Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/F53A9AACEDBE11EE81831062C4F9AE02.roa
File: F53A9AACEDBE11EE81831062C4F9AE02.roa (raw, json)
Hash identifier: YAP0qXi2Kuy/FazVI0jB6EFuZs4wd7rEO2VW8bRD9PQ=
Subject key identifier: 6A:3C:FA:C4:A2:24:36:3C:72:2C:E2:1C:3E:F9:39:18:8D:53:96:77
Certificate issuer: /CN=A919F9A8/serialNumber=87B62C34E8DC5D40238C0F6BDE91156E5D06A44B
Certificate serial: 19
Authority key identifier: 87:B6:2C:34:E8:DC:5D:40:23:8C:0F:6B:DE:91:15:6E:5D:06:A4:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7YsNOjcXUAjjA9r3pEVbl0GpEs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/F53A9AACEDBE11EE81831062C4F9AE02.roa
Signing time: Fri 29 Mar 2024 11:25:07 +0000
ROA not before: Fri 29 Mar 2024 11:25:07 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 48266
IP address blocks: 103.190.232.0/24 maxlen: 24
2400:9320::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 23 May 2024 07:25:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25 (0x19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919F9A8/serialNumber=87B62C34E8DC5D40238C0F6BDE91156E5D06A44B
Validity
Not Before: Mar 29 11:25:07 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=6606a513-281d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:80:06:0c:c9:97:58:85:c6:32:f1:1f:d9:a4:
7f:9b:de:24:89:9c:95:5a:2d:8c:85:1a:79:b2:0d:
9d:4f:80:f7:95:23:8b:cc:00:39:11:8c:38:67:0f:
76:13:96:ff:8b:67:9f:06:eb:e7:3c:db:4e:3f:90:
6e:55:8b:15:6d:ec:d2:8b:3f:a8:2f:4f:95:78:3f:
f1:b9:fc:3f:2d:04:e8:f5:7e:8b:59:fc:23:2b:44:
5b:c2:92:93:3e:d6:80:09:0d:b2:3c:e5:c0:88:b3:
f4:35:b3:9f:12:6c:ed:87:8f:a0:c3:81:dc:3c:2f:
37:fe:21:91:5d:1e:50:8e:7e:0d:5f:56:73:af:f1:
cd:ec:65:65:62:01:3b:71:fc:ba:a4:e8:50:02:5a:
74:65:cb:12:4e:c5:67:87:9d:af:b3:be:c0:9e:c0:
d1:92:50:59:d1:c8:0e:55:76:99:02:69:50:7f:c3:
d7:b6:bc:7e:a0:cd:71:05:d3:43:bd:13:55:41:93:
fc:ef:66:17:73:13:4b:92:ec:34:55:26:3b:5e:2e:
a2:31:3a:2a:9e:1d:b6:2b:cb:f3:80:3f:a2:3e:bf:
c5:c0:e9:64:83:27:7c:66:0b:29:b0:8e:cf:c2:eb:
0c:b9:08:38:f2:4d:cd:65:49:45:3e:9d:a7:25:9f:
bd:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:3C:FA:C4:A2:24:36:3C:72:2C:E2:1C:3E:F9:39:18:8D:53:96:77
X509v3 Authority Key Identifier:
keyid:87:B6:2C:34:E8:DC:5D:40:23:8C:0F:6B:DE:91:15:6E:5D:06:A4:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/h7YsNOjcXUAjjA9r3pEVbl0GpEs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7YsNOjcXUAjjA9r3pEVbl0GpEs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/F53A9AACEDBE11EE81831062C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.190.232.0/24
IPv6:
2400:9320::/48
Signature Algorithm: sha256WithRSAEncryption
35:fb:0e:d9:60:5c:65:cc:4d:5b:34:b8:f3:3a:e1:6b:c4:cc:
f7:2d:98:f7:e9:15:77:b4:45:ba:ac:2c:35:67:69:16:97:48:
a7:51:06:38:82:4e:f2:e3:ab:6e:56:5d:8e:27:d9:2c:5b:a7:
2b:c3:31:60:fa:7f:2c:07:44:2a:a0:bb:fb:fb:99:14:91:33:
09:23:3d:f4:6f:29:a6:65:dd:80:54:7e:e7:08:98:a9:27:0b:
c6:4b:e7:01:2e:cd:6b:e6:20:eb:0b:c2:40:71:bf:2c:2f:1f:
4b:df:68:72:56:02:35:e1:2c:91:75:e8:99:c9:17:57:e2:8c:
39:27:e5:2d:0c:4e:25:5c:77:e3:5b:98:b0:6b:43:0d:3c:66:
dd:ad:ec:29:b3:9b:58:29:ac:72:26:30:82:99:ee:a3:fc:47:
d1:87:e5:47:29:32:05:83:48:c0:5a:03:45:02:ad:e2:58:bb:
ca:b8:34:26:75:e5:01:12:af:2a:b0:79:37:e1:a4:7c:d2:05:
5a:d6:55:d7:ab:da:db:7c:be:58:ea:1d:ef:24:22:c6:99:f6:
61:1d:c3:3d:9e:6b:8a:1d:35:85:15:73:52:19:73:a4:96:36:
8b:62:ff:51:ed:f5:08:01:98:ff:0a:cb:96:7d:85:8f:78:e5:
70:09:5c:58
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBGTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
RjlBODExMC8GA1UEBRMoODdCNjJDMzRFOERDNUQ0MDIzOEMwRjZCREU5MTE1NkU1
RDA2QTQ0QjAeFw0yNDAzMjkxMTI1MDdaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MDZhNTEzLTI4MWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCkgAYMyZdYhcYy8R/ZpH+b3iSJnJVaLYyFGnmyDZ1PgPeVI4vMADkRjDhnD3YT
lv+LZ58G6+c8204/kG5VixVt7NKLP6gvT5V4P/G5/D8tBOj1fotZ/CMrRFvCkpM+
1oAJDbI85cCIs/Q1s58SbO2Hj6DDgdw8Lzf+IZFdHlCOfg1fVnOv8c3sZWViATtx
/Lqk6FACWnRlyxJOxWeHna+zvsCewNGSUFnRyA5VdpkCaVB/w9e2vH6gzXEF00O9
E1VBk/zvZhdzE0uS7DRVJjteLqIxOiqeHbYry/OAP6I+v8XA6WSDJ3xmCymwjs/C
6wy5CDjyTc1lSUU+nacln71zAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUajz6xKIk
NjxyLOIcPvk5GI1TlncwHwYDVR0jBBgwFoAUh7YsNOjcXUAjjA9r3pEVbl0GpEsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlGOUE4L0I5MjMwNkZFRUI2
QTExRUU5QzAzQjcxMUM0RjlBRTAyL2g3WXNOT2pjWFVBampBOXIzcEVWYmwwR3BF
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaDdZc05PamNYVUFqakE5cjNwRVZibDBHcEVzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
RjlBOC9COTIzMDZGRUVCNkExMUVFOUMwM0I3MTFDNEY5QUUwMi9GNTNBOUFBQ0VE
QkUxMUVFODE4MzEwNjJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAGe+6DAPBAIAAjAJAwcAJACTIAAAMA0GCSqGSIb3DQEBCwUA
A4IBAQA1+w7ZYFxlzE1bNLjzOuFrxMz3LZj36RV3tEW6rCw1Z2kWl0inUQY4gk7y
46tuVl2OJ9ksW6crwzFg+n8sB0QqoLv7+5kUkTMJIz30bymmZd2AVH7nCJipJwvG
S+cBLs1r5iDrC8JAcb8sLx9L32hyVgI14SyRdeiZyRdX4ow5J+UtDE4lXHfjW5iw
a0MNPGbdrewps5tYKaxyJjCCme6j/EfRh+VHKTIFg0jAWgNFAq3iWLvKuDQmdeUB
Eq8qsHk34aR80gVa1lXXq9rbfL5Y6h3vJCLGmfZhHcM9nmuKHTWFFXNSGXOkljaL
Yv9R7fUIAZj/CsuWfYWPeOVwCVxY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org