Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/15C4A21483EB11EF8DAE4D27C4F9AE02.roa
File: 15C4A21483EB11EF8DAE4D27C4F9AE02.roa (raw, json)
Hash identifier: vcftC0v1ogHvMLjIAY99vFJf3XrvFSufcygdDMdrylQ=
Subject key identifier: 9E:D8:0C:A4:D6:8C:23:83:35:FC:79:E5:78:2E:36:A3:E0:3D:64:37
Certificate issuer: /CN=A91E015D/serialNumber=257A9E6914D58A745B0EE6ABE548CDBE020488D4
Certificate serial: 01A0
Authority key identifier: 25:7A:9E:69:14:D5:8A:74:5B:0E:E6:AB:E5:48:CD:BE:02:04:88:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXqeaRTVinRbDuar5UjNvgIEiNQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/15C4A21483EB11EF8DAE4D27C4F9AE02.roa
Signing time: Sun 06 Oct 2024 14:02:25 +0000
ROA not before: Sun 06 Oct 2024 14:02:25 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 43260
IP address blocks: 103.85.200.0/24 maxlen: 24
103.85.201.0/24 maxlen: 24
103.85.202.0/24 maxlen: 24
103.85.203.0/24 maxlen: 24
110.44.108.0/24 maxlen: 24
110.44.109.0/24 maxlen: 24
110.44.110.0/24 maxlen: 24
110.44.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 07:44:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 416 (0x1a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E015D/serialNumber=257A9E6914D58A745B0EE6ABE548CDBE020488D4
Validity
Not Before: Oct 6 14:02:25 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=67029871-bd16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:94:b7:20:8d:31:7f:88:ea:08:fd:88:46:79:
b5:11:11:f4:07:de:c5:15:7a:f4:64:80:6f:2c:f3:
28:27:cf:b2:bf:9c:b2:a5:79:44:f0:41:fb:44:04:
7d:85:4f:31:f5:1e:60:b4:cb:c9:27:51:9f:ab:10:
35:29:10:87:c5:f2:eb:16:c7:4f:33:22:f2:c4:a2:
df:94:1d:82:32:ab:05:1a:5f:6d:e4:d8:bb:04:4c:
0b:29:09:16:e6:3b:5c:91:b2:cc:f3:b0:74:79:3e:
c9:43:11:48:b9:b0:7b:c9:18:c4:b3:4f:90:f2:15:
23:10:00:2f:1c:c6:b3:08:20:75:59:09:3f:68:a5:
97:72:05:71:4e:c7:01:82:40:6d:91:c6:c2:12:38:
73:98:b7:d2:4c:9f:31:87:91:c4:1d:b7:82:f2:aa:
ac:38:ea:72:27:11:04:c6:81:93:a2:21:e4:b6:37:
1c:79:d1:3a:d4:25:c5:cc:f6:ad:49:c1:24:b1:36:
4e:85:a8:15:4f:ac:91:0c:ea:5e:2d:2b:ec:74:1f:
64:34:b2:c2:48:f8:8a:53:c6:8a:24:e1:26:db:83:
c9:3e:25:f7:35:4a:b6:22:3e:27:5a:2f:9c:fd:ca:
58:20:8b:29:f0:7d:28:bf:78:14:e1:a8:76:f8:6b:
65:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D8:0C:A4:D6:8C:23:83:35:FC:79:E5:78:2E:36:A3:E0:3D:64:37
X509v3 Authority Key Identifier:
keyid:25:7A:9E:69:14:D5:8A:74:5B:0E:E6:AB:E5:48:CD:BE:02:04:88:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/JXqeaRTVinRbDuar5UjNvgIEiNQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXqeaRTVinRbDuar5UjNvgIEiNQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/15C4A21483EB11EF8DAE4D27C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.85.200.0/22
110.44.108.0/22
Signature Algorithm: sha256WithRSAEncryption
77:dd:5b:75:cf:4e:59:49:ec:88:83:6b:21:6e:13:60:60:1f:
48:eb:fc:ab:39:43:b4:7d:71:a7:50:86:0a:02:80:f8:d1:34:
91:bd:a7:df:ee:98:78:6d:53:14:a6:f7:b6:70:8c:ea:bd:fd:
bc:77:ac:7c:c5:49:8e:02:3d:0d:4b:14:a2:a0:c7:a4:32:e9:
e0:69:f2:9c:65:c4:59:08:bd:d3:94:1b:8f:24:31:ed:77:52:
72:b5:96:83:33:7c:c6:45:13:37:bc:eb:1b:9d:77:c4:b2:88:
e4:2a:3f:71:7c:e8:22:d0:bf:a7:ca:b8:03:d8:5d:8b:87:c1:
af:6c:52:b4:52:af:8b:4b:cf:57:c3:d8:ea:af:6f:01:3a:57:
e1:91:60:bd:25:79:0b:92:24:7a:42:4b:c5:3f:17:e8:46:07:
01:09:8b:04:50:6b:ea:d3:f8:0b:94:e0:65:c1:5c:c2:73:34:
d1:83:22:56:57:cd:b1:cd:70:e6:a4:a1:4e:b0:0b:b4:65:65:
47:9e:b7:7c:10:48:c0:06:89:ae:08:5f:0e:c9:6e:31:3a:ba:
dd:c5:c1:dd:92:a0:27:aa:54:c1:f7:a5:e2:e0:0d:b1:2c:90:
1a:bc:d2:73:fc:fb:6f:e7:2b:5e:8e:7c:50:1d:7d:a0:a0:4a:
e7:25:f7:36
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAaAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTAxNUQxMTAvBgNVBAUTKDI1N0E5RTY5MTRENThBNzQ1QjBFRTZBQkU1NDhDREJF
MDIwNDg4RDQwHhcNMjQxMDA2MTQwMjI1WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzAyOTg3MS1iZDE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAspS3II0xf4jqCP2IRnm1ERH0B97FFXr0ZIBvLPMoJ8+yv5yypXlE8EH7RAR9
hU8x9R5gtMvJJ1GfqxA1KRCHxfLrFsdPMyLyxKLflB2CMqsFGl9t5Ni7BEwLKQkW
5jtckbLM87B0eT7JQxFIubB7yRjEs0+Q8hUjEAAvHMazCCB1WQk/aKWXcgVxTscB
gkBtkcbCEjhzmLfSTJ8xh5HEHbeC8qqsOOpyJxEExoGToiHktjccedE61CXFzPat
ScEksTZOhagVT6yRDOpeLSvsdB9kNLLCSPiKU8aKJOEm24PJPiX3NUq2Ij4nWi+c
/cpYIIsp8H0ov3gU4ah2+GtlRwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJ7YDKTW
jCODNfx55XguNqPgPWQ3MB8GA1UdIwQYMBaAFCV6nmkU1Yp0Ww7mq+VIzb4CBIjU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDE1RC82QzQ3NDkyMDcz
MTIxMUVEQjcwQkNFMzNDNEY5QUUwMi9KWHFlYVJUVmluUmJEdWFyNVVqTnZnSUVp
TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pYcWVhUlRWaW5SYkR1YXI1VWpOdmdJRWlOUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTAxNUQvNkM0NzQ5MjA3MzEyMTFFREI3MEJDRTMzQzRGOUFFMDIvMTVDNEEyMTQ4
M0VCMTFFRjhEQUU0RDI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnVcgDBAJuLGwwDQYJKoZIhvcNAQELBQADggEBAHfdW3XP
TllJ7IiDayFuE2BgH0jr/Ks5Q7R9cadQhgoCgPjRNJG9p9/umHhtUxSm97ZwjOq9
/bx3rHzFSY4CPQ1LFKKgx6Qy6eBp8pxlxFkIvdOUG48kMe13UnK1loMzfMZFEze8
6xudd8SyiOQqP3F86CLQv6fKuAPYXYuHwa9sUrRSr4tLz1fD2OqvbwE6V+GRYL0l
eQuSJHpCS8U/F+hGBwEJiwRQa+rT+AuU4GXBXMJzNNGDIlZXzbHNcOakoU6wC7Rl
ZUeet3wQSMAGia4IXw7JbjE6ut3Fwd2SoCeqVMH3peLgDbEskBq80nP8+2/nK16O
fFAdfaCgSucl9zY=
-----END CERTIFICATE-----
Generated at Mon Oct 28 08:56:17 2024 by rpki-client on console-fra.rpki-client.org