Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FD90A/17E2CF50B5C511EBB54E0146C4F9AE02/17C6DEEEC32D11EEBEC88C60C4F9AE02.roa
File: 17C6DEEEC32D11EEBEC88C60C4F9AE02.roa (raw, json)
Hash identifier: RmhW4PrNS5A9xl9J8e8RK3+1qoqrvk7zndbEFisr7ck=
Subject key identifier: BE:DA:31:6F:EB:CE:C0:52:EE:4F:80:CA:E3:31:41:5A:65:8B:65:26
Certificate issuer: /CN=A91FD90A/serialNumber=4B9A63881A8556021054E94BDC32274EC7B7DDF2
Certificate serial: 04EE
Authority key identifier: 4B:9A:63:88:1A:85:56:02:10:54:E9:4B:DC:32:27:4E:C7:B7:DD:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S5pjiBqFVgIQVOlL3DInTse33fI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FD90A/17E2CF50B5C511EBB54E0146C4F9AE02/17C6DEEEC32D11EEBEC88C60C4F9AE02.roa
Signing time: Sun 04 Feb 2024 07:14:53 +0000
ROA not before: Sun 04 Feb 2024 07:14:53 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 132480
IP address blocks: 103.145.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Mar 2024 14:31:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1262 (0x4ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FD90A/serialNumber=4B9A63881A8556021054E94BDC32274EC7B7DDF2
Validity
Not Before: Feb 4 07:14:53 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65bf396d-7988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:da:11:07:43:24:71:25:65:3e:ba:dd:60:90:
bb:2a:68:af:94:39:f0:6b:a0:67:f6:5b:84:2a:bf:
c4:04:84:10:3d:4e:d5:d3:77:ac:9d:94:e1:11:40:
f0:dd:74:d7:bd:52:91:4b:a2:b6:14:74:6d:df:04:
bb:bb:b6:e1:f3:a6:8d:81:2c:92:8a:d4:39:40:c1:
09:b1:44:a2:bc:5f:78:a0:9a:0c:43:f7:6c:6d:83:
60:42:be:22:d3:bc:b0:e4:31:b5:41:4e:47:57:e1:
a7:d8:77:c7:b2:52:45:63:af:65:ef:7c:a0:d9:7b:
a2:df:f0:f5:a3:be:dc:60:6f:bc:c7:59:47:75:9e:
7a:2a:6a:f8:30:4c:9c:a2:00:eb:2e:99:75:99:71:
43:4f:c8:73:28:8a:41:49:13:49:2d:5e:21:cd:78:
7e:38:3d:20:ac:70:e4:96:67:42:27:6f:a4:76:c2:
bc:1f:a3:b3:96:92:2f:fe:ac:3f:7a:dc:85:c8:f3:
fe:2d:af:55:70:7f:5f:11:5f:28:41:87:d0:5f:76:
a8:5f:ee:bf:e9:5c:ab:a3:8d:9f:ae:17:fc:21:28:
64:d2:8f:d4:0c:fb:ff:96:41:98:0f:27:f5:49:18:
5c:7f:09:f5:0d:8d:dc:03:ad:dd:cc:fa:f4:c8:f0:
db:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:DA:31:6F:EB:CE:C0:52:EE:4F:80:CA:E3:31:41:5A:65:8B:65:26
X509v3 Authority Key Identifier:
keyid:4B:9A:63:88:1A:85:56:02:10:54:E9:4B:DC:32:27:4E:C7:B7:DD:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FD90A/17E2CF50B5C511EBB54E0146C4F9AE02/S5pjiBqFVgIQVOlL3DInTse33fI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S5pjiBqFVgIQVOlL3DInTse33fI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FD90A/17E2CF50B5C511EBB54E0146C4F9AE02/17C6DEEEC32D11EEBEC88C60C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.145.185.0/24
Signature Algorithm: sha256WithRSAEncryption
db:c6:2d:a3:11:a5:be:f4:b2:b5:75:4c:cd:ff:f9:1d:2f:84:
05:47:29:9d:fa:81:11:10:01:31:cc:d3:5c:07:d5:0b:6d:fc:
b1:d7:16:23:e0:88:5b:05:75:d6:55:0d:01:a8:fe:d7:d0:ef:
b4:3c:d3:01:65:89:f1:bf:c5:f5:b9:85:8c:e4:64:56:e6:30:
d7:0b:84:10:f4:b4:c3:55:9f:91:f1:82:31:f8:09:f6:77:57:
3d:50:44:20:5b:d5:68:12:9a:7d:cc:45:5b:ce:1c:b6:d7:80:
ea:ce:49:c1:c6:1c:ce:27:54:f4:a0:fb:86:ef:54:09:34:97:
e9:0f:36:8c:49:44:4e:f9:0d:89:9d:01:5f:c6:ed:12:0a:56:
8e:23:a7:5f:51:e0:25:17:8b:17:ca:6b:54:87:2d:36:48:17:
d4:84:4d:c9:37:38:2c:d7:fa:1f:ea:fe:86:c3:33:0b:6b:5c:
dc:b6:10:d9:cc:25:59:43:87:42:ef:3a:de:5a:40:51:8a:e2:
12:13:70:09:a3:07:5c:70:30:fe:16:d0:ba:77:8a:0d:9a:a2:
d2:25:bd:32:1e:9b:81:ea:14:c5:f2:80:a8:22:4a:7a:f8:39:
77:9d:48:33:45:00:23:11:f0:ea:00:be:94:13:a5:7c:c1:82:
a2:a1:b4:cf
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBO4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkQ5MEExMTAvBgNVBAUTKDRCOUE2Mzg4MUE4NTU2MDIxMDU0RTk0QkRDMzIyNzRF
QzdCN0RERjIwHhcNMjQwMjA0MDcxNDUzWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWJmMzk2ZC03OTg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAodoRB0MkcSVlPrrdYJC7KmivlDnwa6Bn9luEKr/EBIQQPU7V03esnZThEUDw
3XTXvVKRS6K2FHRt3wS7u7bh86aNgSySitQ5QMEJsUSivF94oJoMQ/dsbYNgQr4i
07yw5DG1QU5HV+Gn2HfHslJFY69l73yg2Xui3/D1o77cYG+8x1lHdZ56Kmr4MEyc
ogDrLpl1mXFDT8hzKIpBSRNJLV4hzXh+OD0grHDklmdCJ2+kdsK8H6OzlpIv/qw/
etyFyPP+La9VcH9fEV8oQYfQX3aoX+6/6Vyro42frhf8IShk0o/UDPv/lkGYDyf1
SRhcfwn1DY3cA63dzPr0yPDbSwIDAQABo4IClTCCApEwHQYDVR0OBBYEFL7aMW/r
zsBS7k+AyuMxQVpli2UmMB8GA1UdIwQYMBaAFEuaY4gahVYCEFTpS9wyJ07Ht93y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRDkwQS8xN0UyQ0Y1MEI1
QzUxMUVCQjU0RTAxNDZDNEY5QUUwMi9TNXBqaUJxRlZnSVFWT2xMM0RJblRzZTMz
ZkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1M1cGppQnFGVmdJUVZPbEwzREluVHNlMzNmSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkQ5MEEvMTdFMkNGNTBCNUM1MTFFQkI1NEUwMTQ2QzRGOUFFMDIvMTdDNkRFRUVD
MzJEMTFFRUJFQzg4QzYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnkbkwDQYJKoZIhvcNAQELBQADggEBANvGLaMRpb70srV1
TM3/+R0vhAVHKZ36gREQATHM01wH1Qtt/LHXFiPgiFsFddZVDQGo/tfQ77Q80wFl
ifG/xfW5hYzkZFbmMNcLhBD0tMNVn5HxgjH4CfZ3Vz1QRCBb1WgSmn3MRVvOHLbX
gOrOScHGHM4nVPSg+4bvVAk0l+kPNoxJRE75DYmdAV/G7RIKVo4jp19R4CUXixfK
a1SHLTZIF9SETck3OCzX+h/q/obDMwtrXNy2ENnMJVlDh0LvOt5aQFGK4hITcAmj
B1xwMP4W0Lp3ig2aotIlvTIem4HqFMXygKgiSnr4OXedSDNFACMR8OoAvpQTpXzB
gqKhtM8=
-----END CERTIFICATE-----
Generated at Wed Mar 6 19:35:15 2024 by rpki-client on console-fra.rpki-client.org