Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91900BF/FEA1CD68B6E311ECBE59992DC4F9AE02/D05E1E1E049111EEB7391C0AC4F9AE02.roa
File: D05E1E1E049111EEB7391C0AC4F9AE02.roa (raw, json)
Hash identifier: uKC1ieMOvpa/CLFYscdYiQIBoD/kvR9Y8tZaD5RiGTo=
Subject key identifier: 55:1C:4A:51:5E:8F:C9:1F:77:70:AD:6B:14:ED:8B:AF:5A:64:21:04
Certificate issuer: /CN=A91900BF/serialNumber=28EA1557B99E2B127551CD340C3AAF4C0A61006B
Certificate serial: 01EF
Authority key identifier: 28:EA:15:57:B9:9E:2B:12:75:51:CD:34:0C:3A:AF:4C:0A:61:00:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOoVV7meKxJ1Uc00DDqvTAphAGs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91900BF/FEA1CD68B6E311ECBE59992DC4F9AE02/D05E1E1E049111EEB7391C0AC4F9AE02.roa
Signing time: Tue 06 Jun 2023 17:44:41 +0000
ROA not before: Tue 06 Jun 2023 17:44:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 149768
IP address blocks: 103.186.6.0/24 maxlen: 24
2400:6be0::/32 maxlen: 36
Validation: Failed, certificate revoked on Thu 08 Jun 2023 03:24:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 495 (0x1ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91900BF/serialNumber=28EA1557B99E2B127551CD340C3AAF4C0A61006B
Validity
Not Before: Jun 6 17:44:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=647f7089-bc0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:09:d1:88:b0:23:a7:cc:92:6f:5c:8b:1a:93:
ee:07:86:83:ac:3b:55:1d:9e:97:37:42:5e:dd:a7:
8d:23:07:43:bd:f5:ec:c2:29:8f:b0:a5:e4:64:16:
b8:17:63:0a:ca:ed:e1:9c:2b:2c:dd:88:c3:67:ce:
e5:21:d8:34:cd:95:dd:48:ca:9f:3c:44:38:b9:da:
9a:34:6e:5f:7b:e5:b3:00:57:e5:27:da:d8:cf:9e:
bc:6d:ba:c5:23:15:ca:ff:d2:34:8c:82:7a:42:0d:
08:6a:89:48:f1:60:5b:46:c0:df:b8:28:c7:c0:5d:
e0:0a:94:a2:b2:f4:c0:8b:93:fb:52:6b:d2:8a:a5:
b9:ed:1f:8f:36:34:c4:b7:ac:7a:b2:20:f0:be:4e:
ab:7a:f5:3f:5f:b5:08:82:46:37:53:09:8d:f0:90:
36:ae:05:51:a7:ba:9c:97:49:9f:b7:f3:8c:c8:f5:
40:d2:aa:26:e0:2d:43:3b:9b:32:25:6e:14:d7:40:
0a:90:7b:79:9d:13:06:d7:3f:69:3e:03:df:a0:90:
ba:3e:c7:06:6d:70:38:20:d1:fd:cf:2b:22:2f:69:
89:01:69:a1:6b:10:e7:d3:13:43:7c:79:d0:a6:19:
ce:b4:75:c3:94:d9:04:af:14:e4:ca:fd:60:cc:84:
43:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:1C:4A:51:5E:8F:C9:1F:77:70:AD:6B:14:ED:8B:AF:5A:64:21:04
X509v3 Authority Key Identifier:
keyid:28:EA:15:57:B9:9E:2B:12:75:51:CD:34:0C:3A:AF:4C:0A:61:00:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91900BF/FEA1CD68B6E311ECBE59992DC4F9AE02/KOoVV7meKxJ1Uc00DDqvTAphAGs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOoVV7meKxJ1Uc00DDqvTAphAGs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91900BF/FEA1CD68B6E311ECBE59992DC4F9AE02/D05E1E1E049111EEB7391C0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.186.6.0/24
IPv6:
2400:6be0::/32
Signature Algorithm: sha256WithRSAEncryption
5a:49:df:5f:93:f4:c6:7d:01:4b:e6:3c:55:ec:52:36:92:58:
7a:be:0d:af:08:de:04:8b:ee:b0:4a:d7:d1:f6:3e:68:3b:57:
36:23:5a:12:fb:51:ff:32:19:13:71:9d:0e:d8:55:7c:75:d6:
23:e3:03:fa:c4:7d:0d:97:bd:73:47:95:90:3c:e6:96:3d:24:
f0:84:c5:27:0b:51:8b:95:22:a8:9f:13:e8:fd:1b:4f:80:49:
09:ef:2b:8a:8c:39:b0:91:01:81:e2:61:45:47:c6:b8:4d:3b:
4a:f7:15:00:88:c0:82:2c:b1:6e:af:35:20:24:8d:69:73:7a:
8b:39:b7:13:83:3c:50:75:a1:a0:4a:97:bf:36:41:59:bb:07:
ab:79:03:e2:b6:81:cf:5e:ce:cd:74:2b:fd:80:c8:a0:50:af:
00:7c:4a:cf:88:6c:2b:bd:4b:01:75:c8:ec:a3:41:d6:de:c1:
53:66:97:e3:6a:fd:f8:9d:50:ab:47:be:14:9e:33:27:3d:3b:
a3:fe:9d:db:02:8e:7b:08:df:53:82:e1:a3:24:b2:83:35:6f:
0d:63:2b:27:06:8d:9b:37:16:d9:94:98:af:9f:9d:cd:90:eb:
a5:de:20:21:97:ee:ad:89:97:58:e7:1a:7a:aa:f9:c6:63:7f:
d4:48:3d:d8
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAe8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTAwQkYxMTAvBgNVBAUTKDI4RUExNTU3Qjk5RTJCMTI3NTUxQ0QzNDBDM0FBRjRD
MEE2MTAwNkIwHhcNMjMwNjA2MTc0NDQxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdmNzA4OS1iYzBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtQnRiLAjp8ySb1yLGpPuB4aDrDtVHZ6XN0Je3aeNIwdDvfXswimPsKXkZBa4
F2MKyu3hnCss3YjDZ87lIdg0zZXdSMqfPEQ4udqaNG5fe+WzAFflJ9rYz568bbrF
IxXK/9I0jIJ6Qg0IaolI8WBbRsDfuCjHwF3gCpSisvTAi5P7UmvSiqW57R+PNjTE
t6x6siDwvk6revU/X7UIgkY3UwmN8JA2rgVRp7qcl0mft/OMyPVA0qom4C1DO5sy
JW4U10AKkHt5nRMG1z9pPgPfoJC6PscGbXA4INH9zysiL2mJAWmhaxDn0xNDfHnQ
phnOtHXDlNkErxTkyv1gzIRDrQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFFUcSlFe
j8kfd3CtaxTti69aZCEEMB8GA1UdIwQYMBaAFCjqFVe5nisSdVHNNAw6r0wKYQBr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MDBCRi9GRUExQ0Q2OEI2
RTMxMUVDQkU1OTk5MkRDNEY5QUUwMi9LT29WVjdtZUt4SjFVYzAwRERxdlRBcGhB
R3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tPb1ZWN21lS3hKMVVjMDBERHF2VEFwaEFHcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTAwQkYvRkVBMUNENjhCNkUzMTFFQ0JFNTk5OTJEQzRGOUFFMDIvRDA1RTFFMUUw
NDkxMTFFRUI3MzkxQzBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABnugYwDQQCAAIwBwMFACQAa+AwDQYJKoZIhvcNAQELBQAD
ggEBAFpJ31+T9MZ9AUvmPFXsUjaSWHq+Da8I3gSL7rBK19H2Pmg7VzYjWhL7Uf8y
GRNxnQ7YVXx11iPjA/rEfQ2XvXNHlZA85pY9JPCExScLUYuVIqifE+j9G0+ASQnv
K4qMObCRAYHiYUVHxrhNO0r3FQCIwIIssW6vNSAkjWlzeos5txODPFB1oaBKl782
QVm7B6t5A+K2gc9ezs10K/2AyKBQrwB8Ss+IbCu9SwF1yOyjQdbewVNml+Nq/fid
UKtHvhSeMyc9O6P+ndsCjnsI31OC4aMksoM1bw1jKycGjZs3FtmUmK+fnc2Q66Xe
ICGX7q2Jl1jnGnqq+cZjf9RIPdg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org