Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/61A32CF6662B11EFB8879B4EC4F9AE02.roa
File: 61A32CF6662B11EFB8879B4EC4F9AE02.roa (raw, json)
Hash identifier: L2fHX30T0syhYkvI2IT8696kLsv6mcyz1pPKPWbuVU8=
Subject key identifier: 0A:7C:3D:5E:EA:AB:18:FD:53:3E:99:A6:DE:01:80:20:68:40:C6:C7
Certificate issuer: /CN=A91D3F8E/serialNumber=D40051BC8DDA60C932EE07769AB867BEFA8D42F6
Certificate serial: 0103
Authority key identifier: D4:00:51:BC:8D:DA:60:C9:32:EE:07:76:9A:B8:67:BE:FA:8D:42:F6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ABRvI3aYMky7gd2mrhnvvqNQvY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/61A32CF6662B11EFB8879B4EC4F9AE02.roa
Signing time: Thu 29 Aug 2024 17:24:07 +0000
ROA not before: Thu 29 Aug 2024 17:24:07 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 150774
IP address blocks: 103.238.114.0/24 maxlen: 24
103.238.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Sep 2024 03:46:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 259 (0x103)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D3F8E/serialNumber=D40051BC8DDA60C932EE07769AB867BEFA8D42F6
Validity
Not Before: Aug 29 17:24:07 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66d0aeb6-b5c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:94:23:af:c8:21:32:74:6f:08:1d:03:9a:f3:
10:09:19:a1:a5:c2:2a:f1:65:38:41:ae:81:67:5a:
7a:80:21:88:f0:5f:5c:fc:8f:c9:12:30:2d:ea:e0:
94:32:c1:54:e0:4d:cb:06:27:a7:7e:ab:c4:ca:b8:
26:f2:e6:db:f5:bc:fc:00:5c:30:7d:27:87:b8:19:
9c:9c:db:7e:64:48:39:2b:e2:95:b8:40:7e:f5:64:
ff:85:0e:21:9d:03:aa:5f:75:58:16:3b:3b:65:37:
56:6e:8e:44:d9:b7:2f:5c:b4:b5:9c:b1:a7:2b:35:
42:30:21:a2:9f:a9:eb:8b:7e:a0:eb:8b:25:50:74:
9c:ef:09:5f:62:95:d5:14:0d:e5:fa:b7:93:8f:98:
3d:01:59:9b:2f:67:e7:db:ba:91:94:c1:1f:07:93:
5e:cd:58:b9:50:de:d9:c0:cf:08:5f:73:9f:b2:58:
01:d9:a1:6b:44:bd:ff:22:f6:8a:9f:9d:78:6c:bb:
69:02:f3:3e:97:9f:9c:66:69:8a:34:8f:fe:d4:d1:
9e:bb:6d:81:a0:bd:6f:1d:a9:82:32:4a:aa:f7:3a:
22:31:ea:df:88:e5:9a:0f:98:6c:95:bb:2d:87:9e:
27:9c:35:83:d2:73:c0:9d:bb:26:eb:6d:e7:3b:cb:
3d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:7C:3D:5E:EA:AB:18:FD:53:3E:99:A6:DE:01:80:20:68:40:C6:C7
X509v3 Authority Key Identifier:
keyid:D4:00:51:BC:8D:DA:60:C9:32:EE:07:76:9A:B8:67:BE:FA:8D:42:F6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/1ABRvI3aYMky7gd2mrhnvvqNQvY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ABRvI3aYMky7gd2mrhnvvqNQvY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/61A32CF6662B11EFB8879B4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.238.114.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:4b:49:37:46:50:df:35:e6:37:8a:8d:21:35:b4:63:03:3f:
c9:ff:18:18:40:e9:dd:6d:c1:a8:60:2a:be:27:2c:66:c3:4a:
06:1d:59:e9:c4:5c:22:77:1b:5a:b1:ea:15:48:11:1e:6c:5a:
42:73:9f:1f:5e:b4:a0:7e:0f:2a:f2:29:7e:01:3e:d6:a0:c9:
88:ba:2c:f2:17:65:bb:8a:b7:e5:33:39:ef:bb:28:12:b6:0b:
5b:8a:44:ea:7c:82:70:97:79:35:97:71:87:f6:4d:a8:92:0a:
5e:2c:cb:48:f2:35:52:da:9d:82:a6:31:c6:9b:8d:84:36:be:
d5:c1:40:4e:2d:14:44:52:71:6b:1c:92:da:c1:09:a9:52:b0:
0a:11:bf:3a:53:b3:6f:ce:1f:72:90:2c:57:27:99:eb:5c:c1:
a9:6b:cc:84:7f:ab:70:56:69:a5:33:92:8a:04:6f:ff:d3:c0:
42:48:42:5e:36:2e:d5:5b:65:f7:43:b2:2b:d9:27:e7:ba:0d:
2b:e3:ff:e5:e2:7e:df:b6:ee:89:59:4d:9e:de:a1:37:97:79:
66:ee:e6:91:b5:65:f1:73:8b:64:aa:68:9f:48:a6:0d:4b:15:
bd:bd:19:ec:17:68:69:b3:e7:07:26:ef:7e:34:54:fc:61:ae:
17:64:3a:61
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAQMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDNGOEUxMTAvBgNVBAUTKEQ0MDA1MUJDOEREQTYwQzkzMkVFMDc3NjlBQjg2N0JF
RkE4RDQyRjYwHhcNMjQwODI5MTcyNDA3WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQwYWViNi1iNWMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzZQjr8ghMnRvCB0DmvMQCRmhpcIq8WU4Qa6BZ1p6gCGI8F9c/I/JEjAt6uCU
MsFU4E3LBienfqvEyrgm8ubb9bz8AFwwfSeHuBmcnNt+ZEg5K+KVuEB+9WT/hQ4h
nQOqX3VYFjs7ZTdWbo5E2bcvXLS1nLGnKzVCMCGin6nri36g64slUHSc7wlfYpXV
FA3l+reTj5g9AVmbL2fn27qRlMEfB5NezVi5UN7ZwM8IX3OfslgB2aFrRL3/IvaK
n514bLtpAvM+l5+cZmmKNI/+1NGeu22BoL1vHamCMkqq9zoiMerfiOWaD5hslbst
h54nnDWD0nPAnbsm623nO8s9sQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAp8PV7q
qxj9Uz6Zpt4BgCBoQMbHMB8GA1UdIwQYMBaAFNQAUbyN2mDJMu4Hdpq4Z776jUL2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEM0Y4RS82QzQwODlCQTIx
NkMxMUVFQjI4QkYyNENDNEY5QUUwMi8xQUJSdkkzYVlNa3k3Z2QybXJobnZ2cU5R
dlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFBQlJ2STNhWU1reTdnZDJtcmhudnZxTlF2WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDNGOEUvNkM0MDg5QkEyMTZDMTFFRUIyOEJGMjRDQzRGOUFFMDIvNjFBMzJDRjY2
NjJCMTFFRkI4ODc5QjRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn7nIwDQYJKoZIhvcNAQELBQADggEBALNLSTdGUN815jeK
jSE1tGMDP8n/GBhA6d1twahgKr4nLGbDSgYdWenEXCJ3G1qx6hVIER5sWkJznx9e
tKB+DyryKX4BPtagyYi6LPIXZbuKt+UzOe+7KBK2C1uKROp8gnCXeTWXcYf2TaiS
Cl4sy0jyNVLanYKmMcabjYQ2vtXBQE4tFERScWscktrBCalSsAoRvzpTs2/OH3KQ
LFcnmetcwalrzIR/q3BWaaUzkooEb//TwEJIQl42LtVbZfdDsivZJ+e6DSvj/+Xi
ft+27olZTZ7eoTeXeWbu5pG1ZfFzi2SqaJ9Ipg1LFb29GewXaGmz5wcm7340VPxh
rhdkOmE=
-----END CERTIFICATE-----
Generated at Sun Sep 1 04:53:20 2024 by rpki-client on console-fra.rpki-client.org