Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/D58E047EAACE11EE9256D943C4F9AE02.roa
File: D58E047EAACE11EE9256D943C4F9AE02.roa (raw, json)
Hash identifier: o5yDgGrFXXrq1f2PpB52CB2R4odJacWD1sf3oG9P7oA=
Subject key identifier: 27:00:A6:C3:D4:6F:8E:F9:07:FA:04:A7:75:8E:35:EC:2F:23:28:73
Certificate issuer: /CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Certificate serial: 48
Authority key identifier: 09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/D58E047EAACE11EE9256D943C4F9AE02.roa
Signing time: Thu 04 Jan 2024 06:59:42 +0000
ROA not before: Thu 04 Jan 2024 06:59:42 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 8075
IP address blocks: 103.218.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 06:14:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72 (0x48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Validity
Not Before: Jan 4 06:59:42 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6596575e-30be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ae:b3:ab:9e:cf:b1:de:8c:ad:54:71:b6:d7:
3f:62:6a:86:12:65:80:45:ef:36:4a:9c:95:c9:ab:
7c:4f:33:ad:b1:00:14:87:ca:2f:91:5b:85:3a:f6:
b2:01:02:a1:4a:5e:16:34:f6:53:6d:02:1b:f9:ed:
84:de:95:60:f7:ce:49:19:8b:ca:ab:d8:95:b2:e5:
ee:c3:ca:1a:82:1e:7d:7e:6a:06:ed:76:38:b9:fc:
d9:c0:e6:dc:ca:dc:1b:62:a8:0f:4c:0b:d7:16:55:
b8:70:a9:71:29:4b:93:64:90:83:42:5e:ba:5a:57:
20:30:50:b4:6d:30:05:fa:d4:59:d9:c1:10:d1:b8:
d3:1f:86:c2:28:f6:c9:37:b8:b8:b6:e9:40:46:d9:
4d:cd:56:1d:d8:c9:6d:93:07:9a:34:8e:d5:e4:e7:
18:59:02:02:65:44:c7:a9:21:fa:3d:26:87:c1:be:
d3:0e:24:dd:d2:a3:fa:ca:9c:fc:76:3f:14:db:fd:
38:fd:07:95:30:08:3c:9f:ba:ce:e9:29:a2:74:55:
e8:93:76:52:b2:39:ab:ba:b4:f1:bd:a3:c4:18:4d:
ca:cd:f7:74:f4:bc:10:20:b4:5c:28:9b:ba:e7:5c:
8f:36:b0:8a:78:38:ba:0e:ce:76:c7:76:3b:81:9b:
74:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:00:A6:C3:D4:6F:8E:F9:07:FA:04:A7:75:8E:35:EC:2F:23:28:73
X509v3 Authority Key Identifier:
keyid:09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/CUcFHvpQQpIVdQpIvAMa2pJu9m4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/D58E047EAACE11EE9256D943C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.218.172.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:97:4a:44:90:71:be:fd:64:16:b6:6c:56:8d:32:66:92:48:
31:e6:c2:be:c1:31:34:0f:e3:dd:42:04:6e:59:26:cb:4d:4a:
ad:1e:a2:9d:a8:54:39:b7:f7:08:5b:7a:6d:e8:47:5f:7a:9b:
85:db:24:ce:12:f7:83:1c:f5:2c:c7:8f:7e:8e:7b:2e:5d:fa:
79:67:d1:54:0f:67:01:15:85:dc:0f:fb:be:a2:8b:cb:3a:b8:
4f:7b:a8:e4:17:b8:4e:92:83:20:86:6f:85:97:fc:d7:10:13:
07:14:9b:c9:38:fb:56:e6:a4:35:85:c4:b7:9c:e3:0d:91:d2:
7a:02:8f:47:9b:b9:b2:73:08:c5:67:25:74:27:c2:30:b5:31:
c5:26:35:e7:34:cf:ed:fa:0f:91:ba:3e:6d:3d:e3:90:97:74:
7c:1d:48:53:c0:cb:03:72:67:36:2e:97:44:34:62:b2:a5:13:
f9:60:ab:43:39:2a:e7:93:ab:1f:6f:fb:39:0c:ed:49:86:71:
41:cc:00:7f:aa:3f:3a:26:e8:15:97:9d:c6:11:f5:5b:80:18:
ed:1d:3f:b5:b9:21:af:7e:22:36:0c:31:a3:d1:e5:2d:a8:3e:
39:b2:09:4b:d9:0e:e1:bb:f7:c0:3f:04:af:1b:40:f7:ec:34:
34:de:10:57
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBSDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MTdBQTExMC8GA1UEBRMoMDk0NzA1MUVGQTUwNDI5MjE1NzUwQTQ4QkMwMzFBREE5
MjZFRjY2RTAeFw0yNDAxMDQwNjU5NDJaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1OTY1NzVlLTMwYmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDWrrOrns+x3oytVHG21z9iaoYSZYBF7zZKnJXJq3xPM62xABSHyi+RW4U69rIB
AqFKXhY09lNtAhv57YTelWD3zkkZi8qr2JWy5e7DyhqCHn1+agbtdji5/NnA5tzK
3BtiqA9MC9cWVbhwqXEpS5NkkINCXrpaVyAwULRtMAX61FnZwRDRuNMfhsIo9sk3
uLi26UBG2U3NVh3YyW2TB5o0jtXk5xhZAgJlRMepIfo9JofBvtMOJN3So/rKnPx2
PxTb/Tj9B5UwCDyfus7pKaJ0VeiTdlKyOau6tPG9o8QYTcrN93T0vBAgtFwom7rn
XI82sIp4OLoOznbHdjuBm3S5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUJwCmw9Rv
jvkH+gSndY417C8jKHMwHwYDVR0jBBgwFoAUCUcFHvpQQpIVdQpIvAMa2pJu9m4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYxN0FBLzQxRjBGOTdFNTJC
ODExRUU4RTQzMDAwREM0RjlBRTAyL0NVY0ZIdnBRUXBJVmRRcEl2QU1hMnBKdTlt
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQ1VjRkh2cFFRcElWZFFwSXZBTWEycEp1OW00LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MTdBQS80MUYwRjk3RTUyQjgxMUVFOEU0MzAwMERDNEY5QUUwMi9ENThFMDQ3RUFB
Q0UxMUVFOTI1NkQ5NDNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGfarDANBgkqhkiG9w0BAQsFAAOCAQEACpdKRJBxvv1kFrZs
Vo0yZpJIMebCvsExNA/j3UIEblkmy01KrR6inahUObf3CFt6behHX3qbhdskzhL3
gxz1LMePfo57Ll36eWfRVA9nARWF3A/7vqKLyzq4T3uo5Be4TpKDIIZvhZf81xAT
BxSbyTj7VuakNYXEt5zjDZHSegKPR5u5snMIxWcldCfCMLUxxSY15zTP7foPkbo+
bT3jkJd0fB1IU8DLA3JnNi6XRDRisqUT+WCrQzkq55OrH2/7OQztSYZxQcwAf6o/
OiboFZedxhH1W4AY7R0/tbkhr34iNgwxo9HlLag+ObIJS9kO4bv3wD8ErxtA9+w0
NN4QVw==
-----END CERTIFICATE-----
Generated at Thu Jan 18 07:41:14 2024 by rpki-client on console-fra.rpki-client.org