Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/DC04C182617411EFA09D1116C4F9AE02.roa
File: DC04C182617411EFA09D1116C4F9AE02.roa (raw, json)
Hash identifier: OaNTI7QwHat15J9iUL1WTXzp8ra1dk4WZ9n68VpX0UE=
Subject key identifier: F6:CB:91:41:21:9A:BD:D2:35:30:3D:3F:0B:01:52:96:42:2F:4F:81
Certificate issuer: /CN=A91D3F8E/serialNumber=D40051BC8DDA60C932EE07769AB867BEFA8D42F6
Certificate serial: F6
Authority key identifier: D4:00:51:BC:8D:DA:60:C9:32:EE:07:76:9A:B8:67:BE:FA:8D:42:F6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ABRvI3aYMky7gd2mrhnvvqNQvY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/DC04C182617411EFA09D1116C4F9AE02.roa
Signing time: Fri 23 Aug 2024 17:29:22 +0000
ROA not before: Fri 23 Aug 2024 17:29:22 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 137453
IP address blocks: 103.238.114.0/24 maxlen: 24
103.238.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Aug 2024 16:38:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 246 (0xf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D3F8E/serialNumber=D40051BC8DDA60C932EE07769AB867BEFA8D42F6
Validity
Not Before: Aug 23 17:29:22 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66c8c6f2-88e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:68:52:e8:da:2d:6b:f9:56:24:da:f7:12:ce:
bc:41:a8:e8:18:68:21:a3:ee:0b:3f:d6:2d:43:58:
fb:68:d2:7b:8d:ce:1f:eb:29:6a:c3:bf:bf:c0:57:
ed:3d:18:6f:fe:3e:b4:cf:92:ab:56:07:c4:d1:af:
f5:2a:7a:16:f3:d7:3f:7e:c8:61:45:31:7f:a1:8a:
15:8b:80:a0:91:67:f2:07:15:58:e1:06:23:dd:7c:
db:c9:64:3a:0f:01:0e:e2:64:91:d4:10:2b:53:3d:
1b:1d:17:a1:cb:a6:5a:a3:f9:82:61:fa:70:7a:85:
01:c7:66:33:c6:f3:7a:0f:86:4a:5d:11:f7:a0:28:
1e:b3:58:51:7f:d8:a6:7c:c8:41:5a:53:65:2b:5f:
66:ef:bc:5e:c3:35:14:89:ee:0d:5e:94:42:ea:80:
d0:09:e5:0e:57:f3:f3:23:ce:26:96:27:e4:4c:f4:
2b:cf:d7:86:e6:e4:94:65:73:3c:b0:91:57:64:16:
f4:3f:dd:8d:f4:1a:15:e9:9d:7f:e0:eb:86:33:c4:
f5:04:6d:a0:3d:e4:69:4e:8b:51:a0:31:dc:b1:a3:
cf:c2:b1:a5:f1:58:d8:78:f3:49:99:dd:b1:15:e2:
af:09:c6:45:06:a4:98:aa:bf:26:f4:0f:a0:8b:8c:
37:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:CB:91:41:21:9A:BD:D2:35:30:3D:3F:0B:01:52:96:42:2F:4F:81
X509v3 Authority Key Identifier:
keyid:D4:00:51:BC:8D:DA:60:C9:32:EE:07:76:9A:B8:67:BE:FA:8D:42:F6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/1ABRvI3aYMky7gd2mrhnvvqNQvY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ABRvI3aYMky7gd2mrhnvvqNQvY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/DC04C182617411EFA09D1116C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.238.114.0/23
Signature Algorithm: sha256WithRSAEncryption
84:3b:04:38:24:7a:4e:65:51:2e:e2:c9:7a:7f:93:ff:8b:b3:
cc:60:6d:65:a0:b3:7f:4e:95:ae:98:a5:fc:54:99:20:8c:b7:
f1:74:e7:52:7c:50:f4:c6:78:54:52:ee:6a:7b:2c:8c:94:f2:
64:80:1e:d0:66:ed:3f:8c:f5:b6:c5:03:6f:6c:2d:f8:83:bd:
0d:fb:4e:1d:b4:b5:5a:cc:4a:06:06:c6:17:9f:ed:9d:ac:07:
fa:9d:39:a7:6d:c6:7a:80:1e:85:5e:03:0a:ba:83:03:56:c8:
ab:bf:5a:95:a6:11:fc:ed:b2:b0:9f:83:3f:86:70:7f:6a:ee:
80:1f:ef:4e:96:73:4d:93:23:1f:08:f1:42:6b:d1:c7:bc:c0:
49:65:72:e8:62:03:74:f1:93:36:13:0a:92:6f:b2:be:75:88:
81:5b:82:81:cf:e4:9f:6b:17:0d:fd:d7:86:f9:87:a8:04:7e:
11:0e:2f:a5:28:82:a5:ab:88:32:49:c6:c1:86:94:5c:eb:49:
0c:ea:1f:b3:1a:7a:64:27:34:6a:12:be:b7:c5:aa:5d:03:2f:
2b:6d:27:80:30:0e:69:8e:7e:46:fe:f6:11:59:a2:0f:2d:9e:
28:dd:fc:b7:55:be:b7:0e:9a:bf:93:07:2a:8b:23:d1:a1:c8:
67:9a:2c:f0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAPYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDNGOEUxMTAvBgNVBAUTKEQ0MDA1MUJDOEREQTYwQzkzMkVFMDc3NjlBQjg2N0JF
RkE4RDQyRjYwHhcNMjQwODIzMTcyOTIyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM4YzZmMi04OGUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnmhS6Nota/lWJNr3Es68QajoGGgho+4LP9YtQ1j7aNJ7jc4f6ylqw7+/wFft
PRhv/j60z5KrVgfE0a/1KnoW89c/fshhRTF/oYoVi4CgkWfyBxVY4QYj3XzbyWQ6
DwEO4mSR1BArUz0bHRehy6Zao/mCYfpweoUBx2YzxvN6D4ZKXRH3oCges1hRf9im
fMhBWlNlK19m77xewzUUie4NXpRC6oDQCeUOV/PzI84mlifkTPQrz9eG5uSUZXM8
sJFXZBb0P92N9BoV6Z1/4OuGM8T1BG2gPeRpTotRoDHcsaPPwrGl8VjYePNJmd2x
FeKvCcZFBqSYqr8m9A+gi4w3dwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPbLkUEh
mr3SNTA9PwsBUpZCL0+BMB8GA1UdIwQYMBaAFNQAUbyN2mDJMu4Hdpq4Z776jUL2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEM0Y4RS82QzQwODlCQTIx
NkMxMUVFQjI4QkYyNENDNEY5QUUwMi8xQUJSdkkzYVlNa3k3Z2QybXJobnZ2cU5R
dlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFBQlJ2STNhWU1reTdnZDJtcmhudnZxTlF2WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDNGOEUvNkM0MDg5QkEyMTZDMTFFRUIyOEJGMjRDQzRGOUFFMDIvREMwNEMxODI2
MTc0MTFFRkEwOUQxMTE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn7nIwDQYJKoZIhvcNAQELBQADggEBAIQ7BDgkek5lUS7i
yXp/k/+Ls8xgbWWgs39Ola6YpfxUmSCMt/F051J8UPTGeFRS7mp7LIyU8mSAHtBm
7T+M9bbFA29sLfiDvQ37Th20tVrMSgYGxhef7Z2sB/qdOadtxnqAHoVeAwq6gwNW
yKu/WpWmEfztsrCfgz+GcH9q7oAf706Wc02TIx8I8UJr0ce8wEllcuhiA3TxkzYT
CpJvsr51iIFbgoHP5J9rFw3914b5h6gEfhEOL6UogqWriDJJxsGGlFzrSQzqH7Ma
emQnNGoSvrfFql0DLyttJ4AwDmmOfkb+9hFZog8tnijd/LdVvrcOmr+TByqLI9Gh
yGeaLPA=
-----END CERTIFICATE-----
Generated at Sat Aug 24 18:59:41 2024 by rpki-client on console-fra.rpki-client.org