Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0DAC/0CE1964E4FCA11E9B38BA22BC4F9AE02/3C544C9446CD11EC988AFB65C4F9AE02.roa
File: 3C544C9446CD11EC988AFB65C4F9AE02.roa (raw, json)
Hash identifier: VdyuTMaP6//q4tcIEz/grf0oQM0ocoBS0ZkNz5cZyC4=
Subject key identifier: 94:C0:74:DC:FE:74:6F:8C:05:9D:F6:28:6A:78:D0:0B:C8:D8:DC:76
Certificate issuer: /CN=A91F0DAC/serialNumber=C9277F029C15B337953666F74B9C7E6CB3907F44
Certificate serial: 0F3D
Authority key identifier: C9:27:7F:02:9C:15:B3:37:95:36:66:F7:4B:9C:7E:6C:B3:90:7F:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ySd_ApwVszeVNmb3S5x-bLOQf0Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F0DAC/0CE1964E4FCA11E9B38BA22BC4F9AE02/3C544C9446CD11EC988AFB65C4F9AE02.roa
Signing time: Tue 16 Apr 2024 18:26:27 +0000
ROA not before: Tue 16 Apr 2024 18:26:27 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 137561
IP address blocks: 103.137.68.0/24 maxlen: 24
103.137.70.0/24 maxlen: 24
103.137.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 10:06:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3901 (0xf3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F0DAC/serialNumber=C9277F029C15B337953666F74B9C7E6CB3907F44
Validity
Not Before: Apr 16 18:26:27 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=661ec2d3-2302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:68:f3:d8:c4:e1:e5:f2:6c:4f:8e:aa:28:88:
30:d8:cc:ec:aa:84:4c:ae:63:da:f0:49:92:cd:45:
b9:21:cd:6c:0a:9b:73:bd:50:24:54:1e:f4:69:08:
55:e9:94:ce:09:04:5a:43:e9:68:af:6f:1d:8b:41:
14:44:f9:fc:d5:c5:e3:38:4b:18:42:0b:f6:9e:73:
d3:90:e1:6c:79:eb:d6:b7:9d:20:39:05:18:01:41:
d3:1d:35:69:57:f5:98:eb:15:57:04:f5:7e:36:f3:
ab:52:5e:66:c6:3e:0f:11:d7:39:ac:5d:ae:09:99:
b8:98:97:f9:83:35:53:8c:54:70:77:81:32:2d:45:
36:9d:39:63:d5:9b:40:0c:e7:a7:fb:f2:b4:9d:ac:
42:b6:d6:74:5b:74:fd:a2:47:29:d2:4c:7a:f6:4b:
27:b5:e6:c5:dc:9d:fa:2c:05:53:3c:01:c4:0d:86:
96:14:2a:dc:d3:c7:e7:4d:8b:09:b9:40:c4:b9:a0:
15:96:83:f8:a2:79:f5:7b:e2:4c:9f:83:ac:15:c3:
71:a6:43:ba:3c:51:d9:7b:fd:50:36:3c:62:c9:0c:
00:4b:fc:29:37:b4:f1:dc:d9:b0:53:cd:49:35:1c:
13:4c:e6:02:c4:61:d0:d7:cc:45:1d:53:45:da:85:
78:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C0:74:DC:FE:74:6F:8C:05:9D:F6:28:6A:78:D0:0B:C8:D8:DC:76
X509v3 Authority Key Identifier:
keyid:C9:27:7F:02:9C:15:B3:37:95:36:66:F7:4B:9C:7E:6C:B3:90:7F:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F0DAC/0CE1964E4FCA11E9B38BA22BC4F9AE02/ySd_ApwVszeVNmb3S5x-bLOQf0Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ySd_ApwVszeVNmb3S5x-bLOQf0Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0DAC/0CE1964E4FCA11E9B38BA22BC4F9AE02/3C544C9446CD11EC988AFB65C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.68.0/24
103.137.70.0/23
Signature Algorithm: sha256WithRSAEncryption
84:44:5e:7f:09:be:cb:19:f7:c4:b8:1f:c1:9d:85:25:20:e5:
24:55:cc:a4:4d:0e:a8:0a:65:85:b2:93:90:5e:08:2c:98:83:
78:fc:ca:49:f9:81:91:31:73:b2:75:af:ac:7c:aa:43:70:28:
5d:ea:f4:2c:a3:19:4c:46:12:47:7d:a9:3b:b6:ac:12:8a:a3:
30:d8:bb:4c:6d:d6:ab:d5:6c:e5:c5:2c:cf:72:7e:5d:d4:56:
99:e2:6a:8f:4e:45:d9:21:1d:37:f3:48:d3:6c:bd:bc:b2:91:
12:5c:98:fa:e1:42:a1:f9:5b:1e:90:ee:d3:63:41:5a:b6:04:
19:6c:04:d1:5a:fc:20:bc:c7:40:bb:28:3f:c7:49:a4:af:a8:
ec:77:19:2a:a5:d3:62:50:60:82:91:76:1f:cd:17:ba:bc:33:
49:8f:0b:5f:e9:59:04:21:06:ba:d8:44:6c:8f:10:f1:df:b6:
46:fd:22:91:82:63:f4:cf:a7:d1:5d:68:d6:4a:1e:cb:58:4e:
c1:b3:e4:55:c9:37:59:7d:42:c5:3f:b2:58:90:90:db:a4:68:
66:e9:f6:b6:62:b0:b1:b9:48:7e:8d:55:97:66:72:30:27:53:
2f:f2:23:b9:df:fc:34:e4:16:f6:c5:f2:b5:8b:a9:b2:b9:d4:
0f:24:5f:fc
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDz0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjBEQUMxMTAvBgNVBAUTKEM5Mjc3RjAyOUMxNUIzMzc5NTM2NjZGNzRCOUM3RTZD
QjM5MDdGNDQwHhcNMjQwNDE2MTgyNjI3WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjFlYzJkMy0yMzAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv2jz2MTh5fJsT46qKIgw2MzsqoRMrmPa8EmSzUW5Ic1sCptzvVAkVB70aQhV
6ZTOCQRaQ+lor28di0EURPn81cXjOEsYQgv2nnPTkOFseevWt50gOQUYAUHTHTVp
V/WY6xVXBPV+NvOrUl5mxj4PEdc5rF2uCZm4mJf5gzVTjFRwd4EyLUU2nTlj1ZtA
DOen+/K0naxCttZ0W3T9okcp0kx69ksntebF3J36LAVTPAHEDYaWFCrc08fnTYsJ
uUDEuaAVloP4onn1e+JMn4OsFcNxpkO6PFHZe/1QNjxiyQwAS/wpN7Tx3NmwU81J
NRwTTOYCxGHQ18xFHVNF2oV4YwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJTAdNz+
dG+MBZ32KGp40AvI2Nx2MB8GA1UdIwQYMBaAFMknfwKcFbM3lTZm90ucfmyzkH9E
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMERBQy8wQ0UxOTY0RTRG
Q0ExMUU5QjM4QkEyMkJDNEY5QUUwMi95U2RfQXB3VnN6ZVZObWIzUzV4LWJMT1Fm
MFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lTZF9BcHdWc3plVk5tYjNTNXgtYkxPUWYwUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjBEQUMvMENFMTk2NEU0RkNBMTFFOUIzOEJBMjJCQzRGOUFFMDIvM0M1NDRDOTQ0
NkNEMTFFQzk4OEFGQjY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABniUQDBAFniUYwDQYJKoZIhvcNAQELBQADggEBAIREXn8J
vssZ98S4H8GdhSUg5SRVzKRNDqgKZYWyk5BeCCyYg3j8ykn5gZExc7J1r6x8qkNw
KF3q9CyjGUxGEkd9qTu2rBKKozDYu0xt1qvVbOXFLM9yfl3UVpniao9ORdkhHTfz
SNNsvbyykRJcmPrhQqH5Wx6Q7tNjQVq2BBlsBNFa/CC8x0C7KD/HSaSvqOx3GSql
02JQYIKRdh/NF7q8M0mPC1/pWQQhBrrYRGyPEPHftkb9IpGCY/TPp9FdaNZKHstY
TsGz5FXJN1l9QsU/sliQkNukaGbp9rZisLG5SH6NVZdmcjAnUy/yI7nf/DTkFvbF
8rWLqbK51A8kX/w=
-----END CERTIFICATE-----
Generated at Mon Oct 7 13:25:51 2024 by rpki-client on console-fra.rpki-client.org