Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/476D74969F9B11EFBAA13275C4F9AE02.roa
File: 476D74969F9B11EFBAA13275C4F9AE02.roa (raw, json)
Hash identifier: 2wLivW4NKQ0O0q5ie/a5gaRS3QUMpln8TBlwyFPS/ws=
Subject key identifier: FE:E1:34:63:BF:F0:70:FD:6D:CC:2C:83:0A:8D:1B:47:BB:82:85:A5
Certificate issuer: /CN=A91E015D/serialNumber=257A9E6914D58A745B0EE6ABE548CDBE020488D4
Certificate serial: 01E2
Authority key identifier: 25:7A:9E:69:14:D5:8A:74:5B:0E:E6:AB:E5:48:CD:BE:02:04:88:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXqeaRTVinRbDuar5UjNvgIEiNQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/476D74969F9B11EFBAA13275C4F9AE02.roa
Signing time: Sun 10 Nov 2024 19:41:14 +0000
ROA not before: Sun 10 Nov 2024 19:41:14 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 62425
IP address blocks: 103.85.200.0/24 maxlen: 24
103.85.201.0/24 maxlen: 24
103.85.202.0/24 maxlen: 24
103.85.203.0/24 maxlen: 24
110.44.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Nov 2024 15:58:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 482 (0x1e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E015D/serialNumber=257A9E6914D58A745B0EE6ABE548CDBE020488D4
Validity
Not Before: Nov 10 19:41:14 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=67310c5a-1127
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:29:98:df:4b:be:d4:14:61:d2:6b:1d:2a:7e:
7e:3e:92:e6:44:9c:13:40:45:06:c4:d9:13:ef:03:
38:4f:fe:1f:f6:28:be:0b:a3:b3:7b:da:08:0b:a2:
8c:ba:df:ea:96:65:79:0d:8e:7c:78:3c:96:4f:82:
1e:a5:3c:a4:a1:29:61:56:37:50:ea:fc:17:55:03:
a8:f0:4f:16:58:04:59:06:2d:72:34:7f:88:ed:02:
cd:17:ac:ca:45:23:19:98:a4:b4:19:83:62:72:c0:
c6:f5:f2:d6:24:5a:f4:5a:79:32:15:d2:68:1b:ed:
e6:70:cb:7a:01:55:98:00:fb:58:40:44:f1:5a:a7:
5c:60:91:4c:e1:5f:99:05:b2:46:d4:f5:95:40:e8:
48:c8:38:7c:cc:bf:29:5b:cd:2d:f0:74:f0:e8:78:
fe:69:a8:59:36:09:0f:ce:e6:88:fb:92:5d:c9:bb:
70:b9:a9:37:bc:e0:1c:26:02:62:e3:ee:c5:db:81:
7e:35:dd:9f:50:8f:6b:47:82:b8:1b:8b:e5:65:7a:
2b:e7:41:b6:53:8f:34:9e:2d:b6:00:9d:6b:06:fe:
8a:6c:34:b8:3c:3a:ae:3a:ce:07:48:b9:f5:83:3f:
60:22:e2:cc:4a:7a:76:54:e8:2a:03:58:9f:b8:4d:
a3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E1:34:63:BF:F0:70:FD:6D:CC:2C:83:0A:8D:1B:47:BB:82:85:A5
X509v3 Authority Key Identifier:
keyid:25:7A:9E:69:14:D5:8A:74:5B:0E:E6:AB:E5:48:CD:BE:02:04:88:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/JXqeaRTVinRbDuar5UjNvgIEiNQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXqeaRTVinRbDuar5UjNvgIEiNQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/476D74969F9B11EFBAA13275C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.85.200.0/22
110.44.111.0/24
Signature Algorithm: sha256WithRSAEncryption
13:b1:56:36:2e:73:d1:ad:02:13:44:2c:fd:7a:7d:78:35:47:
0a:41:15:c1:fb:79:9c:22:1d:ee:fc:dd:cf:11:e1:0b:a9:4d:
9d:f9:2f:81:8c:4c:ec:f6:93:b9:82:76:31:83:3a:e3:37:8a:
56:07:22:11:47:e9:ac:2e:f4:72:f9:17:de:5f:b5:e0:98:dc:
32:0d:06:20:a7:31:99:d3:1c:00:fc:94:49:8c:41:c5:b3:ca:
00:89:46:aa:20:f4:7a:c8:2e:40:2d:af:5a:4c:1d:c2:fc:8a:
d0:de:82:eb:67:78:c8:7e:48:3a:aa:fe:ad:35:84:3a:8d:74:
dc:e7:7e:1a:50:b2:bd:45:dd:7e:fb:13:17:ec:4c:9e:1e:a9:
1f:8c:af:6f:d3:ec:a9:e6:9c:b4:4e:5d:18:b0:89:29:e5:1c:
12:01:a7:22:72:88:71:ea:9d:ad:8e:d5:46:03:62:b3:3c:cb:
f0:eb:15:31:d7:50:1f:e4:49:7b:4c:bf:af:b5:a0:47:a8:1c:
3e:42:7b:9e:11:a5:3f:33:fd:12:e0:6b:4e:9f:b8:d4:1c:7f:
4f:8b:61:0d:79:45:79:df:6b:58:ee:b9:2f:5d:91:93:3e:72:
a6:04:99:61:41:e9:74:8c:ff:0d:50:20:e4:43:d4:a3:e8:4c:
c4:a2:fc:23
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAeIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTAxNUQxMTAvBgNVBAUTKDI1N0E5RTY5MTRENThBNzQ1QjBFRTZBQkU1NDhDREJF
MDIwNDg4RDQwHhcNMjQxMTEwMTk0MTE0WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzMxMGM1YS0xMTI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0ymY30u+1BRh0msdKn5+PpLmRJwTQEUGxNkT7wM4T/4f9ii+C6Oze9oIC6KM
ut/qlmV5DY58eDyWT4IepTykoSlhVjdQ6vwXVQOo8E8WWARZBi1yNH+I7QLNF6zK
RSMZmKS0GYNicsDG9fLWJFr0WnkyFdJoG+3mcMt6AVWYAPtYQETxWqdcYJFM4V+Z
BbJG1PWVQOhIyDh8zL8pW80t8HTw6Hj+aahZNgkPzuaI+5Jdybtwuak3vOAcJgJi
4+7F24F+Nd2fUI9rR4K4G4vlZXor50G2U480ni22AJ1rBv6KbDS4PDquOs4HSLn1
gz9gIuLMSnp2VOgqA1ifuE2jHwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFP7hNGO/
8HD9bcwsgwqNG0e7goWlMB8GA1UdIwQYMBaAFCV6nmkU1Yp0Ww7mq+VIzb4CBIjU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDE1RC82QzQ3NDkyMDcz
MTIxMUVEQjcwQkNFMzNDNEY5QUUwMi9KWHFlYVJUVmluUmJEdWFyNVVqTnZnSUVp
TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pYcWVhUlRWaW5SYkR1YXI1VWpOdmdJRWlOUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTAxNUQvNkM0NzQ5MjA3MzEyMTFFREI3MEJDRTMzQzRGOUFFMDIvNDc2RDc0OTY5
RjlCMTFFRkJBQTEzMjc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnVcgDBABuLG8wDQYJKoZIhvcNAQELBQADggEBABOxVjYu
c9GtAhNELP16fXg1RwpBFcH7eZwiHe783c8R4QupTZ35L4GMTOz2k7mCdjGDOuM3
ilYHIhFH6awu9HL5F95fteCY3DINBiCnMZnTHAD8lEmMQcWzygCJRqog9HrILkAt
r1pMHcL8itDegutneMh+SDqq/q01hDqNdNznfhpQsr1F3X77ExfsTJ4eqR+Mr2/T
7KnmnLROXRiwiSnlHBIBpyJyiHHqna2O1UYDYrM8y/DrFTHXUB/kSXtMv6+1oEeo
HD5Ce54RpT8z/RLga06fuNQcf0+LYQ15RXnfa1juuS9dkZM+cqYEmWFB6XSM/w1Q
IORD1KPoTMSi/CM=
-----END CERTIFICATE-----
Generated at Wed Nov 13 19:27:06 2024 by rpki-client on console-ams.rpki-client.org