Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/3E1819C6927E11EE9A583250C4F9AE02.roa
File: 3E1819C6927E11EE9A583250C4F9AE02.roa (raw, json)
Hash identifier: socRgtdQdYoKYaSus3jcAkRvfbUs6nEBg7vkhLFUsS4=
Subject key identifier: 4B:DE:C2:8B:4B:8A:BA:FD:B0:1D:8A:37:6A:44:DD:1E:C7:A9:83:66
Certificate issuer: /CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Certificate serial: 35
Authority key identifier: 09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/3E1819C6927E11EE9A583250C4F9AE02.roa
Signing time: Mon 04 Dec 2023 08:22:20 +0000
ROA not before: Mon 04 Dec 2023 08:22:20 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 396982
IP address blocks: 103.218.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 06:14:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53 (0x35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Validity
Not Before: Dec 4 08:22:20 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=656d8c3c-8d27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ec:be:fa:7a:10:6a:64:de:dd:53:87:39:4c:
da:d7:e7:5f:6e:ed:83:a9:ed:d2:5c:35:f8:64:23:
47:b6:d0:96:2b:8e:5f:d1:aa:2c:a8:ef:4a:84:8d:
cd:02:ea:92:0d:95:02:0f:a4:08:71:f6:50:03:31:
85:95:9b:80:21:ce:3e:eb:4b:02:fb:6a:a8:c4:f5:
a8:7d:17:ac:e6:38:87:6c:c9:ab:a4:33:47:73:14:
32:a8:1a:d8:02:17:38:d0:c8:62:2b:20:f3:0a:33:
42:22:36:ad:5d:26:ff:04:73:a8:3e:73:e1:04:f6:
2d:1b:35:d4:ea:14:5a:c2:bd:7f:06:c5:4c:35:30:
7e:97:95:e1:eb:4b:b4:90:b0:d8:9b:5a:5b:82:52:
0e:48:93:31:83:52:7f:96:59:61:39:e2:b8:bb:35:
36:a5:11:0d:8d:40:32:c4:61:04:02:33:70:20:e0:
c9:41:ca:2c:74:22:09:1b:b2:c1:16:8c:00:f0:0c:
af:46:05:ec:d0:41:32:82:82:2a:5e:2a:c6:a4:37:
5b:d2:7c:67:45:d0:b0:6c:55:d5:26:f7:14:54:82:
a1:c6:53:4f:c8:93:5e:24:18:25:c4:df:d1:7a:83:
78:f2:9b:db:ed:f2:d9:ae:a1:37:ad:53:89:88:10:
9a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:DE:C2:8B:4B:8A:BA:FD:B0:1D:8A:37:6A:44:DD:1E:C7:A9:83:66
X509v3 Authority Key Identifier:
keyid:09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/CUcFHvpQQpIVdQpIvAMa2pJu9m4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/3E1819C6927E11EE9A583250C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.218.173.0/24
Signature Algorithm: sha256WithRSAEncryption
67:21:c7:51:bc:ee:59:35:3d:b8:f8:57:cb:ab:b4:6d:f9:da:
06:32:b8:9b:05:7b:09:19:4c:a6:12:ed:a2:65:61:64:b7:eb:
24:97:50:b9:ae:57:e5:37:97:b2:74:57:fc:d4:fa:1d:ee:69:
2d:89:7a:6d:ca:50:1a:2a:68:6e:b3:e4:99:5a:9c:bc:82:00:
e3:0a:3d:83:96:1a:29:c2:07:cf:5d:e9:f9:62:6f:0e:bb:f4:
b4:fc:67:42:00:5b:82:5f:b8:07:a7:c6:3e:87:24:cc:1f:9a:
81:52:82:ab:1b:ae:7c:ed:fe:ca:55:fd:4d:32:03:34:8a:5d:
d4:c2:49:a0:6b:6d:26:50:39:e0:22:7f:f9:f1:56:31:41:ca:
a1:9b:01:94:5e:8c:05:86:4c:60:a2:69:17:b2:41:fe:c0:71:
f2:05:0a:9d:b3:c9:77:70:71:eb:49:e4:00:1d:2e:ef:3f:78:
8b:9a:de:98:ac:ef:0c:20:44:f9:5b:aa:01:44:8c:8c:04:ac:
b1:2d:d5:55:d7:1c:7c:6a:06:67:08:0f:ba:86:56:f6:24:a8:
14:c2:6c:f5:79:50:54:d3:e1:28:da:c6:92:9d:c4:0c:16:90:
4f:85:a6:af:5c:66:1b:2c:e4:fb:94:42:fd:d2:08:7e:e3:f8:
86:d9:50:a1
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBNTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MTdBQTExMC8GA1UEBRMoMDk0NzA1MUVGQTUwNDI5MjE1NzUwQTQ4QkMwMzFBREE5
MjZFRjY2RTAeFw0yMzEyMDQwODIyMjBaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NmQ4YzNjLThkMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC07L76ehBqZN7dU4c5TNrX519u7YOp7dJcNfhkI0e20JYrjl/Rqiyo70qEjc0C
6pINlQIPpAhx9lADMYWVm4Ahzj7rSwL7aqjE9ah9F6zmOIdsyaukM0dzFDKoGtgC
FzjQyGIrIPMKM0IiNq1dJv8Ec6g+c+EE9i0bNdTqFFrCvX8GxUw1MH6XleHrS7SQ
sNibWluCUg5IkzGDUn+WWWE54ri7NTalEQ2NQDLEYQQCM3Ag4MlByix0IgkbssEW
jADwDK9GBezQQTKCgipeKsakN1vSfGdF0LBsVdUm9xRUgqHGU0/Ik14kGCXE39F6
g3jym9vt8tmuoTetU4mIEJoNAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUS97Ci0uK
uv2wHYo3akTdHsepg2YwHwYDVR0jBBgwFoAUCUcFHvpQQpIVdQpIvAMa2pJu9m4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYxN0FBLzQxRjBGOTdFNTJC
ODExRUU4RTQzMDAwREM0RjlBRTAyL0NVY0ZIdnBRUXBJVmRRcEl2QU1hMnBKdTlt
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQ1VjRkh2cFFRcElWZFFwSXZBTWEycEp1OW00LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MTdBQS80MUYwRjk3RTUyQjgxMUVFOEU0MzAwMERDNEY5QUUwMi8zRTE4MTlDNjky
N0UxMUVFOUE1ODMyNTBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGfarTANBgkqhkiG9w0BAQsFAAOCAQEAZyHHUbzuWTU9uPhX
y6u0bfnaBjK4mwV7CRlMphLtomVhZLfrJJdQua5X5TeXsnRX/NT6He5pLYl6bcpQ
GipobrPkmVqcvIIA4wo9g5YaKcIHz13p+WJvDrv0tPxnQgBbgl+4B6fGPockzB+a
gVKCqxuufO3+ylX9TTIDNIpd1MJJoGttJlA54CJ/+fFWMUHKoZsBlF6MBYZMYKJp
F7JB/sBx8gUKnbPJd3Bx60nkAB0u7z94i5remKzvDCBE+VuqAUSMjASssS3VVdcc
fGoGZwgPuoZW9iSoFMJs9XlQVNPhKNrGkp3EDBaQT4Wmr1xmGyzk+5RC/dIIfuP4
htlQoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org