Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/64B4B4E888A311EEBE7FDE53C4F9AE02.roa
File: 64B4B4E888A311EEBE7FDE53C4F9AE02.roa (raw, json)
Hash identifier: F8CJDt1re+7VpJhzEoRAAOtskQxNbIbNO3YLaa1aQjU=
Subject key identifier: AB:60:E1:70:CA:D2:58:AA:9A:23:71:6D:8D:11:24:E2:6C:D2:DF:33
Certificate issuer: /CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E
Certificate serial: 05D0
Authority key identifier: 83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/64B4B4E888A311EEBE7FDE53C4F9AE02.roa
Signing time: Fri 24 Nov 2023 14:51:13 +0000
ROA not before: Fri 24 Nov 2023 14:51:13 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 58717
IP address blocks: 103.165.159.0/24 maxlen: 24
202.94.164.0/23 maxlen: 23
202.94.164.0/24 maxlen: 24
202.94.165.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 20:11:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1488 (0x5d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E
Validity
Not Before: Nov 24 14:51:13 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6560b860-69ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d3:f1:21:b4:eb:32:38:45:62:37:d4:b5:02:
87:d7:be:51:b0:5a:21:b9:b8:a1:cb:2a:33:59:01:
7d:bb:5e:4e:3e:f4:f6:d3:27:2e:5b:b6:df:48:74:
93:f4:e8:8e:46:c1:2b:17:83:4e:c4:36:06:51:b6:
79:e0:8f:eb:94:2c:42:ae:44:ce:2e:f3:32:70:1e:
a7:1f:28:c0:d6:67:2d:7a:07:02:74:fe:3a:a5:26:
30:e0:78:ff:81:da:08:de:ad:68:5f:9e:c0:b7:56:
95:3f:c6:29:1f:62:9e:79:08:6d:ef:8b:39:7e:40:
f0:5c:c6:d3:5a:5a:2e:f9:2d:5b:fb:88:af:16:52:
e6:7a:01:da:df:7a:39:e6:48:c3:7e:f5:f1:60:65:
16:f0:a3:ad:a6:11:bc:4c:5c:d6:32:60:8f:6c:74:
65:e7:a6:13:24:36:6d:e2:9c:f8:e1:64:98:e1:f6:
4f:6d:0b:f3:da:4e:aa:fc:0f:b5:b1:c1:4f:a9:d3:
80:6b:52:8e:84:8b:b3:96:a5:0d:9a:f7:98:13:83:
d7:4a:95:ec:6f:c4:e9:51:dd:f1:3d:4d:5c:4e:47:
e4:d0:26:f3:64:c1:9f:56:67:0e:47:79:b9:1a:e8:
7e:aa:f1:a6:9f:80:c1:e3:0d:34:40:e5:8e:f0:c6:
ae:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:60:E1:70:CA:D2:58:AA:9A:23:71:6D:8D:11:24:E2:6C:D2:DF:33
X509v3 Authority Key Identifier:
keyid:83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/g9lvHepyqZ0jS0RW1vZnXcfmBh4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/64B4B4E888A311EEBE7FDE53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.165.159.0/24
202.94.164.0/23
Signature Algorithm: sha256WithRSAEncryption
41:b0:f4:8a:51:ca:13:7c:b5:3e:76:1a:1f:28:3c:a0:d6:1e:
dd:1a:08:10:e6:ab:ae:fc:92:a0:a1:77:44:fb:26:5b:25:a0:
0a:57:06:fe:b5:40:70:d2:ef:2e:4a:60:f5:86:39:4f:9b:0a:
bf:a8:cb:7d:76:dc:e3:98:5b:2c:53:3f:d7:39:5a:64:d3:b9:
3e:00:0b:f7:b8:13:dd:65:ed:38:23:8f:67:c6:eb:c6:c0:b9:
97:ec:5d:dc:63:a2:91:bc:88:dd:af:05:0e:f6:e7:b7:84:13:
d1:5e:38:30:2a:fd:34:4e:f7:27:14:30:bd:14:67:ec:52:5b:
85:45:61:9b:27:f4:60:45:b0:17:f1:80:83:7a:48:f0:c7:fe:
7d:63:96:5c:60:1a:ae:ef:3c:d8:ba:e9:ed:d0:2f:a0:51:ee:
50:44:38:cb:be:86:ed:95:a2:fe:a7:b6:ae:f2:58:71:82:ae:
12:65:a8:ec:ac:58:e0:78:6c:aa:1f:ca:dd:c7:76:dc:37:45:
a7:d9:41:21:14:42:cd:ad:72:86:1d:fc:b2:e1:02:e9:57:38:
2d:8f:11:8f:e1:2f:eb:83:d3:77:21:98:46:64:dd:c6:39:04:
5f:d0:23:9d:a4:11:59:a4:47:53:6f:c8:44:7f:bb:5f:a3:0d:
b5:4e:f0:04
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBdAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU2QjcxMTAvBgNVBAUTKDgzRDk2RjFERUE3MkE5OUQyMzRCNDQ1NkQ2RjY2NzVE
QzdFNjA2MUUwHhcNMjMxMTI0MTQ1MTEzWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTYwYjg2MC02OWFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuNPxIbTrMjhFYjfUtQKH175RsFohubihyyozWQF9u15OPvT20ycuW7bfSHST
9OiORsErF4NOxDYGUbZ54I/rlCxCrkTOLvMycB6nHyjA1mctegcCdP46pSYw4Hj/
gdoI3q1oX57At1aVP8YpH2KeeQht74s5fkDwXMbTWlou+S1b+4ivFlLmegHa33o5
5kjDfvXxYGUW8KOtphG8TFzWMmCPbHRl56YTJDZt4pz44WSY4fZPbQvz2k6q/A+1
scFPqdOAa1KOhIuzlqUNmveYE4PXSpXsb8TpUd3xPU1cTkfk0CbzZMGfVmcOR3m5
Guh+qvGmn4DB4w00QOWO8MauFQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKtg4XDK
0liqmiNxbY0RJOJs0t8zMB8GA1UdIwQYMBaAFIPZbx3qcqmdI0tEVtb2Z13H5gYe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTZCNy85NUVGN0RCQTk2
N0QxMUVCQURENTBEMkNDNEY5QUUwMi9nOWx2SGVweXFaMGpTMFJXMXZablhjZm1C
aDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2c5bHZIZXB5cVowalMwUlcxdlpuWGNmbUJoNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU2QjcvOTVFRjdEQkE5NjdEMTFFQkFERDUwRDJDQzRGOUFFMDIvNjRCNEI0RTg4
OEEzMTFFRUJFN0ZERTUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnpZ8DBAHKXqQwDQYJKoZIhvcNAQELBQADggEBAEGw9IpR
yhN8tT52Gh8oPKDWHt0aCBDmq678kqChd0T7JlsloApXBv61QHDS7y5KYPWGOU+b
Cr+oy3123OOYWyxTP9c5WmTTuT4AC/e4E91l7Tgjj2fG68bAuZfsXdxjopG8iN2v
BQ7257eEE9FeODAq/TRO9ycUML0UZ+xSW4VFYZsn9GBFsBfxgIN6SPDH/n1jllxg
Gq7vPNi66e3QL6BR7lBEOMu+hu2Vov6ntq7yWHGCrhJlqOysWOB4bKofyt3Hdtw3
RafZQSEUQs2tcoYd/LLhAulXOC2PEY/hL+uD03chmEZk3cY5BF/QI52kEVmkR1Nv
yER/u1+jDbVO8AQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org