Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/0DB3BBF84D1A11EFA87FCE62C4F9AE02.roa
File: 0DB3BBF84D1A11EFA87FCE62C4F9AE02.roa (raw, json)
Hash identifier: zNXdNVaqyKzZzxGzhYET4lx9D/Jo+AVUxxyiY+Gq37Q=
Subject key identifier: D5:67:7E:B3:35:6C:86:D7:6C:62:F0:4C:8E:15:FF:72:D9:BC:9B:FC
Certificate issuer: /CN=A91D3F8E/serialNumber=D40051BC8DDA60C932EE07769AB867BEFA8D42F6
Certificate serial: D0
Authority key identifier: D4:00:51:BC:8D:DA:60:C9:32:EE:07:76:9A:B8:67:BE:FA:8D:42:F6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ABRvI3aYMky7gd2mrhnvvqNQvY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/0DB3BBF84D1A11EFA87FCE62C4F9AE02.roa
Signing time: Mon 29 Jul 2024 05:26:25 +0000
ROA not before: Mon 29 Jul 2024 05:26:25 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 137453
IP address blocks: 103.238.114.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jul 2024 15:37:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 208 (0xd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D3F8E/serialNumber=D40051BC8DDA60C932EE07769AB867BEFA8D42F6
Validity
Not Before: Jul 29 05:26:25 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66a72801-5c85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a1:03:bf:96:c5:21:d5:05:0f:e0:ba:98:83:
d5:94:a3:1e:0a:8b:16:0d:68:eb:f3:ee:a1:a7:96:
7f:85:82:8f:3a:a7:79:44:b4:b6:7d:ac:fc:31:27:
9a:70:e2:3a:40:3b:fb:e1:d4:8c:4c:0d:b0:c0:0d:
e1:21:4b:e3:4c:29:f3:7c:9f:0a:15:e3:14:ed:ad:
5e:23:7f:84:41:b2:52:95:5a:23:57:ed:bd:7e:cd:
92:8a:75:3a:dd:8c:3f:ff:a2:34:c7:da:1b:bf:fd:
76:5f:58:77:f9:e1:4e:39:cf:1e:33:2d:3f:16:32:
20:b7:de:73:6e:cd:ab:5e:17:69:50:5b:1b:4c:0b:
3a:fe:5a:21:18:ff:26:af:1f:54:7e:a1:fb:ae:b5:
67:42:ed:73:f0:f1:66:45:4c:04:d7:d0:d6:4b:9e:
4b:63:01:c1:cd:8e:91:dd:aa:8a:2c:08:2c:bf:11:
42:3c:62:7f:8f:f6:96:a3:ad:9b:d9:e7:af:bf:ca:
ef:37:b7:33:44:4d:88:ec:37:cc:b8:77:52:08:21:
9c:a1:70:ed:df:4a:7f:38:ca:fb:41:9a:96:98:a6:
a6:35:4a:66:be:86:b7:c5:0c:ef:fe:2c:69:bf:7a:
81:ea:f7:f8:2e:73:ee:0f:fc:47:a8:b8:7c:6b:56:
07:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:67:7E:B3:35:6C:86:D7:6C:62:F0:4C:8E:15:FF:72:D9:BC:9B:FC
X509v3 Authority Key Identifier:
keyid:D4:00:51:BC:8D:DA:60:C9:32:EE:07:76:9A:B8:67:BE:FA:8D:42:F6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/1ABRvI3aYMky7gd2mrhnvvqNQvY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ABRvI3aYMky7gd2mrhnvvqNQvY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/0DB3BBF84D1A11EFA87FCE62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.238.114.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:9d:c5:8d:5a:33:3e:cd:44:ba:da:41:ef:e7:ce:b8:1f:58:
89:ed:48:0c:cb:97:c9:0c:16:55:d2:c2:e5:0e:23:e8:65:cc:
72:1f:35:f7:13:d9:44:4e:45:df:1b:f9:05:b7:7f:8f:7e:3b:
89:a2:2f:4c:bb:ed:88:c9:ba:1f:38:b3:70:89:d5:09:92:1d:
d2:c8:47:bb:11:84:a2:56:3f:ec:45:e6:7f:b1:81:6e:8e:1c:
77:c1:54:bf:0b:29:20:99:0d:90:1c:32:a6:68:d4:8f:06:be:
02:bb:1b:52:bf:be:bb:85:de:81:ec:48:d3:4f:2f:70:8f:5c:
8e:37:57:98:cc:3f:96:7b:ee:bf:c1:9d:8e:be:60:ec:c5:26:
0e:ea:26:10:3c:72:fa:30:f9:1e:f9:f7:65:e5:fa:5a:db:77:
96:59:5e:09:eb:25:20:9b:d8:bf:4e:54:4f:b1:20:00:4d:81:
99:37:d6:76:49:92:3c:e0:32:bd:3f:f1:57:90:ff:c3:64:4a:
d0:a9:89:be:87:d9:3a:89:5a:ad:69:a4:98:9c:18:ea:9d:2c:
33:6b:25:b9:70:9d:22:bc:33:9b:01:2b:5d:d1:6a:3a:51:34:
8f:a9:a0:b7:ec:75:27:a4:f5:28:49:9b:62:cb:59:72:f9:5f:
4b:1a:98:86
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICANAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDNGOEUxMTAvBgNVBAUTKEQ0MDA1MUJDOEREQTYwQzkzMkVFMDc3NjlBQjg2N0JF
RkE4RDQyRjYwHhcNMjQwNzI5MDUyNjI1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE3MjgwMS01Yzg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyqEDv5bFIdUFD+C6mIPVlKMeCosWDWjr8+6hp5Z/hYKPOqd5RLS2faz8MSea
cOI6QDv74dSMTA2wwA3hIUvjTCnzfJ8KFeMU7a1eI3+EQbJSlVojV+29fs2SinU6
3Yw//6I0x9obv/12X1h3+eFOOc8eMy0/FjIgt95zbs2rXhdpUFsbTAs6/lohGP8m
rx9UfqH7rrVnQu1z8PFmRUwE19DWS55LYwHBzY6R3aqKLAgsvxFCPGJ/j/aWo62b
2eevv8rvN7czRE2I7DfMuHdSCCGcoXDt30p/OMr7QZqWmKamNUpmvoa3xQzv/ixp
v3qB6vf4LnPuD/xHqLh8a1YHPQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNVnfrM1
bIbXbGLwTI4V/3LZvJv8MB8GA1UdIwQYMBaAFNQAUbyN2mDJMu4Hdpq4Z776jUL2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEM0Y4RS82QzQwODlCQTIx
NkMxMUVFQjI4QkYyNENDNEY5QUUwMi8xQUJSdkkzYVlNa3k3Z2QybXJobnZ2cU5R
dlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFBQlJ2STNhWU1reTdnZDJtcmhudnZxTlF2WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDNGOEUvNkM0MDg5QkEyMTZDMTFFRUIyOEJGMjRDQzRGOUFFMDIvMERCM0JCRjg0
RDFBMTFFRkE4N0ZDRTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn7nIwDQYJKoZIhvcNAQELBQADggEBAB6dxY1aMz7NRLra
Qe/nzrgfWIntSAzLl8kMFlXSwuUOI+hlzHIfNfcT2URORd8b+QW3f49+O4miL0y7
7YjJuh84s3CJ1QmSHdLIR7sRhKJWP+xF5n+xgW6OHHfBVL8LKSCZDZAcMqZo1I8G
vgK7G1K/vruF3oHsSNNPL3CPXI43V5jMP5Z77r/BnY6+YOzFJg7qJhA8cvow+R75
92Xl+lrbd5ZZXgnrJSCb2L9OVE+xIABNgZk31nZJkjzgMr0/8VeQ/8NkStCpib6H
2TqJWq1ppJicGOqdLDNrJblwnSK8M5sBK13RajpRNI+poLfsdSek9ShJm2LLWXL5
X0samIY=
-----END CERTIFICATE-----
Generated at Mon Jul 29 19:29:06 2024 by rpki-client on console-ams.rpki-client.org