Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBAF1/8FE7A8B8248E11EBABEF2B2FC4F9AE02/A2201588391F11EBAD1E3A2CC4F9AE02.roa
File: A2201588391F11EBAD1E3A2CC4F9AE02.roa (raw, json)
Hash identifier: nItnLNKpp3POFoSieOTuTRpbNY0Z6iJcysxA2ziQnhE=
Subject key identifier: 09:2D:CF:C1:69:FE:A7:52:C3:29:D5:7B:32:F0:E1:F5:B2:7C:9D:61
Certificate issuer: /CN=A91DBAF1/serialNumber=6329304119F1A47F5D0640B2DF75DEF1F64C7BAF
Certificate serial: 06AA
Authority key identifier: 63:29:30:41:19:F1:A4:7F:5D:06:40:B2:DF:75:DE:F1:F6:4C:7B:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YykwQRnxpH9dBkCy33Xe8fZMe68.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DBAF1/8FE7A8B8248E11EBABEF2B2FC4F9AE02/A2201588391F11EBAD1E3A2CC4F9AE02.roa
Signing time: Thu 06 Jun 2024 23:52:53 +0000
ROA not before: Thu 06 Jun 2024 23:52:53 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 23686
IP address blocks: 103.91.164.0/23 maxlen: 23
103.91.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 07:05:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1706 (0x6aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DBAF1
Validity
Not Before: Jun 6 23:52:53 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66624bd4-009b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:93:7d:65:ae:15:62:a7:08:a5:6f:48:d3:af:
f0:94:43:f0:68:f9:49:33:aa:87:2a:0a:27:fc:47:
68:e1:18:17:f9:82:ed:38:f2:0b:b3:f7:c1:1c:9c:
cf:d2:ed:bb:b8:5a:1f:cf:85:ed:df:83:11:d7:be:
a8:00:00:dc:04:9c:47:ee:0b:c3:3a:c7:1c:3a:d1:
1c:32:76:9a:bc:8f:c6:b9:b4:66:67:d6:30:eb:26:
26:36:13:4d:cb:36:46:a6:5d:25:ee:f5:eb:73:6d:
3e:70:6b:31:4f:7a:52:75:93:83:61:eb:1c:78:99:
56:50:d4:2f:1f:6a:ac:9c:70:84:ef:fb:8d:54:b3:
fc:44:83:7a:67:ed:02:a4:54:c0:40:72:13:2e:cb:
39:33:41:6f:37:6c:09:ca:45:ea:54:08:0d:6e:cd:
dd:cf:9a:a3:d7:d6:ac:23:73:34:4e:50:ad:f7:4a:
38:af:05:a9:9c:6b:87:21:52:0e:3f:bb:0f:9d:06:
52:e7:a4:c4:82:1c:28:c0:98:00:51:d3:b2:53:bd:
7f:ea:6b:39:15:71:ed:d6:62:5c:b5:4a:21:37:ee:
c3:87:ff:7d:fd:d0:44:ec:66:42:42:65:3b:a2:54:
2a:80:a6:e9:42:4e:bf:52:81:b4:10:f0:e1:77:27:
04:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:2D:CF:C1:69:FE:A7:52:C3:29:D5:7B:32:F0:E1:F5:B2:7C:9D:61
X509v3 Authority Key Identifier:
keyid:63:29:30:41:19:F1:A4:7F:5D:06:40:B2:DF:75:DE:F1:F6:4C:7B:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DBAF1/8FE7A8B8248E11EBABEF2B2FC4F9AE02/YykwQRnxpH9dBkCy33Xe8fZMe68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YykwQRnxpH9dBkCy33Xe8fZMe68.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBAF1/8FE7A8B8248E11EBABEF2B2FC4F9AE02/A2201588391F11EBAD1E3A2CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.91.164.0/23
103.91.167.0/24
Signature Algorithm: sha256WithRSAEncryption
33:5c:f3:0e:02:b9:95:ad:69:ba:92:52:8b:d7:51:75:51:ee:
87:2c:62:8f:27:43:86:b2:19:2f:b3:13:01:65:45:8b:e7:02:
d2:84:09:79:00:92:1f:09:94:c5:9a:b1:9e:dc:8b:9b:c2:54:
d1:52:46:f9:86:08:b1:77:70:d0:21:23:5d:da:54:41:8a:7d:
d6:87:8a:ca:cc:ee:a2:f5:09:58:0c:d7:8d:86:b6:be:5a:42:
67:93:ca:8a:a5:6a:1f:53:31:76:83:f4:86:87:a9:22:98:9f:
0f:aa:69:10:8d:d6:52:f1:e1:f6:34:ce:08:71:d8:41:0a:f7:
02:fc:03:5d:ce:f2:51:c6:a3:50:9c:53:ad:1b:a5:3b:e1:ae:
0a:d1:4c:85:b0:0b:19:7d:a0:59:60:dd:91:a4:0e:e8:21:ae:
34:83:c7:11:f3:5c:1f:57:65:6e:ab:4f:3b:d5:47:5a:7a:65:
90:fd:da:f1:7f:46:ef:8d:6e:4f:19:c2:22:ad:db:af:ca:fe:
29:58:0f:92:44:1a:89:20:cd:e7:00:23:1f:0c:73:66:81:f8:
93:ec:ba:61:5b:aa:eb:5a:48:30:7c:6a:cb:10:e6:21:23:5d:
6e:a1:58:d2:11:04:e5:9c:c4:bf:b6:8e:ec:03:30:a1:4d:36:
80:e4:16:3f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBqowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REJBRjExMTAvBgNVBAUTKDYzMjkzMDQxMTlGMUE0N0Y1RDA2NDBCMkRGNzVERUYx
RjY0QzdCQUYwHhcNMjQwNjA2MjM1MjUzWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjYyNGJkNC0wMDliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsJN9Za4VYqcIpW9I06/wlEPwaPlJM6qHKgon/Edo4RgX+YLtOPILs/fBHJzP
0u27uFofz4Xt34MR176oAADcBJxH7gvDOsccOtEcMnaavI/GubRmZ9Yw6yYmNhNN
yzZGpl0l7vXrc20+cGsxT3pSdZODYesceJlWUNQvH2qsnHCE7/uNVLP8RIN6Z+0C
pFTAQHITLss5M0FvN2wJykXqVAgNbs3dz5qj19asI3M0TlCt90o4rwWpnGuHIVIO
P7sPnQZS56TEghwowJgAUdOyU71/6ms5FXHt1mJctUohN+7Dh/99/dBE7GZCQmU7
olQqgKbpQk6/UoG0EPDhdycEQwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAktz8Fp
/qdSwynVezLw4fWyfJ1hMB8GA1UdIwQYMBaAFGMpMEEZ8aR/XQZAst913vH2THuv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQkFGMS84RkU3QThCODI0
OEUxMUVCQUJFRjJCMkZDNEY5QUUwMi9ZeWt3UVJueHBIOWRCa0N5MzNYZThmWk1l
NjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1l5a3dRUm54cEg5ZEJrQ3kzM1hlOGZaTWU2OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REJBRjEvOEZFN0E4QjgyNDhFMTFFQkFCRUYyQjJGQzRGOUFFMDIvQTIyMDE1ODgz
OTFGMTFFQkFEMUUzQTJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnW6QDBABnW6cwDQYJKoZIhvcNAQELBQADggEBADNc8w4C
uZWtabqSUovXUXVR7ocsYo8nQ4ayGS+zEwFlRYvnAtKECXkAkh8JlMWasZ7ci5vC
VNFSRvmGCLF3cNAhI13aVEGKfdaHisrM7qL1CVgM142Gtr5aQmeTyoqlah9TMXaD
9IaHqSKYnw+qaRCN1lLx4fY0zghx2EEK9wL8A13O8lHGo1CcU60bpTvhrgrRTIWw
Cxl9oFlg3ZGkDughrjSDxxHzXB9XZW6rTzvVR1p6ZZD92vF/Ru+Nbk8ZwiKt26/K
/ilYD5JEGokgzecAIx8Mc2aB+JPsumFbqutaSDB8assQ5iEjXW6hWNIRBOWcxL+2
juwDMKFNNoDkFj8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:34 2025 by rpki-client