Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDD99/05729B4C19B911EF8E0DFE3EC4F9AE02/10F6DD2419BA11EFBE2AD740C4F9AE02.roa
File: 10F6DD2419BA11EFBE2AD740C4F9AE02.roa (raw, json)
Hash identifier: g469G4HgfShq+0dJD6MZz7oJvo+523XZFjwJhVJ4uG8=
Subject key identifier: 98:D5:59:22:E0:2B:65:42:E5:A7:01:8A:B4:42:F8:5A:1C:24:05:F3
Certificate issuer: /CN=A91EDD99/serialNumber=4FC460F09F90AA86CAF467C285AD78F4312720B0
Certificate serial: 04
Authority key identifier: 4F:C4:60:F0:9F:90:AA:86:CA:F4:67:C2:85:AD:78:F4:31:27:20:B0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T8Rg8J-QqobK9GfCha149DEnILA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EDD99/05729B4C19B911EF8E0DFE3EC4F9AE02/10F6DD2419BA11EFBE2AD740C4F9AE02.roa
Signing time: Fri 24 May 2024 10:55:34 +0000
ROA not before: Fri 24 May 2024 10:55:34 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 45119
IP address blocks: 103.76.48.0/23 maxlen: 23
202.174.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jun 2024 11:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EDD99/serialNumber=4FC460F09F90AA86CAF467C285AD78F4312720B0
Validity
Not Before: May 24 10:55:34 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66507226-6bda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dd:1e:22:8c:df:13:a9:c7:4f:9b:6f:cb:81:
cd:05:c5:71:c2:93:98:0e:f3:6f:5b:ac:7d:35:20:
bc:61:31:29:cc:41:cd:23:12:3b:a8:46:70:59:21:
1b:6c:95:0b:48:38:f8:af:80:bc:55:62:a2:a4:0f:
26:e1:75:d2:02:08:72:4a:78:a3:a4:79:d6:3e:a1:
78:58:b1:09:74:f0:7e:a8:9d:68:33:ec:aa:b1:c7:
af:86:b2:93:5a:8d:b9:a4:eb:de:5a:d9:de:e1:53:
ab:6b:4e:17:a3:4d:2f:5b:1c:59:5c:47:c4:f7:64:
1f:14:e5:6c:f4:87:c2:8d:37:7b:12:a9:41:8d:df:
4d:11:be:df:2a:d0:84:4a:3c:06:0b:15:a9:6f:49:
3f:79:81:c9:43:f0:bd:e4:c6:61:07:3c:6d:d3:28:
00:ab:45:37:99:f1:ee:a1:7a:fb:4d:16:ec:b0:36:
09:f9:0a:e1:e5:d6:38:2a:2a:41:73:1c:20:b5:bb:
cf:be:55:b5:18:c0:c8:23:39:47:3d:ca:4e:6f:df:
c0:b7:b1:b1:61:01:92:fa:99:6c:89:1d:ee:9c:91:
cb:3b:74:34:85:11:cc:81:44:e9:c2:fe:c4:3e:30:
62:49:65:ea:59:c5:7d:16:b5:61:ba:99:c3:1a:75:
72:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:D5:59:22:E0:2B:65:42:E5:A7:01:8A:B4:42:F8:5A:1C:24:05:F3
X509v3 Authority Key Identifier:
keyid:4F:C4:60:F0:9F:90:AA:86:CA:F4:67:C2:85:AD:78:F4:31:27:20:B0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EDD99/05729B4C19B911EF8E0DFE3EC4F9AE02/T8Rg8J-QqobK9GfCha149DEnILA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T8Rg8J-QqobK9GfCha149DEnILA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDD99/05729B4C19B911EF8E0DFE3EC4F9AE02/10F6DD2419BA11EFBE2AD740C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.76.48.0/23
202.174.123.0/24
Signature Algorithm: sha256WithRSAEncryption
73:da:74:07:01:30:8b:51:95:8b:aa:4e:75:52:4d:fa:e7:68:
21:de:d2:92:ac:34:3a:5f:35:39:62:0c:1f:cb:86:73:d5:5a:
99:18:ab:37:07:e3:25:ca:41:7e:8b:56:a9:c0:68:e7:36:07:
bd:c4:72:f9:6a:1c:93:f7:c6:58:82:4a:cd:ca:60:35:1a:35:
24:29:44:8b:ec:79:6c:03:0d:9b:73:d5:a6:2f:1a:98:81:c3:
88:e0:b0:eb:3c:d9:8b:6e:ad:bc:d4:8b:a7:9e:2a:ca:c7:1d:
65:ba:69:1b:9a:f8:e9:b2:31:80:3f:5d:df:65:a7:a3:5c:5e:
f3:6a:35:3e:eb:c7:ad:cb:36:f8:11:a5:18:8b:03:83:c5:8a:
2d:9e:09:c7:60:28:8d:7d:8d:40:2c:c9:46:8f:67:e8:17:ec:
61:76:40:f4:03:70:d3:22:65:eb:b4:31:8c:4b:6d:04:dd:c8:
0e:8a:a8:61:d3:72:c9:92:35:67:af:ba:53:69:5b:bf:ae:8d:
a3:84:87:fe:67:ad:56:15:c5:0e:36:d2:7e:9e:52:cf:d3:c4:
b7:2a:ac:d3:ad:98:01:f1:12:8f:96:59:7d:84:83:5a:8c:b2:
ec:47:67:30:7e:1e:86:b2:4b:a5:e2:43:ee:d1:4d:0b:d6:5c:
d6:6b:fd:02
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
REQ5OTExMC8GA1UEBRMoNEZDNDYwRjA5RjkwQUE4NkNBRjQ2N0MyODVBRDc4RjQz
MTI3MjBCMDAeFw0yNDA1MjQxMDU1MzRaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NTA3MjI2LTZiZGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCz3R4ijN8TqcdPm2/Lgc0FxXHCk5gO829brH01ILxhMSnMQc0jEjuoRnBZIRts
lQtIOPivgLxVYqKkDybhddICCHJKeKOkedY+oXhYsQl08H6onWgz7Kqxx6+GspNa
jbmk695a2d7hU6trThejTS9bHFlcR8T3ZB8U5Wz0h8KNN3sSqUGN300Rvt8q0IRK
PAYLFalvST95gclD8L3kxmEHPG3TKACrRTeZ8e6hevtNFuywNgn5CuHl1jgqKkFz
HCC1u8++VbUYwMgjOUc9yk5v38C3sbFhAZL6mWyJHe6ckcs7dDSFEcyBROnC/sQ+
MGJJZepZxX0WtWG6mcMadXKNAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUmNVZIuAr
ZULlpwGKtEL4WhwkBfMwHwYDVR0jBBgwFoAUT8Rg8J+QqobK9GfCha149DEnILAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVERDk5LzA1NzI5QjRDMTlC
OTExRUY4RTBERkUzRUM0RjlBRTAyL1Q4Umc4Si1RcW9iSzlHZkNoYTE0OURFbklM
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVDhSZzhKLVFxb2JLOUdmQ2hhMTQ5REVuSUxBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
REQ5OS8wNTcyOUI0QzE5QjkxMUVGOEUwREZFM0VDNEY5QUUwMi8xMEY2REQyNDE5
QkExMUVGQkUyQUQ3NDBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAWdMMAMEAMquezANBgkqhkiG9w0BAQsFAAOCAQEAc9p0BwEw
i1GVi6pOdVJN+udoId7Skqw0Ol81OWIMH8uGc9VamRirNwfjJcpBfotWqcBo5zYH
vcRy+Wock/fGWIJKzcpgNRo1JClEi+x5bAMNm3PVpi8amIHDiOCw6zzZi26tvNSL
p54qyscdZbppG5r46bIxgD9d32Wno1xe82o1PuvHrcs2+BGlGIsDg8WKLZ4Jx2Ao
jX2NQCzJRo9n6BfsYXZA9ANw0yJl67QxjEttBN3IDoqoYdNyyZI1Z6+6U2lbv66N
o4SH/metVhXFDjbSfp5Sz9PEtyqs062YAfESj5ZZfYSDWoyy7EdnMH4ehrJLpeJD
7tFNC9Zc1mv9Ag==
-----END CERTIFICATE-----
Generated at Mon Jun 10 14:02:06 2024 by rpki-client on console-fra.rpki-client.org