Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F7BA0/F7383F8438F111EF90B90740C4F9AE02/95D7F8B238F411EF8FDDE37EC4F9AE02.roa
File: 95D7F8B238F411EF8FDDE37EC4F9AE02.roa (raw, json)
Hash identifier: l+HAXBU38Y9FmNtXiyoBf0lATesCbGttoIycaMkof2U=
Subject key identifier: CB:D2:64:E9:03:B4:09:65:7C:3E:52:10:95:E0:2B:55:64:9D:83:7C
Certificate issuer: /CN=A91F7BA0/serialNumber=ACFCB31E2BE2AD3D12B1A79102FCB4FD58BB6683
Certificate serial: 28
Authority key identifier: AC:FC:B3:1E:2B:E2:AD:3D:12:B1:A7:91:02:FC:B4:FD:58:BB:66:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rPyzHivirT0SsaeRAvy0_Vi7ZoM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F7BA0/F7383F8438F111EF90B90740C4F9AE02/95D7F8B238F411EF8FDDE37EC4F9AE02.roa
Signing time: Mon 09 Sep 2024 10:11:42 +0000
ROA not before: Mon 09 Sep 2024 10:11:42 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 133823
IP address blocks: 103.211.232.0/24 maxlen: 24
103.211.233.0/24 maxlen: 24
103.211.234.0/24 maxlen: 24
103.211.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 03:18:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40 (0x28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F7BA0/serialNumber=ACFCB31E2BE2AD3D12B1A79102FCB4FD58BB6683
Validity
Not Before: Sep 9 10:11:42 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66dec9dd-6ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f0:ae:4e:f3:5b:1c:40:2f:b4:b1:f6:89:b2:
a5:7d:03:89:66:9b:47:a5:c0:09:fd:a8:4e:f5:fb:
d2:79:df:66:7b:6a:9b:16:80:35:e6:f9:d0:fa:64:
22:f1:c0:d8:d1:d8:2b:1d:9d:76:d1:63:42:d3:07:
bf:45:e6:19:a5:bd:57:54:30:71:19:ab:7a:3b:7a:
09:27:53:a6:10:95:60:81:c7:6e:9a:42:c0:29:97:
dc:a8:67:74:6b:e0:fb:9b:22:6e:95:05:ed:1f:4b:
42:30:04:ad:d3:df:94:8c:0c:17:61:25:63:26:d8:
33:7d:6f:af:67:54:e9:3f:76:04:45:48:46:75:02:
95:31:19:15:5a:08:a2:9b:ce:2d:10:39:48:64:1d:
f8:a6:5b:12:71:29:14:05:bf:b8:05:94:5e:cd:b5:
2b:4e:f4:a7:31:b7:24:ae:dd:95:4f:53:8a:d6:83:
3d:82:70:50:96:e7:9e:aa:4f:81:d8:99:1f:60:a9:
c7:d0:fa:5f:60:0b:68:30:0e:f2:1e:fb:8c:b8:31:
72:e0:cd:c5:16:bd:f2:08:c8:04:2e:1d:fb:c8:75:
32:c7:22:1e:02:7f:45:e3:ee:a5:e5:43:d4:1e:0e:
1f:dc:57:17:59:9f:26:10:1d:75:36:cf:a3:ba:c4:
e8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D2:64:E9:03:B4:09:65:7C:3E:52:10:95:E0:2B:55:64:9D:83:7C
X509v3 Authority Key Identifier:
keyid:AC:FC:B3:1E:2B:E2:AD:3D:12:B1:A7:91:02:FC:B4:FD:58:BB:66:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F7BA0/F7383F8438F111EF90B90740C4F9AE02/rPyzHivirT0SsaeRAvy0_Vi7ZoM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rPyzHivirT0SsaeRAvy0_Vi7ZoM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F7BA0/F7383F8438F111EF90B90740C4F9AE02/95D7F8B238F411EF8FDDE37EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.211.232.0/22
Signature Algorithm: sha256WithRSAEncryption
51:33:f0:47:ae:3b:6e:d2:53:a7:c3:52:8e:b0:7b:c0:f1:c4:
08:3c:ef:93:52:25:36:4e:37:60:31:7f:2d:b5:ea:7c:ab:5a:
cc:07:59:03:14:91:e3:d9:dd:3d:41:1c:c1:c1:a0:72:cc:55:
a6:b3:20:a5:1f:13:ac:4d:e1:b9:09:68:cd:36:44:5c:55:60:
cb:9e:51:cc:49:1c:9a:8d:75:09:67:94:a5:f3:56:eb:22:a7:
91:c7:14:88:a7:b1:f7:97:f2:14:42:5c:fd:b4:b8:d0:69:45:
f9:5f:a3:f1:77:3a:cf:ea:16:e1:96:fb:64:2c:52:47:63:14:
72:ad:cd:15:0d:d6:81:ff:38:10:2f:6f:5e:b8:25:36:50:e3:
50:87:09:15:bd:a5:23:32:57:1e:6d:a7:d3:85:3a:ec:af:6d:
7d:39:62:5d:8a:b2:29:65:d4:ef:91:aa:b2:b1:88:f0:bc:9d:
bf:0b:ff:10:cf:ed:79:f8:35:70:b7:e2:9e:55:7a:3f:b1:85:
01:97:fa:77:cc:77:dd:a2:39:57:74:33:4d:2b:2c:96:04:ef:
21:44:45:48:2c:95:53:8c:1e:5d:8f:4e:3b:d4:72:25:ff:13:
51:23:26:01:8d:08:ee:b2:a6:99:a1:e2:c2:3d:34:38:f7:89:
e4:d1:c1:dd
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBKDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
N0JBMDExMC8GA1UEBRMoQUNGQ0IzMUUyQkUyQUQzRDEyQjFBNzkxMDJGQ0I0RkQ1
OEJCNjY4MzAeFw0yNDA5MDkxMDExNDJaFw0yNTEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZGVjOWRkLTZhZTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCt8K5O81scQC+0sfaJsqV9A4lmm0elwAn9qE71+9J532Z7apsWgDXm+dD6ZCLx
wNjR2CsdnXbRY0LTB79F5hmlvVdUMHEZq3o7egknU6YQlWCBx26aQsApl9yoZ3Rr
4PubIm6VBe0fS0IwBK3T35SMDBdhJWMm2DN9b69nVOk/dgRFSEZ1ApUxGRVaCKKb
zi0QOUhkHfimWxJxKRQFv7gFlF7NtStO9KcxtySu3ZVPU4rWgz2CcFCW556qT4HY
mR9gqcfQ+l9gC2gwDvIe+4y4MXLgzcUWvfIIyAQuHfvIdTLHIh4Cf0Xj7qXlQ9Qe
Dh/cVxdZnyYQHXU2z6O6xOjjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUy9Jk6QO0
CWV8PlIQleArVWSdg3wwHwYDVR0jBBgwFoAUrPyzHivirT0SsaeRAvy0/Vi7ZoMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY3QkEwL0Y3MzgzRjg0MzhG
MTExRUY5MEI5MDc0MEM0RjlBRTAyL3JQeXpIaXZpclQwU3NhZVJBdnkwX1ZpN1pv
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvclB5ekhpdmlyVDBTc2FlUkF2eTBfVmk3Wm9NLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
N0JBMC9GNzM4M0Y4NDM4RjExMUVGOTBCOTA3NDBDNEY5QUUwMi85NUQ3RjhCMjM4
RjQxMUVGOEZEREUzN0VDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAmfT6DANBgkqhkiG9w0BAQsFAAOCAQEAUTPwR647btJTp8NS
jrB7wPHECDzvk1IlNk43YDF/LbXqfKtazAdZAxSR49ndPUEcwcGgcsxVprMgpR8T
rE3huQlozTZEXFVgy55RzEkcmo11CWeUpfNW6yKnkccUiKex95fyFEJc/bS40GlF
+V+j8Xc6z+oW4Zb7ZCxSR2MUcq3NFQ3Wgf84EC9vXrglNlDjUIcJFb2lIzJXHm2n
04U67K9tfTliXYqyKWXU75GqsrGI8Lydvwv/EM/tefg1cLfinlV6P7GFAZf6d8x3
3aI5V3QzTSsslgTvIURFSCyVU4weXY9OO9RyJf8TUSMmAY0I7rKmmaHiwj00OPeJ
5NHB3Q==
-----END CERTIFICATE-----
Generated at Mon Oct 14 05:33:04 2024 by rpki-client on console-fra.rpki-client.org