Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/DCEA7D2A319611EFB9AC5611C4F9AE02.roa
File: DCEA7D2A319611EFB9AC5611C4F9AE02.roa (raw, json)
Hash identifier: Xw4IyXV9qNQAl/iRbZMuPF0pMZnrVBWJVoOK6nUh3L0=
Subject key identifier: BA:6A:EE:9C:05:19:AA:79:BE:56:0F:1F:DA:70:EF:0A:4F:FB:36:CE
Certificate issuer: /CN=A91F9353/serialNumber=ACD047D0D88E2657E12CF91301C160F1D3CD2F33
Certificate serial: 80
Authority key identifier: AC:D0:47:D0:D8:8E:26:57:E1:2C:F9:13:01:C1:60:F1:D3:CD:2F:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rNBH0NiOJlfhLPkTAcFg8dPNLzM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/DCEA7D2A319611EFB9AC5611C4F9AE02.roa
Signing time: Tue 05 Nov 2024 19:01:58 +0000
ROA not before: Tue 05 Nov 2024 19:01:58 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 152698
IP address blocks: 103.14.23.0/24 maxlen: 24
2001:df3:ad40::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 23 Nov 2024 20:26:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128 (0x80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F9353
Validity
Not Before: Nov 5 19:01:58 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=672a6ba6-7b43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:31:82:7b:7c:b8:32:ca:63:2f:7c:8d:dd:8c:
f7:22:fe:09:14:3c:4a:ef:1a:7d:77:a5:6c:52:20:
58:fd:18:91:8b:9a:6b:50:e0:ed:10:7a:dd:01:3c:
bc:0f:4a:39:71:d2:1d:63:ab:03:3e:61:cb:b9:fd:
18:4e:c3:1a:92:92:b2:67:a0:a5:8c:67:5c:ea:22:
0b:9e:8a:83:e4:18:d5:66:27:04:c5:c2:b0:e2:61:
56:df:8f:20:cf:a8:51:87:2c:b5:ec:6d:c0:60:0c:
78:1a:b2:14:be:22:24:5a:8c:fd:67:aa:f5:f9:2c:
b1:c5:5b:d5:5b:b9:01:cc:fd:a1:83:2d:8e:d2:cf:
66:03:39:c0:51:59:c9:96:89:66:56:8b:75:6c:2a:
07:30:d0:32:7c:0d:ec:c4:59:12:1e:cb:96:03:95:
c1:ed:31:a6:b3:5a:a8:48:8c:8e:7a:f7:ca:2e:2d:
1a:b6:98:73:76:bc:93:00:fe:d0:b6:19:3a:d2:d9:
ae:76:04:9e:75:db:3c:a9:cd:40:88:ff:9e:0e:9a:
3b:44:0a:cd:ce:b3:6e:a7:bc:6f:e9:05:b1:84:fd:
7f:27:61:8e:57:4c:47:26:24:54:37:26:ed:59:0d:
e1:0d:9d:36:52:1c:bf:67:58:1d:34:56:e7:df:d4:
0e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:6A:EE:9C:05:19:AA:79:BE:56:0F:1F:DA:70:EF:0A:4F:FB:36:CE
X509v3 Authority Key Identifier:
keyid:AC:D0:47:D0:D8:8E:26:57:E1:2C:F9:13:01:C1:60:F1:D3:CD:2F:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/rNBH0NiOJlfhLPkTAcFg8dPNLzM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rNBH0NiOJlfhLPkTAcFg8dPNLzM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/DCEA7D2A319611EFB9AC5611C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.14.23.0/24
IPv6:
2001:df3:ad40::/48
Signature Algorithm: sha256WithRSAEncryption
45:8c:f1:b7:6c:7a:1f:44:ae:79:8d:c8:c9:9a:ba:a3:b5:89:
cc:6f:75:67:3b:06:55:91:43:a0:e9:96:dd:ca:a3:10:d3:40:
1e:a5:74:09:86:4e:51:d0:83:7d:84:2d:20:91:01:9d:23:7d:
ba:68:84:e6:f8:e4:49:9c:b1:34:ac:83:3d:1c:3b:c6:6d:75:
2f:89:d4:07:bd:78:74:eb:b4:5d:4d:bd:f0:c0:25:39:67:1e:
e7:f2:18:38:cd:88:37:f8:33:78:8a:80:f1:5b:18:1f:76:94:
67:03:d7:6e:d4:ea:a8:b4:c1:fb:9a:21:55:35:34:02:18:f1:
35:cc:3c:b5:7f:a2:69:a9:cf:7c:fd:8f:61:37:d9:ef:d2:2e:
a9:fd:cb:86:66:12:70:71:27:a4:c0:b9:9c:56:51:7a:2a:b1:
ae:66:90:b5:30:2e:80:ae:bc:23:00:42:eb:7c:63:d8:06:90:
72:7e:29:67:2f:50:f6:60:dc:c4:8c:ef:4c:f3:61:b4:39:a3:
0f:1d:60:63:38:4d:7a:18:1f:7e:d8:53:03:84:1b:b6:3f:2b:
12:34:a5:41:06:3f:30:1e:02:d1:41:c7:34:d3:5b:ce:5b:fe:
4a:4f:15:9b:f1:41:41:ad:1c:53:02:7c:43:e7:a4:c4:da:ec:
be:55:d3:7f
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAIAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjkzNTMxMTAvBgNVBAUTKEFDRDA0N0QwRDg4RTI2NTdFMTJDRjkxMzAxQzE2MEYx
RDNDRDJGMzMwHhcNMjQxMTA1MTkwMTU4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJhNmJhNi03YjQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3DGCe3y4MspjL3yN3Yz3Iv4JFDxK7xp9d6VsUiBY/RiRi5prUODtEHrdATy8
D0o5cdIdY6sDPmHLuf0YTsMakpKyZ6CljGdc6iILnoqD5BjVZicExcKw4mFW348g
z6hRhyy17G3AYAx4GrIUviIkWoz9Z6r1+SyxxVvVW7kBzP2hgy2O0s9mAznAUVnJ
lolmVot1bCoHMNAyfA3sxFkSHsuWA5XB7TGms1qoSIyOevfKLi0atphzdryTAP7Q
thk60tmudgSedds8qc1AiP+eDpo7RArNzrNup7xv6QWxhP1/J2GOV0xHJiRUNybt
WQ3hDZ02Uhy/Z1gdNFbn39QOwwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFLpq7pwF
Gap5vlYPH9pw7wpP+zbOMB8GA1UdIwQYMBaAFKzQR9DYjiZX4Sz5EwHBYPHTzS8z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTM1My8wODc1RTY0ODA1
QzYxMUVGODk2MjBBMjZDNEY5QUUwMi9yTkJIME5pT0psZmhMUGtUQWNGZzhkUE5M
ek0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JOQkgwTmlPSmxmaExQa1RBY0ZnOGRQTkx6TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjkzNTMvMDg3NUU2NDgwNUM2MTFFRjg5NjIwQTI2QzRGOUFFMDIvRENFQTdEMkEz
MTk2MTFFRkI5QUM1NjExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnDhcwDwQCAAIwCQMHACABDfOtQDANBgkqhkiG9w0BAQsF
AAOCAQEARYzxt2x6H0SueY3IyZq6o7WJzG91ZzsGVZFDoOmW3cqjENNAHqV0CYZO
UdCDfYQtIJEBnSN9umiE5vjkSZyxNKyDPRw7xm11L4nUB714dOu0XU298MAlOWce
5/IYOM2IN/gzeIqA8VsYH3aUZwPXbtTqqLTB+5ohVTU0AhjxNcw8tX+iaanPfP2P
YTfZ79Iuqf3LhmYScHEnpMC5nFZReiqxrmaQtTAugK68IwBC63xj2AaQcn4pZy9Q
9mDcxIzvTPNhtDmjDx1gYzhNehgffthTA4Qbtj8rEjSlQQY/MB4C0UHHNNNbzlv+
Sk8Vm/FBQa0cUwJ8Q+ekxNrsvlXTfw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:52:10 2025 by rpki-client