Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/D1FAE4926A8311EFA3297710C4F9AE02.roa
File: D1FAE4926A8311EFA3297710C4F9AE02.roa (raw, json)
Hash identifier: /PEFX19rHdmCmfkwbz0Q88lTd1RyI9rmZ/Qin33jSFo=
Subject key identifier: 86:4C:61:93:0D:E0:17:F0:67:43:FB:2C:1F:BC:6E:B5:5F:38:D5:72
Certificate issuer: /CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Certificate serial: E3
Authority key identifier: 09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/D1FAE4926A8311EFA3297710C4F9AE02.roa
Signing time: Wed 04 Sep 2024 06:06:27 +0000
ROA not before: Wed 04 Sep 2024 06:06:27 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 13383
IP address blocks: 103.218.172.0/24 maxlen: 24
103.218.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Sep 2024 05:59:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 227 (0xe3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Validity
Not Before: Sep 4 06:06:27 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=66d7f8e3-f7cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:05:85:4e:ba:4c:75:97:cd:82:9c:d0:18:53:
d4:c4:4e:7b:70:bd:5a:0e:b2:54:69:f1:15:3e:83:
0d:12:62:c2:ce:b2:bd:d7:15:51:81:aa:ef:c0:f0:
d9:c3:4e:a9:da:6d:a8:5f:e8:ae:19:44:65:74:62:
3f:6c:d3:20:38:a6:fe:7c:8e:b6:11:37:e7:0e:8a:
d5:56:0b:19:ac:34:fc:c1:02:ee:8c:41:8e:69:9b:
64:5a:55:c4:66:13:22:41:c2:c1:58:c6:25:11:84:
49:1d:64:86:57:ea:d8:64:78:e3:fd:23:ea:a5:95:
e9:a1:5c:86:da:26:64:d9:89:0e:32:f0:05:94:92:
90:94:fe:c2:92:4d:44:97:97:8f:0d:10:b1:0f:c6:
96:49:eb:84:70:7b:26:d2:a1:e3:ae:e9:25:79:d7:
8e:a7:ed:6c:1b:39:a6:cb:2d:ca:f9:d2:b3:34:fe:
63:9d:b9:a9:54:e1:cb:ba:ce:ed:1a:0c:b6:e1:a8:
8b:df:b4:76:30:35:47:95:44:b5:cc:75:c4:d0:f5:
85:31:86:40:0a:c7:49:26:12:6d:6f:e5:89:94:53:
8b:1b:c0:f7:99:71:35:34:ce:f6:04:af:7a:4f:c2:
51:c4:a6:a7:6a:ae:1e:5b:3a:f8:97:1e:fc:80:4f:
22:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:4C:61:93:0D:E0:17:F0:67:43:FB:2C:1F:BC:6E:B5:5F:38:D5:72
X509v3 Authority Key Identifier:
keyid:09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/CUcFHvpQQpIVdQpIvAMa2pJu9m4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/D1FAE4926A8311EFA3297710C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.218.172.0/23
Signature Algorithm: sha256WithRSAEncryption
66:b0:57:a9:af:6c:f2:fa:49:f5:0d:66:7c:b5:74:de:2c:00:
96:10:f3:54:f4:52:f4:3d:a9:29:51:73:db:8c:e7:7b:13:07:
2e:ff:e6:76:57:f7:b4:cf:4f:fb:95:c5:48:ee:14:f5:24:00:
36:82:ec:13:97:1a:0b:bc:46:c5:90:36:c7:b8:15:fe:bb:6e:
13:dc:26:a3:39:c7:1d:4b:61:68:86:be:6c:c0:a5:e4:f8:79:
62:aa:1e:12:22:36:d9:1f:50:24:f0:a8:6c:eb:94:aa:c9:3c:
e5:f3:c6:25:06:10:9c:a5:f1:fc:be:9b:76:f4:13:96:77:25:
ce:c1:6f:43:9a:ef:78:96:fa:09:f9:0c:7c:51:c7:8c:b6:b5:
3c:5a:13:6f:0c:83:02:3c:56:73:39:85:37:f9:20:06:9a:e7:
cc:6c:bc:80:c8:f0:78:0f:c5:25:0c:c4:f4:2a:aa:d1:cf:08:
55:7b:60:44:60:9d:2d:07:d8:f4:6f:04:bb:cb:a6:31:52:63:
eb:d9:27:8b:2c:5b:5d:20:ba:59:cd:61:97:0e:a8:50:86:1a:
ef:d1:f6:50:9f:da:a8:89:38:6b:62:22:08:90:d1:3c:d1:5f:
0e:0c:7a:fe:5f:79:ca:60:14:ff:4c:21:9a:4a:15:4e:ce:67:
11:9c:21:22
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAOMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjE3QUExMTAvBgNVBAUTKDA5NDcwNTFFRkE1MDQyOTIxNTc1MEE0OEJDMDMxQURB
OTI2RUY2NkUwHhcNMjQwOTA0MDYwNjI3WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ3ZjhlMy1mN2NmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyQWFTrpMdZfNgpzQGFPUxE57cL1aDrJUafEVPoMNEmLCzrK91xVRgarvwPDZ
w06p2m2oX+iuGURldGI/bNMgOKb+fI62ETfnDorVVgsZrDT8wQLujEGOaZtkWlXE
ZhMiQcLBWMYlEYRJHWSGV+rYZHjj/SPqpZXpoVyG2iZk2YkOMvAFlJKQlP7Ckk1E
l5ePDRCxD8aWSeuEcHsm0qHjrukledeOp+1sGzmmyy3K+dKzNP5jnbmpVOHLus7t
Ggy24aiL37R2MDVHlUS1zHXE0PWFMYZACsdJJhJtb+WJlFOLG8D3mXE1NM72BK96
T8JRxKanaq4eWzr4lx78gE8i4wIDAQABo4IClTCCApEwHQYDVR0OBBYEFIZMYZMN
4BfwZ0P7LB+8brVfONVyMB8GA1UdIwQYMBaAFAlHBR76UEKSFXUKSLwDGtqSbvZu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTdBQS80MUYwRjk3RTUy
QjgxMUVFOEU0MzAwMERDNEY5QUUwMi9DVWNGSHZwUVFwSVZkUXBJdkFNYTJwSnU5
bTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NVY0ZIdnBRUXBJVmRRcEl2QU1hMnBKdTltNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjE3QUEvNDFGMEY5N0U1MkI4MTFFRThFNDMwMDBEQzRGOUFFMDIvRDFGQUU0OTI2
QTgzMTFFRkEzMjk3NzEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn2qwwDQYJKoZIhvcNAQELBQADggEBAGawV6mvbPL6SfUN
Zny1dN4sAJYQ81T0UvQ9qSlRc9uM53sTBy7/5nZX97TPT/uVxUjuFPUkADaC7BOX
Ggu8RsWQNse4Ff67bhPcJqM5xx1LYWiGvmzApeT4eWKqHhIiNtkfUCTwqGzrlKrJ
POXzxiUGEJyl8fy+m3b0E5Z3Jc7Bb0Oa73iW+gn5DHxRx4y2tTxaE28MgwI8VnM5
hTf5IAaa58xsvIDI8HgPxSUMxPQqqtHPCFV7YERgnS0H2PRvBLvLpjFSY+vZJ4ss
W10gulnNYZcOqFCGGu/R9lCf2qiJOGtiIgiQ0TzRXw4Mev5fecpgFP9MIZpKFU7O
ZxGcISI=
-----END CERTIFICATE-----
Generated at Fri Sep 13 07:27:04 2024 by rpki-client on console-fra.rpki-client.org