B48C03891454E469853A67DB909BEC2CAD6
Validity
Not Before: Jan 30 16:44:15 2024 GMT
Not After : Jun 1 00:00:00 2024 GMT
Subject: CN=65b9275e-0412
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b6:59:96:45:36:94:18:ef:a1:99:2e:35:b5:
bd:54:87:70:06:d5:9d:b1:57:5b:1c:0d:5d:8e:b4:
8b:d7:6b:47:07:7c:23:96:14:56:05:77:0e:f0:bb:
67:af:81:1e:d3:6f:8b:f6:1b:a6:9f:89:b8:3d:4c:
21:2d:5a:45:c9:90:ec:e5:8c:c0:87:f4:34:6a:3e:
af:35:d3:07:db:9c:c0:5d:59:62:f6:d1:1b:28:a1:
a1:1d:e0:88:06:ac:ca:5a:f2:72:ca:de:a5:04:7b:
bf:11:a4:0c:c2:25:d0:52:4e:f2:fe:53:1e:fd:fb:
89:fe:14:9f:ae:7f:25:0b:15:7a:e6:d7:11:c6:a1:
3b:d5:27:62:55:61:42:55:ec:31:71:37:27:94:46:
f2:d7:7f:ee:f5:c5:46:87:12:fb:62:7f:64:07:34:
f0:13:31:1f:d3:0e:83:c6:43:65:d2:6f:72:a9:35:
1d:d5:39:1d:31:06:12:d4:96:00:60:56:e1:24:c1:
a9:92:88:ae:4c:e8:91:22:18:0f:0a:c7:65:9f:f8:
31:e7:a9:6a:30:0e:9e:88:dc:be:f3:1f:ae:c6:40:
f4:52:ee:51:e8:45:76:a5:f1:fb:1e:6b:9c:92:2f:
c3:33:78:b6:f2:2e:96:32:53:f7:0f:81:26:e5:46:
c4:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:85:F8:C2:6A:D8:86:6B:7C:7B:5E:BE:4B:E2:E0:A8:1F:CC:BC:68
X509v3 Authority Key Identifier:
keyid:51:56:9B:48:C0:38:91:45:4E:46:98:53:A6:7D:B9:09:BE:C2:CA:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7672/43764BECF72411E6ABF02B3CC4F9AE02/UVabSMA4kUVORphTpn25Cb7CytY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UVabSMA4kUVORphTpn25Cb7CytY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7672/43764BECF72411E6ABF02B3CC4F9AE02/2A0DBD26973F11EEA24DBE15C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.78.254.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:42:8a:ab:ac:6b:a9:e2:df:58:1a:54:9d:b5:88:c2:f9:6d:
22:84:0a:ac:66:fa:40:5a:67:48:7e:01:18:02:6b:a1:ee:8a:
2f:fe:89:d2:3c:fd:6f:27:2c:dc:2a:be:38:cc:cb:84:ee:d0:
57:0b:3a:4f:05:37:a9:d0:a2:ef:4f:0f:06:d6:68:f0:27:a3:
97:61:87:4c:05:d1:76:7c:d7:51:67:2f:57:62:84:1b:52:ef:
db:0f:c5:b2:3c:6f:e7:09:5d:ff:a5:8b:7f:c0:f6:a4:2c:de:
6f:6d:6f:7a:44:7f:5d:df:1a:a2:0b:23:4d:90:3a:76:e8:7e:
ac:83:93:18:ae:e1:33:19:c3:72:98:ed:29:6a:7d:7a:a1:30:
bd:51:4e:89:68:b9:76:59:b7:95:24:1a:cc:23:3f:1d:a5:43:
d9:c4:7a:89:13:fc:34:a6:40:2d:bc:c8:35:1c:92:ea:ac:3c:
84:3e:2b:f7:a3:79:02:49:c8:19:4b:1d:29:87:5d:4c:56:ee:
d6:85:27:55:5c:b6:db:49:a4:18:11:e5:43:ab:22:53:69:51:
88:a3:1a:f6:87:2b:a5:84:e4:8e:26:ec:b0:32:fe:16:e5:44:
62:9a:1e:98:fc:f2:36:cc:fe:26:52:e1:6b:70:20:a8:c7:79:
9d:b2:64:cf
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGwgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qzc2NzIxMTAvBgNVBAUTKDUxNTY5QjQ4QzAzODkxNDU0RTQ2OTg1M0E2N0RCOTA5
QkVDMkNBRDYwHhcNMjQwMTMwMTY0NDE1WhcNMjQwNjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI5Mjc1ZS0wNDEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkbZZlkU2lBjvoZkuNbW9VIdwBtWdsVdbHA1djrSL12tHB3wjlhRWBXcO8Ltn
r4Ee02+L9humn4m4PUwhLVpFyZDs5YzAh/Q0aj6vNdMH25zAXVli9tEbKKGhHeCI
BqzKWvJyyt6lBHu/EaQMwiXQUk7y/lMe/fuJ/hSfrn8lCxV65tcRxqE71SdiVWFC
VewxcTcnlEby13/u9cVGhxL7Yn9kBzTwEzEf0w6DxkNl0m9yqTUd1TkdMQYS1JYA
YFbhJMGpkoiuTOiRIhgPCsdln/gx56lqMA6eiNy+8x+uxkD0Uu5R6EV2pfH7Hmuc
ki/DM3i28i6WMlP3D4Em5UbErQIDAQABo4IClTCCApEwHQYDVR0OBBYEFK2F+MJq
2IZrfHtevkvi4KgfzLxoMB8GA1UdIwQYMBaAFFFWm0jAOJFFTkaYU6Z9uQm+wsrW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzY3Mi80Mzc2NEJFQ0Y3
MjQxMUU2QUJGMDJCM0NDNEY5QUUwMi9VVmFiU01BNGtVVk9ScGhUcG4yNUNiN0N5
dFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VWYWJTTUE0a1VWT1JwaFRwbjI1Q2I3Q3l0WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qzc2NzIvNDM3NjRCRUNGNzI0MTFFNkFCRjAyQjNDQzRGOUFFMDIvMkEwREJEMjY5
NzNGMTFFRUEyNERCRTE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnTv4wDQYJKoZIhvcNAQELBQADggEBAJpCiqusa6ni31ga
VJ21iML5bSKECqxm+kBaZ0h+ARgCa6Huii/+idI8/W8nLNwqvjjMy4Tu0FcLOk8F
N6nQou9PDwbWaPAno5dhh0wF0XZ811FnL1dihBtS79sPxbI8b+cJXf+li3/A9qQs
3m9tb3pEf13fGqILI02QOnbofqyDkxiu4TMZw3KY7SlqfXqhML1RTolouXZZt5Uk
GswjPx2lQ9nEeokT/DSmQC28yDUckuqsPIQ+K/ejeQJJyBlLHSmHXUxW7taFJ1Vc
tttJpBgR5UOrIlNpUYijGvaHK6WE5I4m7LAy/hblRGKaHpj88jbM/iZS4WtwIKjH
eZ2yZM8=
-----END CERTIFICATE-----
Generated at Mon Feb 12 12:18:09 2024 by rpki-client on console-ams.rpki-client.org