Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8BAF/32D8E22E1DAB11E2A97D23A908B02CD2/FE5D433401D311ECB7D23535C4F9AE02.roa
File: FE5D433401D311ECB7D23535C4F9AE02.roa (raw, json)
Hash identifier: EYQSPQ5aW4Zw5AOSeAxBe1Ll8+ZeVQ/gqEvAjvUUR4c=
Subject key identifier: 02:F0:AE:BA:84:DF:3E:DA:F8:67:65:A3:58:26:84:3E:4C:F5:4E:B6
Certificate issuer: /CN=A91E8BAF/serialNumber=248DB1FEE5510C8A6AF85EAC810EC4CCAE8BF90D
Certificate serial: 333D
Authority key identifier: 24:8D:B1:FE:E5:51:0C:8A:6A:F8:5E:AC:81:0E:C4:CC:AE:8B:F9:0D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JI2x_uVRDIpq-F6sgQ7EzK6L-Q0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8BAF/32D8E22E1DAB11E2A97D23A908B02CD2/FE5D433401D311ECB7D23535C4F9AE02.roa
Signing time: Fri 04 Aug 2023 15:31:00 +0000
ROA not before: Fri 04 Aug 2023 15:31:00 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 58641
IP address blocks: 103.14.96.0/24 maxlen: 24
103.14.97.0/24 maxlen: 24
103.14.98.0/24 maxlen: 24
103.14.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Aug 2023 08:49:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13117 (0x333d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8BAF/serialNumber=248DB1FEE5510C8A6AF85EAC810EC4CCAE8BF90D
Validity
Not Before: Aug 4 15:31:00 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64cd19b4-d1a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:10:cb:e6:3a:51:e3:2d:a3:ba:46:50:70:c7:
00:7f:59:dd:98:27:43:59:85:c1:a0:f9:a4:e1:53:
79:ed:9e:31:e6:fc:e3:b5:eb:41:3e:a3:d1:00:d2:
d9:27:a3:2a:5e:fd:a8:ea:be:f7:8a:ae:c6:3c:38:
3c:78:55:0d:50:11:48:11:77:9c:a6:43:4b:a2:cd:
d0:79:8e:b8:49:02:ad:97:10:e6:74:b7:52:21:d0:
88:e0:57:80:f5:7c:d5:d3:31:b9:6e:c3:00:c5:d8:
4d:17:ed:15:e4:38:45:95:b5:13:55:14:fe:db:a1:
9a:1a:0f:12:0c:31:cb:1e:be:c1:84:ba:99:5c:7c:
09:cd:4b:b8:be:2e:89:d1:8e:46:00:d5:e7:b4:5e:
55:a4:49:8e:c0:0f:a8:1f:72:b5:9c:32:e9:1e:bd:
af:ef:4b:f9:2a:a1:62:e8:21:ac:02:78:8a:2a:ec:
e3:53:a1:c3:ed:51:59:6c:d2:ad:03:3e:1c:d0:cd:
2f:3e:3c:1c:85:8e:09:07:5c:6c:eb:09:11:49:58:
46:cc:ac:03:dd:8a:bd:09:57:cc:ac:73:90:59:d2:
c3:3c:00:af:6c:2f:11:1d:9a:46:7b:c0:cd:6d:80:
56:92:bd:9e:d9:84:46:04:1c:c2:ee:ab:76:f0:ca:
ce:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:F0:AE:BA:84:DF:3E:DA:F8:67:65:A3:58:26:84:3E:4C:F5:4E:B6
X509v3 Authority Key Identifier:
keyid:24:8D:B1:FE:E5:51:0C:8A:6A:F8:5E:AC:81:0E:C4:CC:AE:8B:F9:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8BAF/32D8E22E1DAB11E2A97D23A908B02CD2/JI2x_uVRDIpq-F6sgQ7EzK6L-Q0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JI2x_uVRDIpq-F6sgQ7EzK6L-Q0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8BAF/32D8E22E1DAB11E2A97D23A908B02CD2/FE5D433401D311ECB7D23535C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.14.96.0/22
Signature Algorithm: sha256WithRSAEncryption
d8:3b:b5:6e:82:e5:d9:f7:62:f9:9d:ae:c0:09:e5:a0:e1:48:
e1:61:c0:11:e1:1d:bc:22:83:01:1a:ae:d5:e7:01:6f:84:55:
91:38:a0:69:c3:8e:6d:f0:c3:fb:a9:ac:6d:a6:8f:79:1b:da:
4a:3c:7d:a1:83:5a:2f:0f:ef:41:13:76:2f:6e:cb:3e:95:54:
8d:44:d7:43:44:09:3c:3e:25:00:2e:42:ee:5b:1f:22:6d:dd:
14:98:56:90:03:9a:ad:08:58:e2:c9:22:cc:70:44:ed:cf:6a:
ea:7b:29:c5:f1:0c:82:a6:4d:6c:8c:47:93:c2:8c:fe:80:e4:
43:c8:d6:14:e5:50:97:a8:a4:17:71:6b:a7:78:b7:04:16:1e:
64:ef:82:6d:56:01:ba:58:a3:23:c6:f6:10:31:b8:21:f8:a7:
b8:28:f4:f6:69:52:26:54:24:5c:8d:ef:2d:50:a3:20:5a:5f:
ba:0f:0c:87:4e:ee:8c:ab:6b:ee:43:0f:b1:8c:76:30:4d:a3:
15:c9:3c:1e:1c:50:aa:ba:52:5f:e0:1f:9e:5e:9b:15:ad:9d:
65:45:78:3d:c8:59:30:39:da:9e:7a:08:a6:58:45:40:d4:9b:
86:4f:ca:cf:a2:17:39:4e:28:51:95:e5:8d:e4:d2:fe:50:c4:
9f:b0:00:87
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICMz0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThCQUYxMTAvBgNVBAUTKDI0OERCMUZFRTU1MTBDOEE2QUY4NUVBQzgxMEVDNEND
QUU4QkY5MEQwHhcNMjMwODA0MTUzMTAwWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNkMTliNC1kMWE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzhDL5jpR4y2jukZQcMcAf1ndmCdDWYXBoPmk4VN57Z4x5vzjtetBPqPRANLZ
J6MqXv2o6r73iq7GPDg8eFUNUBFIEXecpkNLos3QeY64SQKtlxDmdLdSIdCI4FeA
9XzV0zG5bsMAxdhNF+0V5DhFlbUTVRT+26GaGg8SDDHLHr7BhLqZXHwJzUu4vi6J
0Y5GANXntF5VpEmOwA+oH3K1nDLpHr2v70v5KqFi6CGsAniKKuzjU6HD7VFZbNKt
Az4c0M0vPjwchY4JB1xs6wkRSVhGzKwD3Yq9CVfMrHOQWdLDPACvbC8RHZpGe8DN
bYBWkr2e2YRGBBzC7qt28MrOaQIDAQABo4IClTCCApEwHQYDVR0OBBYEFALwrrqE
3z7a+Gdlo1gmhD5M9U62MB8GA1UdIwQYMBaAFCSNsf7lUQyKavherIEOxMyui/kN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEJBRi8zMkQ4RTIyRTFE
QUIxMUUyQTk3RDIzQTkwOEIwMkNEMi9KSTJ4X3VWUkRJcHEtRjZzZ1E3RXpLNkwt
UTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pJMnhfdVZSRElwcS1GNnNnUTdFeks2TC1RMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThCQUYvMzJEOEUyMkUxREFCMTFFMkE5N0QyM0E5MDhCMDJDRDIvRkU1RDQzMzQw
MUQzMTFFQ0I3RDIzNTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnDmAwDQYJKoZIhvcNAQELBQADggEBANg7tW6C5dn3Yvmd
rsAJ5aDhSOFhwBHhHbwigwEartXnAW+EVZE4oGnDjm3ww/uprG2mj3kb2ko8faGD
Wi8P70ETdi9uyz6VVI1E10NECTw+JQAuQu5bHyJt3RSYVpADmq0IWOLJIsxwRO3P
aup7KcXxDIKmTWyMR5PCjP6A5EPI1hTlUJeopBdxa6d4twQWHmTvgm1WAbpYoyPG
9hAxuCH4p7go9PZpUiZUJFyN7y1QoyBaX7oPDIdO7oyra+5DD7GMdjBNoxXJPB4c
UKq6Ul/gH55emxWtnWVFeD3IWTA52p56CKZYRUDUm4ZPys+iFzlOKFGV5Y3k0v5Q
xJ+wAIc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:46 2024 by rpki-client on console-fra.rpki-client.org