Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F5266/27BC50C4A13B11EC8343757EC4F9AE02/03D989B6942711EE8BBF702BC4F9AE02.roa
File: 03D989B6942711EE8BBF702BC4F9AE02.roa (raw, json)
Hash identifier: p4gVhwf6X9Pckm9p2n5paY2xD/e1OGRZE0eh3GVwdOI=
Subject key identifier: 7D:D7:AD:14:3C:39:87:E8:C1:CC:17:A3:36:57:42:25:5D:6B:9B:DD
Certificate issuer: /CN=A91F5266/serialNumber=62D1119F188E3F7C1355F6539E06436DA268FF9D
Certificate serial: 0295
Authority key identifier: 62:D1:11:9F:18:8E:3F:7C:13:55:F6:53:9E:06:43:6D:A2:68:FF:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YtERnxiOP3wTVfZTngZDbaJo_50.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F5266/27BC50C4A13B11EC8343757EC4F9AE02/03D989B6942711EE8BBF702BC4F9AE02.roa
Signing time: Wed 06 Dec 2023 11:02:58 +0000
ROA not before: Wed 06 Dec 2023 11:02:58 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 142615
IP address blocks: 103.170.230.0/23 maxlen: 25
Validation: Failed, certificate revoked on Mon 22 Jan 2024 05:42:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 661 (0x295)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F5266/serialNumber=62D1119F188E3F7C1355F6539E06436DA268FF9D
Validity
Not Before: Dec 6 11:02:58 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=657054e2-875f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cd:1b:9f:95:f3:1c:24:55:a3:00:16:51:1e:
5d:93:4f:2e:59:87:ad:27:84:8c:70:7d:a9:db:d0:
a1:1d:0a:08:f7:10:17:ac:97:99:78:7b:c2:b0:4c:
9d:c7:8a:e0:80:96:0f:23:8b:b7:f2:ff:6e:cd:16:
8b:b5:6a:97:b5:8d:cd:a9:f7:e4:66:0e:fc:ad:1a:
4b:a9:c2:fd:8d:ad:5c:65:62:a6:3e:c9:7c:65:12:
4a:c6:2d:eb:05:40:f1:d7:41:e6:17:76:65:38:ba:
88:78:6d:e2:cc:82:a0:64:51:db:76:57:c1:64:d3:
5c:cf:9a:8b:a4:da:6b:d5:1e:8a:a4:9e:05:f6:79:
6a:b7:b0:51:0e:1a:b5:1f:c2:02:3f:32:71:74:8e:
4a:20:48:fa:05:34:1b:66:c5:02:8e:7d:89:f1:92:
bb:b7:7e:02:e2:f5:ca:53:30:0c:11:8f:f0:e0:8b:
4c:9c:1b:c4:b4:1f:66:c0:b5:7d:9d:93:c2:af:b0:
63:00:80:37:01:e8:57:38:85:22:9c:cb:ff:a1:b6:
9a:c0:60:69:61:d6:57:da:fb:7f:12:1f:34:b1:b3:
87:77:c7:eb:62:a5:75:1b:6d:47:33:9f:15:49:3b:
4f:e8:07:61:3f:24:93:6a:9c:e2:98:4d:db:d3:46:
18:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D7:AD:14:3C:39:87:E8:C1:CC:17:A3:36:57:42:25:5D:6B:9B:DD
X509v3 Authority Key Identifier:
keyid:62:D1:11:9F:18:8E:3F:7C:13:55:F6:53:9E:06:43:6D:A2:68:FF:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F5266/27BC50C4A13B11EC8343757EC4F9AE02/YtERnxiOP3wTVfZTngZDbaJo_50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YtERnxiOP3wTVfZTngZDbaJo_50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F5266/27BC50C4A13B11EC8343757EC4F9AE02/03D989B6942711EE8BBF702BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.170.230.0/23
Signature Algorithm: sha256WithRSAEncryption
31:89:8b:42:51:1e:74:e4:20:e2:ec:3d:ba:79:23:da:bd:e9:
4b:ba:51:09:9e:b8:b1:af:5b:19:4a:18:49:e0:d1:a9:49:ec:
57:0a:a9:53:83:51:32:07:ce:79:d3:25:92:ba:7c:6d:ca:17:
dd:4d:3e:c7:6e:97:a5:16:78:b8:0b:a7:a3:36:14:fc:59:d3:
9f:31:a2:62:d3:94:6e:b0:91:59:4d:2e:cc:ee:5c:97:14:b3:
47:6b:d2:dc:d6:88:35:ff:17:c2:d2:51:d0:30:d3:40:91:f6:
a5:0b:59:8a:50:5d:00:b0:4c:99:4e:c1:06:1c:7e:ba:c4:3d:
81:13:7e:e7:4d:0f:a8:2f:19:5c:d7:09:95:56:1d:6a:88:73:
d2:16:73:9e:c7:a9:8f:a4:7c:bf:16:0c:3c:39:71:67:f1:c8:
ea:c1:41:48:fa:f1:12:8f:34:00:88:63:05:8f:3c:a7:a7:a6:
e0:a8:31:f2:4c:49:ed:c6:6f:1a:9c:78:db:22:c1:4e:07:0e:
b8:64:6b:28:77:ea:43:74:34:a8:23:94:0c:ed:fd:9d:3c:95:
4f:53:a3:d6:94:46:e5:1e:70:16:14:2a:d8:5c:95:f0:93:8a:
45:d8:bd:6a:af:d0:00:08:45:f0:4c:3a:e7:b9:9f:e6:ea:0f:
21:31:0e:12
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICApUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjUyNjYxMTAvBgNVBAUTKDYyRDExMTlGMTg4RTNGN0MxMzU1RjY1MzlFMDY0MzZE
QTI2OEZGOUQwHhcNMjMxMjA2MTEwMjU4WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTcwNTRlMi04NzVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoM0bn5XzHCRVowAWUR5dk08uWYetJ4SMcH2p29ChHQoI9xAXrJeZeHvCsEyd
x4rggJYPI4u38v9uzRaLtWqXtY3NqffkZg78rRpLqcL9ja1cZWKmPsl8ZRJKxi3r
BUDx10HmF3ZlOLqIeG3izIKgZFHbdlfBZNNcz5qLpNpr1R6KpJ4F9nlqt7BRDhq1
H8ICPzJxdI5KIEj6BTQbZsUCjn2J8ZK7t34C4vXKUzAMEY/w4ItMnBvEtB9mwLV9
nZPCr7BjAIA3AehXOIUinMv/obaawGBpYdZX2vt/Eh80sbOHd8frYqV1G21HM58V
STtP6AdhPySTapzimE3b00YYwQIDAQABo4IClTCCApEwHQYDVR0OBBYEFH3XrRQ8
OYfowcwXozZXQiVda5vdMB8GA1UdIwQYMBaAFGLREZ8Yjj98E1X2U54GQ22iaP+d
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTI2Ni8yN0JDNTBDNEEx
M0IxMUVDODM0Mzc1N0VDNEY5QUUwMi9ZdEVSbnhpT1Azd1RWZlpUbmdaRGJhSm9f
NTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1l0RVJueGlPUDN3VFZmWlRuZ1pEYmFKb181MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjUyNjYvMjdCQzUwQzRBMTNCMTFFQzgzNDM3NTdFQzRGOUFFMDIvMDNEOTg5QjY5
NDI3MTFFRThCQkY3MDJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnquYwDQYJKoZIhvcNAQELBQADggEBADGJi0JRHnTkIOLs
Pbp5I9q96Uu6UQmeuLGvWxlKGEng0alJ7FcKqVODUTIHznnTJZK6fG3KF91NPsdu
l6UWeLgLp6M2FPxZ058xomLTlG6wkVlNLszuXJcUs0dr0tzWiDX/F8LSUdAw00CR
9qULWYpQXQCwTJlOwQYcfrrEPYETfudND6gvGVzXCZVWHWqIc9IWc57HqY+kfL8W
DDw5cWfxyOrBQUj68RKPNACIYwWPPKenpuCoMfJMSe3GbxqceNsiwU4HDrhkayh3
6kN0NKgjlAzt/Z08lU9To9aURuUecBYUKthclfCTikXYvWqv0AAIRfBMOue5n+bq
DyExDhI=
-----END CERTIFICATE-----
Generated at Mon Jan 22 06:52:55 2024 by rpki-client on console-ams.rpki-client.org