Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEE66/FBD22964CD6411EDBED73C37C4F9AE02/D9B3417ACD9F11ED9482781BC4F9AE02.roa
File: D9B3417ACD9F11ED9482781BC4F9AE02.roa (raw, json)
Hash identifier: SAPdm3XLV4eOcvqEMbhfyeCZJ+APNaAyIqZkcApJzHU=
Subject key identifier: D6:E6:95:07:FB:89:B1:87:54:4C:6B:E6:67:D6:B7:F1:74:3E:1E:D2
Certificate issuer: /CN=A91DEE66/serialNumber=938F90C9D7B9850562EDDE10A64640F2FDA064E4
Certificate serial: 0108
Authority key identifier: 93:8F:90:C9:D7:B9:85:05:62:ED:DE:10:A6:46:40:F2:FD:A0:64:E4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k4-Qyde5hQVi7d4QpkZA8v2gZOQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DEE66/FBD22964CD6411EDBED73C37C4F9AE02/D9B3417ACD9F11ED9482781BC4F9AE02.roa
Signing time: Fri 12 Jul 2024 15:04:17 +0000
ROA not before: Fri 12 Jul 2024 15:04:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 103.212.169.0/24 maxlen: 24
103.212.170.0/24 maxlen: 24
160.202.137.0/24 maxlen: 24
160.202.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jul 2024 05:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 264 (0x108)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DEE66/serialNumber=938F90C9D7B9850562EDDE10A64640F2FDA064E4
Validity
Not Before: Jul 12 15:04:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=669145f1-182c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:58:bc:3b:a8:00:47:1b:48:29:a2:69:e0:ab:
5a:6d:6f:0f:bd:a0:af:b5:1b:27:5d:35:f1:92:a3:
8d:81:5e:84:6e:5d:1f:a6:c6:c2:70:ec:a8:05:da:
79:43:f3:57:65:fc:84:af:c7:df:4a:d7:81:90:83:
92:a2:2b:56:a1:2f:05:2a:19:c0:f6:fc:7a:3d:68:
8a:5b:9f:6e:ab:39:db:3c:49:4c:78:7a:e8:6d:26:
0a:42:b3:ce:f5:4f:c8:68:e9:43:77:81:43:c5:b9:
c3:40:72:d1:db:64:d9:f6:1a:1c:b6:a4:1f:0a:72:
d9:27:b9:46:54:57:8d:80:2b:1b:73:84:04:34:a1:
5f:e0:cb:58:27:e7:34:6b:c4:a5:25:4d:4c:9c:09:
c7:4a:2a:b9:fc:6d:26:31:22:c9:14:85:69:0e:e9:
92:26:58:79:ce:7a:fe:3a:9a:4c:86:44:3e:67:a6:
5c:8d:e5:c8:49:0c:37:f9:6e:a6:8a:1e:09:81:c1:
4d:45:77:3b:8e:2e:5b:5c:a0:ff:c8:90:09:9d:0f:
ac:d4:ed:d3:93:f8:ff:f7:b8:38:5c:99:1e:a3:c2:
44:4d:ac:a0:ad:23:32:fd:db:51:92:7d:4c:54:fe:
c0:c0:95:c7:c0:24:00:44:40:c4:ab:97:fa:06:d5:
16:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:E6:95:07:FB:89:B1:87:54:4C:6B:E6:67:D6:B7:F1:74:3E:1E:D2
X509v3 Authority Key Identifier:
keyid:93:8F:90:C9:D7:B9:85:05:62:ED:DE:10:A6:46:40:F2:FD:A0:64:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DEE66/FBD22964CD6411EDBED73C37C4F9AE02/k4-Qyde5hQVi7d4QpkZA8v2gZOQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k4-Qyde5hQVi7d4QpkZA8v2gZOQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEE66/FBD22964CD6411EDBED73C37C4F9AE02/D9B3417ACD9F11ED9482781BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.212.169.0-103.212.170.255
160.202.137.0-160.202.138.255
Signature Algorithm: sha256WithRSAEncryption
02:88:81:f3:5a:e2:5f:be:fe:3e:ce:ca:70:b6:43:75:80:ed:
30:49:fb:1a:3f:4d:b9:64:42:92:25:e2:e0:8e:e7:bc:1f:52:
42:a1:fd:b9:85:31:32:4c:dd:c2:45:af:c6:25:0e:3d:9e:07:
42:87:a7:d1:be:df:4e:bd:c9:59:6b:f2:e3:05:99:d1:7f:79:
fe:af:7b:b9:bd:4b:f0:d8:e5:aa:49:92:00:60:a4:80:ef:4d:
5f:ff:43:c5:b2:84:00:27:97:01:35:3d:53:5a:4e:18:1d:6a:
f5:f3:5f:04:b1:a4:df:62:82:22:3d:85:8d:3c:b4:f7:8f:69:
0f:06:15:7d:56:b7:98:fd:4d:a5:24:94:d8:4c:68:54:09:74:
22:89:9e:4f:4b:52:e1:1d:ef:9f:ca:90:d7:3e:a7:6b:f5:98:
be:4c:5d:e2:a8:d2:13:b6:bc:30:fe:1e:7c:20:a2:d8:b7:a7:
f1:eb:8d:3b:fa:8f:0c:cf:61:b8:b9:4c:f8:90:06:23:e1:79:
81:ad:d4:51:a7:fc:ae:8b:07:a3:2f:50:7f:5c:b2:ca:ca:0e:
68:bb:89:5a:a4:83:6a:2c:a3:c2:52:e0:34:66:d0:ae:1c:83:
61:22:bf:40:d9:58:be:0b:01:6f:c9:17:b8:1a:5c:fb:00:d8:
1c:fe:f8:76
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICAQgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REVFNjYxMTAvBgNVBAUTKDkzOEY5MEM5RDdCOTg1MDU2MkVEREUxMEE2NDY0MEYy
RkRBMDY0RTQwHhcNMjQwNzEyMTUwNDE3WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjkxNDVmMS0xODJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlli8O6gARxtIKaJp4KtabW8PvaCvtRsnXTXxkqONgV6Ebl0fpsbCcOyoBdp5
Q/NXZfyEr8ffSteBkIOSoitWoS8FKhnA9vx6PWiKW59uqznbPElMeHrobSYKQrPO
9U/IaOlDd4FDxbnDQHLR22TZ9hoctqQfCnLZJ7lGVFeNgCsbc4QENKFf4MtYJ+c0
a8SlJU1MnAnHSiq5/G0mMSLJFIVpDumSJlh5znr+OppMhkQ+Z6ZcjeXISQw3+W6m
ih4JgcFNRXc7ji5bXKD/yJAJnQ+s1O3Tk/j/97g4XJkeo8JETaygrSMy/dtRkn1M
VP7AwJXHwCQAREDEq5f6BtUWsQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFNbmlQf7
ibGHVExr5mfWt/F0Ph7SMB8GA1UdIwQYMBaAFJOPkMnXuYUFYu3eEKZGQPL9oGTk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUU2Ni9GQkQyMjk2NENE
NjQxMUVEQkVENzNDMzdDNEY5QUUwMi9rNC1ReWRlNWhRVmk3ZDRRcGtaQTh2Mmda
T1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2s0LVF5ZGU1aFFWaTdkNFFwa1pBOHYyZ1pPUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REVFNjYvRkJEMjI5NjRDRDY0MTFFREJFRDczQzM3QzRGOUFFMDIvRDlCMzQxN0FD
RDlGMTFFRDk0ODI3ODFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMCIEAgABMBwwDAMEAGfUqQMEAGfUqjAMAwQAoMqJAwQAoMqKMA0GCSqGSIb3
DQEBCwUAA4IBAQACiIHzWuJfvv4+zspwtkN1gO0wSfsaP025ZEKSJeLgjue8H1JC
of25hTEyTN3CRa/GJQ49ngdCh6fRvt9OvclZa/LjBZnRf3n+r3u5vUvw2OWqSZIA
YKSA701f/0PFsoQAJ5cBNT1TWk4YHWr1818EsaTfYoIiPYWNPLT3j2kPBhV9VreY
/U2lJJTYTGhUCXQiiZ5PS1LhHe+fypDXPqdr9Zi+TF3iqNITtrww/h58IKLYt6fx
6407+o8Mz2G4uUz4kAYj4XmBrdRRp/yuiwejL1B/XLLKyg5ou4lapINqLKPCUuA0
ZtCuHINhIr9A2Vi+CwFvyRe4Glz7ANgc/vh2
-----END CERTIFICATE-----
Generated at Fri Jul 19 06:10:43 2024 by rpki-client on console-fra.rpki-client.org