Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917F0FA/206DFC5034E711EEB0C83616C4F9AE02/8733FAE834E711EE903FDF16C4F9AE02.roa
File: 8733FAE834E711EE903FDF16C4F9AE02.roa (raw, json)
Hash identifier: /wMPPY+3WSt9B5V1EbYUlu0zaPIB3pRXkDCUeyMnaIk=
Subject key identifier: 70:97:01:93:E8:AB:CF:7B:B2:91:B2:EE:95:A2:88:57:FE:6D:0A:15
Certificate issuer: /CN=A917F0FA/serialNumber=50A580F1BD125F0AEDC591FFC8DCDA9C66E12C9F
Certificate serial: 02
Authority key identifier: 50:A5:80:F1:BD:12:5F:0A:ED:C5:91:FF:C8:DC:DA:9C:66:E1:2C:9F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UKWA8b0SXwrtxZH_yNzanGbhLJ8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917F0FA/206DFC5034E711EEB0C83616C4F9AE02/8733FAE834E711EE903FDF16C4F9AE02.roa
Signing time: Mon 07 Aug 2023 05:59:11 +0000
ROA not before: Mon 07 Aug 2023 05:59:11 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 151648
IP address blocks: 103.248.222.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Aug 2024 18:58:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917F0FA/serialNumber=50A580F1BD125F0AEDC591FFC8DCDA9C66E12C9F
Validity
Not Before: Aug 7 05:59:11 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64d0882e-3190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a9:b1:ea:0e:32:b2:72:2e:fd:75:4a:07:82:
5d:64:e7:a1:4f:f1:4e:2f:91:27:a6:6f:11:a8:f7:
41:fb:d2:9b:d3:99:8a:e7:7e:04:ae:b9:00:d9:f6:
d3:e2:04:07:26:30:48:34:a1:b5:cf:83:6f:00:68:
7b:6e:ed:51:b0:da:3e:78:6f:c3:1b:ae:aa:90:8e:
64:e0:18:18:5b:74:2e:2e:27:72:d6:58:fb:57:fe:
62:73:03:bb:35:9f:02:48:b9:86:0c:42:f5:39:4b:
2f:18:e7:dd:ff:75:e6:b3:59:82:44:c0:0b:4a:b2:
24:3c:75:af:ae:81:66:d0:df:16:96:43:5f:50:90:
c2:9b:04:08:6b:ba:4c:3e:2e:6b:60:4c:f1:ff:42:
4b:73:28:80:da:56:d7:f7:de:c6:14:08:0e:51:1e:
0b:14:89:8c:df:f4:28:6e:e0:89:f5:7e:d2:0e:ed:
dd:a3:d5:1e:a0:a2:89:48:a8:1a:12:6d:9d:de:ce:
75:af:ef:a6:2e:7d:c7:8d:79:07:0a:06:97:78:38:
ea:de:2c:32:c2:4a:4e:b9:9a:a2:7c:87:90:5d:5d:
ce:db:da:20:e5:e5:c0:b3:25:a7:2c:d3:c5:24:0a:
69:9a:0d:44:8c:c3:3c:63:27:3a:e4:66:54:a3:d3:
ab:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:97:01:93:E8:AB:CF:7B:B2:91:B2:EE:95:A2:88:57:FE:6D:0A:15
X509v3 Authority Key Identifier:
keyid:50:A5:80:F1:BD:12:5F:0A:ED:C5:91:FF:C8:DC:DA:9C:66:E1:2C:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917F0FA/206DFC5034E711EEB0C83616C4F9AE02/UKWA8b0SXwrtxZH_yNzanGbhLJ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UKWA8b0SXwrtxZH_yNzanGbhLJ8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F0FA/206DFC5034E711EEB0C83616C4F9AE02/8733FAE834E711EE903FDF16C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.248.222.0/23
Signature Algorithm: sha256WithRSAEncryption
82:9c:64:f2:82:6d:ed:9c:ab:3b:cf:1c:05:bd:e2:44:1c:78:
c4:d6:c6:83:79:61:f2:54:e2:1f:8c:a0:62:80:a2:9b:f0:ae:
2e:44:7a:56:f1:1a:e9:b6:88:b7:5d:42:ca:b2:2d:2f:80:c5:
51:3b:12:5d:7d:63:a5:9b:64:93:21:cd:6e:2c:71:92:eb:49:
f0:6d:93:1a:bc:62:9b:7c:19:a4:7b:fc:59:9f:55:c2:4b:c8:
8c:e8:b1:76:bb:3d:e9:ac:ed:a5:1f:a8:b1:2e:ee:80:bc:89:
cc:d2:23:f7:82:54:b9:7d:a7:24:3f:b0:b6:58:90:95:a8:38:
92:ec:82:8b:9a:9d:57:fc:9e:4e:68:83:82:48:c2:d3:7b:0d:
2d:44:73:5b:78:5b:c2:ab:2e:0f:fb:9d:ff:10:6d:a9:6e:3a:
39:50:fa:33:db:f4:76:2a:a4:c1:2a:6d:a2:e0:ed:ea:38:6d:
4f:15:ee:4a:17:1c:7a:c6:14:a7:0d:b0:40:c5:83:84:67:cd:
09:76:2c:b1:2c:9a:dd:20:27:9e:02:ae:52:b4:93:3f:2f:a7:
47:12:45:06:a2:fc:3b:ab:bb:6a:b2:7a:28:9c:29:ac:dc:5b:
95:49:1c:3d:15:fe:75:0d:d3:51:87:cd:70:a6:ec:eb:c2:32:
d6:81:3b:54
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
RjBGQTExMC8GA1UEBRMoNTBBNTgwRjFCRDEyNUYwQUVEQzU5MUZGQzhEQ0RBOUM2
NkUxMkM5RjAeFw0yMzA4MDcwNTU5MTFaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZDA4ODJlLTMxOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDRqbHqDjKyci79dUoHgl1k56FP8U4vkSembxGo90H70pvTmYrnfgSuuQDZ9tPi
BAcmMEg0obXPg28AaHtu7VGw2j54b8MbrqqQjmTgGBhbdC4uJ3LWWPtX/mJzA7s1
nwJIuYYMQvU5Sy8Y593/deazWYJEwAtKsiQ8da+ugWbQ3xaWQ19QkMKbBAhrukw+
LmtgTPH/QktzKIDaVtf33sYUCA5RHgsUiYzf9Chu4In1ftIO7d2j1R6goolIqBoS
bZ3eznWv76YufceNeQcKBpd4OOreLDLCSk65mqJ8h5BdXc7b2iDl5cCzJacs08Uk
CmmaDUSMwzxjJzrkZlSj06tLAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUcJcBk+ir
z3uykbLulaKIV/5tChUwHwYDVR0jBBgwFoAUUKWA8b0SXwrtxZH/yNzanGbhLJ8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdGMEZBLzIwNkRGQzUwMzRF
NzExRUVCMEM4MzYxNkM0RjlBRTAyL1VLV0E4YjBTWHdydHhaSF95TnphbkdiaExK
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVUtXQThiMFNYd3J0eFpIX3lOemFuR2JoTEo4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RjBGQS8yMDZERkM1MDM0RTcxMUVFQjBDODM2MTZDNEY5QUUwMi84NzMzRkFFODM0
RTcxMUVFOTAzRkRGMTZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWf43jANBgkqhkiG9w0BAQsFAAOCAQEAgpxk8oJt7ZyrO88c
Bb3iRBx4xNbGg3lh8lTiH4ygYoCim/CuLkR6VvEa6baIt11CyrItL4DFUTsSXX1j
pZtkkyHNbixxkutJ8G2TGrxim3wZpHv8WZ9VwkvIjOixdrs96aztpR+osS7ugLyJ
zNIj94JUuX2nJD+wtliQlag4kuyCi5qdV/yeTmiDgkjC03sNLURzW3hbwqsuD/ud
/xBtqW46OVD6M9v0diqkwSptouDt6jhtTxXuShccesYUpw2wQMWDhGfNCXYssSya
3SAnngKuUrSTPy+nRxJFBqL8O6u7arJ6KJwprNxblUkcPRX+dQ3TUYfNcKbs68Iy
1oE7VA==
-----END CERTIFICATE-----
Generated at Wed Aug 7 22:08:47 2024 by rpki-client on console-fra.rpki-client.org