Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A27AB/6F6E9828310E11EE889FF03FC4F9AE02/E7A86CD290C311EEA5BF3023C4F9AE02.roa
File: E7A86CD290C311EEA5BF3023C4F9AE02.roa (raw, json)
Hash identifier: 6fmPfHy+fvxcMqGap2u4hhO/liJqpkn4E3616C5rWY4=
Subject key identifier: C0:81:E4:6E:A5:2C:68:DB:DA:E3:EF:09:BB:FA:DD:A0:30:7B:E7:72
Certificate issuer: /CN=A91A27AB/serialNumber=59D588125A716698738D1D1E9E6D8A68D7409B27
Certificate serial: 5C
Authority key identifier: 59:D5:88:12:5A:71:66:98:73:8D:1D:1E:9E:6D:8A:68:D7:40:9B:27
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WdWIElpxZphzjR0enm2KaNdAmyc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A27AB/6F6E9828310E11EE889FF03FC4F9AE02/E7A86CD290C311EEA5BF3023C4F9AE02.roa
Signing time: Sat 02 Dec 2023 03:35:57 +0000
ROA not before: Sat 02 Dec 2023 03:35:57 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 211138
IP address blocks: 103.99.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 15:18:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92 (0x5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A27AB/serialNumber=59D588125A716698738D1D1E9E6D8A68D7409B27
Validity
Not Before: Dec 2 03:35:57 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=656aa61d-dfa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0b:e1:6c:73:cb:44:2a:47:23:9d:cf:45:8c:
47:3a:83:bf:5a:26:d3:e8:76:32:1d:b9:17:2d:f0:
31:87:2d:30:7c:60:e1:1a:cf:2b:fd:9c:88:42:1f:
5d:b7:0e:8c:7a:22:4b:c3:c6:15:57:64:e5:33:86:
c6:eb:28:fa:66:6d:a4:58:03:c8:0c:1c:34:bc:05:
8c:57:40:b2:77:27:a8:54:85:69:b1:cc:38:0f:1c:
79:25:4d:20:a4:70:4f:8e:51:1c:42:c4:31:80:cf:
1e:77:c2:44:9f:cf:6d:b9:20:d5:86:23:a3:22:e1:
11:49:31:a1:7c:c7:44:f9:2b:43:ca:e9:3d:06:50:
05:5e:c5:6d:b0:aa:c0:54:66:f1:4e:1f:93:12:98:
99:3e:f7:95:05:ef:f1:5d:9f:11:98:49:0b:55:9d:
71:a1:9b:80:8b:61:4c:11:10:14:c0:c0:24:9c:e7:
78:24:66:a0:16:bb:1d:ab:7e:14:53:b4:0f:fc:1b:
b7:bd:21:64:03:9d:c2:32:db:93:f2:19:4b:ed:e0:
09:ca:c5:a0:c0:11:9d:6a:03:bd:9a:23:56:2f:15:
ce:55:94:67:d6:a2:04:81:f8:40:a3:fc:c8:f0:bd:
5a:38:7d:97:48:f3:8b:1e:51:84:27:92:74:44:2b:
ac:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:81:E4:6E:A5:2C:68:DB:DA:E3:EF:09:BB:FA:DD:A0:30:7B:E7:72
X509v3 Authority Key Identifier:
keyid:59:D5:88:12:5A:71:66:98:73:8D:1D:1E:9E:6D:8A:68:D7:40:9B:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A27AB/6F6E9828310E11EE889FF03FC4F9AE02/WdWIElpxZphzjR0enm2KaNdAmyc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WdWIElpxZphzjR0enm2KaNdAmyc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A27AB/6F6E9828310E11EE889FF03FC4F9AE02/E7A86CD290C311EEA5BF3023C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.54.0/24
Signature Algorithm: sha256WithRSAEncryption
be:a8:de:55:37:cb:42:2a:ba:38:76:a7:83:33:4f:42:ab:f7:
60:7b:30:92:9a:56:98:05:74:aa:52:92:71:59:bb:19:17:37:
de:33:ed:18:79:5a:e7:37:e3:c4:91:56:f7:0a:c9:38:2c:c7:
e5:4f:df:1d:c8:4d:d2:f2:d5:37:a6:ca:69:d0:d0:86:d6:f3:
6a:eb:3d:10:e1:17:12:a1:9c:f0:0c:f5:d8:f8:6f:4d:48:b1:
dd:75:7e:c8:04:d7:d8:25:61:f3:db:44:1f:d3:75:0f:7c:db:
b7:b1:68:e1:17:56:aa:26:34:f5:3d:9c:70:36:8c:29:38:b0:
f1:39:0c:d4:8a:a8:56:c8:71:6d:b5:07:0a:9e:80:35:28:0d:
bb:5b:1a:44:cb:ce:73:33:ef:f6:ab:50:bf:4f:0f:c4:99:12:
be:8a:8d:91:1f:85:d3:9e:c2:e0:f6:87:56:6b:44:f8:23:1e:
f1:d9:8a:6c:1c:e1:80:20:c2:47:27:b0:c3:77:38:ca:28:35:
da:f6:f3:c6:1b:64:5f:bd:da:39:b5:1b:9a:01:dc:50:a8:23:
f3:72:62:e6:2d:cb:fd:08:50:e8:4b:68:08:fd:d4:59:53:bd:
de:b1:59:f5:26:ba:a1:b2:36:ad:e8:d8:16:6d:e7:34:ca:94:
50:b1:aa:67
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBXDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MjdBQjExMC8GA1UEBRMoNTlENTg4MTI1QTcxNjY5ODczOEQxRDFFOUU2RDhBNjhE
NzQwOUIyNzAeFw0yMzEyMDIwMzM1NTdaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NmFhNjFkLWRmYTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDNC+Fsc8tEKkcjnc9FjEc6g79aJtPodjIduRct8DGHLTB8YOEazyv9nIhCH123
Dox6IkvDxhVXZOUzhsbrKPpmbaRYA8gMHDS8BYxXQLJ3J6hUhWmxzDgPHHklTSCk
cE+OURxCxDGAzx53wkSfz225INWGI6Mi4RFJMaF8x0T5K0PK6T0GUAVexW2wqsBU
ZvFOH5MSmJk+95UF7/FdnxGYSQtVnXGhm4CLYUwREBTAwCSc53gkZqAWux2rfhRT
tA/8G7e9IWQDncIy25PyGUvt4AnKxaDAEZ1qA72aI1YvFc5VlGfWogSB+ECj/Mjw
vVo4fZdI84seUYQnknREK6ylAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUwIHkbqUs
aNva4+8Ju/rdoDB753IwHwYDVR0jBBgwFoAUWdWIElpxZphzjR0enm2KaNdAmycw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEyN0FCLzZGNkU5ODI4MzEw
RTExRUU4ODlGRjAzRkM0RjlBRTAyL1dkV0lFbHB4WnBoempSMGVubTJLYU5kQW15
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvV2RXSUVscHhacGh6alIwZW5tMkthTmRBbXljLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MjdBQi82RjZFOTgyODMxMEUxMUVFODg5RkYwM0ZDNEY5QUUwMi9FN0E4NkNEMjkw
QzMxMUVFQTVCRjMwMjNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdjNjANBgkqhkiG9w0BAQsFAAOCAQEAvqjeVTfLQiq6OHan
gzNPQqv3YHswkppWmAV0qlKScVm7GRc33jPtGHla5zfjxJFW9wrJOCzH5U/fHchN
0vLVN6bKadDQhtbzaus9EOEXEqGc8Az12PhvTUix3XV+yATX2CVh89tEH9N1D3zb
t7Fo4RdWqiY09T2ccDaMKTiw8TkM1IqoVshxbbUHCp6ANSgNu1saRMvOczPv9qtQ
v08PxJkSvoqNkR+F057C4PaHVmtE+CMe8dmKbBzhgCDCRyeww3c4yig12vbzxhtk
X73aObUbmgHcUKgj83Ji5i3L/QhQ6EtoCP3UWVO93rFZ9Sa6obI2rejYFm3nNMqU
ULGqZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org