Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/75EB847E7F5811EF99E0644AC4F9AE02.roa
File: 75EB847E7F5811EF99E0644AC4F9AE02.roa (raw, json)
Hash identifier: 3C5LvlWvjBQjZY8JvOZMed8OvuX9X7CSB+riyV1Df78=
Subject key identifier: A3:6C:F2:0A:42:C9:D1:B2:D1:63:8F:68:97:97:A9:28:21:D7:87:3C
Certificate issuer: /CN=A91C7773/serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37
Certificate serial: 0DE3
Authority key identifier: D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/75EB847E7F5811EF99E0644AC4F9AE02.roa
Signing time: Mon 30 Sep 2024 18:18:58 +0000
ROA not before: Mon 30 Sep 2024 18:18:58 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 140962
IP address blocks: 103.141.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 19:19:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3555 (0xde3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7773/serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37
Validity
Not Before: Sep 30 18:18:58 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66faeb92-c485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b7:34:bb:6c:06:a4:08:61:de:58:7b:00:47:
46:54:9b:79:21:9e:11:e1:6f:bf:8c:08:ab:c1:57:
c5:15:b2:8f:01:43:c1:11:1f:6a:20:b4:0a:92:ae:
0d:68:ec:59:02:61:ef:7b:56:1d:a4:87:9e:47:23:
01:c1:8c:ff:0c:f4:57:34:87:f7:d9:f9:f8:ce:ac:
59:1d:0c:46:4e:c1:06:53:b0:94:35:3f:b5:b6:c1:
97:09:92:3e:90:81:4b:68:e7:2e:f6:79:12:47:d1:
1d:c0:73:d2:77:42:c2:b6:87:04:fc:01:91:a6:10:
17:04:96:fb:4e:df:e3:02:36:a2:fc:a0:1c:f1:2e:
16:47:87:cd:cf:f4:50:f4:0c:dd:db:13:72:49:7d:
79:d1:0b:d5:a4:bc:81:9d:9c:96:4c:c6:7e:fc:43:
d8:07:a5:fe:b3:af:8d:1e:39:83:07:01:bb:92:98:
41:16:cb:ac:37:01:7f:31:60:43:24:30:ac:58:24:
a9:66:67:59:bd:82:48:02:b6:2c:64:61:43:d7:dd:
04:54:ac:ce:a5:0b:b1:a5:9a:e9:5c:5e:3c:62:1c:
15:3b:15:33:1f:f9:a2:28:0d:05:95:d6:90:15:8a:
a7:70:91:d8:a0:4c:83:92:b5:0b:2b:5a:6c:57:7c:
5c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:6C:F2:0A:42:C9:D1:B2:D1:63:8F:68:97:97:A9:28:21:D7:87:3C
X509v3 Authority Key Identifier:
keyid:D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/75EB847E7F5811EF99E0644AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.141.3.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:36:90:9d:9f:72:2c:ec:b6:b2:bc:d3:2a:de:17:84:85:5f:
c5:23:89:d5:b2:e1:4a:2e:15:84:78:0a:bd:c5:e0:4e:04:54:
a6:52:9f:5b:1e:1d:6b:e2:4c:54:ab:16:31:00:ac:82:3a:f2:
9c:b0:f0:7a:5b:81:9a:da:c4:5f:ed:4d:ca:f7:0b:41:f0:dd:
9a:a7:81:32:da:7a:89:49:ee:84:b3:5d:ab:3f:5d:08:25:4b:
15:fe:84:38:60:5f:bf:0c:64:a6:5a:5d:a7:ef:9c:1e:d3:c5:
f7:e5:7d:04:6e:a7:5c:b2:dd:a0:03:91:bf:d9:6e:89:37:8c:
2e:29:a6:a2:66:d1:58:93:c7:d1:d1:3e:66:d8:01:97:12:b0:
66:f3:ae:cb:38:fc:fe:47:7b:11:b3:8f:30:b0:2f:b2:3b:e7:
0c:9e:8d:bf:d4:71:9e:0d:28:79:38:f2:9a:18:81:ff:b1:4f:
f4:3b:6c:92:21:7f:ff:4d:00:01:ae:fd:c0:5b:cf:c7:e1:da:
75:12:e5:f4:03:3a:af:c9:92:30:37:56:12:a0:0d:ff:ea:27:
e1:b6:52:86:14:a1:a2:86:46:63:3b:d8:98:e0:25:44:4c:73:
d5:3a:f3:32:30:67:f0:91:c9:d5:9f:ed:5d:0f:ca:a4:70:71:
aa:22:51:b6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDeMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qzc3NzMxMTAvBgNVBAUTKEQ5MDBEREYyNEEyNzYyMkJGOTY0Mzc1N0VEQkNBRkZB
RUUzMjFDMzcwHhcNMjQwOTMwMTgxODU4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZhZWI5Mi1jNDg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqbc0u2wGpAhh3lh7AEdGVJt5IZ4R4W+/jAirwVfFFbKPAUPBER9qILQKkq4N
aOxZAmHve1YdpIeeRyMBwYz/DPRXNIf32fn4zqxZHQxGTsEGU7CUNT+1tsGXCZI+
kIFLaOcu9nkSR9EdwHPSd0LCtocE/AGRphAXBJb7Tt/jAjai/KAc8S4WR4fNz/RQ
9Azd2xNySX150QvVpLyBnZyWTMZ+/EPYB6X+s6+NHjmDBwG7kphBFsusNwF/MWBD
JDCsWCSpZmdZvYJIArYsZGFD190EVKzOpQuxpZrpXF48YhwVOxUzH/miKA0FldaQ
FYqncJHYoEyDkrULK1psV3xc5QIDAQABo4IClTCCApEwHQYDVR0OBBYEFKNs8gpC
ydGy0WOPaJeXqSgh14c8MB8GA1UdIwQYMBaAFNkA3fJKJ2Ir+WQ3V+28r/ruMhw3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzc3My9BRDMyMjM3Q0Ey
RTgxMUU5QkFFNzhENDdDNEY5QUUwMi8yUURkOGtvbllpdjVaRGRYN2J5di11NHlI
RGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJRRGQ4a29uWWl2NVpEZFg3Ynl2LXU0eUhEYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qzc3NzMvQUQzMjIzN0NBMkU4MTFFOUJBRTc4RDQ3QzRGOUFFMDIvNzVFQjg0N0U3
RjU4MTFFRjk5RTA2NDRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnjQMwDQYJKoZIhvcNAQELBQADggEBAJw2kJ2fcizstrK8
0yreF4SFX8UjidWy4UouFYR4Cr3F4E4EVKZSn1seHWviTFSrFjEArII68pyw8Hpb
gZraxF/tTcr3C0Hw3ZqngTLaeolJ7oSzXas/XQglSxX+hDhgX78MZKZaXafvnB7T
xfflfQRup1yy3aADkb/Zbok3jC4ppqJm0ViTx9HRPmbYAZcSsGbzrss4/P5HexGz
jzCwL7I75wyejb/UcZ4NKHk48poYgf+xT/Q7bJIhf/9NAAGu/cBbz8fh2nUS5fQD
Oq/JkjA3VhKgDf/qJ+G2UoYUoaKGRmM72JjgJURMc9U68zIwZ/CRydWf7V0PyqRw
caoiUbY=
-----END CERTIFICATE-----
Generated at Mon Sep 30 23:03:38 2024 by rpki-client on console-ams.rpki-client.org