Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FD8BE/C68EFF9EE5D611EE8B356739C4F9AE02/8E1A8F4400B511EF92A08411C4F9AE02.roa
File: 8E1A8F4400B511EF92A08411C4F9AE02.roa (raw, json)
Hash identifier: ac4AZ/k2/1j6BgxzCSOd6CPsD8RVZnw6EIM/E+QX/E8=
Subject key identifier: DB:C1:DD:C7:40:58:4B:EE:6E:38:17:59:6E:35:7C:30:13:E4:CE:D1
Certificate issuer: /CN=A91FD8BE/serialNumber=E3F18D412026F31BA443EA33F56706FFB2F0F162
Certificate serial: 17
Authority key identifier: E3:F1:8D:41:20:26:F3:1B:A4:43:EA:33:F5:67:06:FF:B2:F0:F1:62
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4_GNQSAm8xukQ-oz9WcG_7Lw8WI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FD8BE/C68EFF9EE5D611EE8B356739C4F9AE02/8E1A8F4400B511EF92A08411C4F9AE02.roa
Signing time: Mon 22 Apr 2024 14:35:25 +0000
ROA not before: Mon 22 Apr 2024 14:35:25 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 174
IP address blocks: 103.67.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Apr 2024 16:39:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23 (0x17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FD8BE/serialNumber=E3F18D412026F31BA443EA33F56706FFB2F0F162
Validity
Not Before: Apr 22 14:35:25 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=662675ac-eb6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3a:e2:74:75:c5:50:13:ad:2d:2d:8f:de:db:
d1:c0:83:c8:1d:39:9f:2a:d5:8b:be:68:bd:5c:c0:
c8:33:1d:18:ab:fd:29:39:22:9d:e2:88:97:4a:5e:
8a:2a:11:de:b3:75:67:2a:67:a1:6c:e9:81:cf:b4:
e8:59:af:31:a6:88:9d:22:22:df:be:39:7d:8a:b7:
5a:9d:85:a4:57:79:cc:d1:83:d2:7a:f7:73:d4:c7:
31:9b:f8:27:34:d6:fb:68:ff:71:f4:67:64:0a:77:
9c:93:70:78:47:a8:61:21:2a:23:e9:29:b1:c9:d3:
77:33:33:47:ac:70:5c:05:2c:53:06:73:d3:1d:3c:
d1:e8:20:0c:ec:45:68:91:af:bd:71:3d:d8:76:a1:
7f:46:56:03:5f:8e:01:fd:71:b2:eb:c0:0f:bc:e8:
12:ad:79:2b:8b:16:1a:ee:69:28:99:de:60:a0:2d:
18:d6:7a:29:fc:d6:e8:18:3a:23:6b:44:3a:30:60:
1b:ec:c1:b6:e0:fd:2d:71:fa:e2:de:82:73:89:9e:
ec:cd:f6:5d:bf:a7:7e:e5:85:b7:5d:fc:28:c3:8f:
b7:9d:1c:a1:59:1a:28:8f:00:6d:d3:dc:e7:4b:17:
aa:fc:b1:ac:a1:5f:86:49:dd:94:65:47:71:38:15:
5b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C1:DD:C7:40:58:4B:EE:6E:38:17:59:6E:35:7C:30:13:E4:CE:D1
X509v3 Authority Key Identifier:
keyid:E3:F1:8D:41:20:26:F3:1B:A4:43:EA:33:F5:67:06:FF:B2:F0:F1:62
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FD8BE/C68EFF9EE5D611EE8B356739C4F9AE02/4_GNQSAm8xukQ-oz9WcG_7Lw8WI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4_GNQSAm8xukQ-oz9WcG_7Lw8WI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FD8BE/C68EFF9EE5D611EE8B356739C4F9AE02/8E1A8F4400B511EF92A08411C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.67.55.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:b0:3e:ed:80:96:a1:57:63:68:fa:ed:e6:45:c6:df:be:7b:
9d:de:4d:56:e8:aa:24:5b:7c:59:28:f6:3f:ae:bc:de:99:e3:
24:0b:30:57:4f:f5:20:51:30:fc:c0:87:79:0a:8b:00:2f:f8:
cc:f7:d9:30:cb:00:a0:36:77:9e:f7:b0:78:7f:b8:bf:f9:ee:
de:85:22:f0:7d:28:67:58:06:31:c7:29:3d:0b:b7:ff:06:3a:
d9:1e:86:95:f2:fa:0f:1a:b6:61:6a:cf:55:3f:fc:71:65:2d:
b0:90:b3:c4:0e:d2:84:48:79:f9:ed:a0:47:ff:40:15:b8:05:
61:ff:1d:dd:77:06:8a:6a:ab:35:85:f1:4d:ff:8d:d5:86:c6:
d7:e3:46:a8:f0:ab:23:f0:5a:3a:12:5f:d7:74:1a:94:cb:f3:
16:29:3c:fb:d6:0b:c5:2b:9c:e8:b1:78:a9:0c:bc:d8:5a:30:
ab:ba:be:bc:e1:5d:81:a3:26:62:85:97:d3:f5:4d:5f:6f:7a:
32:cc:74:d3:4a:38:70:c8:c5:23:6e:69:16:63:e6:16:ee:83:
fd:38:84:04:f7:1d:a6:5d:08:67:02:af:c5:fe:f1:ee:22:f9:
36:ce:e2:ea:e9:71:51:8d:fa:96:c5:3c:c6:67:da:5c:ec:7a:
46:cb:a8:fc
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBFzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
RDhCRTExMC8GA1UEBRMoRTNGMThENDEyMDI2RjMxQkE0NDNFQTMzRjU2NzA2RkZC
MkYwRjE2MjAeFw0yNDA0MjIxNDM1MjVaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MjY3NWFjLWViNmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCbOuJ0dcVQE60tLY/e29HAg8gdOZ8q1Yu+aL1cwMgzHRir/Sk5Ip3iiJdKXooq
Ed6zdWcqZ6Fs6YHPtOhZrzGmiJ0iIt++OX2Kt1qdhaRXeczRg9J693PUxzGb+Cc0
1vto/3H0Z2QKd5yTcHhHqGEhKiPpKbHJ03czM0escFwFLFMGc9MdPNHoIAzsRWiR
r71xPdh2oX9GVgNfjgH9cbLrwA+86BKteSuLFhruaSiZ3mCgLRjWein81ugYOiNr
RDowYBvswbbg/S1x+uLegnOJnuzN9l2/p37lhbdd/CjDj7edHKFZGiiPAG3T3OdL
F6r8sayhX4ZJ3ZRlR3E4FVtFAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU28Hdx0BY
S+5uOBdZbjV8MBPkztEwHwYDVR0jBBgwFoAU4/GNQSAm8xukQ+oz9WcG/7Lw8WIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZEOEJFL0M2OEVGRjlFRTVE
NjExRUU4QjM1NjczOUM0RjlBRTAyLzRfR05RU0FtOHh1a1Etb3o5V2NHXzdMdzhX
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNF9HTlFTQW04eHVrUS1vejlXY0dfN0x3OFdJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
RDhCRS9DNjhFRkY5RUU1RDYxMUVFOEIzNTY3MzlDNEY5QUUwMi84RTFBOEY0NDAw
QjUxMUVGOTJBMDg0MTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdDNzANBgkqhkiG9w0BAQsFAAOCAQEAorA+7YCWoVdjaPrt
5kXG3757nd5NVuiqJFt8WSj2P6683pnjJAswV0/1IFEw/MCHeQqLAC/4zPfZMMsA
oDZ3nveweH+4v/nu3oUi8H0oZ1gGMccpPQu3/wY62R6GlfL6Dxq2YWrPVT/8cWUt
sJCzxA7ShEh5+e2gR/9AFbgFYf8d3XcGimqrNYXxTf+N1YbG1+NGqPCrI/BaOhJf
13QalMvzFik8+9YLxSuc6LF4qQy82Fowq7q+vOFdgaMmYoWX0/VNX296Msx000o4
cMjFI25pFmPmFu6D/TiEBPcdpl0IZwKvxf7x7iL5Ns7i6ulxUY36lsU8xmfaXOx6
Rsuo/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org