Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBD45/70211A1CFE9F11ED83F46F75C4F9AE02/DCFF224CFEA311EDB9013076C4F9AE02.roa
File: DCFF224CFEA311EDB9013076C4F9AE02.roa (raw, json)
Hash identifier: 3eLRaDdQwEbYF6ZCaLhw1Wi+F0nQMsWfJMWlSrJr4LY=
Subject key identifier: C0:53:8A:03:F9:47:B0:36:47:53:75:3E:90:C8:4C:38:D8:8C:18:66
Certificate issuer: /CN=A91DBD45/serialNumber=6087E354FA19151CFBC61848B20197E17F1C7F2C
Certificate serial: 40
Authority key identifier: 60:87:E3:54:FA:19:15:1C:FB:C6:18:48:B2:01:97:E1:7F:1C:7F:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YIfjVPoZFRz7xhhIsgGX4X8cfyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DBD45/70211A1CFE9F11ED83F46F75C4F9AE02/DCFF224CFEA311EDB9013076C4F9AE02.roa
Signing time: Sat 23 Sep 2023 05:05:19 +0000
ROA not before: Sat 23 Sep 2023 05:05:19 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 140869
IP address blocks: 103.141.0.0/24 maxlen: 24
103.141.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jul 2024 01:18:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64 (0x40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DBD45/serialNumber=6087E354FA19151CFBC61848B20197E17F1C7F2C
Validity
Not Before: Sep 23 05:05:19 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=650e720f-d3eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b3:11:6b:d8:c6:ee:fd:13:ed:f5:5f:7e:4f:
ed:2f:79:6a:ee:0c:82:c1:76:e5:0f:82:ad:64:c1:
50:15:08:9d:7c:80:08:5f:4e:8e:bb:12:42:cc:d0:
36:95:9f:b5:cf:04:d5:21:1e:4f:27:db:e3:71:54:
d3:42:6b:28:8f:d7:89:9e:d7:70:1d:7d:45:96:a5:
fc:a5:5a:57:69:77:db:df:b6:09:0d:d4:5a:5d:b5:
42:4e:ac:af:c0:39:e7:1c:55:ee:8c:a8:ea:86:e2:
41:6d:bc:93:83:4d:cd:04:1a:aa:d7:e6:49:29:ea:
b9:5c:25:84:45:ec:22:18:1c:c9:ba:18:ae:80:fc:
c1:da:29:8d:ec:db:55:a8:99:d4:dd:56:34:c4:18:
40:44:fa:31:d9:24:8a:5d:5a:a5:5d:ce:5f:7e:0c:
de:30:2c:6d:82:0a:52:dc:11:54:c4:04:88:e6:d1:
b5:04:f0:6e:3f:64:11:d0:2b:3f:13:2d:72:50:bf:
73:d9:8a:b5:4a:33:8a:ba:02:79:f1:ac:2d:c2:1e:
1f:a3:8b:f6:3e:57:b6:94:34:66:12:7a:c5:b3:b7:
3f:97:e3:3b:29:9a:54:45:17:8d:bf:d4:b1:cf:c7:
0d:61:69:99:cc:60:41:5c:f5:a8:b3:f5:95:4d:49:
c5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:53:8A:03:F9:47:B0:36:47:53:75:3E:90:C8:4C:38:D8:8C:18:66
X509v3 Authority Key Identifier:
keyid:60:87:E3:54:FA:19:15:1C:FB:C6:18:48:B2:01:97:E1:7F:1C:7F:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DBD45/70211A1CFE9F11ED83F46F75C4F9AE02/YIfjVPoZFRz7xhhIsgGX4X8cfyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YIfjVPoZFRz7xhhIsgGX4X8cfyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBD45/70211A1CFE9F11ED83F46F75C4F9AE02/DCFF224CFEA311EDB9013076C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.141.0.0/23
Signature Algorithm: sha256WithRSAEncryption
c8:0a:4c:7e:3b:81:29:dc:25:3a:d7:cc:55:b7:4f:d6:d9:48:
04:67:12:f8:cd:a6:55:d8:72:e4:b4:74:62:04:71:2f:61:5f:
3a:f5:92:47:8d:33:17:e1:24:76:1c:a1:e7:22:74:d5:68:64:
ff:3f:b1:8a:89:38:c8:71:3f:77:0e:44:69:6e:21:c6:a8:8e:
ac:97:c3:5b:3a:0c:5c:83:cd:2f:97:c7:1f:8e:9a:09:6e:29:
7f:b4:a1:93:be:d4:52:20:69:32:1d:26:f0:fd:b3:81:32:6d:
5a:0c:a7:58:70:0f:e3:66:f7:48:79:62:af:78:83:06:85:6c:
1c:d1:b8:b2:7d:83:df:4c:bf:d5:c2:a3:c4:d6:4c:2d:b8:af:
23:2d:db:f6:c7:2a:c1:c6:ef:1d:2d:56:03:32:74:28:01:e3:
1b:83:85:5a:97:65:73:8c:f6:62:33:e5:9d:34:8f:d3:34:ba:
66:1f:02:4a:9a:44:08:0b:08:01:da:68:46:31:3d:86:98:7e:
be:ee:69:1b:65:15:88:3c:c0:5f:99:29:fa:14:c1:c5:dd:04:
5b:5c:55:cb:b5:eb:5c:88:2c:23:a5:0e:2f:bc:11:65:ea:f7:
4b:7f:c1:04:88:32:7e:54:ef:96:7a:54:8a:42:11:03:45:b3:
78:dd:9a:79
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBQDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
QkQ0NTExMC8GA1UEBRMoNjA4N0UzNTRGQTE5MTUxQ0ZCQzYxODQ4QjIwMTk3RTE3
RjFDN0YyQzAeFw0yMzA5MjMwNTA1MTlaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MGU3MjBmLWQzZWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDHsxFr2Mbu/RPt9V9+T+0veWruDILBduUPgq1kwVAVCJ18gAhfTo67EkLM0DaV
n7XPBNUhHk8n2+NxVNNCayiP14me13AdfUWWpfylWldpd9vftgkN1FpdtUJOrK/A
OeccVe6MqOqG4kFtvJODTc0EGqrX5kkp6rlcJYRF7CIYHMm6GK6A/MHaKY3s21Wo
mdTdVjTEGEBE+jHZJIpdWqVdzl9+DN4wLG2CClLcEVTEBIjm0bUE8G4/ZBHQKz8T
LXJQv3PZirVKM4q6AnnxrC3CHh+ji/Y+V7aUNGYSesWztz+X4zspmlRFF42/1LHP
xw1haZnMYEFc9aiz9ZVNScUbAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUwFOKA/lH
sDZHU3U+kMhMONiMGGYwHwYDVR0jBBgwFoAUYIfjVPoZFRz7xhhIsgGX4X8cfyww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURCRDQ1LzcwMjExQTFDRkU5
RjExRUQ4M0Y0NkY3NUM0RjlBRTAyL1lJZmpWUG9aRlJ6N3hoaElzZ0dYNFg4Y2Z5
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWUlmalZQb1pGUno3eGhoSXNnR1g0WDhjZnl3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
QkQ0NS83MDIxMUExQ0ZFOUYxMUVEODNGNDZGNzVDNEY5QUUwMi9EQ0ZGMjI0Q0ZF
QTMxMUVEQjkwMTMwNzZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWeNADANBgkqhkiG9w0BAQsFAAOCAQEAyApMfjuBKdwlOtfM
VbdP1tlIBGcS+M2mVdhy5LR0YgRxL2FfOvWSR40zF+Ekdhyh5yJ01Whk/z+xiok4
yHE/dw5EaW4hxqiOrJfDWzoMXIPNL5fHH46aCW4pf7Shk77UUiBpMh0m8P2zgTJt
WgynWHAP42b3SHlir3iDBoVsHNG4sn2D30y/1cKjxNZMLbivIy3b9scqwcbvHS1W
AzJ0KAHjG4OFWpdlc4z2YjPlnTSP0zS6Zh8CSppECAsIAdpoRjE9hph+vu5pG2UV
iDzAX5kp+hTBxd0EW1xVy7XrXIgsI6UOL7wRZer3S3/BBIgyflTvlnpUikIRA0Wz
eN2aeQ==
-----END CERTIFICATE-----
Generated at Wed Jul 24 05:12:03 2024 by rpki-client on console-fra.rpki-client.org