Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/0CE03A94322611EF9EF43D18C4F9AE02.roa
File: 0CE03A94322611EF9EF43D18C4F9AE02.roa (raw, json)
Hash identifier: 1R139KfK+4b5q0118NbxELOiIZWaoB82YBQtKRPInk4=
Subject key identifier: 96:94:C9:D7:4A:66:77:9E:3B:13:8B:97:75:82:A8:B4:7D:07:C6:3C
Certificate issuer: /CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Certificate serial: 34D2
Authority key identifier: 58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/0CE03A94322611EF9EF43D18C4F9AE02.roa
Signing time: Mon 24 Jun 2024 12:34:08 +0000
ROA not before: Mon 24 Jun 2024 12:34:08 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 60117
IP address blocks: 103.230.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Aug 2024 10:13:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13522 (0x34d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Validity
Not Before: Jun 24 12:34:08 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=667967c0-5c9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fb:4a:48:e1:59:c3:03:7d:e4:eb:ef:09:8f:
17:28:d5:f0:c8:7d:06:c2:4d:5c:fe:cc:46:c1:75:
48:32:bc:0b:0f:97:e9:06:f2:0c:98:78:8c:e1:65:
11:1d:3d:d8:4f:48:c0:cf:31:b3:5f:51:fe:3a:f2:
a6:78:68:4c:1c:17:cf:86:2b:68:a3:f9:4e:1d:88:
9b:20:bd:61:30:b8:2e:32:e0:ea:ea:27:be:5f:28:
a0:f8:1b:0e:71:02:d1:3e:08:3a:d5:96:a9:9d:6f:
94:9e:b1:72:57:ff:72:1c:13:49:d8:3c:5f:97:b4:
b7:bb:4b:a0:c2:05:e9:41:2c:86:ae:56:91:36:7f:
2b:11:b5:16:51:86:ff:4e:80:de:29:6d:41:36:88:
12:a1:bc:ef:23:e5:03:81:02:ad:05:83:33:c5:6c:
31:9d:0a:39:b1:65:0f:dc:17:71:3a:3e:c1:98:18:
39:c5:69:34:38:94:d2:b9:65:11:5e:c3:52:10:9d:
aa:1c:6f:05:91:67:07:40:91:c3:34:da:54:0b:6c:
64:08:d3:08:84:fc:a9:7c:b0:db:91:68:01:f9:7f:
63:67:e2:da:a5:03:c5:32:e8:3c:e0:65:1c:3a:e4:
24:33:8b:b2:77:3e:5a:5e:0e:f5:62:fd:d2:e9:d1:
06:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:94:C9:D7:4A:66:77:9E:3B:13:8B:97:75:82:A8:B4:7D:07:C6:3C
X509v3 Authority Key Identifier:
keyid:58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/0CE03A94322611EF9EF43D18C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.230.69.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:d5:96:53:6e:14:17:a8:f9:02:c7:00:e5:70:76:6e:70:1a:
3d:76:45:27:78:9a:9a:58:eb:1a:53:c4:7a:c5:3f:b3:b3:eb:
03:4b:4d:f5:10:a3:de:be:97:8a:83:9e:7f:e4:a3:11:33:0a:
0b:ca:3f:16:41:9e:88:4c:3b:ec:c7:fc:76:59:98:4f:b6:a0:
79:e5:b7:60:ff:86:3b:7c:a7:b4:5d:83:06:43:40:d3:b0:dd:
c2:5f:5f:c8:26:0d:3f:b2:fb:93:36:be:95:3f:69:99:6f:e9:
59:94:83:14:79:d7:a6:37:e3:43:8c:e8:ea:16:3b:cc:f6:53:
98:af:f5:c5:c9:ab:ba:58:6b:04:73:d5:e5:ca:d0:88:95:5f:
c2:e6:32:28:80:02:86:af:3b:99:48:f6:26:15:a3:18:1f:fa:
b2:c2:10:5f:77:7b:99:b8:e0:20:0c:51:e5:e7:0d:19:63:c4:
7f:ee:da:85:8b:bc:ad:ad:2d:2d:4a:6e:e6:e5:eb:db:f9:41:
12:4c:57:b4:4f:03:4e:1e:60:e5:53:9b:b9:fb:10:c6:31:42:
28:c1:49:3e:b8:6f:8f:31:7f:b2:5d:ac:5a:37:59:a4:f4:4b:
f1:95:e0:d1:ca:1b:77:f1:96:ce:27:7d:4a:51:10:45:71:84:
eb:63:5b:be
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNNIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThDOTAxMTAvBgNVBAUTKDU4QTE5NkE3QkYwNkYyRTE2RTkwOUQyNzcxNDFCQTQ0
OTExRjFGNEYwHhcNMjQwNjI0MTIzNDA4WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njc5NjdjMC01YzlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo/tKSOFZwwN95OvvCY8XKNXwyH0Gwk1c/sxGwXVIMrwLD5fpBvIMmHiM4WUR
HT3YT0jAzzGzX1H+OvKmeGhMHBfPhitoo/lOHYibIL1hMLguMuDq6ie+Xyig+BsO
cQLRPgg61ZapnW+UnrFyV/9yHBNJ2Dxfl7S3u0ugwgXpQSyGrlaRNn8rEbUWUYb/
ToDeKW1BNogSobzvI+UDgQKtBYMzxWwxnQo5sWUP3BdxOj7BmBg5xWk0OJTSuWUR
XsNSEJ2qHG8FkWcHQJHDNNpUC2xkCNMIhPypfLDbkWgB+X9jZ+LapQPFMug84GUc
OuQkM4uydz5aXg71Yv3S6dEGRwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJaUyddK
ZneeOxOLl3WCqLR9B8Y8MB8GA1UdIwQYMBaAFFihlqe/BvLhbpCdJ3FBukSRHx9P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM5MC8yRDFCRUJFNDFE
OTUxMUUyODhFNkIzRkEwOEIwMkNEMi9XS0dXcDc4Rzh1RnVrSjBuY1VHNlJKRWZI
MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dLR1dwNzhHOHVGdWtKMG5jVUc2UkpFZkgwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThDOTAvMkQxQkVCRTQxRDk1MTFFMjg4RTZCM0ZBMDhCMDJDRDIvMENFMDNBOTQz
MjI2MTFFRjlFRjQzRDE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn5kUwDQYJKoZIhvcNAQELBQADggEBADvVllNuFBeo+QLH
AOVwdm5wGj12RSd4mppY6xpTxHrFP7Oz6wNLTfUQo96+l4qDnn/koxEzCgvKPxZB
nohMO+zH/HZZmE+2oHnlt2D/hjt8p7RdgwZDQNOw3cJfX8gmDT+y+5M2vpU/aZlv
6VmUgxR516Y340OM6OoWO8z2U5iv9cXJq7pYawRz1eXK0IiVX8LmMiiAAoavO5lI
9iYVoxgf+rLCEF93e5m44CAMUeXnDRljxH/u2oWLvK2tLS1Kbubl69v5QRJMV7RP
A04eYOVTm7n7EMYxQijBST64b48xf7JdrFo3WaT0S/GV4NHKG3fxls4nfUpREEVx
hOtjW74=
-----END CERTIFICATE-----
Generated at Sat Aug 24 13:38:18 2024 by rpki-client on console-ams.rpki-client.org