Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/68A23A4EEACD11EEAE220A2AC4F9AE02.roa
File: 68A23A4EEACD11EEAE220A2AC4F9AE02.roa (raw, json)
Hash identifier: Cw/ORpv3Sxm7bwGKaDb9cjGQs+Kb8ya3G4fnydnczEs=
Subject key identifier: 32:CD:9E:B3:43:9B:94:9D:8A:E2:9B:24:3C:07:E2:AA:A8:DF:A6:BF
Certificate issuer: /CN=A91C8F27/serialNumber=D1A36CD8ED2355082761A3DB13EDD30DFDA2CFD0
Certificate serial: 0859
Authority key identifier: D1:A3:6C:D8:ED:23:55:08:27:61:A3:DB:13:ED:D3:0D:FD:A2:CF:D0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0aNs2O0jVQgnYaPbE-3TDf2iz9A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/68A23A4EEACD11EEAE220A2AC4F9AE02.roa
Signing time: Mon 25 Mar 2024 17:30:44 +0000
ROA not before: Mon 25 Mar 2024 17:30:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.112.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Apr 2024 14:04:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2137 (0x859)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C8F27/serialNumber=D1A36CD8ED2355082761A3DB13EDD30DFDA2CFD0
Validity
Not Before: Mar 25 17:30:44 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6601b4c4-cf99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4d:49:b3:1c:61:ee:21:5d:8a:a7:c6:c8:fd:
75:fb:38:c4:81:8a:2b:40:bf:8f:99:52:05:44:2a:
7b:48:29:9a:29:43:fe:69:47:30:b5:01:11:a3:8d:
87:21:b9:78:04:8e:e3:69:60:ee:f7:dc:0c:36:50:
89:e7:21:ff:04:63:54:90:9d:0c:68:4a:20:4f:aa:
d8:d8:22:ac:08:4a:8d:85:40:3d:bf:a9:b1:d4:de:
a4:25:36:7c:eb:da:31:2b:09:29:c5:e9:3f:46:8c:
a6:7c:19:cd:2b:a4:44:45:fe:1c:4f:dd:91:61:b4:
30:f7:a3:8a:ce:0e:78:0c:7f:a7:72:d7:a5:71:41:
71:51:37:00:31:6f:d8:49:d7:cf:3c:d4:c0:aa:68:
36:da:d5:21:08:8a:ce:7f:35:27:63:54:37:75:70:
f5:96:24:8d:ea:6b:a6:d7:44:08:00:f6:86:78:e1:
88:cc:3d:bf:9a:05:27:9f:36:e9:ee:e2:bb:27:24:
00:82:1f:7e:7a:7c:f5:2f:5c:52:86:e7:04:26:37:
52:ad:1c:b0:2a:a7:d7:ff:92:4e:6b:b9:d8:84:2d:
9a:e0:5a:88:93:40:5a:2d:1a:74:51:2c:f6:b9:7a:
4f:1c:50:da:4d:43:26:72:06:f9:c9:bc:ae:8f:7c:
82:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:CD:9E:B3:43:9B:94:9D:8A:E2:9B:24:3C:07:E2:AA:A8:DF:A6:BF
X509v3 Authority Key Identifier:
keyid:D1:A3:6C:D8:ED:23:55:08:27:61:A3:DB:13:ED:D3:0D:FD:A2:CF:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/0aNs2O0jVQgnYaPbE-3TDf2iz9A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0aNs2O0jVQgnYaPbE-3TDf2iz9A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/68A23A4EEACD11EEAE220A2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.3.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:80:cc:d2:0f:14:34:86:14:88:b4:7d:f7:4e:02:d3:ca:3d:
0f:68:4b:73:3e:f7:24:35:09:2f:63:91:d4:eb:f1:bf:f1:aa:
fc:b7:09:e9:b4:6d:e9:d7:45:ee:f4:37:73:30:ca:63:fa:c6:
2f:5e:b8:37:53:ff:1f:e7:c8:8e:1c:1e:5f:87:95:65:eb:dc:
60:dc:44:f5:6c:57:41:65:10:47:38:b5:55:44:a4:fd:6e:a9:
9a:2c:22:0d:2d:fe:a0:25:a7:20:f8:42:a4:b1:34:de:4b:23:
ef:dd:8a:7e:77:ef:4b:64:8f:78:72:4b:19:22:07:82:82:6c:
4f:a1:89:4d:41:8b:ce:35:dc:72:aa:62:70:8c:c2:1d:fe:49:
2e:72:7d:a2:ff:04:28:55:d6:b4:41:37:f4:35:4d:86:eb:46:
12:57:75:bb:ff:a5:44:b3:85:12:ed:eb:cd:0c:cf:4d:67:29:
67:ba:57:8b:c6:e9:8b:8e:4a:1a:d9:91:6b:58:d8:93:3a:01:
df:cb:d0:ff:b0:35:b3:33:bd:36:6a:f6:f7:b4:ed:2b:84:2e:
c4:59:53:95:e4:10:39:c4:6b:84:bd:4a:16:d3:2f:d7:47:9d:
57:1d:a5:cd:e3:9e:58:03:aa:f4:30:f3:e8:70:d0:3b:78:4e:
a6:4f:e4:31
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCFkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzhGMjcxMTAvBgNVBAUTKEQxQTM2Q0Q4RUQyMzU1MDgyNzYxQTNEQjEzRUREMzBE
RkRBMkNGRDAwHhcNMjQwMzI1MTczMDQ0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjAxYjRjNC1jZjk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvk1Jsxxh7iFdiqfGyP11+zjEgYorQL+PmVIFRCp7SCmaKUP+aUcwtQERo42H
Ibl4BI7jaWDu99wMNlCJ5yH/BGNUkJ0MaEogT6rY2CKsCEqNhUA9v6mx1N6kJTZ8
69oxKwkpxek/RoymfBnNK6RERf4cT92RYbQw96OKzg54DH+nctelcUFxUTcAMW/Y
SdfPPNTAqmg22tUhCIrOfzUnY1Q3dXD1liSN6mum10QIAPaGeOGIzD2/mgUnnzbp
7uK7JyQAgh9+enz1L1xShucEJjdSrRywKqfX/5JOa7nYhC2a4FqIk0BaLRp0USz2
uXpPHFDaTUMmcgb5ybyuj3yCswIDAQABo4IClTCCApEwHQYDVR0OBBYEFDLNnrND
m5SdiuKbJDwH4qqo36a/MB8GA1UdIwQYMBaAFNGjbNjtI1UIJ2Gj2xPt0w39os/Q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOEYyNy83RjUyMjlBOEIw
OTIxMUVBQjVEQkVDNThDNEY5QUUwMi8wYU5zMk8walZRZ25ZYVBiRS0zVERmMml6
OUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBhTnMyTzBqVlFnbllhUGJFLTNURGYyaXo5QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzhGMjcvN0Y1MjI5QThCMDkyMTFFQUI1REJFQzU4QzRGOUFFMDIvNjhBMjNBNEVF
QUNEMTFFRUFFMjIwQTJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABncAMwDQYJKoZIhvcNAQELBQADggEBAI2AzNIPFDSGFIi0
ffdOAtPKPQ9oS3M+9yQ1CS9jkdTr8b/xqvy3Cem0benXRe70N3MwymP6xi9euDdT
/x/nyI4cHl+HlWXr3GDcRPVsV0FlEEc4tVVEpP1uqZosIg0t/qAlpyD4QqSxNN5L
I+/din5370tkj3hySxkiB4KCbE+hiU1Bi8413HKqYnCMwh3+SS5yfaL/BChV1rRB
N/Q1TYbrRhJXdbv/pUSzhRLt680Mz01nKWe6V4vG6YuOShrZkWtY2JM6Ad/L0P+w
NbMzvTZq9ve07SuELsRZU5XkEDnEa4S9ShbTL9dHnVcdpc3jnlgDqvQw8+hw0Dt4
TqZP5DE=
-----END CERTIFICATE-----
Generated at Fri Apr 5 18:37:49 2024 by rpki-client on console-fra.rpki-client.org