Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D7771/55F2F0FEB17D11ECB9736241C4F9AE02/A21435C410EB11ED9C882A38C4F9AE02.roa
File: A21435C410EB11ED9C882A38C4F9AE02.roa (raw, json)
Hash identifier: WzpzavrfOp5+pNFTW518ohfILCoPfoTAz7pn78FVI3M=
Subject key identifier: 0D:5D:71:FE:48:C2:D0:7D:69:97:DF:D2:20:A3:DA:43:9A:BE:33:DD
Certificate issuer: /CN=A91D7771/serialNumber=30C582B6799252BAAC3B381ABA4CC337ABF97DE3
Certificate serial: 02EC
Authority key identifier: 30:C5:82:B6:79:92:52:BA:AC:3B:38:1A:BA:4C:C3:37:AB:F9:7D:E3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MMWCtnmSUrqsOzgaukzDN6v5feM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D7771/55F2F0FEB17D11ECB9736241C4F9AE02/A21435C410EB11ED9C882A38C4F9AE02.roa
Signing time: Fri 27 Sep 2024 01:25:07 +0000
ROA not before: Fri 27 Sep 2024 01:25:07 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 139043
IP address blocks: 103.172.166.0/24 maxlen: 24
103.172.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 12:55:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 748 (0x2ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D7771/serialNumber=30C582B6799252BAAC3B381ABA4CC337ABF97DE3
Validity
Not Before: Sep 27 01:25:07 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66f60972-aae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8e:ec:f3:67:f5:57:3a:0b:a4:5b:9b:04:97:
01:8b:ec:33:89:c1:62:1a:6c:5c:3e:9e:a9:c0:35:
58:88:09:a7:eb:40:3b:c0:e9:48:0b:bc:cb:75:8f:
78:b8:32:d7:28:9b:e7:23:7c:ce:6c:83:2b:7a:ed:
b3:3e:96:fc:c0:4a:fc:81:ef:15:f8:8a:f8:13:6c:
81:1a:90:61:0e:e9:54:f0:67:88:b8:d7:86:4d:60:
31:45:b5:a8:7f:e4:7e:50:03:75:d7:3f:77:4c:f7:
be:4b:a9:08:d9:6f:ac:2d:b1:a1:99:18:18:c0:86:
54:64:b1:39:74:db:87:cf:53:a7:1e:e4:f0:b8:2e:
42:02:93:48:b0:a7:e5:44:2a:7b:1d:ff:99:29:e0:
20:df:9e:75:29:fd:20:69:83:79:fc:69:4f:56:46:
5c:46:9c:85:d9:8c:fa:b3:f4:b7:d2:3d:7f:0b:c7:
8c:99:43:3b:2e:cd:d7:64:b5:d8:cb:1c:20:c4:22:
dc:98:a4:56:26:01:20:69:77:0a:40:09:e7:73:69:
95:3e:87:77:e2:c4:b1:7f:a0:dd:6e:e9:0a:3f:6b:
72:0b:1a:bd:dc:81:e5:e4:ad:1b:6f:31:97:9d:a0:
cd:fc:3e:62:62:62:35:1a:35:60:b7:4d:37:82:61:
c3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:5D:71:FE:48:C2:D0:7D:69:97:DF:D2:20:A3:DA:43:9A:BE:33:DD
X509v3 Authority Key Identifier:
keyid:30:C5:82:B6:79:92:52:BA:AC:3B:38:1A:BA:4C:C3:37:AB:F9:7D:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D7771/55F2F0FEB17D11ECB9736241C4F9AE02/MMWCtnmSUrqsOzgaukzDN6v5feM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MMWCtnmSUrqsOzgaukzDN6v5feM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D7771/55F2F0FEB17D11ECB9736241C4F9AE02/A21435C410EB11ED9C882A38C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.166.0/23
Signature Algorithm: sha256WithRSAEncryption
54:03:85:70:8f:d5:da:41:be:d8:2b:d7:0b:45:59:05:8a:96:
62:85:2c:30:28:e5:70:26:72:09:87:df:0c:70:9e:8d:84:db:
ee:70:ca:16:f5:f2:8f:fb:a4:c7:bc:bd:7e:40:02:b5:3a:ed:
ca:4b:78:03:a3:cc:9f:fb:1d:d6:4d:3f:5f:ad:4f:66:59:24:
a2:db:3b:11:f7:25:73:ae:c6:55:ff:80:87:a4:7d:90:02:af:
24:0f:c6:2c:6d:5d:a9:cf:88:d4:99:25:f6:2c:c0:c5:c3:f4:
2e:be:a4:39:bf:e8:3c:f5:e0:2f:75:41:36:73:4b:cc:93:82:
1a:21:09:7d:f5:66:57:9d:48:3d:2d:e0:eb:ce:c7:39:c4:2b:
50:b1:17:3b:db:30:70:96:ad:f4:cf:d3:aa:e1:61:67:50:b3:
b4:e0:27:93:bf:68:0f:51:17:bb:7f:fa:38:ff:f3:58:7a:88:
e8:d1:2e:aa:31:95:83:08:dd:ec:60:31:47:57:22:d4:94:fb:
82:62:6c:22:6a:ab:b5:90:ca:d8:8d:28:94:b8:48:2d:f7:f3:
1e:fb:15:15:bd:16:9e:86:d9:1a:ad:87:4e:45:4a:db:64:34:
32:21:25:e8:35:a2:1d:79:73:e5:b6:65:03:6a:0e:2f:d8:8f:
79:ea:0e:14
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAuwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDc3NzExMTAvBgNVBAUTKDMwQzU4MkI2Nzk5MjUyQkFBQzNCMzgxQUJBNENDMzM3
QUJGOTdERTMwHhcNMjQwOTI3MDEyNTA3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY2MDk3Mi1hYWU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw47s82f1VzoLpFubBJcBi+wzicFiGmxcPp6pwDVYiAmn60A7wOlIC7zLdY94
uDLXKJvnI3zObIMreu2zPpb8wEr8ge8V+Ir4E2yBGpBhDulU8GeIuNeGTWAxRbWo
f+R+UAN11z93TPe+S6kI2W+sLbGhmRgYwIZUZLE5dNuHz1OnHuTwuC5CApNIsKfl
RCp7Hf+ZKeAg3551Kf0gaYN5/GlPVkZcRpyF2Yz6s/S30j1/C8eMmUM7Ls3XZLXY
yxwgxCLcmKRWJgEgaXcKQAnnc2mVPod34sSxf6DdbukKP2tyCxq93IHl5K0bbzGX
naDN/D5iYmI1GjVgt003gmHD4QIDAQABo4IClTCCApEwHQYDVR0OBBYEFA1dcf5I
wtB9aZff0iCj2kOavjPdMB8GA1UdIwQYMBaAFDDFgrZ5klK6rDs4GrpMwzer+X3j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENzc3MS81NUYyRjBGRUIx
N0QxMUVDQjk3MzYyNDFDNEY5QUUwMi9NTVdDdG5tU1VycXNPemdhdWt6RE42djVm
ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01NV0N0bm1TVXJxc096Z2F1a3pETjZ2NWZlTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDc3NzEvNTVGMkYwRkVCMTdEMTFFQ0I5NzM2MjQxQzRGOUFFMDIvQTIxNDM1QzQx
MEVCMTFFRDlDODgyQTM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnrKYwDQYJKoZIhvcNAQELBQADggEBAFQDhXCP1dpBvtgr
1wtFWQWKlmKFLDAo5XAmcgmH3wxwno2E2+5wyhb18o/7pMe8vX5AArU67cpLeAOj
zJ/7HdZNP1+tT2ZZJKLbOxH3JXOuxlX/gIekfZACryQPxixtXanPiNSZJfYswMXD
9C6+pDm/6Dz14C91QTZzS8yTghohCX31ZledSD0t4OvOxznEK1CxFzvbMHCWrfTP
06rhYWdQs7TgJ5O/aA9RF7t/+jj/81h6iOjRLqoxlYMI3exgMUdXItSU+4JibCJq
q7WQytiNKJS4SC338x77FRW9Fp6G2Rqth05FSttkNDIhJeg1oh15c+W2ZQNqDi/Y
j3nqDhQ=
-----END CERTIFICATE-----
Generated at Wed Oct 2 17:25:49 2024 by rpki-client on console-ams.rpki-client.org