Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D226F/D5C56E28FAD411ED80EED05FC4F9AE02/C3FBEB7AA06B11EF80CEC45EC4F9AE02.roa
File: C3FBEB7AA06B11EF80CEC45EC4F9AE02.roa (raw, json)
Hash identifier: L0PZkJKWBJVFKT65LE7C+2vHUpQqB0IwJFJw4iFmXvg=
Subject key identifier: 7E:56:58:B8:DB:42:99:B4:D9:6E:E3:68:25:AE:6D:9D:FF:7C:63:13
Certificate issuer: /CN=A91D226F/serialNumber=87F0596871B515BBB3D2982DC6FB9C12DEF4C234
Certificate serial: 0127
Authority key identifier: 87:F0:59:68:71:B5:15:BB:B3:D2:98:2D:C6:FB:9C:12:DE:F4:C2:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h_BZaHG1Fbuz0pgtxvucEt70wjQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D226F/D5C56E28FAD411ED80EED05FC4F9AE02/C3FBEB7AA06B11EF80CEC45EC4F9AE02.roa
Signing time: Tue 12 Nov 2024 21:57:26 +0000
ROA not before: Tue 12 Nov 2024 21:57:26 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 153371
IP address blocks: 103.176.0.0/23 maxlen: 24
2001:df2:7cc0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 17 Nov 2024 08:21:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 295 (0x127)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D226F/serialNumber=87F0596871B515BBB3D2982DC6FB9C12DEF4C234
Validity
Not Before: Nov 12 21:57:26 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6733cf46-1a82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1f:22:e8:66:f1:c2:9c:6a:2c:ef:e6:9d:be:
9a:8b:e0:21:e7:c8:1d:59:e9:97:80:75:28:af:47:
2a:dc:7f:3d:ca:b1:57:b7:ec:be:17:a4:72:82:29:
5d:37:6a:84:92:55:3c:6f:a3:ee:cf:f5:83:02:05:
32:a0:b7:c6:77:11:3d:46:e0:49:51:7e:f0:1d:fb:
bf:c1:59:3b:aa:47:0a:46:fb:b9:b8:a3:2f:2c:3f:
fc:ac:01:a6:d1:82:cc:d8:a0:0d:de:6f:f3:6b:9d:
17:a3:3f:dc:2c:02:26:f4:2a:e5:fb:7a:55:3d:5d:
6a:9c:fb:1a:c7:0d:d7:c1:17:3c:d9:c5:6d:2e:c7:
7d:d9:aa:06:9b:d5:61:55:75:c3:64:f4:82:30:75:
5d:5d:d8:d4:8d:4f:08:df:68:52:1c:de:ec:aa:58:
cc:02:f1:77:10:31:c4:c1:f2:a0:30:45:83:fd:d1:
57:40:9d:94:10:f1:c8:72:c6:9f:4f:41:66:0d:79:
fb:3d:66:e9:eb:6b:68:35:fb:8c:89:37:04:ef:57:
07:aa:bc:35:a0:70:dd:df:dd:5a:dd:ca:be:f0:2d:
98:88:bf:af:6e:12:aa:d4:1e:7a:2e:4e:15:f5:a4:
74:53:da:55:3d:0c:0f:e8:6b:bb:6f:49:66:31:f9:
61:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:56:58:B8:DB:42:99:B4:D9:6E:E3:68:25:AE:6D:9D:FF:7C:63:13
X509v3 Authority Key Identifier:
keyid:87:F0:59:68:71:B5:15:BB:B3:D2:98:2D:C6:FB:9C:12:DE:F4:C2:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D226F/D5C56E28FAD411ED80EED05FC4F9AE02/h_BZaHG1Fbuz0pgtxvucEt70wjQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h_BZaHG1Fbuz0pgtxvucEt70wjQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D226F/D5C56E28FAD411ED80EED05FC4F9AE02/C3FBEB7AA06B11EF80CEC45EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.176.0.0/23
IPv6:
2001:df2:7cc0::/48
Signature Algorithm: sha256WithRSAEncryption
3a:d6:e9:a0:3d:93:bf:22:10:d9:df:17:fa:3f:3f:a9:f4:e8:
33:98:43:85:2e:c1:80:df:8a:9d:49:ab:fa:e7:34:7c:db:6b:
40:89:f5:7f:47:a3:1f:0a:4c:fd:3a:d2:8c:ed:bb:2d:3a:67:
56:94:d4:df:67:69:e6:af:2e:de:a6:47:ad:06:eb:d2:9a:94:
51:a3:21:10:86:85:9a:0c:51:09:97:7c:86:fb:e7:87:8f:54:
59:e0:d8:53:7c:74:4d:c4:a8:37:9e:e4:6f:22:be:04:2a:29:
c0:b7:ca:82:84:32:b2:4f:c4:44:39:9b:11:98:8c:8c:30:19:
03:63:8a:62:f9:6f:b3:f3:dc:f4:94:1a:c7:56:47:37:9e:bc:
37:f3:9f:4d:05:ae:70:85:08:a6:e4:1d:ec:44:b5:15:c9:b1:
5e:36:4c:52:c1:72:36:e0:8e:58:25:50:9a:78:47:c0:63:34:
c6:80:8f:f5:c7:d4:07:62:43:e7:0c:15:8c:4c:b8:f2:bf:76:
4c:f5:1b:e4:01:0e:e1:1b:1c:99:82:91:b6:da:3f:04:de:b9:
e8:0d:e4:11:7e:2c:d3:a1:f6:0b:61:37:76:bd:33:bc:1b:f1:
dc:e6:de:c5:49:66:88:16:a9:71:ae:42:53:85:91:48:b7:7c:
be:6f:49:e1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAScwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDIyNkYxMTAvBgNVBAUTKDg3RjA1OTY4NzFCNTE1QkJCM0QyOTgyREM2RkI5QzEy
REVGNEMyMzQwHhcNMjQxMTEyMjE1NzI2WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzMzY2Y0Ni0xYTgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtR8i6GbxwpxqLO/mnb6ai+Ah58gdWemXgHUor0cq3H89yrFXt+y+F6Rygild
N2qEklU8b6Puz/WDAgUyoLfGdxE9RuBJUX7wHfu/wVk7qkcKRvu5uKMvLD/8rAGm
0YLM2KAN3m/za50Xoz/cLAIm9Crl+3pVPV1qnPsaxw3XwRc82cVtLsd92aoGm9Vh
VXXDZPSCMHVdXdjUjU8I32hSHN7sqljMAvF3EDHEwfKgMEWD/dFXQJ2UEPHIcsaf
T0FmDXn7PWbp62toNfuMiTcE71cHqrw1oHDd391a3cq+8C2YiL+vbhKq1B56Lk4V
9aR0U9pVPQwP6Gu7b0lmMflh4QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFH5WWLjb
Qpm02W7jaCWubZ3/fGMTMB8GA1UdIwQYMBaAFIfwWWhxtRW7s9KYLcb7nBLe9MI0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjI2Ri9ENUM1NkUyOEZB
RDQxMUVEODBFRUQwNUZDNEY5QUUwMi9oX0JaYUhHMUZidXowcGd0eHZ1Y0V0NzB3
alEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hfQlphSEcxRmJ1ejBwZ3R4dnVjRXQ3MHdqUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDIyNkYvRDVDNTZFMjhGQUQ0MTFFRDgwRUVEMDVGQzRGOUFFMDIvQzNGQkVCN0FB
MDZCMTFFRjgwQ0VDNDVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnsAAwDwQCAAIwCQMHACABDfJ8wDANBgkqhkiG9w0BAQsF
AAOCAQEAOtbpoD2TvyIQ2d8X+j8/qfToM5hDhS7BgN+KnUmr+uc0fNtrQIn1f0ej
HwpM/TrSjO27LTpnVpTU32dp5q8u3qZHrQbr0pqUUaMhEIaFmgxRCZd8hvvnh49U
WeDYU3x0TcSoN57kbyK+BCopwLfKgoQysk/ERDmbEZiMjDAZA2OKYvlvs/Pc9JQa
x1ZHN568N/OfTQWucIUIpuQd7ES1FcmxXjZMUsFyNuCOWCVQmnhHwGM0xoCP9cfU
B2JD5wwVjEy48r92TPUb5AEO4RscmYKRtto/BN656A3kEX4s06H2C2E3dr0zvBvx
3ObexUlmiBapca5CU4WRSLd8vm9J4Q==
-----END CERTIFICATE-----
Generated at Sun Nov 17 09:27:03 2024 by rpki-client on console-fra.rpki-client.org