Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/9E43A19CD6E611EEAE5D8F64C4F9AE02.roa
File: 9E43A19CD6E611EEAE5D8F64C4F9AE02.roa (raw, json)
Hash identifier: 0nP+VwntdKJRvMiHzopVMGnTqz2CYyWAI9u0Y/fjL4s=
Subject key identifier: 63:0F:A5:B9:63:21:2E:20:79:C3:EC:E6:91:F6:5F:56:14:B7:88:00
Certificate issuer: /CN=A91ED8E0/serialNumber=CC5419C8A78BCD53AD171C5B74A4071D95395049
Certificate serial: 0819
Authority key identifier: CC:54:19:C8:A7:8B:CD:53:AD:17:1C:5B:74:A4:07:1D:95:39:50:49
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFQZyKeLzVOtFxxbdKQHHZU5UEk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/9E43A19CD6E611EEAE5D8F64C4F9AE02.roa
Signing time: Fri 12 Jul 2024 22:12:55 +0000
ROA not before: Fri 12 Jul 2024 22:12:55 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 140616
IP address blocks: 103.151.11.0/24 maxlen: 24
2406:1140::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 18 Aug 2024 20:26:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2073 (0x819)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ED8E0/serialNumber=CC5419C8A78BCD53AD171C5B74A4071D95395049
Validity
Not Before: Jul 12 22:12:55 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6691aa67-30b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:0a:7e:c3:6a:42:94:dd:c8:d8:51:d5:1a:e8:
11:59:c9:76:82:6c:5f:4f:ce:2a:93:ab:ee:8a:28:
c4:df:af:8f:ed:da:c5:e4:66:8d:7a:0f:f0:22:c1:
b4:f1:ca:eb:6c:36:e5:e9:53:2d:50:72:e5:e4:0b:
1c:bc:01:56:bb:85:bf:8c:38:6d:6a:20:05:58:bd:
e1:0e:4c:69:8a:68:8a:9f:e0:82:a0:58:4c:ad:35:
ab:55:55:42:df:9d:29:a2:12:43:dd:e6:06:5f:55:
eb:7c:f2:42:00:ad:cf:47:05:f2:75:4e:6e:46:ba:
2e:08:50:5d:17:6d:27:20:7b:08:e2:0c:8c:a6:14:
e7:9f:7b:4f:e0:c1:ac:41:48:d2:2e:75:68:d3:88:
93:ed:7e:17:f2:a0:b4:b5:36:69:3c:e1:bd:12:6f:
9c:56:6f:12:59:93:01:01:b1:5a:c3:7d:7b:7c:0e:
3c:15:6b:8e:be:ab:17:45:dc:b4:84:41:9f:db:47:
a5:ce:1a:7e:8f:6c:78:8b:b6:62:ee:4c:f6:f4:78:
fa:27:ce:39:e3:55:cc:6a:8a:62:8a:85:74:e9:22:
52:0c:7a:e7:60:52:60:18:d2:66:a0:b7:fc:aa:aa:
0e:cf:22:88:58:50:f3:67:3c:cc:d2:3b:49:ee:05:
00:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:0F:A5:B9:63:21:2E:20:79:C3:EC:E6:91:F6:5F:56:14:B7:88:00
X509v3 Authority Key Identifier:
keyid:CC:54:19:C8:A7:8B:CD:53:AD:17:1C:5B:74:A4:07:1D:95:39:50:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/zFQZyKeLzVOtFxxbdKQHHZU5UEk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFQZyKeLzVOtFxxbdKQHHZU5UEk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/9E43A19CD6E611EEAE5D8F64C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.11.0/24
IPv6:
2406:1140::/32
Signature Algorithm: sha256WithRSAEncryption
03:85:b6:d9:f4:8a:50:74:e6:5a:df:4b:fc:88:5f:b7:2d:7a:
87:c3:81:84:80:10:1d:44:8b:75:7e:da:41:d9:a0:b1:ef:1e:
d4:93:63:69:16:d4:27:7c:6a:f5:1d:c0:85:b5:27:21:ea:94:
3b:95:02:6f:dc:d5:3a:f7:ad:47:72:29:73:dc:9a:fe:c8:69:
17:13:20:aa:80:72:3c:c7:42:dc:57:d2:ab:fd:df:5c:22:23:
bf:79:d4:38:ad:a8:6f:1b:32:dc:76:4d:19:e3:64:e0:66:27:
39:62:bc:df:24:84:f5:73:4a:ae:2d:25:7c:5f:ba:4c:07:da:
89:bd:94:91:c2:96:10:30:fa:3e:f7:b2:96:d2:fa:14:e2:1e:
05:d0:06:67:7b:c6:e9:67:96:8e:87:f5:84:b7:2d:b3:de:cc:
99:54:e7:4b:b3:cb:4c:9b:99:ea:39:d3:ba:f9:c2:1f:a4:d2:
a3:9c:34:d2:e8:d4:a4:b9:79:e5:a5:44:c7:8a:39:55:9a:05:
f3:85:90:15:79:92:aa:6b:5f:1b:50:4d:5b:ba:63:8a:0c:66:
d2:da:c3:4f:f3:b8:16:69:0d:56:ee:24:e2:54:38:a7:de:94:
9b:81:68:2c:19:83:73:3f:fc:64:f4:7f:5c:60:fb:f1:a4:e2:
70:1f:6c:4c
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCBkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUQ4RTAxMTAvBgNVBAUTKENDNTQxOUM4QTc4QkNENTNBRDE3MUM1Qjc0QTQwNzFE
OTUzOTUwNDkwHhcNMjQwNzEyMjIxMjU1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjkxYWE2Ny0zMGI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1Ap+w2pClN3I2FHVGugRWcl2gmxfT84qk6vuiijE36+P7drF5GaNeg/wIsG0
8crrbDbl6VMtUHLl5AscvAFWu4W/jDhtaiAFWL3hDkxpimiKn+CCoFhMrTWrVVVC
350pohJD3eYGX1XrfPJCAK3PRwXydU5uRrouCFBdF20nIHsI4gyMphTnn3tP4MGs
QUjSLnVo04iT7X4X8qC0tTZpPOG9Em+cVm8SWZMBAbFaw317fA48FWuOvqsXRdy0
hEGf20elzhp+j2x4i7Zi7kz29Hj6J84541XMaopiioV06SJSDHrnYFJgGNJmoLf8
qqoOzyKIWFDzZzzM0jtJ7gUAnwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFGMPpblj
IS4gecPs5pH2X1YUt4gAMB8GA1UdIwQYMBaAFMxUGcini81TrRccW3SkBx2VOVBJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRDhFMC9FRTJENTMyNkI5
NDcxMUVBOEE2NDlFNzZDNEY5QUUwMi96RlFaeUtlTHpWT3RGeHhiZEtRSEhaVTVV
RWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pGUVp5S2VMelZPdEZ4eGJkS1FISFpVNVVFay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUQ4RTAvRUUyRDUzMjZCOTQ3MTFFQThBNjQ5RTc2QzRGOUFFMDIvOUU0M0ExOUNE
NkU2MTFFRUFFNUQ4RjY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABnlwswDQQCAAIwBwMFACQGEUAwDQYJKoZIhvcNAQELBQAD
ggEBAAOFttn0ilB05lrfS/yIX7cteofDgYSAEB1Ei3V+2kHZoLHvHtSTY2kW1Cd8
avUdwIW1JyHqlDuVAm/c1Tr3rUdyKXPcmv7IaRcTIKqAcjzHQtxX0qv931wiI795
1DitqG8bMtx2TRnjZOBmJzlivN8khPVzSq4tJXxfukwH2om9lJHClhAw+j73spbS
+hTiHgXQBmd7xulnlo6H9YS3LbPezJlU50uzy0ybmeo507r5wh+k0qOcNNLo1KS5
eeWlRMeKOVWaBfOFkBV5kqprXxtQTVu6Y4oMZtLaw0/zuBZpDVbuJOJUOKfelJuB
aCwZg3M//GT0f1xg+/Gk4nAfbEw=
-----END CERTIFICATE-----
Generated at Sun Aug 18 22:02:31 2024 by rpki-client on console-fra.rpki-client.org