Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912AF79/D0F86D72FE0411ED905E216BC4F9AE02/D3E96E52FE0C11EDB075D46BC4F9AE02.roa
File: D3E96E52FE0C11EDB075D46BC4F9AE02.roa (raw, json)
Hash identifier: y42biYrWmFFHuWUte9s80xKE1gTEB+ke+mdM+sFz6ew=
Subject key identifier: EF:79:8E:6C:FE:15:A2:EC:AC:C8:72:50:3C:0A:37:84:C1:80:87:48
Certificate issuer: /CN=A912AF79/serialNumber=6BD8C0A11500B3CA0FEC4A9FD340C3120595B0C7
Certificate serial: 02
Authority key identifier: 6B:D8:C0:A1:15:00:B3:CA:0F:EC:4A:9F:D3:40:C3:12:05:95:B0:C7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a9jAoRUAs8oP7Eqf00DDEgWVsMc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912AF79/D0F86D72FE0411ED905E216BC4F9AE02/D3E96E52FE0C11EDB075D46BC4F9AE02.roa
Signing time: Mon 29 May 2023 10:37:37 +0000
ROA not before: Mon 29 May 2023 10:37:37 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 151329
IP address blocks: 103.170.98.0/23 maxlen: 23
2001:df2:7440::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 06 Jun 2023 20:18:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912AF79/serialNumber=6BD8C0A11500B3CA0FEC4A9FD340C3120595B0C7
Validity
Not Before: May 29 10:37:37 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64748071-c50a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e1:e0:96:11:8f:ac:7d:8c:ea:98:a3:1f:52:
2b:3f:45:12:62:a7:7c:9b:d9:36:98:8b:e4:32:57:
15:76:f3:32:c1:df:b4:e2:75:62:35:b0:e5:14:5f:
8c:9f:c2:0b:71:2d:09:d3:e7:74:50:1c:55:71:0c:
33:9b:73:a3:43:24:ba:e4:34:ec:41:34:17:af:50:
8e:57:0c:bd:82:28:df:e0:ff:32:ce:28:b1:1f:ce:
86:2c:e7:50:f4:a5:18:82:9d:8d:9d:78:bb:45:c0:
7d:02:b6:9c:96:5f:a4:bb:be:46:ac:fb:db:75:01:
64:4f:17:f4:3d:3b:14:32:72:3e:d3:eb:24:c0:17:
71:11:18:07:0e:a0:4e:7b:8b:0c:8c:9e:4e:b9:9b:
2c:db:d2:86:85:c2:e1:39:c1:af:29:b0:93:a2:04:
59:8f:81:4b:f7:05:06:33:3d:3f:2f:11:db:04:2a:
f9:14:00:9c:d5:e8:45:37:d4:a1:a9:c8:4c:d3:c5:
42:0c:45:85:34:44:db:44:79:7c:5d:97:e3:29:7e:
79:47:13:0d:e7:bb:f9:53:7a:cc:05:0e:17:7f:e3:
92:7f:fd:f2:47:66:9b:ee:74:00:40:d0:ea:34:60:
9e:8c:47:70:d4:0a:19:7e:a2:2a:29:07:11:cd:46:
0e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:79:8E:6C:FE:15:A2:EC:AC:C8:72:50:3C:0A:37:84:C1:80:87:48
X509v3 Authority Key Identifier:
keyid:6B:D8:C0:A1:15:00:B3:CA:0F:EC:4A:9F:D3:40:C3:12:05:95:B0:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912AF79/D0F86D72FE0411ED905E216BC4F9AE02/a9jAoRUAs8oP7Eqf00DDEgWVsMc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a9jAoRUAs8oP7Eqf00DDEgWVsMc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912AF79/D0F86D72FE0411ED905E216BC4F9AE02/D3E96E52FE0C11EDB075D46BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.170.98.0/23
IPv6:
2001:df2:7440::/48
Signature Algorithm: sha256WithRSAEncryption
2b:fe:07:ee:d2:1f:13:04:49:22:98:24:05:aa:a9:42:de:71:
5a:57:c2:e1:15:08:79:34:0e:c1:b4:9b:c7:0f:f5:0c:f6:1b:
48:95:7e:91:df:fb:55:3c:1b:24:56:58:4e:92:6e:42:2c:52:
02:6e:82:33:3a:f7:e4:79:01:67:93:fa:99:0b:28:df:c6:a6:
e9:21:a7:ac:d1:85:08:ba:21:85:7e:70:46:b2:26:cc:fc:76:
db:a8:c8:7f:70:54:da:9b:81:a7:e9:fc:ef:95:5c:17:ab:26:
49:a8:a4:a5:8a:40:d9:a6:d5:1e:bf:a2:f8:ae:45:88:c4:ea:
4a:35:7a:d6:e9:81:45:73:9d:1b:29:b8:21:b4:90:59:c8:6e:
c1:40:80:f9:87:79:57:41:e0:bd:27:08:83:1a:7c:f6:7b:68:
5d:14:00:ba:fc:33:4e:41:91:01:d5:ea:de:84:f3:69:1a:71:
d5:4d:5f:2c:51:0b:24:38:9b:46:e9:c8:5a:4d:87:04:6d:34:
5d:ea:c5:17:e9:3f:37:d5:8a:1d:be:80:7f:c7:e0:b4:36:99:
a3:7b:7a:d8:d5:00:c7:c6:6c:27:b5:f1:c6:f4:39:6b:3c:27:
64:a9:ff:18:c4:a7:28:38:3c:e7:82:a1:8d:df:ef:0f:e0:1d:
de:33:6d:fa
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
QUY3OTExMC8GA1UEBRMoNkJEOEMwQTExNTAwQjNDQTBGRUM0QTlGRDM0MEMzMTIw
NTk1QjBDNzAeFw0yMzA1MjkxMDM3MzdaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NzQ4MDcxLWM1MGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDE4eCWEY+sfYzqmKMfUis/RRJip3yb2TaYi+QyVxV28zLB37TidWI1sOUUX4yf
wgtxLQnT53RQHFVxDDObc6NDJLrkNOxBNBevUI5XDL2CKN/g/zLOKLEfzoYs51D0
pRiCnY2deLtFwH0CtpyWX6S7vkas+9t1AWRPF/Q9OxQycj7T6yTAF3ERGAcOoE57
iwyMnk65myzb0oaFwuE5wa8psJOiBFmPgUv3BQYzPT8vEdsEKvkUAJzV6EU31KGp
yEzTxUIMRYU0RNtEeXxdl+MpfnlHEw3nu/lTeswFDhd/45J//fJHZpvudABA0Oo0
YJ6MR3DUChl+oiopBxHNRg6fAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU73mObP4V
ouysyHJQPAo3hMGAh0gwHwYDVR0jBBgwFoAUa9jAoRUAs8oP7Eqf00DDEgWVsMcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJBRjc5L0QwRjg2RDcyRkUw
NDExRUQ5MDVFMjE2QkM0RjlBRTAyL2E5akFvUlVBczhvUDdFcWYwMERERWdXVnNN
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYTlqQW9SVUFzOG9QN0VxZjAwRERFZ1dWc01jLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
QUY3OS9EMEY4NkQ3MkZFMDQxMUVEOTA1RTIxNkJDNEY5QUUwMi9EM0U5NkU1MkZF
MEMxMUVEQjA3NUQ0NkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWeqYjAPBAIAAjAJAwcAIAEN8nRAMA0GCSqGSIb3DQEBCwUA
A4IBAQAr/gfu0h8TBEkimCQFqqlC3nFaV8LhFQh5NA7BtJvHD/UM9htIlX6R3/tV
PBskVlhOkm5CLFICboIzOvfkeQFnk/qZCyjfxqbpIaes0YUIuiGFfnBGsibM/Hbb
qMh/cFTam4Gn6fzvlVwXqyZJqKSlikDZptUev6L4rkWIxOpKNXrW6YFFc50bKbgh
tJBZyG7BQID5h3lXQeC9JwiDGnz2e2hdFAC6/DNOQZEB1erehPNpGnHVTV8sUQsk
OJtG6chaTYcEbTRd6sUX6T831YodvoB/x+C0Npmje3rY1QDHxmwntfHG9DlrPCdk
qf8YxKcoODzngqGN3+8P4B3eM236
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org