Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1EDC/54404390D06211EAA19A3411C4F9AE02/2924C424C09D11EC81156D28C4F9AE02.roa
File: 2924C424C09D11EC81156D28C4F9AE02.roa (raw, json)
Hash identifier: QYnDfEEewK8St6dnUUbd4yPyXkyanhH8CrTzTgCPG0w=
Subject key identifier: C3:53:CA:7B:CB:EE:EF:AF:36:63:EF:C3:C2:46:52:71:6A:3E:B3:40
Certificate issuer: /CN=A91D1EDC/serialNumber=5FA0CE70061E49B73C378F1C36F6959641925AED
Certificate serial: 0606
Authority key identifier: 5F:A0:CE:70:06:1E:49:B7:3C:37:8F:1C:36:F6:95:96:41:92:5A:ED
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X6DOcAYeSbc8N48cNvaVlkGSWu0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1EDC/54404390D06211EAA19A3411C4F9AE02/2924C424C09D11EC81156D28C4F9AE02.roa
Signing time: Fri 02 Sep 2022 11:00:13 +0000
ROA not before: Fri 02 Sep 2022 11:00:12 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 45158
IP address blocks: 103.251.172.0/22 maxlen: 22
103.251.172.0/24 maxlen: 24
103.251.173.0/24 maxlen: 24
103.251.174.0/24 maxlen: 24
103.251.175.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1542 (0x606)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1EDC/serialNumber=5FA0CE70061E49B73C378F1C36F6959641925AED
Validity
Not Before: Sep 2 11:00:12 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=6311e23c-610d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2b:2d:ab:71:d9:75:34:d2:30:d6:70:22:77:
25:e3:75:63:d0:99:40:30:55:a4:7d:0b:51:67:8e:
09:b1:d5:52:46:4f:db:6a:f9:c9:60:b1:bf:23:e6:
a6:30:c9:d1:5b:10:a2:10:c5:10:5e:02:f2:ac:85:
a7:c6:63:85:df:b1:b6:d5:74:fa:19:0f:ca:b3:56:
9f:e0:81:de:d0:86:97:80:41:22:3d:79:3a:ae:cd:
6f:9c:58:1c:00:ec:a6:69:2f:c3:6d:0d:cf:21:7d:
43:fc:9b:2c:19:9b:f3:cd:06:15:ef:df:15:82:e5:
e0:c7:35:3e:fd:62:55:9f:c2:ec:78:8f:6b:18:de:
cf:08:85:fa:54:5c:c2:8b:56:68:0e:ed:a4:58:b0:
0c:ac:2f:49:85:cc:73:29:86:ac:2f:a1:d0:03:ab:
ac:50:f8:a9:b5:f3:61:cf:40:b9:93:66:88:ac:af:
7e:c4:ce:be:f1:28:24:f8:42:2d:c2:49:dd:44:3b:
19:6c:4b:c2:29:41:d2:57:1e:40:5b:6a:93:4d:92:
02:23:98:fe:8d:a2:30:f7:e3:de:2d:0a:4a:e9:e4:
06:2d:ac:de:e9:f4:96:59:6f:ed:21:99:9d:05:6d:
be:28:67:d9:d2:65:22:75:dc:20:4f:2e:1e:c4:bd:
68:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:53:CA:7B:CB:EE:EF:AF:36:63:EF:C3:C2:46:52:71:6A:3E:B3:40
X509v3 Authority Key Identifier:
keyid:5F:A0:CE:70:06:1E:49:B7:3C:37:8F:1C:36:F6:95:96:41:92:5A:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1EDC/54404390D06211EAA19A3411C4F9AE02/X6DOcAYeSbc8N48cNvaVlkGSWu0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X6DOcAYeSbc8N48cNvaVlkGSWu0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1EDC/54404390D06211EAA19A3411C4F9AE02/2924C424C09D11EC81156D28C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.251.172.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:7e:e4:c2:f4:4c:c4:99:db:0a:df:fa:4d:a2:f6:a9:c9:16:
5d:b5:66:81:17:1d:a5:56:f3:11:d0:7a:8d:cb:76:9b:22:86:
bb:b1:a4:72:b4:99:e1:c7:23:8d:23:b8:d1:1f:2a:57:d6:9a:
ea:28:c7:c6:b7:78:aa:72:82:de:0a:4d:7f:20:91:03:f4:37:
9d:1e:49:03:04:7d:20:27:5c:7d:f3:16:ec:e2:16:2d:ae:54:
74:49:d1:17:57:73:f4:5c:b3:cd:88:45:05:fb:fb:ed:f6:68:
2b:7b:d2:68:2c:c4:a1:1b:21:1e:13:ea:ca:56:0f:87:71:f8:
e5:40:ab:c7:30:00:e2:82:0f:3c:62:5e:9c:67:4f:7d:52:40:
4d:23:7a:a7:0b:b5:7c:39:d7:8c:02:b0:e0:9a:fb:14:10:4c:
7c:76:3f:84:4e:16:fd:7d:58:63:73:17:90:74:ea:ae:58:19:
63:b0:08:a6:84:4e:f4:9c:03:0f:28:21:72:9e:9d:52:65:91:
04:97:d3:0e:59:19:fc:6b:26:a7:a4:62:b0:18:7a:21:03:97:
ba:09:2d:3e:ce:85:10:fc:5f:32:45:96:77:30:b4:da:15:1b:
71:2a:0c:86:86:a2:32:33:62:49:36:69:73:0a:fb:68:84:4e:
a2:e4:de:eb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBgYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDFFREMxMTAvBgNVBAUTKDVGQTBDRTcwMDYxRTQ5QjczQzM3OEYxQzM2RjY5NTk2
NDE5MjVBRUQwHhcNMjIwOTAyMTEwMDEyWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzExZTIzYy02MTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwSstq3HZdTTSMNZwIncl43Vj0JlAMFWkfQtRZ44JsdVSRk/bavnJYLG/I+am
MMnRWxCiEMUQXgLyrIWnxmOF37G21XT6GQ/Ks1af4IHe0IaXgEEiPXk6rs1vnFgc
AOymaS/DbQ3PIX1D/JssGZvzzQYV798VguXgxzU+/WJVn8LseI9rGN7PCIX6VFzC
i1ZoDu2kWLAMrC9JhcxzKYasL6HQA6usUPiptfNhz0C5k2aIrK9+xM6+8Sgk+EIt
wkndRDsZbEvCKUHSVx5AW2qTTZICI5j+jaIw9+PeLQpK6eQGLaze6fSWWW/tIZmd
BW2+KGfZ0mUiddwgTy4exL1o+QIDAQABo4IClTCCApEwHQYDVR0OBBYEFMNTynvL
7u+vNmPvw8JGUnFqPrNAMB8GA1UdIwQYMBaAFF+gznAGHkm3PDePHDb2lZZBklrt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMUVEQy81NDQwNDM5MEQw
NjIxMUVBQTE5QTM0MTFDNEY5QUUwMi9YNkRPY0FZZVNiYzhONDhjTnZhVmxrR1NX
dTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1g2RE9jQVllU2JjOE40OGNOdmFWbGtHU1d1MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDFFREMvNTQ0MDQzOTBEMDYyMTFFQUExOUEzNDExQzRGOUFFMDIvMjkyNEM0MjRD
MDlEMTFFQzgxMTU2RDI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn+6wwDQYJKoZIhvcNAQELBQADggEBAH5+5ML0TMSZ2wrf
+k2i9qnJFl21ZoEXHaVW8xHQeo3LdpsihruxpHK0meHHI40juNEfKlfWmuoox8a3
eKpygt4KTX8gkQP0N50eSQMEfSAnXH3zFuziFi2uVHRJ0RdXc/Rcs82IRQX7++32
aCt70mgsxKEbIR4T6spWD4dx+OVAq8cwAOKCDzxiXpxnT31SQE0jeqcLtXw514wC
sOCa+xQQTHx2P4ROFv19WGNzF5B06q5YGWOwCKaETvScAw8oIXKenVJlkQSX0w5Z
GfxrJqekYrAYeiEDl7oJLT7OhRD8XzJFlncwtNoVG3EqDIaGojIzYkk2aXMK+2iE
TqLk3us=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:06 2023 by rpki-client on console-ams.rpki-client.org