Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91900BF/FEA1CD68B6E311ECBE59992DC4F9AE02/07AF929A049611EEB0CADF2DC4F9AE02.roa
File: 07AF929A049611EEB0CADF2DC4F9AE02.roa (raw, json)
Hash identifier: Qs2RBs/yUD5ZRVPG+I2RKVWiR/fH0k5w1X2ynEmBuB4=
Subject key identifier: 96:3E:B0:88:D0:FD:D6:B1:C5:59:B5:36:84:EF:EF:EF:19:00:03:FA
Certificate issuer: /CN=A91900BF/serialNumber=28EA1557B99E2B127551CD340C3AAF4C0A61006B
Certificate serial: 01F6
Authority key identifier: 28:EA:15:57:B9:9E:2B:12:75:51:CD:34:0C:3A:AF:4C:0A:61:00:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOoVV7meKxJ1Uc00DDqvTAphAGs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91900BF/FEA1CD68B6E311ECBE59992DC4F9AE02/07AF929A049611EEB0CADF2DC4F9AE02.roa
Signing time: Thu 08 Jun 2023 03:24:21 +0000
ROA not before: Thu 08 Jun 2023 03:24:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 151396
IP address blocks: 103.186.7.0/24 maxlen: 24
2400:6be0::/36 maxlen: 36
Validation: Failed, certificate revoked on Sat 02 Dec 2023 15:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 502 (0x1f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91900BF/serialNumber=28EA1557B99E2B127551CD340C3AAF4C0A61006B
Validity
Not Before: Jun 8 03:24:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=648149e5-0d4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5a:66:b7:a5:b5:b5:56:4e:5c:58:00:96:df:
d4:f5:22:23:ed:a3:19:63:a9:d6:24:54:ed:a8:46:
a4:de:bd:d8:6a:15:6d:2d:d8:c1:70:f6:9c:13:5f:
54:79:e2:25:b4:c9:b7:41:cf:fd:39:ec:f9:57:7c:
07:5e:eb:11:66:22:06:59:99:92:35:2d:58:4f:b0:
3b:91:fd:a6:b5:94:a0:db:fb:c7:bb:47:57:11:65:
ab:73:35:d8:b0:08:c9:82:23:4b:c6:52:3a:b3:68:
24:30:ef:fa:12:cb:9d:f5:02:a8:c8:83:f0:4f:e3:
fe:08:83:75:38:fe:4b:9d:f0:1f:81:fb:e4:8c:1f:
10:bd:18:45:07:27:95:79:a4:42:1a:36:b0:73:5d:
98:ba:4b:8c:f2:bf:ec:2c:d2:27:39:7c:85:f7:2e:
99:d0:94:ae:ce:c7:38:c4:6f:40:8f:31:68:c8:86:
fe:86:3b:92:96:d8:28:25:53:73:90:03:89:f0:af:
4b:af:67:7d:35:ed:7d:e7:be:65:b1:40:4a:72:ff:
56:99:cf:b7:f0:f1:35:79:ad:d3:5b:47:c5:f9:d4:
da:94:02:41:27:e3:a6:8f:6e:75:e0:a6:60:a5:9d:
f7:44:49:66:f8:b6:6c:70:04:22:f5:bc:51:ac:40:
88:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:3E:B0:88:D0:FD:D6:B1:C5:59:B5:36:84:EF:EF:EF:19:00:03:FA
X509v3 Authority Key Identifier:
keyid:28:EA:15:57:B9:9E:2B:12:75:51:CD:34:0C:3A:AF:4C:0A:61:00:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91900BF/FEA1CD68B6E311ECBE59992DC4F9AE02/KOoVV7meKxJ1Uc00DDqvTAphAGs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOoVV7meKxJ1Uc00DDqvTAphAGs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91900BF/FEA1CD68B6E311ECBE59992DC4F9AE02/07AF929A049611EEB0CADF2DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.186.7.0/24
IPv6:
2400:6be0::/36
Signature Algorithm: sha256WithRSAEncryption
72:e9:f1:23:a3:b4:bb:27:0a:18:6d:20:4e:f1:b6:09:18:c0:
1e:94:df:5b:e1:b8:44:ed:f0:c3:74:7e:e5:d2:79:c0:4a:f8:
46:85:b0:d4:5c:a5:c2:02:86:bf:53:3d:59:63:bd:40:b7:9e:
26:3d:77:66:05:2c:0f:6d:10:24:9e:f5:a4:4a:48:8f:fa:81:
d4:07:f6:17:b0:7c:54:05:40:1a:b8:6c:02:05:83:e3:2f:d0:
f7:01:9d:6c:54:66:5e:56:ca:79:89:ca:f0:0d:7a:ce:10:b7:
2a:00:0e:1c:09:e2:25:af:af:53:57:86:d8:61:c8:16:40:6e:
1a:28:d2:6c:9b:54:d0:05:f6:2d:ef:cd:a3:c3:22:06:19:95:
4c:93:04:89:3e:5f:22:ee:a5:b2:b0:a0:98:94:62:9e:78:96:
2e:81:12:f9:03:91:ac:a9:75:4f:0a:c4:85:19:d9:94:cd:6e:
20:ba:f5:99:bf:ca:c6:3c:f9:8d:ef:5b:5d:e7:25:5d:07:fa:
c8:78:fb:f2:c0:3e:a4:32:31:2b:93:9a:38:e9:4c:ce:87:78:
76:cc:df:69:c9:b9:b5:5d:1a:4d:50:75:cc:04:c3:75:b6:6d:
bb:56:d3:5f:66:6c:17:e9:02:7c:06:16:f8:69:75:40:fe:58:
53:28:f1:21
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICAfYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTAwQkYxMTAvBgNVBAUTKDI4RUExNTU3Qjk5RTJCMTI3NTUxQ0QzNDBDM0FBRjRD
MEE2MTAwNkIwHhcNMjMwNjA4MDMyNDIxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxNDllNS0wZDRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo1pmt6W1tVZOXFgAlt/U9SIj7aMZY6nWJFTtqEak3r3YahVtLdjBcPacE19U
eeIltMm3Qc/9Oez5V3wHXusRZiIGWZmSNS1YT7A7kf2mtZSg2/vHu0dXEWWrczXY
sAjJgiNLxlI6s2gkMO/6Esud9QKoyIPwT+P+CIN1OP5LnfAfgfvkjB8QvRhFByeV
eaRCGjawc12YukuM8r/sLNInOXyF9y6Z0JSuzsc4xG9AjzFoyIb+hjuSltgoJVNz
kAOJ8K9Lr2d9Ne19575lsUBKcv9Wmc+38PE1ea3TW0fF+dTalAJBJ+Omj2514KZg
pZ33RElm+LZscAQi9bxRrECIFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJY+sIjQ
/daxxVm1NoTv7+8ZAAP6MB8GA1UdIwQYMBaAFCjqFVe5nisSdVHNNAw6r0wKYQBr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MDBCRi9GRUExQ0Q2OEI2
RTMxMUVDQkU1OTk5MkRDNEY5QUUwMi9LT29WVjdtZUt4SjFVYzAwRERxdlRBcGhB
R3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tPb1ZWN21lS3hKMVVjMDBERHF2VEFwaEFHcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTAwQkYvRkVBMUNENjhCNkUzMTFFQ0JFNTk5OTJEQzRGOUFFMDIvMDdBRjkyOUEw
NDk2MTFFRUIwQ0FERjJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBABnugcwDgQCAAIwCAMGBCQAa+AAMA0GCSqGSIb3DQEBCwUA
A4IBAQBy6fEjo7S7JwoYbSBO8bYJGMAelN9b4bhE7fDDdH7l0nnASvhGhbDUXKXC
Aoa/Uz1ZY71At54mPXdmBSwPbRAknvWkSkiP+oHUB/YXsHxUBUAauGwCBYPjL9D3
AZ1sVGZeVsp5icrwDXrOELcqAA4cCeIlr69TV4bYYcgWQG4aKNJsm1TQBfYt782j
wyIGGZVMkwSJPl8i7qWysKCYlGKeeJYugRL5A5GsqXVPCsSFGdmUzW4guvWZv8rG
PPmN71td5yVdB/rIePvywD6kMjErk5o46UzOh3h2zN9pybm1XRpNUHXMBMN1tm27
VtNfZmwX6QJ8Bhb4aXVA/lhTKPEh
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org