Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/70F417104B1511EEB17AE059C4F9AE02.roa
File: 70F417104B1511EEB17AE059C4F9AE02.roa (raw, json)
Hash identifier: Phg1pgoiu6hQx/vo9nGhL+4vcXGU8J3IM7bl3dLj9bA=
Subject key identifier: A6:FE:E5:B6:12:07:FB:70:6D:FC:F0:4D:46:4E:16:C5:0A:53:65:BE
Certificate issuer: /CN=A91C7773/serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37
Certificate serial: 0DBE
Authority key identifier: D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/70F417104B1511EEB17AE059C4F9AE02.roa
Signing time: Sun 18 Aug 2024 12:31:46 +0000
ROA not before: Sun 18 Aug 2024 12:31:46 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 140962
IP address blocks: 103.141.2.0/24 maxlen: 24
103.141.3.0/24 maxlen: 24
2001:df0:e280::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 30 Sep 2024 18:18:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3518 (0xdbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7773/serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37
Validity
Not Before: Aug 18 12:31:46 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66c1e9b2-0602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:aa:ed:28:c6:6f:03:ca:de:e5:72:67:ae:9f:
91:c5:14:78:56:2f:51:c3:3c:a7:eb:d9:55:8b:d3:
18:78:68:51:07:37:43:77:24:a6:1d:7d:e4:7b:49:
74:23:55:db:f5:43:ac:f6:7e:7b:54:0e:9f:ba:d2:
94:d6:55:77:89:51:b8:94:73:77:50:f8:ef:dc:a6:
62:c7:85:4c:7a:a0:a5:37:02:79:a8:72:08:c7:ce:
2b:94:e7:cf:18:1c:80:b8:e0:1c:3a:66:d5:79:5c:
04:07:d6:5f:c0:63:98:cd:71:c1:21:66:81:61:8c:
59:76:0e:e2:17:56:de:21:d2:cf:f9:5d:59:49:17:
5d:af:1e:6a:9c:e9:d5:fb:59:3c:43:d9:07:da:a8:
5e:b9:d1:7a:8b:8a:9c:ef:51:7e:4f:8a:fd:32:f7:
a2:84:bf:76:05:8e:61:26:65:ab:29:1b:83:1b:4e:
29:96:ac:6a:00:8f:31:b0:49:71:22:6c:ac:4b:2a:
8e:58:7c:e7:ea:74:aa:de:de:7a:67:ee:f2:67:33:
45:f2:db:c0:2f:d6:22:7a:52:7b:f5:b3:e4:b0:eb:
86:e4:fd:70:94:d6:4f:c8:54:b3:20:5e:d5:39:d8:
c0:66:c8:f7:9d:8d:ef:83:d0:e6:79:21:ea:2d:81:
f5:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:FE:E5:B6:12:07:FB:70:6D:FC:F0:4D:46:4E:16:C5:0A:53:65:BE
X509v3 Authority Key Identifier:
keyid:D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/70F417104B1511EEB17AE059C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.141.2.0/23
IPv6:
2001:df0:e280::/48
Signature Algorithm: sha256WithRSAEncryption
1e:5e:38:bc:0f:2b:cd:12:a3:8f:60:5d:ce:5a:54:84:63:92:
9a:94:fc:45:22:d0:06:9a:f9:f0:91:41:1c:1d:a2:a7:66:2b:
9a:f6:c7:61:1c:1b:e9:95:e5:05:6a:a3:e8:2a:0b:31:c9:a5:
4f:19:ed:68:f5:5a:03:9a:c1:d3:78:e4:6d:49:14:b3:cc:7f:
80:1c:c2:7a:80:3c:f7:b5:c4:79:e3:9f:9e:d6:c5:61:b3:cf:
0c:d3:bf:35:ad:fc:86:16:de:2d:ba:06:ea:f0:9d:64:26:d1:
b3:5e:f0:05:fe:0f:fd:0f:92:a5:81:d7:96:13:be:a3:a7:4e:
2e:04:d8:ed:15:05:52:cd:ee:26:b7:70:06:bc:33:22:e6:cd:
02:6e:10:fe:58:8e:77:8e:fa:b8:ca:09:df:91:ee:95:c1:af:
f0:af:7b:25:e7:bb:dd:d1:5e:36:13:3c:58:1b:b3:2a:d1:6a:
b0:c6:7d:4d:2a:a7:d7:2d:53:39:ef:aa:14:c8:b7:1a:33:e1:
c6:4f:6f:f9:6f:27:5b:73:43:70:71:ee:b9:4c:e8:b3:91:63:
35:01:57:bc:21:10:2e:d8:f0:b7:26:f4:f7:8c:6f:58:77:6a:
52:25:88:d0:05:97:42:6e:a9:37:85:e9:fb:83:4a:5f:92:11:
09:58:2e:8c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICDb4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qzc3NzMxMTAvBgNVBAUTKEQ5MDBEREYyNEEyNzYyMkJGOTY0Mzc1N0VEQkNBRkZB
RUUzMjFDMzcwHhcNMjQwODE4MTIzMTQ2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmMxZTliMi0wNjAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxKrtKMZvA8re5XJnrp+RxRR4Vi9Rwzyn69lVi9MYeGhRBzdDdySmHX3ke0l0
I1Xb9UOs9n57VA6futKU1lV3iVG4lHN3UPjv3KZix4VMeqClNwJ5qHIIx84rlOfP
GByAuOAcOmbVeVwEB9ZfwGOYzXHBIWaBYYxZdg7iF1beIdLP+V1ZSRddrx5qnOnV
+1k8Q9kH2qheudF6i4qc71F+T4r9MveihL92BY5hJmWrKRuDG04plqxqAI8xsElx
ImysSyqOWHzn6nSq3t56Z+7yZzNF8tvAL9YielJ79bPksOuG5P1wlNZPyFSzIF7V
OdjAZsj3nY3vg9DmeSHqLYH1+QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFKb+5bYS
B/twbfzwTUZOFsUKU2W+MB8GA1UdIwQYMBaAFNkA3fJKJ2Ir+WQ3V+28r/ruMhw3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzc3My9BRDMyMjM3Q0Ey
RTgxMUU5QkFFNzhENDdDNEY5QUUwMi8yUURkOGtvbllpdjVaRGRYN2J5di11NHlI
RGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJRRGQ4a29uWWl2NVpEZFg3Ynl2LXU0eUhEYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qzc3NzMvQUQzMjIzN0NBMkU4MTFFOUJBRTc4RDQ3QzRGOUFFMDIvNzBGNDE3MTA0
QjE1MTFFRUIxN0FFMDU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnjQIwDwQCAAIwCQMHACABDfDigDANBgkqhkiG9w0BAQsF
AAOCAQEAHl44vA8rzRKjj2BdzlpUhGOSmpT8RSLQBpr58JFBHB2ip2YrmvbHYRwb
6ZXlBWqj6CoLMcmlTxntaPVaA5rB03jkbUkUs8x/gBzCeoA897XEeeOfntbFYbPP
DNO/Na38hhbeLboG6vCdZCbRs17wBf4P/Q+SpYHXlhO+o6dOLgTY7RUFUs3uJrdw
BrwzIubNAm4Q/liOd476uMoJ35HulcGv8K97Jee73dFeNhM8WBuzKtFqsMZ9TSqn
1y1TOe+qFMi3GjPhxk9v+W8nW3NDcHHuuUzos5FjNQFXvCEQLtjwtyb094xvWHdq
UiWI0AWXQm6pN4Xp+4NKX5IRCVgujA==
-----END CERTIFICATE-----
Generated at Mon Sep 30 20:13:07 2024 by rpki-client on console-ams.rpki-client.org