Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/CE626E4673D911EE8B69022FC4F9AE02.roa
File: CE626E4673D911EE8B69022FC4F9AE02.roa (raw, json)
Hash identifier: rUid3WbgWb7Pvz6vJbLKyqAOiSqSN3cmIMckdzvUsU8=
Subject key identifier: 9B:61:7D:48:49:D7:66:3A:44:23:52:4C:89:61:EF:54:AC:BF:A3:27
Certificate issuer: /CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E
Certificate serial: 05B9
Authority key identifier: 83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/CE626E4673D911EE8B69022FC4F9AE02.roa
Signing time: Thu 26 Oct 2023 09:15:51 +0000
ROA not before: Thu 26 Oct 2023 09:15:51 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 58717
IP address blocks: 103.165.159.0/24 maxlen: 24
202.94.164.0/24 maxlen: 24
202.94.165.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Nov 2023 19:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1465 (0x5b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E
Validity
Not Before: Oct 26 09:15:51 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=653a2e47-f31c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:7e:8c:1a:38:50:1e:00:da:45:72:d1:55:8a:
38:6d:9c:df:f4:f7:92:22:5c:bf:7d:0a:1f:89:7b:
4d:95:1e:27:f3:c4:c9:91:16:02:7e:a0:05:ae:40:
62:4d:ad:63:7a:e3:9d:16:d5:1a:d5:01:d8:e9:8f:
00:a2:33:49:17:9c:1a:03:99:f5:b5:66:01:07:45:
fe:9e:18:af:38:43:ef:f9:b9:3d:10:e5:9e:e5:90:
ea:44:04:32:f2:4e:b3:3c:b4:0f:6d:f5:66:e5:3e:
94:7b:71:64:cf:05:34:5e:68:49:35:4e:8e:8d:97:
34:8a:02:58:37:0e:ca:7e:27:50:b6:8c:aa:ab:99:
04:aa:16:38:11:e2:8c:7d:02:c7:30:7a:f1:b1:05:
bc:9f:fa:a3:28:81:6b:45:fd:f1:69:5c:cf:0f:93:
bd:aa:0e:27:20:d3:a2:12:87:d6:7a:7f:08:b9:6a:
d5:02:c2:d2:ae:19:da:59:8f:c3:ee:eb:c5:e6:bd:
e0:3e:51:e1:39:e8:e4:9c:48:ce:57:86:cf:b4:c8:
dd:fb:ef:07:05:c4:ae:ec:37:91:3b:f2:ba:fe:06:
5f:e6:ed:7d:4a:70:76:d8:8b:b4:9e:ec:58:ff:dd:
76:83:39:ff:19:76:6b:90:46:ad:aa:8f:be:88:9b:
1f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:61:7D:48:49:D7:66:3A:44:23:52:4C:89:61:EF:54:AC:BF:A3:27
X509v3 Authority Key Identifier:
keyid:83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/g9lvHepyqZ0jS0RW1vZnXcfmBh4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/CE626E4673D911EE8B69022FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.165.159.0/24
202.94.164.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:f2:50:09:87:be:07:96:6c:4b:27:7a:7d:b7:38:65:50:92:
b9:7a:8a:0d:bf:01:dc:a0:85:61:d4:54:75:2d:d6:19:81:83:
17:85:f4:99:df:00:af:da:a1:ed:69:02:9e:f7:0b:06:4b:b3:
d4:13:ea:32:3a:1e:65:44:50:2c:44:21:68:4a:ec:6e:e8:d1:
89:33:94:7d:76:52:e9:15:43:8b:9d:09:da:45:6d:06:19:b7:
c2:36:48:73:3c:de:8c:b0:9d:a9:1b:34:74:c4:a4:1b:77:94:
fd:7e:e1:e4:12:55:40:e0:4c:e2:49:06:31:49:93:32:7d:0b:
62:8c:94:5a:45:d3:03:8b:74:c9:8a:4b:fc:3b:cd:74:c8:f4:
07:38:07:66:bd:a8:74:3c:b5:eb:a7:4f:c3:67:42:a5:dc:e5:
58:6a:38:73:a7:3c:63:e3:f0:22:67:1b:bd:db:d2:04:e2:d2:
64:bf:cc:ae:17:c6:cf:2d:78:2b:5d:16:22:ae:fa:e0:cd:b1:
61:f5:b1:35:c3:3a:95:02:20:33:4f:77:42:bc:4f:da:a1:b6:
e8:87:ab:6c:d3:79:05:82:44:a7:ec:e0:fe:82:d5:23:cd:4e:
28:39:5b:dd:9d:8e:1c:95:65:f5:ea:e7:28:44:6a:93:09:ed:
8c:35:e3:36
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBbkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU2QjcxMTAvBgNVBAUTKDgzRDk2RjFERUE3MkE5OUQyMzRCNDQ1NkQ2RjY2NzVE
QzdFNjA2MUUwHhcNMjMxMDI2MDkxNTUxWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTNhMmU0Ny1mMzFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2H6MGjhQHgDaRXLRVYo4bZzf9PeSIly/fQofiXtNlR4n88TJkRYCfqAFrkBi
Ta1jeuOdFtUa1QHY6Y8AojNJF5waA5n1tWYBB0X+nhivOEPv+bk9EOWe5ZDqRAQy
8k6zPLQPbfVm5T6Ue3FkzwU0XmhJNU6OjZc0igJYNw7KfidQtoyqq5kEqhY4EeKM
fQLHMHrxsQW8n/qjKIFrRf3xaVzPD5O9qg4nINOiEofWen8IuWrVAsLSrhnaWY/D
7uvF5r3gPlHhOejknEjOV4bPtMjd++8HBcSu7DeRO/K6/gZf5u19SnB22Iu0nuxY
/912gzn/GXZrkEatqo++iJsftwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJthfUhJ
12Y6RCNSTIlh71Ssv6MnMB8GA1UdIwQYMBaAFIPZbx3qcqmdI0tEVtb2Z13H5gYe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTZCNy85NUVGN0RCQTk2
N0QxMUVCQURENTBEMkNDNEY5QUUwMi9nOWx2SGVweXFaMGpTMFJXMXZablhjZm1C
aDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2c5bHZIZXB5cVowalMwUlcxdlpuWGNmbUJoNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU2QjcvOTVFRjdEQkE5NjdEMTFFQkFERDUwRDJDQzRGOUFFMDIvQ0U2MjZFNDY3
M0Q5MTFFRThCNjkwMjJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnpZ8DBAHKXqQwDQYJKoZIhvcNAQELBQADggEBALjyUAmH
vgeWbEsnen23OGVQkrl6ig2/AdyghWHUVHUt1hmBgxeF9JnfAK/aoe1pAp73CwZL
s9QT6jI6HmVEUCxEIWhK7G7o0YkzlH12UukVQ4udCdpFbQYZt8I2SHM83oywnakb
NHTEpBt3lP1+4eQSVUDgTOJJBjFJkzJ9C2KMlFpF0wOLdMmKS/w7zXTI9Ac4B2a9
qHQ8teunT8NnQqXc5VhqOHOnPGPj8CJnG73b0gTi0mS/zK4Xxs8teCtdFiKu+uDN
sWH1sTXDOpUCIDNPd0K8T9qhtuiHq2zTeQWCRKfs4P6C1SPNTig5W92djhyVZfXq
5yhEapMJ7Yw14zY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:21 2024 by rpki-client on console-ams.rpki-client.org