Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/974892D624CE11EF8339A27EC4F9AE02.roa
File: 974892D624CE11EF8339A27EC4F9AE02.roa (raw, json)
Hash identifier: hEUYtRPuDXimXdo472s3iB0VEukLRZ/5qZj7XhE2It0=
Subject key identifier: 0F:E0:92:A0:CA:F9:CD:86:4E:DB:59:0F:19:7E:3C:BF:6E:B8:02:2E
Certificate issuer: /CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Certificate serial: AC
Authority key identifier: 09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/974892D624CE11EF8339A27EC4F9AE02.roa
Signing time: Fri 07 Jun 2024 13:05:19 +0000
ROA not before: Fri 07 Jun 2024 13:05:19 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 151810
IP address blocks: 103.218.172.0/24 maxlen: 24
103.218.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Sep 2024 16:10:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172 (0xac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Validity
Not Before: Jun 7 13:05:19 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6663058f-60c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:83:b6:1c:b0:de:7a:a3:d0:36:a4:56:a0:1d:
97:7c:e9:19:5e:02:32:ed:a1:9e:4b:71:7c:5f:47:
1b:94:e9:4d:5a:28:07:38:71:41:bb:6a:eb:f7:e2:
d4:9b:ba:65:30:3c:0a:5a:35:e7:c0:d4:58:f2:9b:
91:ea:ff:79:71:37:9d:6b:e9:49:eb:70:4a:bb:d1:
6d:87:78:c6:a6:7e:61:89:53:d1:58:f9:9d:7d:dd:
45:55:9a:fe:5f:dd:95:da:eb:18:c4:03:36:6e:89:
12:fa:a3:4e:63:0b:2c:3b:4b:51:35:99:61:c1:d0:
ef:06:4b:8b:41:89:b6:98:2b:df:e9:87:50:96:7f:
33:81:81:6e:fe:82:53:c3:62:45:c3:37:c9:9d:f2:
4c:67:7c:18:da:84:1c:f8:d0:fc:ce:cc:1f:9f:4f:
20:fd:9a:2b:6c:5c:ab:29:9c:08:d0:a3:de:1c:77:
99:a0:50:7a:5e:a4:18:06:ca:c3:b5:95:ee:2a:66:
0b:c6:d6:de:ac:c5:2a:88:59:3f:bd:09:6c:06:96:
e6:b5:e2:b1:15:b0:06:77:65:6d:40:ff:21:0e:6a:
7f:5c:69:6c:a6:90:85:5c:cb:5c:e6:ce:d1:8a:59:
ea:9a:8f:5c:94:f7:36:04:b5:e5:35:bd:20:f5:96:
05:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:E0:92:A0:CA:F9:CD:86:4E:DB:59:0F:19:7E:3C:BF:6E:B8:02:2E
X509v3 Authority Key Identifier:
keyid:09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/CUcFHvpQQpIVdQpIvAMa2pJu9m4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/974892D624CE11EF8339A27EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.218.172.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:3c:83:00:07:fd:ef:a7:b5:3b:dd:72:bd:2f:8b:fb:c4:55:
6e:3d:6b:bf:50:63:7a:13:62:cc:71:29:9d:22:99:0e:a6:a6:
cd:b6:85:ee:a9:80:e4:b1:22:e7:f4:96:5c:12:d0:0f:0a:c1:
f1:28:6f:0f:ca:8a:0e:b8:b6:e5:52:bf:bd:39:ff:15:09:f1:
35:88:09:a0:07:ae:29:2d:12:69:7b:16:e7:e8:86:1a:60:70:
02:d6:a5:41:97:5a:23:b4:08:25:7e:fd:96:e8:47:b6:75:ec:
c5:12:c1:63:6a:00:3f:da:ea:a7:22:0e:ba:61:5e:22:d1:86:
dd:f6:85:31:1a:ff:9e:81:f8:9b:fc:82:ec:87:23:f3:26:07:
e6:49:b4:8f:68:12:a9:ab:03:8d:81:07:8c:0f:ef:f8:d9:ce:
c1:6d:fe:85:61:94:c4:c5:68:72:55:20:7c:af:c1:59:a4:3b:
47:2c:fd:54:9d:f2:ef:d1:5c:42:3e:05:02:cc:16:6f:59:c5:
2f:a9:70:da:0b:42:e5:31:3b:9c:72:37:85:d1:bc:2d:dc:77:
5f:04:49:b1:9e:a8:59:6e:6f:53:4e:f5:71:ea:c1:86:d3:de:
ed:58:e5:e9:34:cc:c5:43:2b:ae:22:5a:a2:9c:76:8f:c7:a6:
84:71:41:8c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAKwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjE3QUExMTAvBgNVBAUTKDA5NDcwNTFFRkE1MDQyOTIxNTc1MEE0OEJDMDMxQURB
OTI2RUY2NkUwHhcNMjQwNjA3MTMwNTE5WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjYzMDU4Zi02MGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnIO2HLDeeqPQNqRWoB2XfOkZXgIy7aGeS3F8X0cblOlNWigHOHFBu2rr9+LU
m7plMDwKWjXnwNRY8puR6v95cTeda+lJ63BKu9Fth3jGpn5hiVPRWPmdfd1FVZr+
X92V2usYxAM2bokS+qNOYwssO0tRNZlhwdDvBkuLQYm2mCvf6YdQln8zgYFu/oJT
w2JFwzfJnfJMZ3wY2oQc+ND8zswfn08g/ZorbFyrKZwI0KPeHHeZoFB6XqQYBsrD
tZXuKmYLxtberMUqiFk/vQlsBpbmteKxFbAGd2VtQP8hDmp/XGlsppCFXMtc5s7R
ilnqmo9clPc2BLXlNb0g9ZYFzwIDAQABo4IClTCCApEwHQYDVR0OBBYEFA/gkqDK
+c2GTttZDxl+PL9uuAIuMB8GA1UdIwQYMBaAFAlHBR76UEKSFXUKSLwDGtqSbvZu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTdBQS80MUYwRjk3RTUy
QjgxMUVFOEU0MzAwMERDNEY5QUUwMi9DVWNGSHZwUVFwSVZkUXBJdkFNYTJwSnU5
bTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NVY0ZIdnBRUXBJVmRRcEl2QU1hMnBKdTltNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjE3QUEvNDFGMEY5N0U1MkI4MTFFRThFNDMwMDBEQzRGOUFFMDIvOTc0ODkyRDYy
NENFMTFFRjgzMzlBMjdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn2qwwDQYJKoZIhvcNAQELBQADggEBAB88gwAH/e+ntTvd
cr0vi/vEVW49a79QY3oTYsxxKZ0imQ6mps22he6pgOSxIuf0llwS0A8KwfEobw/K
ig64tuVSv705/xUJ8TWICaAHriktEml7FufohhpgcALWpUGXWiO0CCV+/ZboR7Z1
7MUSwWNqAD/a6qciDrphXiLRht32hTEa/56B+Jv8guyHI/MmB+ZJtI9oEqmrA42B
B4wP7/jZzsFt/oVhlMTFaHJVIHyvwVmkO0cs/VSd8u/RXEI+BQLMFm9ZxS+pcNoL
QuUxO5xyN4XRvC3cd18ESbGeqFlub1NO9XHqwYbT3u1Y5ek0zMVDK64iWqKcdo/H
poRxQYw=
-----END CERTIFICATE-----
Generated at Sun Sep 1 18:04:15 2024 by rpki-client on console-fra.rpki-client.org