Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/3DAD6D74927E11EE9A583250C4F9AE02.roa
File: 3DAD6D74927E11EE9A583250C4F9AE02.roa (raw, json)
Hash identifier: LEaKjm+cOksgeXTwXn2S2j/wnNwItRPMA0Jrfk1FBjA=
Subject key identifier: 65:CD:3D:A7:3F:3A:C7:33:4E:7D:32:2E:59:69:EC:06:F6:4B:4A:60
Certificate issuer: /CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Certificate serial: 34
Authority key identifier: 09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/3DAD6D74927E11EE9A583250C4F9AE02.roa
Signing time: Mon 04 Dec 2023 08:22:19 +0000
ROA not before: Mon 04 Dec 2023 08:22:19 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 151810
IP address blocks: 103.218.172.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52 (0x34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Validity
Not Before: Dec 4 08:22:19 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=656d8c3b-de8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:45:57:af:15:9f:95:56:01:17:8b:03:0d:bf:
91:d5:28:b6:bb:14:4a:4c:75:f6:4d:62:46:72:47:
ed:e6:e3:8b:6d:d4:55:90:ad:3c:88:8b:16:21:68:
6e:51:91:7f:54:8d:e9:e9:26:3a:ca:aa:09:05:87:
d4:85:e0:f3:33:35:92:ea:1a:c1:72:c1:00:97:75:
ac:5a:3b:83:2e:72:f4:98:17:58:bf:b7:9d:ca:2f:
06:ab:79:9c:a3:38:ce:66:19:7d:da:f3:3d:69:a7:
cd:68:8c:2c:fc:c0:af:d6:1c:85:eb:cc:5a:5f:11:
48:ff:36:50:d4:46:9e:bb:2a:37:2a:cf:e1:81:95:
d6:fd:b8:ef:a7:9d:e6:91:cb:16:9e:ba:20:a4:43:
55:b9:ac:f0:16:20:83:bb:7c:e8:70:bd:65:37:be:
7d:69:a9:76:18:33:81:03:dd:fd:4b:55:80:d3:52:
0e:3d:58:57:84:7f:bb:30:c9:e7:e4:62:67:18:40:
5a:60:7f:3b:30:1a:ff:47:54:81:9c:53:ae:6c:b6:
b1:0c:e1:03:1a:38:97:11:27:a7:b4:ab:bf:ba:5f:
18:93:c1:5c:b3:91:be:49:3a:a6:0c:86:24:c8:80:
1d:aa:25:87:6d:49:6f:86:5e:64:8f:39:64:91:1d:
63:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:CD:3D:A7:3F:3A:C7:33:4E:7D:32:2E:59:69:EC:06:F6:4B:4A:60
X509v3 Authority Key Identifier:
keyid:09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/CUcFHvpQQpIVdQpIvAMa2pJu9m4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/3DAD6D74927E11EE9A583250C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.218.172.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:7f:8a:6a:5f:83:51:12:13:eb:8f:fe:55:da:6f:77:2a:d7:
d6:e9:33:5c:16:ba:d5:5d:a5:d7:8d:80:51:60:80:be:be:84:
54:07:15:65:a3:54:0d:19:0c:5f:13:d5:24:56:a3:40:6a:78:
60:e8:1e:89:ee:64:6c:63:f5:41:72:dd:90:4f:6d:a5:02:84:
7c:9b:e0:18:24:03:e1:30:61:17:36:af:b4:b8:72:11:54:e3:
39:81:27:19:b3:9c:2c:b7:cf:88:6f:72:3b:06:8f:a4:4e:07:
c7:1c:a8:d3:e6:3d:eb:76:95:2b:15:e4:4c:e0:e7:52:ff:79:
b1:6b:03:e0:22:37:c9:81:27:43:20:0e:15:9e:17:7f:5d:3b:
2f:8b:5f:94:69:3c:e0:a1:7a:0d:26:ce:be:df:25:07:fc:d6:
16:3d:0b:9a:a0:fe:fc:73:3e:fc:cf:63:7f:65:da:51:24:25:
2a:5d:64:d1:89:30:1c:b9:25:b0:d1:23:5d:69:57:f6:82:e6:
78:47:6b:32:41:5d:1e:92:1f:db:56:1b:3b:1e:4a:20:3e:92:
55:fd:27:f8:0a:58:10:71:f7:89:73:d0:ac:2e:12:40:1a:f9:
80:97:04:1b:98:a7:73:93:67:48:3f:a2:14:f7:ba:fc:b1:76:
3f:ab:85:69
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBNDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MTdBQTExMC8GA1UEBRMoMDk0NzA1MUVGQTUwNDI5MjE1NzUwQTQ4QkMwMzFBREE5
MjZFRjY2RTAeFw0yMzEyMDQwODIyMTlaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NmQ4YzNiLWRlOGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDuRVevFZ+VVgEXiwMNv5HVKLa7FEpMdfZNYkZyR+3m44tt1FWQrTyIixYhaG5R
kX9UjenpJjrKqgkFh9SF4PMzNZLqGsFywQCXdaxaO4MucvSYF1i/t53KLwareZyj
OM5mGX3a8z1pp81ojCz8wK/WHIXrzFpfEUj/NlDURp67Kjcqz+GBldb9uO+nneaR
yxaeuiCkQ1W5rPAWIIO7fOhwvWU3vn1pqXYYM4ED3f1LVYDTUg49WFeEf7swyefk
YmcYQFpgfzswGv9HVIGcU65strEM4QMaOJcRJ6e0q7+6XxiTwVyzkb5JOqYMhiTI
gB2qJYdtSW+GXmSPOWSRHWNnAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUZc09pz86
xzNOfTIuWWnsBvZLSmAwHwYDVR0jBBgwFoAUCUcFHvpQQpIVdQpIvAMa2pJu9m4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYxN0FBLzQxRjBGOTdFNTJC
ODExRUU4RTQzMDAwREM0RjlBRTAyL0NVY0ZIdnBRUXBJVmRRcEl2QU1hMnBKdTlt
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQ1VjRkh2cFFRcElWZFFwSXZBTWEycEp1OW00LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MTdBQS80MUYwRjk3RTUyQjgxMUVFOEU0MzAwMERDNEY5QUUwMi8zREFENkQ3NDky
N0UxMUVFOUE1ODMyNTBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGfarDANBgkqhkiG9w0BAQsFAAOCAQEAnH+Kal+DURIT64/+
VdpvdyrX1ukzXBa61V2l142AUWCAvr6EVAcVZaNUDRkMXxPVJFajQGp4YOgeie5k
bGP1QXLdkE9tpQKEfJvgGCQD4TBhFzavtLhyEVTjOYEnGbOcLLfPiG9yOwaPpE4H
xxyo0+Y963aVKxXkTODnUv95sWsD4CI3yYEnQyAOFZ4Xf107L4tflGk84KF6DSbO
vt8lB/zWFj0LmqD+/HM+/M9jf2XaUSQlKl1k0YkwHLklsNEjXWlX9oLmeEdrMkFd
HpIf21YbOx5KID6SVf0n+ApYEHH3iXPQrC4SQBr5gJcEG5inc5NnSD+iFPe6/LF2
P6uFaQ==
-----END CERTIFICATE-----
Generated at Thu Jan 4 07:41:26 2024 by rpki-client on console-fra.rpki-client.org