Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEE66/FBD22964CD6411EDBED73C37C4F9AE02/D932B74ECD9F11ED9482781BC4F9AE02.roa
File: D932B74ECD9F11ED9482781BC4F9AE02.roa (raw, json)
Hash identifier: jKMU3peeFpQY5RqpNg+SdGJ1aH4SCGxhBr+ap9T1Wfw=
Subject key identifier: 4A:42:AE:D3:33:AF:26:42:02:03:CE:17:FF:C9:A9:2C:86:0A:AB:EE
Certificate issuer: /CN=A91DEE66/serialNumber=938F90C9D7B9850562EDDE10A64640F2FDA064E4
Certificate serial: 0107
Authority key identifier: 93:8F:90:C9:D7:B9:85:05:62:ED:DE:10:A6:46:40:F2:FD:A0:64:E4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k4-Qyde5hQVi7d4QpkZA8v2gZOQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DEE66/FBD22964CD6411EDBED73C37C4F9AE02/D932B74ECD9F11ED9482781BC4F9AE02.roa
Signing time: Fri 12 Jul 2024 15:04:16 +0000
ROA not before: Fri 12 Jul 2024 15:04:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 103.212.169.0/24 maxlen: 24
103.212.170.0/24 maxlen: 24
160.202.137.0/24 maxlen: 24
160.202.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jul 2024 05:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 263 (0x107)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DEE66/serialNumber=938F90C9D7B9850562EDDE10A64640F2FDA064E4
Validity
Not Before: Jul 12 15:04:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=669145f0-0e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:07:6e:a3:1a:74:5e:a3:d3:a3:c7:b6:68:9f:
35:58:65:f3:52:d7:da:a8:b6:9b:8b:5b:58:bb:5f:
37:2a:bd:4c:e2:66:68:00:b9:21:c6:44:a5:21:37:
1f:30:a9:97:cf:97:6b:1b:b7:50:0e:41:81:bc:c3:
95:ce:eb:56:5c:bb:1b:19:0f:6f:5f:88:5a:36:07:
2f:36:02:fd:c0:97:ae:67:96:56:86:42:d5:4d:7d:
f1:39:29:ad:88:02:d3:75:0f:b6:81:f2:21:8c:d1:
9a:83:88:e7:59:9a:2a:ef:6e:d0:69:ab:e2:57:d7:
d5:53:b2:f2:57:fd:77:ac:b6:58:a2:80:24:99:68:
e0:38:da:62:b5:0f:b6:a1:94:3a:1a:a5:93:b5:d0:
37:0a:f8:4b:65:bf:e4:69:49:a7:a5:28:cf:5a:42:
5b:6d:37:4e:38:50:d8:2e:ab:01:ec:9c:03:d0:c9:
fd:8a:e3:f4:b6:2e:9a:8b:bc:e3:9a:a5:14:72:dd:
fb:b2:04:4d:5c:e2:b2:e9:6a:94:e3:1c:3e:3d:1a:
9e:39:b6:a1:49:c0:6b:46:a0:6d:c3:ab:d7:55:b2:
06:43:11:5d:c7:9c:44:83:1b:62:18:10:11:e7:44:
47:0a:96:48:aa:17:66:a0:67:23:a1:90:55:16:ec:
8c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:42:AE:D3:33:AF:26:42:02:03:CE:17:FF:C9:A9:2C:86:0A:AB:EE
X509v3 Authority Key Identifier:
keyid:93:8F:90:C9:D7:B9:85:05:62:ED:DE:10:A6:46:40:F2:FD:A0:64:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DEE66/FBD22964CD6411EDBED73C37C4F9AE02/k4-Qyde5hQVi7d4QpkZA8v2gZOQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k4-Qyde5hQVi7d4QpkZA8v2gZOQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEE66/FBD22964CD6411EDBED73C37C4F9AE02/D932B74ECD9F11ED9482781BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.212.169.0-103.212.170.255
160.202.137.0-160.202.138.255
Signature Algorithm: sha256WithRSAEncryption
73:cc:75:0c:c1:39:12:20:24:71:ea:eb:98:2c:c6:4a:31:b0:
76:33:83:7b:aa:ba:7a:26:78:60:81:b5:69:f8:22:2f:cd:28:
c7:9b:e2:1d:55:51:ee:24:ee:69:ce:96:ce:b7:48:36:00:6d:
75:24:48:ca:26:cf:f9:2c:b2:a5:64:30:e4:e1:6e:f3:a2:96:
ad:7d:1a:7c:db:4f:64:81:29:d8:7a:ef:89:d0:45:a0:ee:94:
86:60:c8:d0:fa:3a:c0:dd:2f:28:0f:4d:79:f1:e2:a9:ed:15:
56:44:d2:ea:25:af:10:a9:57:21:8f:67:03:7d:12:5b:4d:43:
12:d0:d0:a5:56:2d:f0:c4:96:eb:95:8b:46:fc:c1:2a:3d:26:
cf:a0:b4:61:97:2d:b4:e3:3a:63:af:0d:fb:01:8e:0a:f8:dd:
4e:84:fe:37:76:5b:9d:c2:30:92:c2:4c:13:7b:2e:b7:d3:bc:
7b:c0:55:86:a7:9f:9b:67:4a:43:fa:12:68:1a:84:0d:1c:93:
54:8d:50:fe:a2:f6:64:74:20:76:fe:05:d6:ea:40:51:dc:72:
5b:44:67:f2:29:e1:54:5a:37:7c:db:a5:bf:5e:3a:4e:9c:f7:
60:53:f0:17:45:63:93:ce:df:71:dc:56:2d:77:76:c1:a0:85:
91:35:c3:20
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICAQcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REVFNjYxMTAvBgNVBAUTKDkzOEY5MEM5RDdCOTg1MDU2MkVEREUxMEE2NDY0MEYy
RkRBMDY0RTQwHhcNMjQwNzEyMTUwNDE2WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjkxNDVmMC0wZTBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAugduoxp0XqPTo8e2aJ81WGXzUtfaqLabi1tYu183Kr1M4mZoALkhxkSlITcf
MKmXz5drG7dQDkGBvMOVzutWXLsbGQ9vX4haNgcvNgL9wJeuZ5ZWhkLVTX3xOSmt
iALTdQ+2gfIhjNGag4jnWZoq727QaaviV9fVU7LyV/13rLZYooAkmWjgONpitQ+2
oZQ6GqWTtdA3CvhLZb/kaUmnpSjPWkJbbTdOOFDYLqsB7JwD0Mn9iuP0ti6ai7zj
mqUUct37sgRNXOKy6WqU4xw+PRqeObahScBrRqBtw6vXVbIGQxFdx5xEgxtiGBAR
50RHCpZIqhdmoGcjoZBVFuyMWQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFEpCrtMz
ryZCAgPOF//JqSyGCqvuMB8GA1UdIwQYMBaAFJOPkMnXuYUFYu3eEKZGQPL9oGTk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUU2Ni9GQkQyMjk2NENE
NjQxMUVEQkVENzNDMzdDNEY5QUUwMi9rNC1ReWRlNWhRVmk3ZDRRcGtaQTh2Mmda
T1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2s0LVF5ZGU1aFFWaTdkNFFwa1pBOHYyZ1pPUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REVFNjYvRkJEMjI5NjRDRDY0MTFFREJFRDczQzM3QzRGOUFFMDIvRDkzMkI3NEVD
RDlGMTFFRDk0ODI3ODFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMCIEAgABMBwwDAMEAGfUqQMEAGfUqjAMAwQAoMqJAwQAoMqKMA0GCSqGSIb3
DQEBCwUAA4IBAQBzzHUMwTkSICRx6uuYLMZKMbB2M4N7qrp6JnhggbVp+CIvzSjH
m+IdVVHuJO5pzpbOt0g2AG11JEjKJs/5LLKlZDDk4W7zopatfRp8209kgSnYeu+J
0EWg7pSGYMjQ+jrA3S8oD0158eKp7RVWRNLqJa8QqVchj2cDfRJbTUMS0NClVi3w
xJbrlYtG/MEqPSbPoLRhly204zpjrw37AY4K+N1OhP43dludwjCSwkwTey6307x7
wFWGp5+bZ0pD+hJoGoQNHJNUjVD+ovZkdCB2/gXW6kBR3HJbRGfyKeFUWjd826W/
XjpOnPdgU/AXRWOTzt9x3FYtd3bBoIWRNcMg
-----END CERTIFICATE-----
Generated at Fri Jul 19 06:10:43 2024 by rpki-client on console-fra.rpki-client.org