Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/C3C0953AB9E311EE8B65EA4DC4F9AE02.roa
File: C3C0953AB9E311EE8B65EA4DC4F9AE02.roa (raw, json)
Hash identifier: u27iqZC5s21DGzBVKVrbArz5t+sNZ8AEs6m37VRqPrY=
Subject key identifier: 97:57:D6:92:B4:09:80:04:55:38:6E:24:87:F0:91:6A:AB:04:68:1A
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 0FC2
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/C3C0953AB9E311EE8B65EA4DC4F9AE02.roa
Signing time: Tue 23 Jan 2024 11:37:19 +0000
ROA not before: Tue 23 Jan 2024 11:37:19 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 103.11.61.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
113.203.254.0/24 maxlen: 24
113.203.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 10:46:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4034 (0xfc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Jan 23 11:37:19 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65afa4ef-fcf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7b:55:ed:90:6a:03:84:c6:c7:d0:97:24:dd:
31:11:7e:99:75:ee:5b:ac:49:fe:6a:75:06:29:85:
36:3d:99:26:93:c2:56:a1:60:fb:54:39:64:7b:3e:
2f:34:2e:bb:cf:d8:69:9d:82:bd:50:d5:72:d6:f2:
bf:6e:7c:b9:2e:7e:5d:11:28:de:1a:90:dc:87:9f:
b8:93:db:8a:fc:50:25:90:af:5f:b7:c2:df:2b:95:
de:e1:15:b4:ea:82:25:fa:a0:7b:c8:46:81:64:78:
1c:e9:59:5d:f4:98:5a:c1:92:48:1d:47:9f:d5:c1:
be:4e:14:67:84:8c:d8:53:5c:15:b1:fc:80:a1:ee:
9f:5b:74:0d:8a:75:22:a4:49:d0:55:ed:b2:9e:04:
5b:e9:bb:3c:5e:f5:f6:25:72:84:0b:b4:0c:59:41:
44:aa:e3:6b:d1:0f:1a:1c:94:10:9a:ba:cf:62:74:
c1:81:db:0f:a3:33:45:7e:ec:8c:26:07:6b:4e:8a:
e9:a5:62:eb:a0:e6:6d:54:fe:1a:2b:dc:a4:30:07:
06:0a:4d:11:47:f8:00:39:af:90:83:4e:97:f0:26:
68:21:e7:10:e6:53:c0:1e:f3:ff:0e:8c:71:b7:2a:
63:44:10:5b:8d:3b:03:3a:21:77:b6:6f:dc:67:1a:
2c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:57:D6:92:B4:09:80:04:55:38:6E:24:87:F0:91:6A:AB:04:68:1A
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/C3C0953AB9E311EE8B65EA4DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.61.0/24
113.203.244.0/24
113.203.254.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:33:81:27:4a:bb:af:86:73:e5:d3:cb:17:00:f9:19:91:f3:
34:26:32:ee:f4:6d:cd:81:3d:8e:b4:6b:5e:37:84:b6:9a:a8:
18:85:83:c6:75:05:bd:3b:5f:34:e7:e3:6e:8f:6d:4e:39:f1:
44:7a:50:6b:45:50:e2:25:04:bc:30:c0:96:2a:6b:ee:2e:82:
35:95:b5:e5:fd:0d:0f:4a:9b:6a:4a:2a:3c:48:9a:e8:8f:1d:
ca:eb:94:d7:b1:23:71:a5:c0:01:43:f6:a8:7b:dd:64:34:a1:
9f:68:65:d1:56:16:35:00:f3:53:43:73:01:8f:01:a4:bf:95:
62:9d:77:11:48:65:07:7d:05:ba:9d:1b:10:17:39:a6:d3:dc:
fe:e5:92:a7:8b:87:22:bf:13:60:3d:8e:4d:2e:53:c3:13:13:
0c:01:ac:29:ad:76:0e:dc:c4:c9:a8:59:98:ff:3e:22:cf:33:
43:7c:df:45:91:7c:1d:65:92:0a:82:0b:a3:7f:80:52:6a:31:
af:63:5d:32:fe:25:79:2b:b7:03:b6:d5:b2:37:a6:c0:68:7e:
38:0b:6d:ea:5d:83:e2:ad:2f:4f:56:1d:aa:16:5b:9c:65:d6:
30:6e:cc:af:7c:e0:1f:a8:b0:0c:87:83:2d:35:2c:9e:48:cc:
ad:c2:95:69
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICD8IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwMTIzMTEzNzE5WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWFmYTRlZi1mY2Y2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn3tV7ZBqA4TGx9CXJN0xEX6Zde5brEn+anUGKYU2PZkmk8JWoWD7VDlkez4v
NC67z9hpnYK9UNVy1vK/bny5Ln5dESjeGpDch5+4k9uK/FAlkK9ft8LfK5Xe4RW0
6oIl+qB7yEaBZHgc6Vld9JhawZJIHUef1cG+ThRnhIzYU1wVsfyAoe6fW3QNinUi
pEnQVe2yngRb6bs8XvX2JXKEC7QMWUFEquNr0Q8aHJQQmrrPYnTBgdsPozNFfuyM
JgdrTorppWLroOZtVP4aK9ykMAcGCk0RR/gAOa+Qg06X8CZoIecQ5lPAHvP/Doxx
typjRBBbjTsDOiF3tm/cZxos3wIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFJdX1pK0
CYAEVThuJIfwkWqrBGgaMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQzNDMDk1M0FC
OUUzMTFFRThCNjVFQTREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABnCz0DBABxy/QDBAFxy/4wDQYJKoZIhvcNAQELBQADggEB
AIszgSdKu6+Gc+XTyxcA+RmR8zQmMu70bc2BPY60a143hLaaqBiFg8Z1Bb07XzTn
426PbU458UR6UGtFUOIlBLwwwJYqa+4ugjWVteX9DQ9Km2pKKjxImuiPHcrrlNex
I3GlwAFD9qh73WQ0oZ9oZdFWFjUA81NDcwGPAaS/lWKddxFIZQd9BbqdGxAXOabT
3P7lkqeLhyK/E2A9jk0uU8MTEwwBrCmtdg7cxMmoWZj/PiLPM0N830WRfB1lkgqC
C6N/gFJqMa9jXTL+JXkrtwO21bI3psBofjgLbepdg+KtL09WHaoWW5xl1jBuzK98
4B+osAyHgy01LJ5IzK3ClWk=
-----END CERTIFICATE-----
Generated at Fri Jan 26 15:52:01 2024 by rpki-client on console-ams.rpki-client.org