Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA59D/563DE50E0D5611EBA3D15D2CC4F9AE02/CD38469EECC011ED825BA068C4F9AE02.roa
File: CD38469EECC011ED825BA068C4F9AE02.roa (raw, json)
Hash identifier: ZOFJkjT5nMOKwGHQLAgkqi/SddLP+OJXdaGPbfU2lSM=
Subject key identifier: 9A:93:B3:3A:84:C2:04:0B:20:91:AD:F7:E5:E8:BB:72:97:0E:07:A5
Certificate issuer: /CN=A91DA59D/serialNumber=751FA49E712F88CF844CCD179EBE29B97EA1AACC
Certificate serial: 06A7
Authority key identifier: 75:1F:A4:9E:71:2F:88:CF:84:4C:CD:17:9E:BE:29:B9:7E:A1:AA:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dR-knnEviM-ETM0Xnr4puX6hqsw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA59D/563DE50E0D5611EBA3D15D2CC4F9AE02/CD38469EECC011ED825BA068C4F9AE02.roa
Signing time: Fri 16 Feb 2024 13:19:03 +0000
ROA not before: Fri 16 Feb 2024 13:19:03 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 56110
IP address blocks: 103.138.188.0/24 maxlen: 24
103.138.189.0/24 maxlen: 24
2001:df0:4e80::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 12 Mar 2024 12:03:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1703 (0x6a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA59D/serialNumber=751FA49E712F88CF844CCD179EBE29B97EA1AACC
Validity
Not Before: Feb 16 13:19:03 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65cf60c6-2ad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:33:ff:a8:74:b6:8b:10:bc:d6:8d:eb:9d:41:
62:fb:25:bc:f1:fa:7d:4a:fe:d1:38:fd:90:69:c2:
26:92:2b:22:0d:6f:db:fe:c7:dc:ed:12:27:66:b7:
14:59:b7:42:e9:f0:3d:75:06:91:19:0b:0e:01:47:
80:99:62:cc:1c:d5:bb:99:bf:e2:b0:56:f5:3d:29:
eb:81:1c:a3:ae:fd:15:04:f4:81:cc:ba:2d:c1:fb:
62:0d:07:02:7b:d0:e2:9e:dd:cc:9c:32:cd:62:30:
99:49:50:94:7c:4e:53:86:4e:d5:29:db:e5:6e:f9:
f6:11:0b:11:d2:7d:2b:61:6e:12:5e:1c:7d:8f:12:
fc:2b:e5:a0:cb:7b:5a:c6:b9:1d:e6:6c:85:81:8f:
17:1e:ea:d0:93:cd:05:b2:65:8c:42:ae:1a:f7:9b:
20:11:60:3a:44:04:44:7a:56:0e:80:94:2a:62:15:
f9:cf:dd:52:56:08:87:ef:46:20:f2:19:54:38:a3:
0d:3e:53:6b:a1:fb:6e:27:f1:24:bb:1f:5c:4b:f5:
2f:7f:31:a5:56:2a:cb:c5:d8:dc:7e:85:d1:30:bf:
34:ad:6c:40:84:6d:68:ea:f8:df:ad:e3:05:20:2c:
fc:98:72:f4:28:3b:c2:45:51:90:ec:0a:d3:9c:60:
fc:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:93:B3:3A:84:C2:04:0B:20:91:AD:F7:E5:E8:BB:72:97:0E:07:A5
X509v3 Authority Key Identifier:
keyid:75:1F:A4:9E:71:2F:88:CF:84:4C:CD:17:9E:BE:29:B9:7E:A1:AA:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA59D/563DE50E0D5611EBA3D15D2CC4F9AE02/dR-knnEviM-ETM0Xnr4puX6hqsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dR-knnEviM-ETM0Xnr4puX6hqsw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA59D/563DE50E0D5611EBA3D15D2CC4F9AE02/CD38469EECC011ED825BA068C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.188.0/23
IPv6:
2001:df0:4e80::/48
Signature Algorithm: sha256WithRSAEncryption
72:b9:d9:ef:f7:61:de:22:8b:2a:38:95:91:8f:37:3a:c7:48:
5a:73:41:1e:b2:dd:03:7b:4a:1e:17:77:44:d0:7e:12:66:6e:
04:b5:39:bd:5b:db:a3:e3:7f:8c:03:f6:77:e8:69:99:8b:58:
58:70:af:8d:ae:fe:b3:25:ef:91:f0:cf:a1:1e:34:32:8d:e9:
da:6d:72:8c:c5:83:1a:13:95:85:bb:38:46:87:c2:ec:10:4f:
0e:0d:3e:2b:af:a1:a1:ce:61:6e:f4:72:63:ae:f5:61:48:6d:
04:5d:83:2a:70:fe:60:5e:ea:0c:65:3e:24:c6:bb:10:d0:af:
74:71:1f:78:e1:2c:18:a5:48:36:94:49:45:57:85:ec:2e:32:
28:95:f9:28:9a:8b:22:43:ca:85:a0:d3:82:89:2a:db:5b:59:
a9:07:c8:47:7e:cf:16:13:2c:9e:5d:a6:e5:9e:5f:6c:14:3c:
46:71:a5:60:23:f9:b9:ce:ad:17:c5:c8:4f:89:cd:5c:1b:2d:
05:47:da:92:be:58:3d:73:8d:e8:0d:5a:75:4c:e9:22:4b:a4:
06:44:81:5f:7b:c6:98:e9:8e:ca:43:5b:d8:e9:97:73:49:49:
bd:1c:b2:24:6f:f5:e0:bf:bf:ad:ef:ce:71:bc:4f:2a:2f:24:
8a:d5:d6:e1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBqcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REE1OUQxMTAvBgNVBAUTKDc1MUZBNDlFNzEyRjg4Q0Y4NDRDQ0QxNzlFQkUyOUI5
N0VBMUFBQ0MwHhcNMjQwMjE2MTMxOTAzWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWNmNjBjNi0yYWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtDP/qHS2ixC81o3rnUFi+yW88fp9Sv7ROP2QacImkisiDW/b/sfc7RInZrcU
WbdC6fA9dQaRGQsOAUeAmWLMHNW7mb/isFb1PSnrgRyjrv0VBPSBzLotwftiDQcC
e9Dint3MnDLNYjCZSVCUfE5Thk7VKdvlbvn2EQsR0n0rYW4SXhx9jxL8K+Wgy3ta
xrkd5myFgY8XHurQk80FsmWMQq4a95sgEWA6RAREelYOgJQqYhX5z91SVgiH70Yg
8hlUOKMNPlNroftuJ/Ekux9cS/UvfzGlVirLxdjcfoXRML80rWxAhG1o6vjfreMF
ICz8mHL0KDvCRVGQ7ArTnGD8xQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFJqTszqE
wgQLIJGt9+Xou3KXDgelMB8GA1UdIwQYMBaAFHUfpJ5xL4jPhEzNF56+Kbl+oarM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTU5RC81NjNERTUwRTBE
NTYxMUVCQTNEMTVEMkNDNEY5QUUwMi9kUi1rbm5FdmlNLUVUTTBYbnI0cHVYNmhx
c3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RSLWtubkV2aU0tRVRNMFhucjRwdVg2aHFzdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REE1OUQvNTYzREU1MEUwRDU2MTFFQkEzRDE1RDJDQzRGOUFFMDIvQ0QzODQ2OUVF
Q0MwMTFFRDgyNUJBMDY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnirwwDwQCAAIwCQMHACABDfBOgDANBgkqhkiG9w0BAQsF
AAOCAQEAcrnZ7/dh3iKLKjiVkY83OsdIWnNBHrLdA3tKHhd3RNB+EmZuBLU5vVvb
o+N/jAP2d+hpmYtYWHCvja7+syXvkfDPoR40Mo3p2m1yjMWDGhOVhbs4RofC7BBP
Dg0+K6+hoc5hbvRyY671YUhtBF2DKnD+YF7qDGU+JMa7ENCvdHEfeOEsGKVINpRJ
RVeF7C4yKJX5KJqLIkPKhaDTgokq21tZqQfIR37PFhMsnl2m5Z5fbBQ8RnGlYCP5
uc6tF8XIT4nNXBstBUfakr5YPXON6A1adUzpIkukBkSBX3vGmOmOykNb2OmXc0lJ
vRyyJG/14L+/re/OcbxPKi8kitXW4Q==
-----END CERTIFICATE-----
Generated at Tue Mar 12 17:24:38 2024 by rpki-client on console-fra.rpki-client.org