Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F7D74/378D9A0A692811EFAF711487C4F9AE02/F23B8A10692811EFA2DCBE09C4F9AE02.roa
File: F23B8A10692811EFA2DCBE09C4F9AE02.roa (raw, json)
Hash identifier: 1gK+Ej8e2L38ntQ5+3isOIs626+ttzjm1RJ2BnjAj8U=
Subject key identifier: A1:B2:A4:90:D3:48:97:AD:8A:2B:70:4F:3A:FF:12:07:43:00:43:B4
Certificate issuer: /CN=A91F7D74/serialNumber=D3DCE17143F9CF5DF8004F8C6597FB2C8CCC7046
Certificate serial: 02
Authority key identifier: D3:DC:E1:71:43:F9:CF:5D:F8:00:4F:8C:65:97:FB:2C:8C:CC:70:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09zhcUP5z134AE-MZZf7LIzMcEY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F7D74/378D9A0A692811EFAF711487C4F9AE02/F23B8A10692811EFA2DCBE09C4F9AE02.roa
Signing time: Mon 02 Sep 2024 12:43:25 +0000
ROA not before: Mon 02 Sep 2024 12:43:25 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 135319
IP address blocks: 103.214.57.0/24 maxlen: 24
103.214.58.0/24 maxlen: 24
103.214.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 14:56:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F7D74/serialNumber=D3DCE17143F9CF5DF8004F8C6597FB2C8CCC7046
Validity
Not Before: Sep 2 12:43:25 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66d5b2ed-12fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1d:2f:e3:94:e2:63:ca:53:99:eb:b3:a0:f2:
1f:fe:16:39:55:85:18:a6:f1:15:32:63:77:77:05:
2d:3d:30:50:cb:f0:99:21:89:05:a5:f0:f7:0b:55:
f4:d0:83:a8:e5:b4:2e:a1:be:8f:fb:7e:e2:a3:f2:
b7:5d:d7:bb:e5:3b:55:f2:08:f6:3b:40:c0:02:63:
e5:32:a2:76:9d:a6:40:10:1f:e3:a9:4e:ad:ef:2f:
d2:9e:e2:d8:ac:5f:e3:dd:cc:d9:f0:61:61:11:4c:
da:19:22:68:0e:67:34:a8:1a:e0:11:04:2e:37:07:
9c:f4:e6:1e:9e:77:b7:c7:c3:be:80:b0:4e:72:3f:
5b:fb:0c:aa:be:27:f0:9e:a5:0a:cf:72:67:75:65:
23:41:d9:0a:31:a4:e8:00:ee:07:19:f1:74:27:d9:
21:8e:0d:29:a1:38:ee:12:94:62:a9:63:7a:d0:9e:
1a:ba:23:07:b2:a8:44:b3:b3:96:b5:e3:a8:ef:68:
45:63:41:b5:c0:83:e8:e2:d1:b9:22:e8:7f:e1:74:
9c:8a:22:8a:76:a9:c2:29:b1:02:ee:13:a5:98:59:
78:69:8f:fb:3f:3e:b2:38:dd:44:e1:f2:81:4e:d4:
32:81:dd:b6:33:78:0c:ad:2b:29:72:7b:64:e3:a8:
a6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B2:A4:90:D3:48:97:AD:8A:2B:70:4F:3A:FF:12:07:43:00:43:B4
X509v3 Authority Key Identifier:
keyid:D3:DC:E1:71:43:F9:CF:5D:F8:00:4F:8C:65:97:FB:2C:8C:CC:70:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F7D74/378D9A0A692811EFAF711487C4F9AE02/09zhcUP5z134AE-MZZf7LIzMcEY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09zhcUP5z134AE-MZZf7LIzMcEY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F7D74/378D9A0A692811EFAF711487C4F9AE02/F23B8A10692811EFA2DCBE09C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.214.57.0-103.214.59.255
Signature Algorithm: sha256WithRSAEncryption
5d:63:4e:5c:37:f4:9d:5c:a4:ec:f6:27:4f:79:93:72:d2:dd:
ab:71:f5:d1:79:d9:1a:c1:83:ef:2f:2b:03:3f:df:36:f2:e0:
76:36:cc:d6:c0:fb:71:04:71:1a:39:0e:8a:94:1e:fa:f5:8b:
12:71:97:1c:72:0a:c4:f1:0b:87:55:9e:74:2e:11:23:17:0a:
50:0c:5f:db:e6:31:b1:71:0f:f4:9f:64:8c:67:a8:1e:3c:ca:
ed:4c:75:73:2d:a0:79:7d:af:a8:ef:e0:b8:97:7b:4f:f0:8d:
26:91:eb:c5:6f:52:06:24:28:85:68:d7:e5:f7:fc:dd:d8:89:
51:23:e5:23:33:92:79:eb:d7:ad:c2:51:dd:24:08:6b:b5:e5:
ab:30:f3:0f:6d:15:cd:7b:b0:6d:bf:74:c3:91:52:93:11:ed:
0b:42:57:6d:4c:5e:28:d3:cd:ae:e6:49:02:cb:23:3a:e3:54:
df:93:3d:fc:63:43:d9:e7:4c:4e:58:8d:77:3a:d1:e7:5c:36:
a7:ed:7f:3e:8c:65:a2:a8:9d:b9:cf:c5:df:50:0c:e6:45:1d:
b9:7c:98:bb:94:67:3f:ff:93:6f:7e:6c:9b:6c:02:12:6a:24:
90:29:bc:fd:d9:0f:ed:d4:a9:c9:03:ac:af:a9:da:55:ca:d7:
65:13:5b:cb
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
N0Q3NDExMC8GA1UEBRMoRDNEQ0UxNzE0M0Y5Q0Y1REY4MDA0RjhDNjU5N0ZCMkM4
Q0NDNzA0NjAeFw0yNDA5MDIxMjQzMjVaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZDViMmVkLTEyZmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/HS/jlOJjylOZ67Og8h/+FjlVhRim8RUyY3d3BS09MFDL8JkhiQWl8PcLVfTQ
g6jltC6hvo/7fuKj8rdd17vlO1XyCPY7QMACY+UyonadpkAQH+OpTq3vL9Ke4tis
X+PdzNnwYWERTNoZImgOZzSoGuARBC43B5z05h6ed7fHw76AsE5yP1v7DKq+J/Ce
pQrPcmd1ZSNB2QoxpOgA7gcZ8XQn2SGODSmhOO4SlGKpY3rQnhq6IweyqESzs5a1
46jvaEVjQbXAg+ji0bki6H/hdJyKIop2qcIpsQLuE6WYWXhpj/s/PrI43UTh8oFO
1DKB3bYzeAytKylye2TjqKa3AgMBAAGjggKdMIICmTAdBgNVHQ4EFgQUobKkkNNI
l62KK3BPOv8SB0MAQ7QwHwYDVR0jBBgwFoAU09zhcUP5z134AE+MZZf7LIzMcEYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY3RDc0LzM3OEQ5QTBBNjky
ODExRUZBRjcxMTQ4N0M0RjlBRTAyLzA5emhjVVA1ejEzNEFFLU1aWmY3TEl6TWNF
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMDl6aGNVUDV6MTM0QUUtTVpaZjdMSXpNY0VZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
N0Q3NC8zNzhEOUEwQTY5MjgxMUVGQUY3MTE0ODdDNEY5QUUwMi9GMjNCOEExMDY5
MjgxMUVGQTJEQ0JFMDlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQAZ9Y5AwQCZ9Y4MA0GCSqGSIb3DQEBCwUAA4IBAQBdY05c
N/SdXKTs9idPeZNy0t2rcfXRedkawYPvLysDP9828uB2NszWwPtxBHEaOQ6KlB76
9YsScZcccgrE8QuHVZ50LhEjFwpQDF/b5jGxcQ/0n2SMZ6gePMrtTHVzLaB5fa+o
7+C4l3tP8I0mkevFb1IGJCiFaNfl9/zd2IlRI+UjM5J569etwlHdJAhrteWrMPMP
bRXNe7Btv3TDkVKTEe0LQldtTF4o082u5kkCyyM641Tfkz38Y0PZ50xOWI13OtHn
XDan7X8+jGWiqJ25z8XfUAzmRR25fJi7lGc//5NvfmybbAISaiSQKbz92Q/t1KnJ
A6yvqdpVytdlE1vL
-----END CERTIFICATE-----
Generated at Mon Sep 2 17:08:25 2024 by rpki-client on console-fra.rpki-client.org