Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/DC8132440F5811EF91000875C4F9AE02.roa
File: DC8132440F5811EF91000875C4F9AE02.roa (raw, json)
Hash identifier: 7W4ZzL97PgTaiJV2wm0HmET+IJPF/QfQLT6u69qUP1s=
Subject key identifier: 30:A2:AE:32:8D:DC:F8:28:CC:7B:34:E2:D4:60:62:F1:E8:E5:49:F6
Certificate issuer: /CN=A91F9353/serialNumber=ACD047D0D88E2657E12CF91301C160F1D3CD2F33
Certificate serial: 17
Authority key identifier: AC:D0:47:D0:D8:8E:26:57:E1:2C:F9:13:01:C1:60:F1:D3:CD:2F:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rNBH0NiOJlfhLPkTAcFg8dPNLzM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/DC8132440F5811EF91000875C4F9AE02.roa
Signing time: Sat 11 May 2024 05:39:40 +0000
ROA not before: Sat 11 May 2024 05:39:40 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 103.14.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Jun 2024 09:11:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23 (0x17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F9353/serialNumber=ACD047D0D88E2657E12CF91301C160F1D3CD2F33
Validity
Not Before: May 11 05:39:40 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=663f049c-d472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:71:0a:98:fc:1f:a5:4e:73:fe:00:57:c2:8c:
92:4e:e5:4c:39:7f:6e:56:ec:e2:f4:e5:43:90:20:
a6:19:2a:fc:44:67:54:66:8b:c0:2f:bd:56:70:a2:
cb:53:06:5f:d6:a1:09:a2:b0:96:f9:93:1e:d7:f9:
80:6e:50:59:35:48:f8:d5:6e:8c:03:0e:7b:52:26:
3d:92:7b:1f:bc:f1:1d:79:2e:d6:54:22:d9:e2:74:
6a:7b:b7:e5:9f:17:e4:0e:36:9d:cf:b4:f4:e9:e1:
6f:17:0a:2c:c1:a3:a4:7e:21:b5:38:c5:44:28:73:
1b:bd:5b:d3:56:3a:52:58:26:1a:3d:1f:14:f1:ac:
0a:30:e7:17:e4:6a:82:6c:13:92:ce:05:f7:ce:78:
5e:97:02:53:93:7b:89:16:c1:c2:28:9c:4a:6c:4b:
61:9f:d1:e0:97:95:52:39:d3:11:15:1c:ef:fe:03:
7b:8d:99:27:49:81:a8:49:4f:5a:a8:07:bf:0c:f0:
17:89:24:d5:51:5e:52:55:1c:e3:19:0c:3b:da:f4:
54:85:60:09:86:ac:46:64:28:d6:89:0c:e7:f8:30:
ab:97:5d:90:f4:0f:55:7b:76:c7:5a:f9:1e:ef:85:
37:e7:3b:ca:e8:47:04:42:cd:b0:a0:f6:46:7d:e4:
e7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A2:AE:32:8D:DC:F8:28:CC:7B:34:E2:D4:60:62:F1:E8:E5:49:F6
X509v3 Authority Key Identifier:
keyid:AC:D0:47:D0:D8:8E:26:57:E1:2C:F9:13:01:C1:60:F1:D3:CD:2F:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/rNBH0NiOJlfhLPkTAcFg8dPNLzM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rNBH0NiOJlfhLPkTAcFg8dPNLzM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/DC8132440F5811EF91000875C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.14.22.0/24
Signature Algorithm: sha256WithRSAEncryption
16:0e:4a:43:dc:11:06:9d:d9:a4:24:9a:27:3e:da:a9:67:b4:
3a:fa:27:21:0e:79:d2:19:e4:81:ee:7c:1a:8d:cf:74:4f:cc:
33:e2:cc:58:d3:b0:17:c5:99:11:49:5e:9c:2f:81:db:5d:a1:
6a:12:cd:27:fd:a4:f2:f0:3c:70:91:ef:29:4e:56:c0:10:f8:
07:04:3e:69:83:d7:d5:31:21:62:b7:32:28:a5:0f:6c:1e:08:
Generated at Fri Jun 14 11:38:06 2024 by rpki-client on console-fra.rpki-client.org