Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911710E/C93E178A01B511EE89F6EB78C4F9AE02/28DD45D8023F11EEB716134FC4F9AE02.roa
File: 28DD45D8023F11EEB716134FC4F9AE02.roa (raw, json)
Hash identifier: WZ6oPXEwJ/9M7J3SL41GSOpHnr0q6dsFAEcJoqEVyI0=
Subject key identifier: 30:05:22:D4:81:51:6B:CC:17:4A:C1:4B:19:43:88:AF:A2:2A:0C:2D
Certificate issuer: /CN=A911710E/serialNumber=CD1841B6C5BEF7C4782E67F663F3C19746199383
Certificate serial: 22
Authority key identifier: CD:18:41:B6:C5:BE:F7:C4:78:2E:67:F6:63:F3:C1:97:46:19:93:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zRhBtsW-98R4Lmf2Y_PBl0YZk4M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911710E/C93E178A01B511EE89F6EB78C4F9AE02/28DD45D8023F11EEB716134FC4F9AE02.roa
Signing time: Mon 24 Jul 2023 06:39:39 +0000
ROA not before: Mon 24 Jul 2023 06:39:39 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 7720
IP address blocks: 103.213.4.0/23 maxlen: 24
2401:5a0:1000::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Jul 2023 17:43:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34 (0x22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911710E/serialNumber=CD1841B6C5BEF7C4782E67F663F3C19746199383
Validity
Not Before: Jul 24 06:39:39 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64be1cab-d188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e1:c8:fa:11:c9:31:20:6b:42:8a:92:48:fc:
e0:46:39:38:24:a9:2c:11:e7:68:ed:f2:af:1c:a7:
1e:64:59:d9:91:1c:93:04:79:8a:7c:de:db:bd:35:
85:72:2d:b6:30:38:0e:fc:2f:cb:82:98:a4:8e:8d:
bf:d9:46:8f:db:10:93:fc:6a:c8:e8:9c:3c:58:04:
78:2f:82:46:94:f4:ff:10:ce:30:5d:1c:af:51:dd:
3a:c0:55:72:17:00:00:03:63:45:ea:e5:df:c4:05:
3c:3c:c2:4c:89:9c:37:15:b2:88:d5:cf:65:02:c6:
9e:93:4e:81:97:1e:70:d3:c5:b2:1b:8a:bb:ae:bc:
8c:44:c4:a4:ff:b1:90:19:d9:19:a4:2d:b3:c3:1b:
b5:46:1c:12:8c:7e:7d:d6:e2:d4:36:e2:2d:fb:51:
31:89:ed:43:73:6d:85:f4:dc:68:36:a4:f3:56:f9:
d4:46:5f:31:17:02:33:1a:67:9e:05:55:9a:c1:47:
78:19:2e:e9:80:91:b1:29:2d:16:4a:a9:07:eb:a3:
f1:de:c9:25:4f:b0:83:d6:e9:b8:be:f8:82:60:6c:
33:bf:f0:c1:95:ae:ea:75:84:c6:5a:9b:70:f3:50:
ee:0e:54:17:b4:d9:e8:61:32:ba:c0:ee:46:62:69:
c6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:05:22:D4:81:51:6B:CC:17:4A:C1:4B:19:43:88:AF:A2:2A:0C:2D
X509v3 Authority Key Identifier:
keyid:CD:18:41:B6:C5:BE:F7:C4:78:2E:67:F6:63:F3:C1:97:46:19:93:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911710E/C93E178A01B511EE89F6EB78C4F9AE02/zRhBtsW-98R4Lmf2Y_PBl0YZk4M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zRhBtsW-98R4Lmf2Y_PBl0YZk4M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911710E/C93E178A01B511EE89F6EB78C4F9AE02/28DD45D8023F11EEB716134FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.213.4.0/23
IPv6:
2401:5a0:1000::/44
Signature Algorithm: sha256WithRSAEncryption
dc:0d:69:5e:94:2e:6d:f9:80:e4:93:cc:ac:95:ba:32:1f:ce:
ed:35:bd:d0:c3:63:7f:3c:58:ac:f8:17:b2:2d:72:8f:62:87:
ce:61:32:38:3b:64:ff:83:70:3e:9e:63:40:79:64:e2:ce:e8:
b3:d0:a0:aa:c4:a0:f4:72:fb:3e:35:fd:08:ce:20:bc:b6:7d:
87:94:6e:ab:5c:02:fc:32:a7:70:f8:6e:9b:be:28:c1:ee:b9:
7e:9a:d7:e6:39:b9:bf:f9:30:bc:38:16:71:67:fa:c7:b7:79:
db:e6:25:c7:e6:63:18:76:77:4c:f0:ae:d8:51:53:d1:9e:d4:
7a:6a:2c:25:1b:ba:34:08:08:4d:b3:5a:d3:31:79:f1:37:f6:
f2:78:1b:06:6a:b2:7d:8b:1c:e9:9f:16:91:be:b9:f7:b6:c6:
26:42:55:c7:6d:b6:39:2e:71:1a:81:e4:04:41:2b:9e:5b:a3:
e2:fb:84:8c:67:b4:fd:23:a6:d3:fe:90:de:f7:c0:f1:1b:00:
7f:24:9f:e2:46:71:16:42:08:ee:39:2a:a2:f6:f6:e5:95:fa:
61:bd:6e:fb:bc:42:ef:3f:15:8b:a5:ca:2f:55:6a:2e:b1:52:
54:3c:dd:41:cc:8d:6c:7d:54:7f:45:36:5a:c7:44:17:75:9a:
5d:31:c6:43
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
NzEwRTExMC8GA1UEBRMoQ0QxODQxQjZDNUJFRjdDNDc4MkU2N0Y2NjNGM0MxOTc0
NjE5OTM4MzAeFw0yMzA3MjQwNjM5MzlaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0YmUxY2FiLWQxODgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDC4cj6EckxIGtCipJI/OBGOTgkqSwR52jt8q8cpx5kWdmRHJMEeYp83tu9NYVy
LbYwOA78L8uCmKSOjb/ZRo/bEJP8asjonDxYBHgvgkaU9P8QzjBdHK9R3TrAVXIX
AAADY0Xq5d/EBTw8wkyJnDcVsojVz2UCxp6TToGXHnDTxbIbiruuvIxExKT/sZAZ
2RmkLbPDG7VGHBKMfn3W4tQ24i37UTGJ7UNzbYX03Gg2pPNW+dRGXzEXAjMaZ54F
VZrBR3gZLumAkbEpLRZKqQfro/HeySVPsIPW6bi++IJgbDO/8MGVrup1hMZam3Dz
UO4OVBe02ehhMrrA7kZiacZFAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUMAUi1IFR
a8wXSsFLGUOIr6IqDC0wHwYDVR0jBBgwFoAUzRhBtsW+98R4Lmf2Y/PBl0YZk4Mw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE3MTBFL0M5M0UxNzhBMDFC
NTExRUU4OUY2RUI3OEM0RjlBRTAyL3pSaEJ0c1ctOThSNExtZjJZX1BCbDBZWms0
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvelJoQnRzVy05OFI0TG1mMllfUEJsMFlaazRNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
NzEwRS9DOTNFMTc4QTAxQjUxMUVFODlGNkVCNzhDNEY5QUUwMi8yOERENDVEODAy
M0YxMUVFQjcxNjEzNEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWfVBDAPBAIAAjAJAwcEJAEFoBAAMA0GCSqGSIb3DQEBCwUA
A4IBAQDcDWlelC5t+YDkk8yslboyH87tNb3Qw2N/PFis+BeyLXKPYofOYTI4O2T/
g3A+nmNAeWTizuiz0KCqxKD0cvs+Nf0IziC8tn2HlG6rXAL8Mqdw+G6bvijB7rl+
mtfmObm/+TC8OBZxZ/rHt3nb5iXH5mMYdndM8K7YUVPRntR6aiwlG7o0CAhNs1rT
MXnxN/byeBsGarJ9ixzpnxaRvrn3tsYmQlXHbbY5LnEageQEQSueW6Pi+4SMZ7T9
I6bT/pDe98DxGwB/JJ/iRnEWQgjuOSqi9vbllfphvW77vELvPxWLpcovVWousVJU
PN1BzI1sfVR/RTZax0QXdZpdMcZD
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org