Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91463ED/B76E06601D7A11EEAD9F8E0CC4F9AE02/28063C5E1D7F11EE8F906D13C4F9AE02.roa
File: 28063C5E1D7F11EE8F906D13C4F9AE02.roa (raw, json)
Hash identifier: 4ZZBx7WuQI/0DYy8jam8Wn5kVWxYLav6EGFu9fdlQ+8=
Subject key identifier: F0:8C:74:A4:D6:34:E9:6E:E3:72:C2:62:3B:97:85:3C:11:E7:B2:53
Certificate issuer: /CN=A91463ED/serialNumber=CFB6F62897E74B0D07EF9600BA77093905CB875B
Certificate serial: 02
Authority key identifier: CF:B6:F6:28:97:E7:4B:0D:07:EF:96:00:BA:77:09:39:05:CB:87:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z7b2KJfnSw0H75YAuncJOQXLh1s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91463ED/B76E06601D7A11EEAD9F8E0CC4F9AE02/28063C5E1D7F11EE8F906D13C4F9AE02.roa
Signing time: Sat 08 Jul 2023 11:04:06 +0000
ROA not before: Sat 08 Jul 2023 11:04:06 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 151484
IP address blocks: 103.230.244.0/24 maxlen: 24
103.230.245.0/24 maxlen: 24
2001:df2:a340::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 12 Dec 2023 09:57:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91463ED/serialNumber=CFB6F62897E74B0D07EF9600BA77093905CB875B
Validity
Not Before: Jul 8 11:04:06 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64a942a6-6fa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:7c:34:4a:cd:fa:7e:9a:2c:f7:8b:3a:6c:39:
a9:6a:54:fc:ba:af:da:d5:0b:56:66:6f:5a:93:73:
4b:a4:9a:ff:ea:a8:12:36:d2:d2:7a:bf:0a:d2:2e:
67:be:83:53:61:d8:47:19:f7:20:ed:d9:2c:9f:c2:
d8:23:76:2b:4b:70:9d:d4:4c:b7:7b:2b:eb:d3:46:
41:36:5c:c7:19:e3:9a:22:7c:b4:9d:e7:37:25:77:
20:cd:82:80:dd:f8:37:41:18:97:f3:a5:01:5f:e4:
74:17:a7:ab:4b:98:55:47:23:f6:a8:4e:d1:2d:4e:
3f:ec:ed:0d:22:24:bd:e1:23:c9:35:c8:a0:40:11:
18:37:c9:cd:31:4b:86:83:c3:94:44:4b:86:e7:aa:
ce:97:f8:96:bb:8a:61:84:f5:32:4d:67:ee:eb:4c:
54:43:5c:47:84:db:4d:f9:2c:6f:39:aa:70:52:aa:
8e:7b:f7:a4:1f:e5:b8:2c:6d:3e:bc:aa:21:42:4f:
0a:16:05:e2:20:85:e9:9e:df:8c:26:ae:de:ff:c4:
2d:bb:76:09:29:f2:29:49:5e:df:fb:a2:e5:50:96:
2f:de:93:97:93:29:5e:57:24:5a:c9:99:8f:74:0e:
ce:12:fd:0d:98:7d:32:ba:76:fb:46:1f:07:f7:d3:
05:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:8C:74:A4:D6:34:E9:6E:E3:72:C2:62:3B:97:85:3C:11:E7:B2:53
X509v3 Authority Key Identifier:
keyid:CF:B6:F6:28:97:E7:4B:0D:07:EF:96:00:BA:77:09:39:05:CB:87:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91463ED/B76E06601D7A11EEAD9F8E0CC4F9AE02/z7b2KJfnSw0H75YAuncJOQXLh1s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z7b2KJfnSw0H75YAuncJOQXLh1s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91463ED/B76E06601D7A11EEAD9F8E0CC4F9AE02/28063C5E1D7F11EE8F906D13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.230.244.0/23
IPv6:
2001:df2:a340::/48
Signature Algorithm: sha256WithRSAEncryption
12:48:1c:e5:65:ea:c4:09:54:26:f5:0a:0e:3c:da:73:87:1f:
4d:fa:ae:be:36:83:28:ef:2a:87:e1:ea:2b:86:b2:c0:25:f1:
bc:02:1a:e7:13:c8:a9:b9:d9:0b:9d:e5:85:52:d2:1a:cd:f3:
b0:25:45:fb:7a:43:f3:21:44:e2:cf:af:a3:45:35:18:26:d3:
04:bc:73:4b:2e:b5:1a:dd:5c:ee:1e:24:68:c4:61:8f:01:75:
be:7a:3f:e5:96:d8:fb:3a:21:f6:4c:78:8c:6a:20:4b:f5:2a:
42:f1:bc:8d:5f:a0:7e:8c:b6:41:1b:df:a1:6c:6e:bf:dc:4e:
4f:a8:1c:10:3e:6a:c3:c0:97:1f:f9:c6:87:76:22:20:ed:73:
21:b7:ed:45:b0:de:2e:80:be:60:df:c7:eb:bd:51:3b:99:fc:
4d:3e:01:f9:f8:67:95:95:4e:84:39:21:19:91:f9:0f:fd:6e:
d1:8a:da:e0:a2:4a:e0:c7:67:51:14:38:37:e9:0e:c1:f4:97:
25:8d:77:6f:14:4d:1f:cc:b3:f9:65:b0:25:a8:2e:87:a7:ae:
c3:10:be:d7:e2:1d:15:0b:69:9e:b7:ad:a2:a5:51:8d:70:af:
aa:26:81:f0:8e:8c:09:d6:79:05:3a:39:a3:28:f9:3a:a7:2e:
6d:c1:e0:48
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
NjNFRDExMC8GA1UEBRMoQ0ZCNkY2Mjg5N0U3NEIwRDA3RUY5NjAwQkE3NzA5Mzkw
NUNCODc1QjAeFw0yMzA3MDgxMTA0MDZaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0YTk0MmE2LTZmYTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBfDRKzfp+miz3izpsOalqVPy6r9rVC1Zmb1qTc0ukmv/qqBI20tJ6vwrSLme+
g1Nh2EcZ9yDt2SyfwtgjditLcJ3UTLd7K+vTRkE2XMcZ45oifLSd5zcldyDNgoDd
+DdBGJfzpQFf5HQXp6tLmFVHI/aoTtEtTj/s7Q0iJL3hI8k1yKBAERg3yc0xS4aD
w5RES4bnqs6X+Ja7imGE9TJNZ+7rTFRDXEeE2035LG85qnBSqo5796Qf5bgsbT68
qiFCTwoWBeIgheme34wmrt7/xC27dgkp8ilJXt/7ouVQli/ek5eTKV5XJFrJmY90
Ds4S/Q2YfTK6dvtGHwf30wXpAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU8Ix0pNY0
6W7jcsJiO5eFPBHnslMwHwYDVR0jBBgwFoAUz7b2KJfnSw0H75YAuncJOQXLh1sw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ2M0VEL0I3NkUwNjYwMUQ3
QTExRUVBRDlGOEUwQ0M0RjlBRTAyL3o3YjJLSmZuU3cwSDc1WUF1bmNKT1FYTGgx
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvejdiMktKZm5TdzBINzVZQXVuY0pPUVhMaDFzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
NjNFRC9CNzZFMDY2MDFEN0ExMUVFQUQ5RjhFMENDNEY5QUUwMi8yODA2M0M1RTFE
N0YxMUVFOEY5MDZEMTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWfm9DAPBAIAAjAJAwcAIAEN8qNAMA0GCSqGSIb3DQEBCwUA
A4IBAQASSBzlZerECVQm9QoOPNpzhx9N+q6+NoMo7yqH4eorhrLAJfG8AhrnE8ip
udkLneWFUtIazfOwJUX7ekPzIUTiz6+jRTUYJtMEvHNLLrUa3VzuHiRoxGGPAXW+
ej/lltj7OiH2THiMaiBL9SpC8byNX6B+jLZBG9+hbG6/3E5PqBwQPmrDwJcf+caH
diIg7XMht+1FsN4ugL5g38frvVE7mfxNPgH5+GeVlU6EOSEZkfkP/W7Ritrgokrg
x2dRFDg36Q7B9JcljXdvFE0fzLP5ZbAlqC6Hp67DEL7X4h0VC2met62ipVGNcK+q
JoHwjowJ1nkFOjmjKPk6py5tweBI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:57 2024 by rpki-client on console-ams.rpki-client.org