Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/E1F5BDD09C1611EFB7CEEF1DC4F9AE02.roa
File: E1F5BDD09C1611EFB7CEEF1DC4F9AE02.roa (raw, json)
Hash identifier: paT4gXjJq0hFQiI+IeK+kT28kdTkcJuifoEG7UEY7os=
Subject key identifier: DA:87:C2:4A:9B:C8:4B:B6:7E:66:71:FD:C7:79:06:3C:EB:30:30:FB
Certificate issuer: /CN=A91E015D/serialNumber=257A9E6914D58A745B0EE6ABE548CDBE020488D4
Certificate serial: 01D2
Authority key identifier: 25:7A:9E:69:14:D5:8A:74:5B:0E:E6:AB:E5:48:CD:BE:02:04:88:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXqeaRTVinRbDuar5UjNvgIEiNQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/E1F5BDD09C1611EFB7CEEF1DC4F9AE02.roa
Signing time: Wed 06 Nov 2024 08:16:36 +0000
ROA not before: Wed 06 Nov 2024 08:16:36 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 43260
IP address blocks: 103.85.200.0/24 maxlen: 24
103.85.201.0/24 maxlen: 24
103.85.202.0/24 maxlen: 24
103.85.203.0/24 maxlen: 24
110.44.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Nov 2024 19:36:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 466 (0x1d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E015D/serialNumber=257A9E6914D58A745B0EE6ABE548CDBE020488D4
Validity
Not Before: Nov 6 08:16:36 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=672b25e4-0032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fd:bf:68:c3:8c:93:1d:ce:4a:51:15:b3:0a:
ed:1d:0d:f3:c5:4a:52:83:68:5b:03:8b:63:6a:94:
ea:de:ee:ca:31:68:c6:45:dc:9c:7a:e5:05:bc:0d:
de:4f:1e:1e:68:8d:bc:2e:27:f7:54:36:24:49:18:
82:0a:6c:1c:1f:91:00:45:33:13:88:0b:95:2a:ec:
1d:3b:41:50:32:18:f0:c5:91:f9:2e:03:39:b9:28:
e3:46:eb:bf:5a:21:ab:37:8d:84:9d:2b:9b:16:07:
d0:11:3e:84:e9:45:87:37:e2:7f:5a:5e:e7:f0:6d:
9e:e3:aa:a1:2d:79:0d:77:5b:40:9d:4f:45:b7:5b:
c9:4a:03:b9:c5:6d:23:49:49:ba:89:eb:7b:02:53:
a4:ff:9a:30:50:a1:99:4f:e8:2c:37:7e:11:80:27:
5e:14:11:0c:c3:bf:ec:90:70:61:45:bc:aa:64:88:
b0:79:e1:72:20:39:f8:82:9f:21:36:43:da:87:da:
e6:9a:5e:52:ef:fa:ca:06:7b:ee:50:1c:df:9f:29:
4d:70:14:ab:59:8f:7c:74:ff:be:de:87:1a:d5:a8:
ef:a1:2f:c9:1e:2c:98:f7:49:01:a7:63:ec:b0:5b:
da:1a:c2:5b:ef:87:8d:93:c8:a4:0e:a9:cf:78:21:
3c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:87:C2:4A:9B:C8:4B:B6:7E:66:71:FD:C7:79:06:3C:EB:30:30:FB
X509v3 Authority Key Identifier:
keyid:25:7A:9E:69:14:D5:8A:74:5B:0E:E6:AB:E5:48:CD:BE:02:04:88:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/JXqeaRTVinRbDuar5UjNvgIEiNQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXqeaRTVinRbDuar5UjNvgIEiNQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/E1F5BDD09C1611EFB7CEEF1DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.85.200.0/22
110.44.111.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:2a:38:42:1e:f1:c9:e8:29:84:70:41:c9:b6:db:57:e0:53:
e3:9d:b0:1c:1e:6d:3a:27:84:0b:e4:03:3e:b9:c9:75:0e:16:
5b:6e:19:af:9a:00:c2:70:1b:cc:45:f2:e6:61:97:81:07:07:
a3:9f:7e:8f:2e:5c:ed:96:66:17:6e:ea:62:71:ea:4e:df:f3:
ee:ff:ac:55:33:18:aa:dc:8f:56:34:99:39:79:04:1f:e7:82:
7f:a2:07:a0:a2:05:ec:52:bf:9b:ec:91:b8:31:43:93:84:cb:
2e:ae:9c:b7:a3:dc:c7:53:14:11:7d:ee:bd:e9:88:3a:62:4e:
7b:cc:95:7d:2f:fd:27:08:ae:44:7e:f4:59:09:37:40:66:3d:
a2:60:d5:d0:23:84:01:ec:32:d7:1f:79:17:70:62:5e:bf:8c:
76:0d:ca:1b:35:d7:55:04:9c:3c:5c:7a:fb:6a:d7:a4:b3:21:
82:e7:73:97:36:38:70:b8:2d:65:95:6d:1a:d2:ec:f6:3d:0b:
84:cc:ac:a8:fd:df:2f:8f:54:61:4e:f4:40:35:bf:18:79:9e:
30:9d:34:c4:6c:30:eb:51:c6:1d:dd:2d:db:11:27:18:ee:79:
ca:77:e4:a8:59:e6:c1:ba:82:18:d5:6a:de:87:1f:f8:a9:eb:
c9:7d:53:41
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAdIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTAxNUQxMTAvBgNVBAUTKDI1N0E5RTY5MTRENThBNzQ1QjBFRTZBQkU1NDhDREJF
MDIwNDg4RDQwHhcNMjQxMTA2MDgxNjM2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJiMjVlNC0wMDMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvP2/aMOMkx3OSlEVswrtHQ3zxUpSg2hbA4tjapTq3u7KMWjGRdyceuUFvA3e
Tx4eaI28Lif3VDYkSRiCCmwcH5EARTMTiAuVKuwdO0FQMhjwxZH5LgM5uSjjRuu/
WiGrN42EnSubFgfQET6E6UWHN+J/Wl7n8G2e46qhLXkNd1tAnU9Ft1vJSgO5xW0j
SUm6iet7AlOk/5owUKGZT+gsN34RgCdeFBEMw7/skHBhRbyqZIiweeFyIDn4gp8h
NkPah9rmml5S7/rKBnvuUBzfnylNcBSrWY98dP++3oca1ajvoS/JHiyY90kBp2Ps
sFvaGsJb74eNk8ikDqnPeCE8RQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNqHwkqb
yEu2fmZx/cd5BjzrMDD7MB8GA1UdIwQYMBaAFCV6nmkU1Yp0Ww7mq+VIzb4CBIjU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDE1RC82QzQ3NDkyMDcz
MTIxMUVEQjcwQkNFMzNDNEY5QUUwMi9KWHFlYVJUVmluUmJEdWFyNVVqTnZnSUVp
TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pYcWVhUlRWaW5SYkR1YXI1VWpOdmdJRWlOUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTAxNUQvNkM0NzQ5MjA3MzEyMTFFREI3MEJDRTMzQzRGOUFFMDIvRTFGNUJERDA5
QzE2MTFFRkI3Q0VFRjFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnVcgDBABuLG8wDQYJKoZIhvcNAQELBQADggEBAJwqOEIe
8cnoKYRwQcm221fgU+OdsBwebTonhAvkAz65yXUOFltuGa+aAMJwG8xF8uZhl4EH
B6Offo8uXO2WZhdu6mJx6k7f8+7/rFUzGKrcj1Y0mTl5BB/ngn+iB6CiBexSv5vs
kbgxQ5OEyy6unLej3MdTFBF97r3piDpiTnvMlX0v/ScIrkR+9FkJN0BmPaJg1dAj
hAHsMtcfeRdwYl6/jHYNyhs111UEnDxcevtq16SzIYLnc5c2OHC4LWWVbRrS7PY9
C4TMrKj93y+PVGFO9EA1vxh5njCdNMRsMOtRxh3dLdsRJxjuecp35KhZ5sG6ghjV
at6HH/ip68l9U0E=
-----END CERTIFICATE-----
Generated at Sun Nov 10 22:35:44 2024 by rpki-client on console-ams.rpki-client.org