Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/C27A717A9BA911EFBBE0821DC4F9AE02.roa
File: C27A717A9BA911EFBBE0821DC4F9AE02.roa (raw, json)
Hash identifier: XLUjT+qDnO5XPxPfFr+u/DlKc9+5dkuaoyEGwthtTgo=
Subject key identifier: 87:5C:BC:44:7A:E7:D5:0D:55:76:C8:0D:9D:06:3A:30:53:37:F4:91
Certificate issuer: /CN=A91F9353/serialNumber=ACD047D0D88E2657E12CF91301C160F1D3CD2F33
Certificate serial: 83
Authority key identifier: AC:D0:47:D0:D8:8E:26:57:E1:2C:F9:13:01:C1:60:F1:D3:CD:2F:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rNBH0NiOJlfhLPkTAcFg8dPNLzM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/C27A717A9BA911EFBBE0821DC4F9AE02.roa
Signing time: Tue 05 Nov 2024 19:11:29 +0000
ROA not before: Tue 05 Nov 2024 19:11:28 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 103.14.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Nov 2024 14:49:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131 (0x83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F9353/serialNumber=ACD047D0D88E2657E12CF91301C160F1D3CD2F33
Validity
Not Before: Nov 5 19:11:28 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=672a6de0-84ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:67:12:b8:9f:74:91:ee:0d:df:ab:ec:83:0b:
a2:74:76:ab:07:7a:66:9d:f3:12:1e:00:54:fc:9b:
ac:a3:01:c0:1d:d1:67:9c:88:35:c1:4d:12:87:c3:
f5:ca:de:43:f0:65:aa:3d:cf:34:7a:75:95:9f:b4:
d8:e7:1d:f0:7d:1e:ed:cb:71:45:19:27:0f:d5:5c:
0c:02:eb:8b:6f:4c:65:d4:c0:03:ed:04:4d:b9:36:
06:a4:d4:be:a6:b0:3f:32:48:73:5a:cf:55:b6:b3:
5b:bd:02:5b:3d:38:13:a4:a2:67:dc:6b:ec:68:ad:
a2:dc:82:4f:1e:85:dc:f5:ce:bb:f4:c6:91:cd:53:
b6:e4:2a:a2:4b:39:fe:53:70:8a:c4:6a:ee:bd:c8:
9f:f0:00:92:27:0b:af:b4:f8:87:33:c6:73:e3:4d:
5d:55:bc:99:ad:e9:17:72:33:41:85:f6:0a:12:91:
7b:69:b3:3a:c1:25:9e:4f:7e:4e:2e:ec:08:ca:77:
b8:2d:64:29:4f:65:98:ef:06:67:3f:55:6d:e3:c5:
8c:f2:cf:c7:13:59:5b:f3:9e:c6:39:92:fa:94:78:
a4:a2:e2:a0:59:79:a0:1a:76:c0:d0:09:77:fe:e3:
83:3e:d9:14:f2:c0:96:aa:47:5c:03:43:5c:b4:d5:
e2:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:5C:BC:44:7A:E7:D5:0D:55:76:C8:0D:9D:06:3A:30:53:37:F4:91
X509v3 Authority Key Identifier:
keyid:AC:D0:47:D0:D8:8E:26:57:E1:2C:F9:13:01:C1:60:F1:D3:CD:2F:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/rNBH0NiOJlfhLPkTAcFg8dPNLzM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rNBH0NiOJlfhLPkTAcFg8dPNLzM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/C27A717A9BA911EFBBE0821DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.14.23.0/24
Signature Algorithm: sha256WithRSAEncryption
11:67:9b:e9:c5:74:b0:96:3e:fc:38:a7:b9:e0:58:42:7f:f1:
3b:b2:9a:dc:d9:39:4f:78:f1:0b:0f:71:a3:d1:e7:b1:58:8e:
f9:69:e3:81:25:fa:6d:4f:4c:51:5f:b8:9b:7c:41:ab:69:a7:
bb:ba:75:68:5c:9f:61:f0:e9:27:c2:b6:ae:8d:4f:09:26:73:
16:01:08:2f:75:43:b8:59:cc:6a:40:fd:cc:4a:7c:25:4d:b9:
bb:e6:1b:a1:88:a5:d2:78:b9:59:10:a3:87:ae:de:c9:61:0f:
cc:1b:27:a8:1f:05:50:66:d7:29:02:ab:fe:e7:55:19:3f:1b:
a5:f2:93:3e:ec:ee:51:42:43:bc:87:62:58:43:60:37:e5:9c:
7e:c4:cb:60:8b:92:e6:70:66:7e:ae:49:a5:b5:29:ae:4c:d8:
1e:93:ed:75:c9:12:f2:d1:7d:92:a1:d7:d5:be:2e:f3:86:bb:
f1:b8:e6:3c:3a:ac:ba:8e:ed:ac:64:3d:99:91:a4:41:79:a7:
d7:ec:2f:ec:58:e1:2e:d7:86:6a:bf:1a:6b:01:25:d4:b0:e3:
b2:6c:3c:ee:52:0c:34:50:f6:8d:b9:a5:fd:c5:80:f4:dc:04:
4e:84:b2:a6:86:fe:79:29:3c:57:bd:58:39:15:47:7f:2d:b4:
fa:f7:03:45
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAIMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjkzNTMxMTAvBgNVBAUTKEFDRDA0N0QwRDg4RTI2NTdFMTJDRjkxMzAxQzE2MEYx
RDNDRDJGMzMwHhcNMjQxMTA1MTkxMTI4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJhNmRlMC04NGFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy2cSuJ90ke4N36vsgwuidHarB3pmnfMSHgBU/JusowHAHdFnnIg1wU0Sh8P1
yt5D8GWqPc80enWVn7TY5x3wfR7ty3FFGScP1VwMAuuLb0xl1MAD7QRNuTYGpNS+
prA/MkhzWs9VtrNbvQJbPTgTpKJn3GvsaK2i3IJPHoXc9c679MaRzVO25CqiSzn+
U3CKxGruvcif8ACSJwuvtPiHM8Zz401dVbyZrekXcjNBhfYKEpF7abM6wSWeT35O
LuwIyne4LWQpT2WY7wZnP1Vt48WM8s/HE1lb857GOZL6lHikouKgWXmgGnbA0Al3
/uODPtkU8sCWqkdcA0NctNXikwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIdcvER6
59UNVXbIDZ0GOjBTN/SRMB8GA1UdIwQYMBaAFKzQR9DYjiZX4Sz5EwHBYPHTzS8z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTM1My8wODc1RTY0ODA1
QzYxMUVGODk2MjBBMjZDNEY5QUUwMi9yTkJIME5pT0psZmhMUGtUQWNGZzhkUE5M
ek0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JOQkgwTmlPSmxmaExQa1RBY0ZnOGRQTkx6TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjkzNTMvMDg3NUU2NDgwNUM2MTFFRjg5NjIwQTI2QzRGOUFFMDIvQzI3QTcxN0E5
QkE5MTFFRkJCRTA4MjFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnDhcwDQYJKoZIhvcNAQELBQADggEBABFnm+nFdLCWPvw4
p7ngWEJ/8TuymtzZOU948QsPcaPR57FYjvlp44El+m1PTFFfuJt8Qatpp7u6dWhc
n2Hw6SfCtq6NTwkmcxYBCC91Q7hZzGpA/cxKfCVNubvmG6GIpdJ4uVkQo4eu3slh
D8wbJ6gfBVBm1ykCq/7nVRk/G6Xykz7s7lFCQ7yHYlhDYDflnH7Ey2CLkuZwZn6u
SaW1Ka5M2B6T7XXJEvLRfZKh19W+LvOGu/G45jw6rLqO7axkPZmRpEF5p9fsL+xY
4S7Xhmq/GmsBJdSw47JsPO5SDDRQ9o25pf3FgPTcBE6EsqaG/nkpPFe9WDkVR38t
tPr3A0U=
-----END CERTIFICATE-----
Generated at Wed Nov 13 16:47:20 2024 by rpki-client on console-fra.rpki-client.org