Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/841947B2125311ED8E39E439C4F9AE02.roa
File: 841947B2125311ED8E39E439C4F9AE02.roa (raw, json)
Hash identifier: 3kkAccok1S8Gp3MXFtSWqfkCVv0PBxDFU4PXjfkdH/E=
Subject key identifier: C3:91:08:F6:40:5B:EA:65:79:D7:59:D3:73:60:72:53:64:2A:FC:FC
Certificate issuer: /CN=A91DA10A/serialNumber=49B5A46463E3A2B70A33446014EBF40E5C9EFE74
Certificate serial: 068F
Authority key identifier: 49:B5:A4:64:63:E3:A2:B7:0A:33:44:60:14:EB:F4:0E:5C:9E:FE:74
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SbWkZGPjorcKM0RgFOv0Dlye_nQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/841947B2125311ED8E39E439C4F9AE02.roa
Signing time: Thu 01 Jun 2023 00:16:12 +0000
ROA not before: Thu 01 Jun 2023 00:16:12 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 997
IP address blocks: 103.213.244.0/22 maxlen: 24
144.48.4.0/22 maxlen: 24
2401:1640::/32 maxlen: 32
2401:1640:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 May 2024 03:16:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1679 (0x68f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA10A/serialNumber=49B5A46463E3A2B70A33446014EBF40E5C9EFE74
Validity
Not Before: Jun 1 00:16:12 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6477e34c-6824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:51:50:f7:ac:e6:bd:d0:b6:7d:90:07:16:ae:
08:0b:96:32:b8:ce:f7:73:e0:63:49:b7:bc:3a:d2:
6c:f9:f8:6c:3c:59:32:00:17:bb:e8:d6:6f:51:07:
6c:2b:e5:34:13:5d:1d:6d:0b:7f:3b:d3:9a:51:bd:
78:a6:91:62:40:7c:bd:9d:19:87:47:8f:9f:a3:45:
2a:f9:6a:bf:24:78:fa:80:73:72:b7:38:0b:09:23:
87:f0:71:01:21:3b:86:75:cb:49:6c:75:73:29:c8:
ff:12:ab:a1:c4:a2:5b:02:19:c7:ad:68:06:18:69:
84:90:e8:51:60:78:c4:7d:91:fe:cc:4c:38:2d:2e:
e2:83:31:2f:af:3a:4c:22:36:e5:ad:dd:9d:a7:4b:
dc:cc:c3:49:f1:ac:7c:fb:4e:2b:0b:4e:7d:cc:48:
4a:29:df:4b:19:5a:78:f7:0d:96:05:30:b9:e3:cc:
9e:10:e5:40:21:4d:43:75:3d:2e:c7:b4:fa:b2:64:
c6:2f:ea:37:9c:b3:cd:ba:7a:6b:be:6c:2c:b8:50:
b5:02:a5:bc:74:66:b3:42:f3:0d:8c:7c:19:c5:1b:
94:c2:84:b3:6d:c1:64:fc:11:0c:8b:ae:38:98:a6:
54:f3:71:a1:1e:98:c3:24:64:d8:24:8e:e4:39:35:
92:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:91:08:F6:40:5B:EA:65:79:D7:59:D3:73:60:72:53:64:2A:FC:FC
X509v3 Authority Key Identifier:
keyid:49:B5:A4:64:63:E3:A2:B7:0A:33:44:60:14:EB:F4:0E:5C:9E:FE:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/SbWkZGPjorcKM0RgFOv0Dlye_nQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SbWkZGPjorcKM0RgFOv0Dlye_nQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/841947B2125311ED8E39E439C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.213.244.0/22
144.48.4.0/22
IPv6:
2401:1640::/32
Signature Algorithm: sha256WithRSAEncryption
9a:4e:9b:f2:db:29:cc:39:84:92:e1:8c:03:18:8e:6c:c6:29:
de:84:ad:b1:bc:7f:cc:03:ee:0a:24:ea:30:90:8f:fb:04:60:
7c:48:40:ea:0c:5a:60:77:1c:cb:4b:90:89:59:52:2b:61:bf:
16:af:e8:ab:fb:2b:f8:b3:19:1f:74:74:32:05:57:ea:28:a9:
f6:f0:b3:c0:78:0a:75:01:0a:f2:d4:16:fc:78:15:91:a0:d9:
45:54:22:e0:b3:d9:0c:fc:19:cb:2d:4d:2e:a7:a4:36:0e:cc:
7b:2e:aa:90:05:fc:db:ff:7e:07:1a:ff:c1:c1:7d:9a:5b:70:
58:e5:10:39:72:06:8e:94:db:c4:40:74:d9:42:a0:95:a6:49:
78:e5:f6:b8:5a:f5:75:7d:fe:c6:31:4f:ed:9a:d5:8c:04:ea:
6a:d9:fb:c0:57:b6:9c:07:52:07:2d:94:c9:2d:80:03:95:57:
aa:33:2e:69:39:23:03:cf:b2:90:86:d3:4c:1e:51:57:1d:2f:
a7:25:b6:1e:0e:c8:ff:9b:6e:6a:90:a4:c9:72:e9:81:c6:ea:
08:1a:13:7b:1c:43:ec:f5:74:f0:9c:f9:26:71:db:42:26:fb:
7b:09:9b:f8:64:f0:e6:53:b1:b8:21:cf:e4:06:04:82:06:3e:
4f:f9:92:cf
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REExMEExMTAvBgNVBAUTKDQ5QjVBNDY0NjNFM0EyQjcwQTMzNDQ2MDE0RUJGNDBF
NUM5RUZFNzQwHhcNMjMwNjAxMDAxNjEyWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc3ZTM0Yy02ODI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvlFQ96zmvdC2fZAHFq4IC5YyuM73c+BjSbe8OtJs+fhsPFkyABe76NZvUQds
K+U0E10dbQt/O9OaUb14ppFiQHy9nRmHR4+fo0Uq+Wq/JHj6gHNytzgLCSOH8HEB
ITuGdctJbHVzKcj/EquhxKJbAhnHrWgGGGmEkOhRYHjEfZH+zEw4LS7igzEvrzpM
Ijblrd2dp0vczMNJ8ax8+04rC059zEhKKd9LGVp49w2WBTC548yeEOVAIU1DdT0u
x7T6smTGL+o3nLPNunprvmwsuFC1AqW8dGazQvMNjHwZxRuUwoSzbcFk/BEMi644
mKZU83GhHpjDJGTYJI7kOTWSOwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMORCPZA
W+pleddZ03NgclNkKvz8MB8GA1UdIwQYMBaAFEm1pGRj46K3CjNEYBTr9A5cnv50
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTEwQS9FMzQwMjA0Q0Yx
ODcxMUVBQjk3MzRCMUNDNEY5QUUwMi9TYldrWkdQam9yY0tNMFJnRk92MERseWVf
blEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NiV2taR1Bqb3JjS00wUmdGT3YwRGx5ZV9uUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REExMEEvRTM0MDIwNENGMTg3MTFFQUI5NzM0QjFDQzRGOUFFMDIvODQxOTQ3QjIx
MjUzMTFFRDhFMzlFNDM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJn1fQDBAKQMAQwDQQCAAIwBwMFACQBFkAwDQYJKoZIhvcN
AQELBQADggEBAJpOm/LbKcw5hJLhjAMYjmzGKd6ErbG8f8wD7gok6jCQj/sEYHxI
QOoMWmB3HMtLkIlZUithvxav6Kv7K/izGR90dDIFV+ooqfbws8B4CnUBCvLUFvx4
FZGg2UVUIuCz2Qz8GcstTS6npDYOzHsuqpAF/Nv/fgca/8HBfZpbcFjlEDlyBo6U
28RAdNlCoJWmSXjl9rha9XV9/sYxT+2a1YwE6mrZ+8BXtpwHUgctlMktgAOVV6oz
Lmk5IwPPspCG00weUVcdL6clth4OyP+bbmqQpMly6YHG6ggaE3scQ+z1dPCc+SZx
20Im+3sJm/hk8OZTsbghz+QGBIIGPk/5ks8=
-----END CERTIFICATE-----
Generated at Wed May 1 05:08:50 2024 by rpki-client on console-ams.rpki-client.org