Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/74683EF08FDC11EF88EE9F54C4F9AE02.roa
File: 74683EF08FDC11EF88EE9F54C4F9AE02.roa (raw, json)
Hash identifier: 8viocI8YX9lM19qgXurBOVVgu0f+6++y7P9f/D/zq5Q=
Subject key identifier: E7:5D:AA:28:3F:8D:37:26:C3:4D:96:C7:30:21:BA:39:94:49:64:07
Certificate issuer: /CN=A91EBA0E/serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17
Certificate serial: 013A
Authority key identifier: 92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/74683EF08FDC11EF88EE9F54C4F9AE02.roa
Signing time: Mon 21 Oct 2024 18:45:56 +0000
ROA not before: Mon 21 Oct 2024 18:45:56 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 151966
IP address blocks: 103.174.86.0/23 maxlen: 23
2400:68e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 01 Nov 2024 01:14:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 314 (0x13a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EBA0E/serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17
Validity
Not Before: Oct 21 18:45:56 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6716a164-c21d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c5:af:c1:b9:16:5f:96:03:0f:35:10:91:ab:
d5:6f:04:4a:eb:df:e5:70:31:b9:26:33:3b:b2:03:
42:16:cd:69:e0:f3:51:9b:83:e8:a0:60:6d:12:53:
96:00:e6:e7:2e:31:54:85:37:39:f3:3b:ba:93:1a:
11:9c:f0:96:03:53:55:70:16:e2:53:00:0e:ad:5a:
9a:9c:3f:bf:95:d6:6b:7f:83:85:eb:d6:9c:cd:da:
25:54:53:cd:78:d4:c5:c9:87:5f:13:4d:cb:ab:77:
38:2a:c5:49:0f:ab:fa:c3:0d:8f:15:69:d9:45:a7:
99:d6:9e:32:1d:d5:3a:34:d4:3a:70:08:3d:86:8c:
c6:33:d7:05:76:4f:9f:34:96:4c:b7:a2:d6:46:70:
c5:e9:8d:31:5d:de:9c:4e:11:cb:ce:b8:58:7c:65:
4c:6f:07:6e:f6:48:3d:4a:91:09:d5:a5:57:88:da:
5c:90:c2:2c:86:37:f7:1d:31:b1:6b:f4:6d:fd:9a:
7e:87:1d:18:ac:0d:6a:ca:3d:51:9c:2b:ca:4d:e7:
9d:b5:32:66:45:25:06:94:4d:bc:db:61:5e:b9:8c:
46:96:3b:9b:49:c1:44:88:8c:60:37:24:1d:75:d4:
ac:f4:6d:76:e7:8e:7f:09:b1:1a:06:2a:f3:b0:12:
27:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:5D:AA:28:3F:8D:37:26:C3:4D:96:C7:30:21:BA:39:94:49:64:07
X509v3 Authority Key Identifier:
keyid:92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/74683EF08FDC11EF88EE9F54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.86.0/23
IPv6:
2400:68e0::/32
Signature Algorithm: sha256WithRSAEncryption
18:c5:98:68:bb:41:cc:8d:d2:41:67:77:2c:7b:bd:26:cf:06:
47:ed:b3:58:51:7f:cb:94:f2:ac:ed:c2:7b:e4:18:4e:bc:7e:
6e:ce:17:31:39:14:39:e2:6b:88:15:89:47:05:90:5e:4a:2d:
1f:44:23:4d:ac:e1:0a:79:3f:5f:77:25:7f:3f:26:4a:79:7a:
00:97:6d:71:e9:d1:e1:f0:c3:1b:e5:04:89:d6:03:39:80:58:
22:88:37:8d:b6:7a:a7:c6:16:5e:1f:f4:c7:69:6f:99:cc:44:
55:3c:ae:ae:f3:a6:e1:30:d1:03:dd:92:19:56:37:59:81:fd:
fd:be:a4:9d:3b:f4:2a:0e:e1:f7:7f:b7:7a:9e:37:ae:0f:c7:
9c:da:37:e8:bc:60:62:82:6e:1c:85:4e:f1:97:56:6c:7c:77:
97:b9:ce:d8:0e:9a:1e:bb:62:fc:a4:4b:f7:40:f5:0e:11:ce:
a3:37:bf:ee:4a:14:12:1e:ea:8a:e1:04:56:8c:83:8b:bd:12:
28:c6:aa:8f:d7:57:af:59:fc:6e:06:57:d8:1f:96:7e:b4:02:
ae:08:63:d3:cc:f0:19:30:3e:81:85:d6:9b:7d:07:cd:4c:2e:
84:54:e8:b9:4d:a4:15:40:59:f7:77:24:ce:29:35:99:f5:13:
35:1c:bb:de
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICATowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUJBMEUxMTAvBgNVBAUTKDkyNkQ5QURDNkZCODczRDc2NUJCNDEyMjcyODBDMUYx
MTg0NkVFMTcwHhcNMjQxMDIxMTg0NTU2WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzE2YTE2NC1jMjFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArMWvwbkWX5YDDzUQkavVbwRK69/lcDG5JjM7sgNCFs1p4PNRm4PooGBtElOW
AObnLjFUhTc58zu6kxoRnPCWA1NVcBbiUwAOrVqanD+/ldZrf4OF69aczdolVFPN
eNTFyYdfE03Lq3c4KsVJD6v6ww2PFWnZRaeZ1p4yHdU6NNQ6cAg9hozGM9cFdk+f
NJZMt6LWRnDF6Y0xXd6cThHLzrhYfGVMbwdu9kg9SpEJ1aVXiNpckMIshjf3HTGx
a/Rt/Zp+hx0YrA1qyj1RnCvKTeedtTJmRSUGlE2822FeuYxGljubScFEiIxgNyQd
ddSs9G12545/CbEaBirzsBInPQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFOddqig/
jTcmw02WxzAhujmUSWQHMB8GA1UdIwQYMBaAFJJtmtxvuHPXZbtBInKAwfEYRu4X
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkEwRS9EQkJFRDIwNkMw
MDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5ZGx1MEVpY29EQjhSaEc3
aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ttMmEzRy00YzlkbHUwRWljb0RCOFJoRzdoYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUJBMEUvREJCRUQyMDZDMDA1MTFFREEyNTVGQTEwQzRGOUFFMDIvNzQ2ODNFRjA4
RkRDMTFFRjg4RUU5RjU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnrlYwDQQCAAIwBwMFACQAaOAwDQYJKoZIhvcNAQELBQAD
ggEBABjFmGi7QcyN0kFndyx7vSbPBkfts1hRf8uU8qztwnvkGE68fm7OFzE5FDni
a4gViUcFkF5KLR9EI02s4Qp5P193JX8/Jkp5egCXbXHp0eHwwxvlBInWAzmAWCKI
N422eqfGFl4f9Mdpb5nMRFU8rq7zpuEw0QPdkhlWN1mB/f2+pJ079CoO4fd/t3qe
N64Px5zaN+i8YGKCbhyFTvGXVmx8d5e5ztgOmh67YvykS/dA9Q4RzqM3v+5KFBIe
6orhBFaMg4u9EijGqo/XV69Z/G4GV9gfln60Aq4IY9PM8BkwPoGF1pt9B81MLoRU
6LlNpBVAWfd3JM4pNZn1EzUcu94=
-----END CERTIFICATE-----
Generated at Fri Nov 1 04:03:57 2024 by rpki-client on console-fra.rpki-client.org