Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/C6FE0B485F0011EF9891B281C4F9AE02.roa
File: C6FE0B485F0011EF9891B281C4F9AE02.roa (raw, json)
Hash identifier: 9/FYvBpgORlrA8n7d3tyzPN+cjdJq6OdLPBeH4afb40=
Subject key identifier: A8:02:06:85:3B:69:D0:AD:2B:00:55:2C:60:89:CE:36:BA:80:9C:B0
Certificate issuer: /CN=A91D3F8E/serialNumber=D40051BC8DDA60C932EE07769AB867BEFA8D42F6
Certificate serial: E8
Authority key identifier: D4:00:51:BC:8D:DA:60:C9:32:EE:07:76:9A:B8:67:BE:FA:8D:42:F6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ABRvI3aYMky7gd2mrhnvvqNQvY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/C6FE0B485F0011EF9891B281C4F9AE02.roa
Signing time: Tue 20 Aug 2024 14:32:46 +0000
ROA not before: Tue 20 Aug 2024 14:32:46 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 137453
IP address blocks: 103.238.114.0/24 maxlen: 24
103.238.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Aug 2024 17:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 232 (0xe8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D3F8E/serialNumber=D40051BC8DDA60C932EE07769AB867BEFA8D42F6
Validity
Not Before: Aug 20 14:32:46 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66c4a90e-9c10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:03:43:ec:77:36:37:1a:9a:12:32:37:2c:ad:
d0:ee:66:ff:58:a3:b8:e1:5e:d6:de:6f:b5:66:08:
25:77:e5:8c:34:8f:06:fc:3a:84:30:2b:71:16:93:
06:da:36:b1:1b:7d:8b:43:ff:67:a4:0d:22:d5:58:
29:cf:ed:61:6b:6d:0a:d8:18:04:53:2b:b4:22:16:
29:09:e9:22:a9:9e:51:b3:2c:d3:c3:a4:9a:f1:90:
8a:ce:a9:5a:47:1e:b0:74:ff:46:51:20:d8:b2:c0:
98:69:24:44:a2:9b:eb:f2:74:4e:d6:95:38:6a:05:
cf:cd:7b:ca:eb:9b:3a:64:56:b2:13:a8:13:cc:84:
7b:02:5c:07:15:f7:c2:f1:b8:29:3c:cb:3b:d0:66:
7f:99:74:00:de:0e:21:c7:1c:98:00:9d:d6:9e:01:
8f:84:28:ac:90:5e:97:21:ad:c0:b6:9c:10:21:b5:
35:b9:13:bf:db:1a:f9:63:ff:7f:2a:e3:77:35:4d:
5d:50:ce:de:db:7a:bf:b5:a0:98:54:1c:4a:55:76:
83:5a:30:f6:0d:dd:f3:94:5c:84:f1:24:35:40:ed:
a4:ba:5f:13:c5:be:6a:d3:b0:b6:45:cc:a4:ae:b0:
36:ca:38:92:b7:20:e0:e3:31:cd:8a:5a:ef:7f:33:
69:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:02:06:85:3B:69:D0:AD:2B:00:55:2C:60:89:CE:36:BA:80:9C:B0
X509v3 Authority Key Identifier:
keyid:D4:00:51:BC:8D:DA:60:C9:32:EE:07:76:9A:B8:67:BE:FA:8D:42:F6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/1ABRvI3aYMky7gd2mrhnvvqNQvY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ABRvI3aYMky7gd2mrhnvvqNQvY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/C6FE0B485F0011EF9891B281C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.238.114.0/23
Signature Algorithm: sha256WithRSAEncryption
98:0c:71:6f:34:ce:ab:f6:2e:36:c9:21:3d:97:ac:db:aa:16:
47:26:3e:34:6d:de:d5:3e:50:44:7c:d4:5c:5c:6d:b5:1f:f3:
5d:5e:64:02:09:62:75:87:fa:0f:cd:fa:d9:17:70:e7:97:1a:
03:78:da:1c:da:77:af:19:f7:1f:6f:47:c4:87:1f:d6:34:54:
06:e3:01:25:c6:fc:2e:f2:ab:d3:ba:be:24:87:e2:d3:af:7a:
6a:e2:a3:e1:cc:46:b9:b5:70:02:27:38:8d:61:59:e4:ec:2e:
e4:ac:5e:31:c0:ba:b8:ce:94:db:f3:f4:2d:26:24:e9:51:df:
4c:3c:2f:b4:ad:04:a6:10:b5:dd:72:df:26:f3:1e:07:34:5d:
fe:01:d5:a3:4c:6b:8f:f0:41:b7:33:cb:ad:82:85:61:e7:4c:
20:de:ae:14:80:1a:43:38:97:b6:29:da:49:63:8b:9b:bf:92:
3a:8e:9a:40:38:cd:76:05:e3:3d:7d:ab:90:83:4f:cd:73:2b:
fd:18:33:7a:6f:1f:f1:d6:b5:63:cf:3f:ac:55:a9:34:dc:b4:
14:e0:86:c5:aa:5c:55:68:f6:0c:ba:d3:9f:ad:c7:2d:20:3d:
d9:25:81:86:59:d0:c2:7f:18:06:b1:c0:d3:74:a8:b1:36:c4:
60:c7:3e:11
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAOgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDNGOEUxMTAvBgNVBAUTKEQ0MDA1MUJDOEREQTYwQzkzMkVFMDc3NjlBQjg2N0JF
RkE4RDQyRjYwHhcNMjQwODIwMTQzMjQ2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM0YTkwZS05YzEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArgND7Hc2NxqaEjI3LK3Q7mb/WKO44V7W3m+1Zggld+WMNI8G/DqEMCtxFpMG
2jaxG32LQ/9npA0i1Vgpz+1ha20K2BgEUyu0IhYpCekiqZ5RsyzTw6Sa8ZCKzqla
Rx6wdP9GUSDYssCYaSREopvr8nRO1pU4agXPzXvK65s6ZFayE6gTzIR7AlwHFffC
8bgpPMs70GZ/mXQA3g4hxxyYAJ3WngGPhCiskF6XIa3AtpwQIbU1uRO/2xr5Y/9/
KuN3NU1dUM7e23q/taCYVBxKVXaDWjD2Dd3zlFyE8SQ1QO2kul8Txb5q07C2Rcyk
rrA2yjiStyDg4zHNilrvfzNpqwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKgCBoU7
adCtKwBVLGCJzja6gJywMB8GA1UdIwQYMBaAFNQAUbyN2mDJMu4Hdpq4Z776jUL2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEM0Y4RS82QzQwODlCQTIx
NkMxMUVFQjI4QkYyNENDNEY5QUUwMi8xQUJSdkkzYVlNa3k3Z2QybXJobnZ2cU5R
dlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFBQlJ2STNhWU1reTdnZDJtcmhudnZxTlF2WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDNGOEUvNkM0MDg5QkEyMTZDMTFFRUIyOEJGMjRDQzRGOUFFMDIvQzZGRTBCNDg1
RjAwMTFFRjk4OTFCMjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn7nIwDQYJKoZIhvcNAQELBQADggEBAJgMcW80zqv2LjbJ
IT2XrNuqFkcmPjRt3tU+UER81FxcbbUf811eZAIJYnWH+g/N+tkXcOeXGgN42hza
d68Z9x9vR8SHH9Y0VAbjASXG/C7yq9O6viSH4tOvemrio+HMRrm1cAInOI1hWeTs
LuSsXjHAurjOlNvz9C0mJOlR30w8L7StBKYQtd1y3ybzHgc0Xf4B1aNMa4/wQbcz
y62ChWHnTCDerhSAGkM4l7Yp2klji5u/kjqOmkA4zXYF4z19q5CDT81zK/0YM3pv
H/HWtWPPP6xVqTTctBTghsWqXFVo9gy605+txy0gPdklgYZZ0MJ/GAaxwNN0qLE2
xGDHPhE=
-----END CERTIFICATE-----
Generated at Fri Aug 23 23:54:31 2024 by rpki-client on console-ams.rpki-client.org