Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/68E96E5E09E611EFABB7B40EC4F9AE02.roa
File: 68E96E5E09E611EFABB7B40EC4F9AE02.roa (raw, json)
Hash identifier: WU5HiQLq3a8OwuaojmyQXFf4nxFp9ZCDZT9TUKBk+QQ=
Subject key identifier: DD:10:1E:EB:DE:87:83:7F:93:9D:5C:DF:9B:5B:D3:33:57:18:96:CB
Certificate issuer: /CN=A91F9353/serialNumber=ACD047D0D88E2657E12CF91301C160F1D3CD2F33
Certificate serial: 09
Authority key identifier: AC:D0:47:D0:D8:8E:26:57:E1:2C:F9:13:01:C1:60:F1:D3:CD:2F:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rNBH0NiOJlfhLPkTAcFg8dPNLzM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/68E96E5E09E611EFABB7B40EC4F9AE02.roa
Signing time: Sat 04 May 2024 08:21:52 +0000
ROA not before: Sat 04 May 2024 08:21:52 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 152698
IP address blocks: 103.14.22.0/24 maxlen: 24
103.14.23.0/24 maxlen: 24
2001:df3:ad40::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 07 May 2024 17:11:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F9353/serialNumber=ACD047D0D88E2657E12CF91301C160F1D3CD2F33
Validity
Not Before: May 4 08:21:52 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6635f01f-96af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:f0:0a:69:3a:ad:8e:36:6b:7f:e6:62:cd:03:
96:6a:35:e4:59:35:f8:87:f6:3c:45:00:50:19:54:
17:c0:c5:a5:cc:23:66:34:5f:d0:f2:5a:46:2e:62:
90:7a:cd:a4:00:90:e2:72:74:46:9b:de:85:49:6c:
10:23:28:37:2f:13:70:09:7e:63:ac:0f:59:41:04:
ec:9b:13:f1:30:74:52:e2:ac:a6:7a:90:f1:b1:9e:
89:21:ad:6a:81:7b:f3:b3:ba:76:db:b4:d3:e8:33:
0b:eb:c0:0c:71:94:2d:be:3f:2e:43:75:90:14:d0:
16:53:03:17:2f:89:0b:2e:3e:a7:95:c9:bd:c5:df:
1f:88:50:40:93:4a:85:cb:1d:a8:bf:a1:92:58:ff:
9e:6a:c9:72:0d:b8:d9:76:b5:82:3b:0e:e5:b1:74:
a5:bb:e0:97:96:00:8c:e3:71:8b:d7:9a:ff:7d:d9:
2d:f6:13:6c:de:5a:c3:b0:56:44:7d:25:d3:36:7f:
88:42:dd:d8:5a:93:2a:5e:13:7c:7a:7d:ed:23:97:
91:99:2e:35:22:d6:a4:79:b9:9d:7c:c5:6a:66:9c:
d1:40:f1:57:6e:1f:ac:c8:9f:9d:ce:5d:6f:78:a2:
1d:bd:1c:d9:26:b4:0d:5a:49:2b:34:0f:84:6b:28:
ac:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:10:1E:EB:DE:87:83:7F:93:9D:5C:DF:9B:5B:D3:33:57:18:96:CB
X509v3 Authority Key Identifier:
keyid:AC:D0:47:D0:D8:8E:26:57:E1:2C:F9:13:01:C1:60:F1:D3:CD:2F:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/rNBH0NiOJlfhLPkTAcFg8dPNLzM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rNBH0NiOJlfhLPkTAcFg8dPNLzM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/68E96E5E09E611EFABB7B40EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.14.22.0/23
IPv6:
2001:df3:ad40::/48
Signature Algorithm: sha256WithRSAEncryption
15:68:08:b6:20:41:98:ae:31:80:70:4d:5e:36:c6:53:6c:20:
e0:eb:b4:82:31:33:36:77:41:32:65:c8:6f:2e:6c:7c:7b:ff:
4f:f3:79:7e:00:10:59:26:f5:5e:a0:c4:32:fc:de:39:56:8d:
0a:b4:af:6f:e4:3c:3a:c1:be:08:fb:d4:f7:2d:02:60:d3:29:
71:1d:a5:80:87:48:34:26:4b:eb:57:66:5a:be:e2:c0:ec:0d:
5a:c0:e8:98:64:a9:bd:61:8d:3c:43:9c:e5:79:93:4e:89:72:
74:03:6a:a1:35:0a:b9:f1:85:bd:96:71:7f:16:03:e4:b2:9c:
a2:a6:15:b9:dd:16:af:c6:28:b1:f2:71:63:4e:3c:8e:71:2b:
75:1b:55:b3:07:52:01:df:5c:9a:7e:b5:e7:83:9d:e1:d3:b9:
0a:19:ab:fe:ac:87:bd:6f:50:ac:2a:8a:5a:ae:93:56:13:4a:
55:db:43:f9:76:43:9e:dc:92:71:ef:25:a2:17:e0:28:ca:f5:
22:93:97:80:af:20:89:33:7d:33:a7:ab:7f:91:7f:13:76:99:
79:6f:0c:aa:e8:2b:07:e9:ac:46:56:db:81:83:84:c8:4a:f6:
29:55:b0:d5:33:4a:bd:2a:f3:cb:cf:56:74:bb:a6:78:3d:85:
af:ff:79:57
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
OTM1MzExMC8GA1UEBRMoQUNEMDQ3RDBEODhFMjY1N0UxMkNGOTEzMDFDMTYwRjFE
M0NEMkYzMzAeFw0yNDA1MDQwODIxNTJaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MzVmMDFmLTk2YWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDx8AppOq2ONmt/5mLNA5ZqNeRZNfiH9jxFAFAZVBfAxaXMI2Y0X9DyWkYuYpB6
zaQAkOJydEab3oVJbBAjKDcvE3AJfmOsD1lBBOybE/EwdFLirKZ6kPGxnokhrWqB
e/OzunbbtNPoMwvrwAxxlC2+Py5DdZAU0BZTAxcviQsuPqeVyb3F3x+IUECTSoXL
Hai/oZJY/55qyXINuNl2tYI7DuWxdKW74JeWAIzjcYvXmv992S32E2zeWsOwVkR9
JdM2f4hC3dhakypeE3x6fe0jl5GZLjUi1qR5uZ18xWpmnNFA8VduH6zIn53OXW94
oh29HNkmtA1aSSs0D4RrKKwPAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU3RAe696H
g3+TnVzfm1vTM1cYlsswHwYDVR0jBBgwFoAUrNBH0NiOJlfhLPkTAcFg8dPNLzMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY5MzUzLzA4NzVFNjQ4MDVD
NjExRUY4OTYyMEEyNkM0RjlBRTAyL3JOQkgwTmlPSmxmaExQa1RBY0ZnOGRQTkx6
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvck5CSDBOaU9KbGZoTFBrVEFjRmc4ZFBOTHpNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
OTM1My8wODc1RTY0ODA1QzYxMUVGODk2MjBBMjZDNEY5QUUwMi82OEU5NkU1RTA5
RTYxMUVGQUJCN0I0MEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWcOFjAPBAIAAjAJAwcAIAEN861AMA0GCSqGSIb3DQEBCwUA
A4IBAQAVaAi2IEGYrjGAcE1eNsZTbCDg67SCMTM2d0EyZchvLmx8e/9P83l+ABBZ
JvVeoMQy/N45Vo0KtK9v5Dw6wb4I+9T3LQJg0ylxHaWAh0g0JkvrV2ZavuLA7A1a
wOiYZKm9YY08Q5zleZNOiXJ0A2qhNQq58YW9lnF/FgPkspyiphW53Ravxiix8nFj
TjyOcSt1G1WzB1IB31yafrXng53h07kKGav+rIe9b1CsKoparpNWE0pV20P5dkOe
3JJx7yWiF+AoyvUik5eAryCJM30zp6t/kX8Tdpl5bwyq6CsH6axGVtuBg4TISvYp
VbDVM0q9KvPLz1Z0u6Z4PYWv/3lX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:39 2024 by rpki-client on console-ams.rpki-client.org