Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/DCB516F4617411EFA09D1116C4F9AE02.roa
File: DCB516F4617411EFA09D1116C4F9AE02.roa (raw, json)
Hash identifier: Hj3VEwTAMKzxhCje5Ewo81fGF3cAKxcIw2ibPwQXhEk=
Subject key identifier: 25:29:41:91:FB:62:B8:B0:A3:18:1D:F6:56:22:EC:6C:E0:29:D1:A2
Certificate issuer: /CN=A91D3F8E/serialNumber=D40051BC8DDA60C932EE07769AB867BEFA8D42F6
Certificate serial: F7
Authority key identifier: D4:00:51:BC:8D:DA:60:C9:32:EE:07:76:9A:B8:67:BE:FA:8D:42:F6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ABRvI3aYMky7gd2mrhnvvqNQvY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/DCB516F4617411EFA09D1116C4F9AE02.roa
Signing time: Fri 23 Aug 2024 17:29:23 +0000
ROA not before: Fri 23 Aug 2024 17:29:23 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 150774
IP address blocks: 103.238.114.0/24 maxlen: 24
103.238.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 17:23:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 247 (0xf7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D3F8E/serialNumber=D40051BC8DDA60C932EE07769AB867BEFA8D42F6
Validity
Not Before: Aug 23 17:29:23 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66c8c6f3-8d39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:dc:70:79:9e:26:2c:1e:4d:c7:71:61:75:df:
ea:ef:8e:de:cf:82:00:df:fe:81:3b:7d:a8:78:92:
ea:ad:5f:28:8e:01:bd:e3:30:76:47:8a:c2:5b:b9:
28:5a:83:d8:61:a4:80:92:e0:f4:58:66:b0:ec:aa:
71:d8:2d:b6:01:20:79:ef:e2:62:20:b1:a7:d0:f5:
38:7f:d3:5c:b3:59:10:25:5f:ff:35:92:25:04:b2:
7f:5b:66:95:07:3a:6b:64:f6:d1:48:2e:f5:cd:4c:
d4:19:c1:48:8b:8a:c1:03:af:ed:2d:fa:e5:2d:c5:
54:d3:9f:71:38:11:6a:22:25:82:17:de:1d:6b:b6:
21:1f:49:8a:b0:28:68:ac:33:91:97:b6:24:78:72:
c0:e0:92:ec:f0:85:36:2f:35:c8:09:69:43:91:cd:
12:e5:bc:a6:9b:8f:b6:d4:bf:a7:40:4f:6c:ce:eb:
e6:9c:e5:9f:04:64:14:b0:11:e0:ea:7a:6f:1e:8c:
d2:bf:b7:10:76:ae:1c:e8:15:49:5d:5f:58:15:19:
ca:d1:61:5d:8c:83:cc:7d:56:13:d7:22:c1:5e:89:
ef:e8:ba:c1:74:ac:e0:2b:f5:54:fe:2b:77:de:c4:
9a:2f:1d:ca:b7:1e:b7:d6:6a:b6:4b:69:22:7e:ec:
61:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:29:41:91:FB:62:B8:B0:A3:18:1D:F6:56:22:EC:6C:E0:29:D1:A2
X509v3 Authority Key Identifier:
keyid:D4:00:51:BC:8D:DA:60:C9:32:EE:07:76:9A:B8:67:BE:FA:8D:42:F6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/1ABRvI3aYMky7gd2mrhnvvqNQvY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ABRvI3aYMky7gd2mrhnvvqNQvY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/DCB516F4617411EFA09D1116C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.238.114.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:08:3c:99:ed:bb:11:3c:55:cb:96:52:b6:db:d7:7a:35:35:
f0:a4:b0:03:c6:75:42:27:a6:dc:9e:c9:5a:eb:39:92:cc:0a:
2c:15:86:dd:da:84:81:64:3c:15:08:a5:68:5d:57:f6:cd:93:
0e:6f:2e:8c:59:4c:65:fd:ef:b7:13:59:38:4a:f2:bc:9a:d4:
e1:e9:67:fd:0f:38:d7:13:54:45:52:40:61:89:31:47:d6:a8:
f4:cb:b5:78:26:f8:54:5a:b9:d3:52:4e:a2:d9:79:d9:c4:08:
66:94:82:b9:61:4e:46:f2:aa:65:8a:2c:08:43:ea:6f:df:a5:
76:59:9e:74:c4:28:93:cf:82:cf:8b:29:e3:5b:1f:25:73:8b:
a0:22:0e:1e:32:75:c8:80:9a:7b:68:c0:c2:72:f0:fb:5c:7b:
98:ee:71:0c:49:57:cf:b7:66:4a:2f:50:94:6d:f1:58:ab:e3:
07:70:78:77:3c:21:ca:5f:0d:b2:3b:5d:1d:6c:56:94:47:50:
d3:0b:fb:7b:6d:8f:1e:cb:b4:3c:d1:79:70:c5:ca:78:a1:53:
49:f6:ab:28:63:84:46:a1:b9:8e:47:ba:a7:32:a6:81:2e:ca:
ca:82:8c:4e:61:4e:3b:8a:ca:d3:95:f1:21:e6:3f:31:fd:3d:
9d:5f:d3:3e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAPcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDNGOEUxMTAvBgNVBAUTKEQ0MDA1MUJDOEREQTYwQzkzMkVFMDc3NjlBQjg2N0JF
RkE4RDQyRjYwHhcNMjQwODIzMTcyOTIzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM4YzZmMy04ZDM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtNxweZ4mLB5Nx3Fhdd/q747ez4IA3/6BO32oeJLqrV8ojgG94zB2R4rCW7ko
WoPYYaSAkuD0WGaw7Kpx2C22ASB57+JiILGn0PU4f9Ncs1kQJV//NZIlBLJ/W2aV
BzprZPbRSC71zUzUGcFIi4rBA6/tLfrlLcVU059xOBFqIiWCF94da7YhH0mKsCho
rDORl7YkeHLA4JLs8IU2LzXICWlDkc0S5bymm4+21L+nQE9szuvmnOWfBGQUsBHg
6npvHozSv7cQdq4c6BVJXV9YFRnK0WFdjIPMfVYT1yLBXonv6LrBdKzgK/VU/it3
3sSaLx3Ktx631mq2S2kifuxhDQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCUpQZH7
Yriwoxgd9lYi7GzgKdGiMB8GA1UdIwQYMBaAFNQAUbyN2mDJMu4Hdpq4Z776jUL2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEM0Y4RS82QzQwODlCQTIx
NkMxMUVFQjI4QkYyNENDNEY5QUUwMi8xQUJSdkkzYVlNa3k3Z2QybXJobnZ2cU5R
dlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFBQlJ2STNhWU1reTdnZDJtcmhudnZxTlF2WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDNGOEUvNkM0MDg5QkEyMTZDMTFFRUIyOEJGMjRDQzRGOUFFMDIvRENCNTE2RjQ2
MTc0MTFFRkEwOUQxMTE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn7nIwDQYJKoZIhvcNAQELBQADggEBAMAIPJntuxE8VcuW
Urbb13o1NfCksAPGdUInptyeyVrrOZLMCiwVht3ahIFkPBUIpWhdV/bNkw5vLoxZ
TGX977cTWThK8rya1OHpZ/0PONcTVEVSQGGJMUfWqPTLtXgm+FRaudNSTqLZednE
CGaUgrlhTkbyqmWKLAhD6m/fpXZZnnTEKJPPgs+LKeNbHyVzi6AiDh4ydciAmnto
wMJy8Ptce5jucQxJV8+3ZkovUJRt8Vir4wdweHc8IcpfDbI7XR1sVpRHUNML+3tt
jx7LtDzReXDFynihU0n2qyhjhEahuY5HuqcypoEuysqCjE5hTjuKytOV8SHmPzH9
PZ1f0z4=
-----END CERTIFICATE-----
Generated at Thu Aug 29 18:38:15 2024 by rpki-client on console-ams.rpki-client.org