Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/DA9C53D4798311EE8AFE5780C4F9AE02.roa
File: DA9C53D4798311EE8AFE5780C4F9AE02.roa (raw, json)
Hash identifier: cEVODHN3AovivCNVgtYXlMvVdIY15U7MlW51nbsAFlc=
Subject key identifier: C1:74:6D:94:8B:29:57:12:84:7A:33:0B:78:8E:E5:BA:1A:B7:C0:C4
Certificate issuer: /CN=A917C1DC/serialNumber=A8D576D4AFBB64045BB0295641B99427D7F878F2
Certificate serial: 05FE
Authority key identifier: A8:D5:76:D4:AF:BB:64:04:5B:B0:29:56:41:B9:94:27:D7:F8:78:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qNV21K-7ZARbsClWQbmUJ9f4ePI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/DA9C53D4798311EE8AFE5780C4F9AE02.roa
Signing time: Thu 02 Nov 2023 13:29:31 +0000
ROA not before: Thu 02 Nov 2023 13:29:31 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.110.106.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1534 (0x5fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C1DC/serialNumber=A8D576D4AFBB64045BB0295641B99427D7F878F2
Validity
Not Before: Nov 2 13:29:31 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=6543a43b-1ade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d0:90:35:13:60:96:ce:4b:b3:63:cb:de:07:
d3:78:21:17:9f:0a:76:a1:49:fe:e3:ae:05:64:6a:
00:be:1a:cc:57:06:f3:0f:48:05:4d:fb:46:0f:77:
6f:dd:57:d4:5c:66:0e:00:ee:13:19:82:e1:21:ef:
ce:6e:fe:d2:ce:3b:27:86:36:ec:0b:a6:e9:1f:fc:
5b:b7:f8:e7:47:ed:29:4a:ba:3e:09:27:0a:a6:6f:
d8:c8:11:f2:6e:69:d8:05:ee:90:aa:ec:9d:eb:18:
df:47:7b:a0:dc:f8:22:4f:9f:14:3b:44:b0:c0:24:
c0:97:8c:88:3f:c5:7c:e6:b2:5c:8b:7c:d3:c6:ca:
8c:84:3b:af:0e:6c:e7:46:c2:a2:2b:c3:f0:69:85:
a7:75:7a:e5:ce:64:2c:f3:25:11:f8:ce:72:64:63:
bc:62:65:ad:bd:ed:40:03:a0:67:e6:22:d0:eb:3b:
7e:0b:2c:13:6a:89:9a:29:29:8c:5f:b2:0a:98:c4:
12:fb:5e:4d:14:13:7c:d4:33:96:b6:f9:16:79:2c:
56:b8:c7:e2:31:b6:10:26:b1:49:f0:9b:64:b5:5f:
f0:b1:6a:c4:31:cc:b8:57:8e:4f:99:e8:91:22:60:
83:21:ab:c2:76:47:56:b3:02:63:c9:7f:36:60:ca:
d3:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:74:6D:94:8B:29:57:12:84:7A:33:0B:78:8E:E5:BA:1A:B7:C0:C4
X509v3 Authority Key Identifier:
keyid:A8:D5:76:D4:AF:BB:64:04:5B:B0:29:56:41:B9:94:27:D7:F8:78:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/qNV21K-7ZARbsClWQbmUJ9f4ePI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qNV21K-7ZARbsClWQbmUJ9f4ePI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/DA9C53D4798311EE8AFE5780C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.110.106.0/24
Signature Algorithm: sha256WithRSAEncryption
63:52:31:9d:b0:f3:6f:4e:b8:3c:e6:3b:db:5e:dc:3e:4d:0d:
50:f2:b9:40:a6:98:c5:85:69:3a:33:d2:0c:cc:61:59:3b:98:
e9:73:6c:b4:07:9e:d9:90:97:3b:79:32:31:4a:03:32:99:1d:
96:5a:51:ae:20:a9:fe:60:eb:ce:56:c7:68:e9:06:ba:cd:60:
16:6b:a3:d6:05:4d:80:eb:61:e1:37:7a:e9:1f:83:0a:e9:f4:
bc:15:dc:21:66:7a:21:f4:85:fe:e9:86:09:3b:b1:c8:e9:30:
24:b5:79:36:c9:53:61:69:c7:ea:f9:64:20:5e:79:59:b8:bb:
70:46:7b:d7:81:35:03:00:06:f3:0b:c2:a0:59:2c:eb:54:b2:
c1:39:57:8b:b7:d5:a7:ff:5d:13:d4:4b:06:fb:d3:18:f2:d7:
c9:ae:7b:75:54:18:00:08:e2:9e:a1:65:cf:af:a0:ed:13:7d:
98:1c:f3:10:a6:0c:3d:68:fd:eb:55:c6:3b:e9:1d:51:2d:52:
35:6e:be:ec:77:f7:e7:1d:ba:76:15:af:1c:4d:aa:32:c1:48:
5b:06:37:cc:f2:ab:70:ab:9e:e8:69:1e:57:c5:99:e6:d2:3f:
e4:6b:8c:4f:48:ee:bf:60:3d:a8:8e:58:ca:91:46:42:1e:73:
6b:e1:c4:75
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBf4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0MxREMxMTAvBgNVBAUTKEE4RDU3NkQ0QUZCQjY0MDQ1QkIwMjk1NjQxQjk5NDI3
RDdGODc4RjIwHhcNMjMxMTAyMTMyOTMxWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQzYTQzYi0xYWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqtCQNRNgls5Ls2PL3gfTeCEXnwp2oUn+464FZGoAvhrMVwbzD0gFTftGD3dv
3VfUXGYOAO4TGYLhIe/Obv7SzjsnhjbsC6bpH/xbt/jnR+0pSro+CScKpm/YyBHy
bmnYBe6Qquyd6xjfR3ug3PgiT58UO0SwwCTAl4yIP8V85rJci3zTxsqMhDuvDmzn
RsKiK8PwaYWndXrlzmQs8yUR+M5yZGO8YmWtve1AA6Bn5iLQ6zt+CywTaomaKSmM
X7IKmMQS+15NFBN81DOWtvkWeSxWuMfiMbYQJrFJ8JtktV/wsWrEMcy4V45PmeiR
ImCDIavCdkdWswJjyX82YMrTkwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMF0bZSL
KVcShHozC3iO5boat8DEMB8GA1UdIwQYMBaAFKjVdtSvu2QEW7ApVkG5lCfX+Hjy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzFEQy9CMkQxREUyMDU5
NEYxMUVCODhGN0E3M0VDNEY5QUUwMi9xTlYyMUstN1pBUmJzQ2xXUWJtVUo5ZjRl
UEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FOVjIxSy03WkFSYnNDbFdRYm1VSjlmNGVQSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0MxREMvQjJEMURFMjA1OTRGMTFFQjg4RjdBNzNFQzRGOUFFMDIvREE5QzUzRDQ3
OTgzMTFFRThBRkU1NzgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnbmowDQYJKoZIhvcNAQELBQADggEBAGNSMZ2w829OuDzm
O9te3D5NDVDyuUCmmMWFaToz0gzMYVk7mOlzbLQHntmQlzt5MjFKAzKZHZZaUa4g
qf5g685Wx2jpBrrNYBZro9YFTYDrYeE3eukfgwrp9LwV3CFmeiH0hf7phgk7scjp
MCS1eTbJU2Fpx+r5ZCBeeVm4u3BGe9eBNQMABvMLwqBZLOtUssE5V4u31af/XRPU
Swb70xjy18mue3VUGAAI4p6hZc+voO0TfZgc8xCmDD1o/etVxjvpHVEtUjVuvux3
9+cdunYVrxxNqjLBSFsGN8zyq3CrnuhpHlfFmebSP+RrjE9I7r9gPaiOWMqRRkIe
c2vhxHU=
-----END CERTIFICATE-----
Generated at Thu Nov 2 15:29:40 2023 by rpki-client on console-ams.rpki-client.org