Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/173820C2EE3C11ECA9E43485C4F9AE02.roa
File: 173820C2EE3C11ECA9E43485C4F9AE02.roa (raw, json)
Hash identifier: JJJbxa86cWGg8n4cpGlAoAgIGDCuSo03KEfohLmG65Q=
Subject key identifier: A7:5E:E8:F3:CB:4B:80:D5:4B:E2:BC:7C:6A:CD:A6:CE:73:2E:B8:A9
Certificate issuer: /CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Certificate serial: 3426
Authority key identifier: 58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/173820C2EE3C11ECA9E43485C4F9AE02.roa
Signing time: Mon 02 Oct 2023 15:11:03 +0000
ROA not before: Mon 02 Oct 2023 15:11:03 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 61317
IP address blocks: 103.230.68.0/23 maxlen: 23
103.230.69.0/24 maxlen: 24
103.230.70.0/24 maxlen: 24
117.121.247.0/24 maxlen: 24
182.54.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Jun 2024 22:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13350 (0x3426)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Validity
Not Before: Oct 2 15:11:03 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=651add86-191d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:29:83:e7:16:38:3a:3a:ea:52:9c:09:fc:ec:
76:ac:be:a3:db:66:1e:1b:e0:8e:f4:dc:67:69:17:
16:38:6e:92:d6:ea:7d:dc:84:08:19:d5:c4:29:9b:
91:ad:25:c0:f3:85:48:28:1b:3f:70:97:25:20:22:
23:16:49:b8:28:fc:fc:6e:f4:fc:57:aa:4d:19:da:
38:5c:58:09:d6:38:ad:97:a6:a8:7e:74:72:fd:18:
6d:1b:74:ab:1a:6b:df:29:62:8d:8c:c0:ff:62:98:
58:49:55:83:6e:cf:c2:50:48:58:15:2e:2e:bb:65:
58:60:11:5b:56:bc:7f:03:d0:6a:29:51:5d:3f:6b:
d5:7f:2d:fa:3d:44:38:91:c5:0e:8e:33:8b:bc:33:
dc:77:4f:ff:fb:85:7e:95:8a:08:b5:53:f4:3f:e5:
94:e1:a1:49:36:6f:77:75:c1:59:ef:88:c0:77:32:
91:26:c8:04:df:33:ed:cd:fb:1d:fe:6a:b2:b3:04:
3f:e2:d7:c5:e3:8f:3c:a9:b3:60:2d:0b:35:61:04:
d9:4a:54:f5:e0:a4:cc:09:9d:90:32:52:2e:2c:f3:
11:af:54:8b:31:14:5b:96:af:88:52:45:c9:e8:1e:
53:5f:6d:9f:36:b5:85:66:76:fd:0a:d6:f2:16:3d:
85:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:5E:E8:F3:CB:4B:80:D5:4B:E2:BC:7C:6A:CD:A6:CE:73:2E:B8:A9
X509v3 Authority Key Identifier:
keyid:58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/173820C2EE3C11ECA9E43485C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.230.68.0-103.230.70.255
117.121.247.0/24
182.54.239.0/24
Signature Algorithm: sha256WithRSAEncryption
20:33:54:30:bd:f5:43:e5:38:03:4c:0c:fe:cb:e2:28:0e:dd:
cd:81:7c:74:c0:76:92:89:25:ed:ea:2e:ba:9e:36:66:6a:ea:
68:8f:ec:d4:f9:ff:b0:11:9e:88:f2:d6:95:cc:31:ef:d2:47:
c2:75:26:75:93:60:48:f5:7c:74:70:53:6f:d2:d8:64:83:31:
f7:5f:80:40:35:a0:7d:40:8f:08:dc:54:c5:0b:fd:83:5c:d8:
d9:79:4c:9c:0a:ea:9c:4e:46:6e:8b:c8:fa:c4:93:a8:96:2f:
1d:f8:1f:9c:8b:e6:53:65:ae:97:dc:72:e1:a9:b7:5e:e6:6a:
2f:61:ac:11:62:08:85:07:46:10:d5:db:7d:2e:c1:28:27:11:
cb:86:c5:f8:04:eb:7a:52:73:e1:0b:4a:88:58:d8:ed:91:da:
bb:88:37:10:84:35:d5:ca:a5:fb:44:b7:41:e6:ac:32:53:bb:
2f:2f:31:a4:e9:73:d8:34:03:e1:bf:ad:aa:71:aa:bd:c9:00:
dc:5d:c0:d5:5f:51:55:4d:dc:dd:d9:fe:12:0e:53:fd:40:26:
44:01:f4:da:5f:43:da:01:a1:9b:c3:ce:3c:df:aa:2e:76:ba:
e6:33:30:a1:17:10:b2:9c:ae:eb:87:cd:a2:7b:31:f6:db:2b:
f9:0d:05:73
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICNCYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThDOTAxMTAvBgNVBAUTKDU4QTE5NkE3QkYwNkYyRTE2RTkwOUQyNzcxNDFCQTQ0
OTExRjFGNEYwHhcNMjMxMDAyMTUxMTAzWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFhZGQ4Ni0xOTFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuymD5xY4OjrqUpwJ/Ox2rL6j22YeG+CO9NxnaRcWOG6S1up93IQIGdXEKZuR
rSXA84VIKBs/cJclICIjFkm4KPz8bvT8V6pNGdo4XFgJ1jitl6aofnRy/RhtG3Sr
GmvfKWKNjMD/YphYSVWDbs/CUEhYFS4uu2VYYBFbVrx/A9BqKVFdP2vVfy36PUQ4
kcUOjjOLvDPcd0//+4V+lYoItVP0P+WU4aFJNm93dcFZ74jAdzKRJsgE3zPtzfsd
/mqyswQ/4tfF4488qbNgLQs1YQTZSlT14KTMCZ2QMlIuLPMRr1SLMRRblq+IUkXJ
6B5TX22fNrWFZnb9CtbyFj2FvwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFKde6PPL
S4DVS+K8fGrNps5zLripMB8GA1UdIwQYMBaAFFihlqe/BvLhbpCdJ3FBukSRHx9P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM5MC8yRDFCRUJFNDFE
OTUxMUUyODhFNkIzRkEwOEIwMkNEMi9XS0dXcDc4Rzh1RnVrSjBuY1VHNlJKRWZI
MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dLR1dwNzhHOHVGdWtKMG5jVUc2UkpFZkgwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThDOTAvMkQxQkVCRTQxRDk1MTFFMjg4RTZCM0ZBMDhCMDJDRDIvMTczODIwQzJF
RTNDMTFFQ0E5RTQzNDg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEAmfmRAMEAGfmRgMEAHV59wMEALY27zANBgkqhkiG9w0B
AQsFAAOCAQEAIDNUML31Q+U4A0wM/sviKA7dzYF8dMB2kokl7eouup42ZmrqaI/s
1Pn/sBGeiPLWlcwx79JHwnUmdZNgSPV8dHBTb9LYZIMx91+AQDWgfUCPCNxUxQv9
g1zY2XlMnArqnE5GbovI+sSTqJYvHfgfnIvmU2Wul9xy4am3XuZqL2GsEWIIhQdG
ENXbfS7BKCcRy4bF+ATrelJz4QtKiFjY7ZHau4g3EIQ11cql+0S3QeasMlO7Ly8x
pOlz2DQD4b+tqnGqvckA3F3A1V9RVU3c3dn+Eg5T/UAmRAH02l9D2gGhm8POPN+q
Lna65jMwoRcQspyu64fNonsx9tsr+Q0Fcw==
-----END CERTIFICATE-----
Generated at Thu Jun 20 00:31:53 2024 by rpki-client on console-fra.rpki-client.org