Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/6333E766719511EF87A3602AC4F9AE02.roa
File: 6333E766719511EF87A3602AC4F9AE02.roa (raw, json)
Hash identifier: l3tSW5NKl+Qu5ZIvkB+kL6QWC0okRy4KgGSpoN9sbEg=
Subject key identifier: A2:A0:B2:78:5A:B6:11:51:88:AB:51:67:57:A6:EF:2C:D8:5A:75:27
Certificate issuer: /CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Certificate serial: EC
Authority key identifier: 09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/6333E766719511EF87A3602AC4F9AE02.roa
Signing time: Fri 13 Sep 2024 06:21:42 +0000
ROA not before: Fri 13 Sep 2024 06:21:42 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 13383
IP address blocks: 103.218.172.0/24 maxlen: 24
103.218.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Sep 2024 14:42:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 236 (0xec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Validity
Not Before: Sep 13 06:21:42 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=66e3d9f6-2d19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0d:69:2a:b5:8a:c4:44:b4:83:97:37:88:9a:
3a:ca:71:85:57:45:6e:0e:69:b3:64:5f:dd:6d:6c:
21:a5:b6:9e:92:f9:5e:71:16:09:c5:e0:a3:4e:06:
2b:1e:0f:49:d5:f4:3e:0f:51:26:0d:49:fb:a1:d5:
9d:6f:71:b1:4e:17:86:44:f2:22:51:fa:48:e8:88:
b3:f6:3c:6b:69:cf:1b:3a:2c:62:96:92:e3:48:fd:
63:c9:d6:d0:9d:a2:4e:d8:d9:c3:1e:0d:88:6a:f6:
25:16:12:a1:1b:31:de:de:13:9b:b0:b3:8e:02:9f:
6a:19:40:3d:83:3c:42:7b:43:ea:2e:97:21:7c:90:
60:1c:dd:d8:ef:ed:5b:27:c6:50:75:3a:1f:74:ba:
28:8e:aa:32:ce:e7:98:4e:06:99:2a:47:5d:78:39:
43:01:b1:c6:64:80:31:96:04:b1:d5:d9:e1:73:2a:
0a:41:c9:8d:d7:95:df:d1:a7:5f:05:6b:b4:01:b6:
44:ad:9f:67:78:ea:a2:18:d2:c3:94:b4:7f:3f:3f:
b4:85:8d:b4:4d:83:15:43:31:23:60:4e:a1:79:a2:
18:9e:df:e7:2e:db:af:b2:3a:38:14:cc:e2:ae:d9:
91:af:64:7d:18:dc:4b:e0:03:07:5c:2d:0b:85:1e:
bc:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A0:B2:78:5A:B6:11:51:88:AB:51:67:57:A6:EF:2C:D8:5A:75:27
X509v3 Authority Key Identifier:
keyid:09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/CUcFHvpQQpIVdQpIvAMa2pJu9m4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/6333E766719511EF87A3602AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.218.172.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:a3:4e:94:f8:76:6c:15:a0:b0:25:ae:08:78:05:90:44:9e:
29:6a:d6:15:4c:53:1e:5c:33:e9:68:c8:13:7d:f3:74:0d:c7:
8e:35:95:8a:b2:3c:0c:84:5b:dc:33:03:a1:d2:d8:b8:20:cc:
ea:c8:dd:2b:de:ca:44:a2:ba:fe:a2:5d:b2:d2:56:6a:bd:fe:
f8:b2:f9:8b:b1:a4:87:15:1d:8b:32:8e:ab:09:6c:cb:c1:2c:
70:63:d3:79:42:be:02:d5:74:c0:68:5d:ba:76:d8:46:95:f6:
57:05:d4:92:ff:0f:27:41:24:56:f7:8f:86:c3:6b:b4:8d:60:
f7:ae:65:5d:dd:f0:74:b7:70:67:9d:1b:ee:b5:12:71:c9:29:
14:cd:d3:06:3a:a8:3b:4f:d7:64:be:81:5f:d6:a8:ad:84:89:
47:50:3d:17:2d:54:4f:73:ae:6c:9f:5e:fb:ce:86:79:e3:be:
f4:eb:92:b2:7e:55:8a:89:81:01:4d:d6:e3:56:3b:d7:fb:d2:
9f:b9:67:25:7d:50:73:cf:06:15:54:5f:da:76:a5:cb:16:6f:
ac:3b:e3:ff:86:3a:84:fa:a8:ea:b4:d0:25:33:23:fb:4b:4b:
4a:9d:8d:31:53:0f:95:91:7e:b2:11:7e:14:f2:45:68:72:c7:
2e:eb:61:c9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAOwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjE3QUExMTAvBgNVBAUTKDA5NDcwNTFFRkE1MDQyOTIxNTc1MEE0OEJDMDMxQURB
OTI2RUY2NkUwHhcNMjQwOTEzMDYyMTQyWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmUzZDlmNi0yZDE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwA1pKrWKxES0g5c3iJo6ynGFV0VuDmmzZF/dbWwhpbaekvlecRYJxeCjTgYr
Hg9J1fQ+D1EmDUn7odWdb3GxTheGRPIiUfpI6Iiz9jxrac8bOixilpLjSP1jydbQ
naJO2NnDHg2IavYlFhKhGzHe3hObsLOOAp9qGUA9gzxCe0PqLpchfJBgHN3Y7+1b
J8ZQdTofdLoojqoyzueYTgaZKkddeDlDAbHGZIAxlgSx1dnhcyoKQcmN15Xf0adf
BWu0AbZErZ9neOqiGNLDlLR/Pz+0hY20TYMVQzEjYE6heaIYnt/nLtuvsjo4FMzi
rtmRr2R9GNxL4AMHXC0LhR68eQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKKgsnha
thFRiKtRZ1em7yzYWnUnMB8GA1UdIwQYMBaAFAlHBR76UEKSFXUKSLwDGtqSbvZu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTdBQS80MUYwRjk3RTUy
QjgxMUVFOEU0MzAwMERDNEY5QUUwMi9DVWNGSHZwUVFwSVZkUXBJdkFNYTJwSnU5
bTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NVY0ZIdnBRUXBJVmRRcEl2QU1hMnBKdTltNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjE3QUEvNDFGMEY5N0U1MkI4MTFFRThFNDMwMDBEQzRGOUFFMDIvNjMzM0U3NjY3
MTk1MTFFRjg3QTM2MDJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn2qwwDQYJKoZIhvcNAQELBQADggEBAC6jTpT4dmwVoLAl
rgh4BZBEnilq1hVMUx5cM+loyBN983QNx441lYqyPAyEW9wzA6HS2LggzOrI3Sve
ykSiuv6iXbLSVmq9/viy+YuxpIcVHYsyjqsJbMvBLHBj03lCvgLVdMBoXbp22EaV
9lcF1JL/DydBJFb3j4bDa7SNYPeuZV3d8HS3cGedG+61EnHJKRTN0wY6qDtP12S+
gV/WqK2EiUdQPRctVE9zrmyfXvvOhnnjvvTrkrJ+VYqJgQFN1uNWO9f70p+5ZyV9
UHPPBhVUX9p2pcsWb6w74/+GOoT6qOq00CUzI/tLS0qdjTFTD5WRfrIRfhTyRWhy
xy7rYck=
-----END CERTIFICATE-----
Generated at Fri Sep 13 16:54:30 2024 by rpki-client on console-ams.rpki-client.org