Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA59D/563DE50E0D5611EBA3D15D2CC4F9AE02/0C98BB26325411ECB11CE73EC4F9AE02.roa
File: 0C98BB26325411ECB11CE73EC4F9AE02.roa (raw, json)
Hash identifier: lUZ/p5xds+FUsgPRjHU2HnNAsWZGX+VQOvDKs6CjDIc=
Subject key identifier: 32:1A:F0:E3:3E:0A:9D:5C:0E:E6:F7:5D:33:BB:61:00:4D:0E:81:E9
Certificate issuer: /CN=A91DA59D/serialNumber=751FA49E712F88CF844CCD179EBE29B97EA1AACC
Certificate serial: 06EE
Authority key identifier: 75:1F:A4:9E:71:2F:88:CF:84:4C:CD:17:9E:BE:29:B9:7E:A1:AA:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dR-knnEviM-ETM0Xnr4puX6hqsw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA59D/563DE50E0D5611EBA3D15D2CC4F9AE02/0C98BB26325411ECB11CE73EC4F9AE02.roa
Signing time: Sat 15 Jun 2024 00:01:55 +0000
ROA not before: Sat 15 Jun 2024 00:01:55 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 399546
IP address blocks: 103.138.188.0/24 maxlen: 24
103.138.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jul 2024 12:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1774 (0x6ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA59D/serialNumber=751FA49E712F88CF844CCD179EBE29B97EA1AACC
Validity
Not Before: Jun 15 00:01:55 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=666cd9f3-c33b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:67:5d:58:fe:b7:f6:d8:66:0f:62:f8:fd:4a:
ef:55:e4:cc:46:b7:9b:29:70:3a:5e:bc:15:b0:c8:
f0:08:8e:a3:d5:2a:22:fa:5c:13:ec:c1:91:8f:85:
33:ce:81:bd:bc:30:e6:e8:53:2a:7b:62:e2:72:aa:
bb:22:97:c8:2a:61:e0:34:df:9f:72:cb:3d:76:06:
94:26:0a:b5:84:9e:2b:76:6e:28:c3:ea:46:84:06:
3b:51:1e:ad:16:37:38:26:15:b8:99:17:21:03:a3:
55:9f:ff:4c:12:f8:89:98:02:84:e5:ee:cf:ce:c6:
02:6f:0b:19:10:df:7a:5a:0c:0b:ad:44:89:66:9c:
23:69:08:3f:0b:b0:ad:f0:c2:e5:7f:95:6f:c2:26:
bd:63:ee:37:21:95:72:dd:17:29:66:e1:14:c7:5f:
f3:1f:30:3e:a8:1f:50:d3:c1:d5:bf:3b:a8:5e:82:
e6:60:03:4c:b5:18:35:45:f2:94:b6:cc:9e:12:46:
ad:e5:aa:3f:7f:4a:e1:fb:bb:1e:e2:4c:bf:97:76:
ea:b0:54:2a:bd:67:e5:68:8a:a8:cb:5c:db:62:c2:
41:ab:96:bd:8d:95:81:71:c0:f6:d5:d9:cc:d0:c3:
86:b6:d2:5a:2d:4e:aa:d2:4b:c2:68:1d:0f:d1:73:
2e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:1A:F0:E3:3E:0A:9D:5C:0E:E6:F7:5D:33:BB:61:00:4D:0E:81:E9
X509v3 Authority Key Identifier:
keyid:75:1F:A4:9E:71:2F:88:CF:84:4C:CD:17:9E:BE:29:B9:7E:A1:AA:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA59D/563DE50E0D5611EBA3D15D2CC4F9AE02/dR-knnEviM-ETM0Xnr4puX6hqsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dR-knnEviM-ETM0Xnr4puX6hqsw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA59D/563DE50E0D5611EBA3D15D2CC4F9AE02/0C98BB26325411ECB11CE73EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.188.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:1c:a6:a8:fe:5a:5a:fb:82:b4:a7:db:40:f5:d7:e5:5a:03:
f2:e6:d0:a3:4f:00:d6:0e:03:d7:65:f6:82:9e:12:3f:b9:c6:
0d:24:1b:2e:b1:27:49:62:56:91:ab:09:61:08:b5:82:1c:1e:
68:7b:6f:b6:57:a0:95:de:69:9c:0c:86:90:54:9a:54:8d:0a:
ad:be:88:3b:cb:50:64:0f:81:69:6a:e1:0d:0c:68:86:db:61:
ad:8e:84:6e:56:d7:0c:3f:04:a8:f7:fe:2c:82:a2:74:5d:8f:
bb:26:3a:ef:b4:4e:47:33:db:05:a2:11:b1:67:72:ba:cd:d9:
f3:9f:cc:6b:25:44:d1:37:ad:ac:4c:2d:10:9c:de:21:3b:6b:
2b:be:94:b7:04:ea:d9:9b:1c:74:bb:29:f8:45:25:14:a8:3b:
14:40:5a:fd:48:4e:94:89:4d:70:c2:57:24:27:ca:78:a9:61:
9f:db:4c:36:01:7d:8e:57:55:7f:c4:45:06:19:bb:21:2c:99:
8f:3d:27:ba:4a:ba:47:48:c9:d7:fe:13:d1:4b:dd:62:63:60:
6b:b9:e3:c7:a2:32:e3:39:53:ba:a0:fa:70:1c:49:e7:e3:9f:
b3:13:c7:d6:08:38:aa:6a:e3:4e:76:bb:8f:4b:ec:41:5d:2d:
7a:77:7b:9d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBu4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REE1OUQxMTAvBgNVBAUTKDc1MUZBNDlFNzEyRjg4Q0Y4NDRDQ0QxNzlFQkUyOUI5
N0VBMUFBQ0MwHhcNMjQwNjE1MDAwMTU1WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjZjZDlmMy1jMzNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvmddWP639thmD2L4/UrvVeTMRrebKXA6XrwVsMjwCI6j1Soi+lwT7MGRj4Uz
zoG9vDDm6FMqe2Licqq7IpfIKmHgNN+fcss9dgaUJgq1hJ4rdm4ow+pGhAY7UR6t
Fjc4JhW4mRchA6NVn/9MEviJmAKE5e7PzsYCbwsZEN96WgwLrUSJZpwjaQg/C7Ct
8MLlf5Vvwia9Y+43IZVy3RcpZuEUx1/zHzA+qB9Q08HVvzuoXoLmYANMtRg1RfKU
tsyeEkat5ao/f0rh+7se4ky/l3bqsFQqvWflaIqoy1zbYsJBq5a9jZWBccD21dnM
0MOGttJaLU6q0kvCaB0P0XMuxwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDIa8OM+
Cp1cDub3XTO7YQBNDoHpMB8GA1UdIwQYMBaAFHUfpJ5xL4jPhEzNF56+Kbl+oarM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTU5RC81NjNERTUwRTBE
NTYxMUVCQTNEMTVEMkNDNEY5QUUwMi9kUi1rbm5FdmlNLUVUTTBYbnI0cHVYNmhx
c3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RSLWtubkV2aU0tRVRNMFhucjRwdVg2aHFzdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REE1OUQvNTYzREU1MEUwRDU2MTFFQkEzRDE1RDJDQzRGOUFFMDIvMEM5OEJCMjYz
MjU0MTFFQ0IxMUNFNzNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnirwwDQYJKoZIhvcNAQELBQADggEBAGocpqj+Wlr7grSn
20D11+VaA/Lm0KNPANYOA9dl9oKeEj+5xg0kGy6xJ0liVpGrCWEItYIcHmh7b7ZX
oJXeaZwMhpBUmlSNCq2+iDvLUGQPgWlq4Q0MaIbbYa2OhG5W1ww/BKj3/iyConRd
j7smOu+0Tkcz2wWiEbFncrrN2fOfzGslRNE3raxMLRCc3iE7ayu+lLcE6tmbHHS7
KfhFJRSoOxRAWv1ITpSJTXDCVyQnynipYZ/bTDYBfY5XVX/ERQYZuyEsmY89J7pK
ukdIydf+E9FL3WJjYGu548eiMuM5U7qg+nAcSefjn7MTx9YIOKpq4052u49L7EFd
LXp3e50=
-----END CERTIFICATE-----
Generated at Mon Jul 1 14:21:11 2024 by rpki-client on console-ams.rpki-client.org