Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FD8BE/C68EFF9EE5D611EE8B356739C4F9AE02/8F1B1C6000B511EF92A08411C4F9AE02.roa
File: 8F1B1C6000B511EF92A08411C4F9AE02.roa (raw, json)
Hash identifier: dBcZdgzULXVhNYZBBG6lfmbRK7MgZ7ylxSDKoh3iuaw=
Subject key identifier: C7:02:E6:BE:16:88:27:E7:EB:9D:33:E2:BC:0D:3C:C5:DB:74:56:CD
Certificate issuer: /CN=A91FD8BE/serialNumber=E3F18D412026F31BA443EA33F56706FFB2F0F162
Certificate serial: 18
Authority key identifier: E3:F1:8D:41:20:26:F3:1B:A4:43:EA:33:F5:67:06:FF:B2:F0:F1:62
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4_GNQSAm8xukQ-oz9WcG_7Lw8WI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FD8BE/C68EFF9EE5D611EE8B356739C4F9AE02/8F1B1C6000B511EF92A08411C4F9AE02.roa
Signing time: Mon 22 Apr 2024 14:35:26 +0000
ROA not before: Mon 22 Apr 2024 14:35:26 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 54702
IP address blocks: 103.67.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Apr 2024 16:39:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24 (0x18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FD8BE/serialNumber=E3F18D412026F31BA443EA33F56706FFB2F0F162
Validity
Not Before: Apr 22 14:35:26 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=662675ae-9882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e0:8a:0c:13:cd:b2:2a:69:2f:0e:9c:2a:11:
00:9a:8a:e3:0c:a8:fa:11:77:65:87:d4:00:11:dd:
36:70:95:e1:3d:79:38:eb:b2:19:7d:63:8d:45:62:
cd:f4:15:81:d3:44:2c:95:97:e8:28:96:6e:36:c3:
68:11:a4:be:c9:5f:b5:5b:01:e1:1e:90:ca:51:b2:
f1:36:a3:c4:8f:f2:67:a3:1a:75:25:63:72:99:9f:
c9:2d:86:d8:a9:29:a6:04:c8:c7:2b:0f:61:88:81:
b7:e0:61:b6:3d:f9:05:ff:91:2a:7c:b2:e3:c7:56:
a8:2e:05:59:71:e0:31:33:58:3f:cc:4c:90:d9:29:
ae:41:ce:8d:28:da:9c:3e:85:73:14:77:23:1b:9f:
f8:2a:d4:75:40:33:8d:e9:2a:6f:fc:ec:2c:3a:94:
22:0b:30:fd:1c:64:87:0d:6b:b3:a8:c4:03:2b:fa:
2c:44:14:21:51:0c:e9:32:94:4b:75:11:b2:ea:16:
1e:52:60:6a:42:5e:77:36:5b:01:f3:78:0f:b3:45:
a0:17:57:eb:94:59:a0:7b:be:d9:8b:16:64:48:81:
7e:14:90:a4:64:c2:dc:bb:28:67:b3:c2:fc:64:48:
f1:cc:4d:a2:98:51:c9:b1:ef:57:bc:2c:43:c2:00:
8b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:02:E6:BE:16:88:27:E7:EB:9D:33:E2:BC:0D:3C:C5:DB:74:56:CD
X509v3 Authority Key Identifier:
keyid:E3:F1:8D:41:20:26:F3:1B:A4:43:EA:33:F5:67:06:FF:B2:F0:F1:62
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FD8BE/C68EFF9EE5D611EE8B356739C4F9AE02/4_GNQSAm8xukQ-oz9WcG_7Lw8WI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4_GNQSAm8xukQ-oz9WcG_7Lw8WI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FD8BE/C68EFF9EE5D611EE8B356739C4F9AE02/8F1B1C6000B511EF92A08411C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.67.55.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:d2:90:ea:11:81:0d:cc:da:2b:1b:0a:f5:bf:13:3a:77:33:
fb:8c:17:9a:a7:5c:e1:37:ca:60:81:7f:55:e7:a7:d8:9d:f0:
4e:a7:2c:cb:07:72:1e:a1:4d:d9:98:3a:89:81:94:00:c8:0b:
fb:5d:5f:84:ab:6c:55:97:a1:1c:f6:75:5e:c4:ae:70:79:d1:
55:13:85:9c:3d:19:8c:39:ba:d3:b9:ef:7e:c9:ae:d1:e6:aa:
c5:79:ec:f0:5d:e6:2b:54:3d:49:f3:1c:be:95:a8:ec:bc:63:
3a:a9:47:71:fb:61:37:39:0a:c1:32:8e:ee:8a:25:40:6a:9e:
05:c6:9a:bf:2c:3f:32:43:17:e5:02:87:8c:66:a6:d3:53:0d:
a2:09:cc:21:8f:01:bc:b9:cd:02:46:fa:5e:68:4e:61:30:f7:
e0:30:25:47:0b:ed:e3:13:b9:45:93:4c:25:29:29:24:c0:19:
48:07:d0:31:aa:ea:8e:2d:36:8a:f8:70:ff:87:f2:53:9f:57:
d3:e6:cf:be:da:e7:43:db:11:0d:ee:43:91:b7:f1:97:e2:7c:
fa:6f:93:67:9e:f4:b2:64:bb:d9:e6:25:3a:74:46:ef:48:09:
55:45:40:bf:f9:46:3e:a3:8e:64:90:64:53:e9:76:27:58:12:
50:17:c6:ed
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBGDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
RDhCRTExMC8GA1UEBRMoRTNGMThENDEyMDI2RjMxQkE0NDNFQTMzRjU2NzA2RkZC
MkYwRjE2MjAeFw0yNDA0MjIxNDM1MjZaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MjY3NWFlLTk4ODIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDC4IoME82yKmkvDpwqEQCaiuMMqPoRd2WH1AAR3TZwleE9eTjrshl9Y41FYs30
FYHTRCyVl+golm42w2gRpL7JX7VbAeEekMpRsvE2o8SP8mejGnUlY3KZn8kthtip
KaYEyMcrD2GIgbfgYbY9+QX/kSp8suPHVqguBVlx4DEzWD/MTJDZKa5Bzo0o2pw+
hXMUdyMbn/gq1HVAM43pKm/87Cw6lCILMP0cZIcNa7OoxAMr+ixEFCFRDOkylEt1
EbLqFh5SYGpCXnc2WwHzeA+zRaAXV+uUWaB7vtmLFmRIgX4UkKRkwty7KGezwvxk
SPHMTaKYUcmx71e8LEPCAItrAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUxwLmvhaI
J+frnTPivA08xdt0Vs0wHwYDVR0jBBgwFoAU4/GNQSAm8xukQ+oz9WcG/7Lw8WIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZEOEJFL0M2OEVGRjlFRTVE
NjExRUU4QjM1NjczOUM0RjlBRTAyLzRfR05RU0FtOHh1a1Etb3o5V2NHXzdMdzhX
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNF9HTlFTQW04eHVrUS1vejlXY0dfN0x3OFdJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
RDhCRS9DNjhFRkY5RUU1RDYxMUVFOEIzNTY3MzlDNEY5QUUwMi84RjFCMUM2MDAw
QjUxMUVGOTJBMDg0MTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdDNzANBgkqhkiG9w0BAQsFAAOCAQEAHNKQ6hGBDczaKxsK
9b8TOncz+4wXmqdc4TfKYIF/Veen2J3wTqcsywdyHqFN2Zg6iYGUAMgL+11fhKts
VZehHPZ1XsSucHnRVROFnD0ZjDm607nvfsmu0eaqxXns8F3mK1Q9SfMcvpWo7Lxj
OqlHcfthNzkKwTKO7oolQGqeBcaavyw/MkMX5QKHjGam01MNognMIY8BvLnNAkb6
XmhOYTD34DAlRwvt4xO5RZNMJSkpJMAZSAfQMarqji02ivhw/4fyU59X0+bPvtrn
Q9sRDe5Dkbfxl+J8+m+TZ570smS72eYlOnRG70gJVUVAv/lGPqOOZJBkU+l2J1gS
UBfG7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org