Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/64D28A98F93111ECBD395279C4F9AE02.roa
File: 64D28A98F93111ECBD395279C4F9AE02.roa (raw, json)
Hash identifier: xoCzTN5lc9Um4S4DnHNEuqFAMlwJZdsuDqO0P2wHAK0=
Subject key identifier: A8:23:63:5A:29:BD:79:55:FE:DD:B1:87:32:56:3A:9D:EC:57:BB:0D
Certificate issuer: /CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E
Certificate serial: 05B4
Authority key identifier: 83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/64D28A98F93111ECBD395279C4F9AE02.roa
Signing time: Thu 26 Oct 2023 08:00:07 +0000
ROA not before: Thu 26 Oct 2023 08:00:07 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 58717
IP address blocks: 103.165.159.0/24 maxlen: 24
202.94.164.0/24 maxlen: 24
202.94.165.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Oct 2023 08:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1460 (0x5b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E
Validity
Not Before: Oct 26 08:00:07 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=653a1c87-3d91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:88:ed:b7:fd:2f:28:3b:d8:72:e4:fd:ab:76:
83:f6:70:49:4b:bd:fc:75:7e:87:86:b6:1c:d2:c3:
b7:17:26:91:5c:10:0f:21:93:15:68:b3:52:68:70:
d0:82:f1:c6:32:05:18:8d:af:3d:86:fa:b3:64:15:
4c:46:51:4d:f0:d4:dd:64:40:11:50:a7:9d:d0:f6:
2c:d2:db:be:4b:9f:f1:ac:07:5e:ce:e3:a6:75:02:
c1:4b:75:3d:74:9a:bc:67:51:8b:01:3f:99:02:c8:
95:e1:90:e8:dd:51:fa:07:d0:1d:df:bb:93:13:57:
de:01:1f:87:ea:02:8c:2f:a3:7c:e8:8b:07:a5:9b:
2a:5a:1f:1b:e4:6d:67:75:ec:bd:cf:cf:de:2a:e3:
27:6c:4d:4d:cf:c0:95:d0:93:7f:5e:2f:4f:34:f7:
49:4a:1b:e0:ea:26:ec:11:90:95:61:db:1b:28:ff:
39:54:f1:50:00:00:95:96:7c:0e:8b:f8:26:5b:62:
2c:70:fa:36:c2:f0:02:f7:3e:a7:37:d8:62:4a:2c:
56:7c:4d:d7:c3:5c:79:98:3d:b4:d9:94:ae:08:9b:
2c:c3:df:10:c6:36:7a:78:63:09:f3:fb:bc:8a:5c:
f8:70:14:54:76:75:8c:60:0e:44:f4:ee:39:48:ef:
7e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:23:63:5A:29:BD:79:55:FE:DD:B1:87:32:56:3A:9D:EC:57:BB:0D
X509v3 Authority Key Identifier:
keyid:83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/g9lvHepyqZ0jS0RW1vZnXcfmBh4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/64D28A98F93111ECBD395279C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.165.159.0/24
202.94.164.0/23
Signature Algorithm: sha256WithRSAEncryption
86:5e:50:42:1d:38:63:91:f4:b3:d7:97:a0:20:85:ef:b0:12:
51:65:fb:be:e2:a5:d5:be:38:27:db:5c:55:c9:ae:78:72:cb:
5a:d0:09:d4:38:20:41:09:85:81:9b:e4:b1:c3:7d:e5:ad:33:
f5:38:c4:39:47:31:96:32:5d:bf:f5:e7:10:fa:b6:65:27:a1:
37:69:c9:65:9c:5b:bc:bf:fe:b4:5c:13:40:81:a0:38:cc:d9:
91:ec:b5:78:1f:db:54:de:c5:bf:13:9d:a4:da:b8:02:12:44:
47:01:46:cd:ee:0a:58:62:74:83:e4:c5:43:6e:88:85:47:06:
39:69:db:28:f3:09:a1:0b:c0:0e:26:b7:75:d5:1f:67:61:fa:
7c:dd:29:61:50:98:2b:dc:60:e1:10:40:c0:77:9b:39:51:65:
5a:c0:84:c9:fe:b0:e6:ae:b2:8b:0b:f3:5d:6b:73:3b:34:f3:
9b:a2:0c:20:b3:b6:5d:dc:b8:a0:71:9d:e3:1e:a7:bb:e5:f2:
5e:3b:30:33:ae:69:86:23:01:16:69:5b:d7:b7:7a:4c:52:24:
33:c4:16:47:5a:dc:72:ac:c9:f6:d0:8e:cc:48:df:c5:2f:45:
cc:bc:94:44:d1:a7:37:ce:8c:04:7e:3e:57:25:a9:98:4c:6c:
90:fb:ff:20
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBbQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU2QjcxMTAvBgNVBAUTKDgzRDk2RjFERUE3MkE5OUQyMzRCNDQ1NkQ2RjY2NzVE
QzdFNjA2MUUwHhcNMjMxMDI2MDgwMDA3WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTNhMWM4Ny0zZDkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9ojtt/0vKDvYcuT9q3aD9nBJS738dX6HhrYc0sO3FyaRXBAPIZMVaLNSaHDQ
gvHGMgUYja89hvqzZBVMRlFN8NTdZEARUKed0PYs0tu+S5/xrAdezuOmdQLBS3U9
dJq8Z1GLAT+ZAsiV4ZDo3VH6B9Ad37uTE1feAR+H6gKML6N86IsHpZsqWh8b5G1n
dey9z8/eKuMnbE1Nz8CV0JN/Xi9PNPdJShvg6ibsEZCVYdsbKP85VPFQAACVlnwO
i/gmW2IscPo2wvAC9z6nN9hiSixWfE3Xw1x5mD202ZSuCJssw98QxjZ6eGMJ8/u8
ilz4cBRUdnWMYA5E9O45SO9+awIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKgjY1op
vXlV/t2xhzJWOp3sV7sNMB8GA1UdIwQYMBaAFIPZbx3qcqmdI0tEVtb2Z13H5gYe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTZCNy85NUVGN0RCQTk2
N0QxMUVCQURENTBEMkNDNEY5QUUwMi9nOWx2SGVweXFaMGpTMFJXMXZablhjZm1C
aDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2c5bHZIZXB5cVowalMwUlcxdlpuWGNmbUJoNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU2QjcvOTVFRjdEQkE5NjdEMTFFQkFERDUwRDJDQzRGOUFFMDIvNjREMjhBOThG
OTMxMTFFQ0JEMzk1Mjc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnpZ8DBAHKXqQwDQYJKoZIhvcNAQELBQADggEBAIZeUEId
OGOR9LPXl6Aghe+wElFl+77ipdW+OCfbXFXJrnhyy1rQCdQ4IEEJhYGb5LHDfeWt
M/U4xDlHMZYyXb/15xD6tmUnoTdpyWWcW7y//rRcE0CBoDjM2ZHstXgf21Texb8T
naTauAISREcBRs3uClhidIPkxUNuiIVHBjlp2yjzCaELwA4mt3XVH2dh+nzdKWFQ
mCvcYOEQQMB3mzlRZVrAhMn+sOausosL811rczs085uiDCCztl3cuKBxneMep7vl
8l47MDOuaYYjARZpW9e3ekxSJDPEFkda3HKsyfbQjsxI38UvRcy8lETRpzfOjAR+
PlclqZhMbJD7/yA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:21 2024 by rpki-client on console-ams.rpki-client.org