Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A43EE/01E4E69623CB11EDA8E3583EC4F9AE02/BAE9DFB8550B11ED93501D11C4F9AE02.roa
File: BAE9DFB8550B11ED93501D11C4F9AE02.roa (raw, json)
Hash identifier: LwFnzgQs93bNvxQWWpdhCBVcBPimc4O611JO83ESygw=
Subject key identifier: 53:89:82:C6:95:70:BE:21:4F:EE:BC:A6:47:D4:FA:23:13:E1:50:13
Certificate issuer: /CN=A91A43EE/serialNumber=8EC333757E363A1711B00273250446FE1B4938DB
Certificate serial: 6F
Authority key identifier: 8E:C3:33:75:7E:36:3A:17:11:B0:02:73:25:04:46:FE:1B:49:38:DB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jsMzdX42OhcRsAJzJQRG_htJONs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A43EE/01E4E69623CB11EDA8E3583EC4F9AE02/BAE9DFB8550B11ED93501D11C4F9AE02.roa
Signing time: Sun 13 Nov 2022 15:14:02 +0000
ROA not before: Sun 13 Nov 2022 15:14:02 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 147293
IP address blocks: 103.20.198.0/23 maxlen: 23
103.20.198.0/24 maxlen: 24
103.20.199.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111 (0x6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A43EE/serialNumber=8EC333757E363A1711B00273250446FE1B4938DB
Validity
Not Before: Nov 13 15:14:02 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=637109b9-2fa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a1:a2:7d:b7:0b:05:84:2d:28:e5:1a:28:1c:
f5:67:fa:7f:11:67:22:56:7f:26:25:c5:8f:e9:24:
b8:03:49:1d:fa:b5:cc:29:df:15:88:ed:3f:4d:3e:
13:9d:48:ba:75:e3:96:4a:df:3d:ed:59:75:48:1e:
61:37:89:aa:65:10:6b:e9:e7:42:8e:5e:09:2f:b1:
f2:1b:e7:09:8a:c1:b5:f8:10:f4:a7:79:aa:dc:a1:
83:6e:9d:54:f9:9f:a6:d3:e3:de:69:e0:01:64:2f:
5c:e8:b1:0b:38:04:b0:fa:a6:21:8e:c2:b5:49:3d:
bd:1c:70:29:b2:10:31:e1:06:c0:38:e9:b6:f9:9a:
69:c7:0c:d5:bc:be:c9:d6:de:64:74:6a:19:b2:d7:
fc:fe:60:9e:f2:92:e7:ff:13:1c:51:92:ae:f4:af:
30:ff:a4:6f:a8:ad:a1:e4:59:b9:a9:2c:11:b9:06:
8b:ba:31:6d:a1:e1:58:bf:be:1c:c2:e0:2f:89:79:
94:d9:0b:63:61:9e:8e:28:75:6a:e3:f7:e1:f7:9d:
85:36:1f:a4:b6:b6:bf:53:3a:92:b4:6c:65:42:71:
9d:39:9e:dc:ff:b6:53:78:52:09:80:f5:00:fe:ee:
17:c2:99:d4:fe:aa:59:1c:27:20:39:fb:d4:11:2b:
19:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:89:82:C6:95:70:BE:21:4F:EE:BC:A6:47:D4:FA:23:13:E1:50:13
X509v3 Authority Key Identifier:
keyid:8E:C3:33:75:7E:36:3A:17:11:B0:02:73:25:04:46:FE:1B:49:38:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A43EE/01E4E69623CB11EDA8E3583EC4F9AE02/jsMzdX42OhcRsAJzJQRG_htJONs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jsMzdX42OhcRsAJzJQRG_htJONs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A43EE/01E4E69623CB11EDA8E3583EC4F9AE02/BAE9DFB8550B11ED93501D11C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.198.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:71:b5:7a:5b:1e:6b:f1:b4:2e:85:6a:7f:d3:80:56:da:3c:
b1:b5:6e:3f:ae:a4:c9:b8:36:8f:fe:98:49:8f:41:94:46:24:
cc:78:bd:5f:f0:30:ef:dd:61:ba:9a:e8:6d:1a:d6:ed:52:16:
04:e9:ac:00:1d:e5:91:3f:48:42:12:53:fe:27:05:24:3a:6c:
9d:3a:05:28:3b:cd:29:c1:d8:5e:d0:51:13:94:0c:ae:27:ca:
bb:9b:e5:11:ed:53:64:a0:7f:eb:b2:df:7c:da:af:7f:70:3c:
36:72:cc:51:10:08:9c:3a:2a:ae:3b:7e:bb:e7:36:6a:a5:01:
01:d0:2f:6f:f8:fc:b3:fa:80:e6:53:27:97:c4:65:b0:e3:e5:
69:57:63:eb:2e:48:a6:26:a4:26:9d:c7:0a:bf:ab:ce:0d:97:
7d:40:61:3d:26:7a:9c:2c:ef:63:42:b4:73:e4:f7:af:be:2b:
3f:e2:40:29:7b:9c:87:54:0c:69:d0:2e:8d:e5:1c:47:a0:56:
c4:6f:41:c2:2c:f8:d0:67:85:0b:49:3a:92:5f:35:95:47:12:
26:bf:96:30:d0:51:1d:3a:0f:80:bf:04:ab:4e:a0:6c:24:1d:
13:44:02:36:65:09:37:e2:8d:36:5d:1b:2f:fc:8d:59:f8:2d:
68:af:ec:c5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBbzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
NDNFRTExMC8GA1UEBRMoOEVDMzMzNzU3RTM2M0ExNzExQjAwMjczMjUwNDQ2RkUx
QjQ5MzhEQjAeFw0yMjExMTMxNTE0MDJaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzNzEwOWI5LTJmYTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3oaJ9twsFhC0o5RooHPVn+n8RZyJWfyYlxY/pJLgDSR36tcwp3xWI7T9NPhOd
SLp145ZK3z3tWXVIHmE3iaplEGvp50KOXgkvsfIb5wmKwbX4EPSnearcoYNunVT5
n6bT495p4AFkL1zosQs4BLD6piGOwrVJPb0ccCmyEDHhBsA46bb5mmnHDNW8vsnW
3mR0ahmy1/z+YJ7ykuf/ExxRkq70rzD/pG+oraHkWbmpLBG5Bou6MW2h4Vi/vhzC
4C+JeZTZC2Nhno4odWrj9+H3nYU2H6S2tr9TOpK0bGVCcZ05ntz/tlN4UgmA9QD+
7hfCmdT+qlkcJyA5+9QRKxnpAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUU4mCxpVw
viFP7rymR9T6IxPhUBMwHwYDVR0jBBgwFoAUjsMzdX42OhcRsAJzJQRG/htJONsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0M0VFLzAxRTRFNjk2MjND
QjExRURBOEUzNTgzRUM0RjlBRTAyL2pzTXpkWDQyT2hjUnNBSnpKUVJHX2h0Sk9O
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvanNNemRYNDJPaGNSc0FKekpRUkdfaHRKT05zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NDNFRS8wMUU0RTY5NjIzQ0IxMUVEQThFMzU4M0VDNEY5QUUwMi9CQUU5REZCODU1
MEIxMUVEOTM1MDFEMTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcUxjANBgkqhkiG9w0BAQsFAAOCAQEAvHG1elsea/G0LoVq
f9OAVto8sbVuP66kybg2j/6YSY9BlEYkzHi9X/Aw791huprobRrW7VIWBOmsAB3l
kT9IQhJT/icFJDpsnToFKDvNKcHYXtBRE5QMrifKu5vlEe1TZKB/67LffNqvf3A8
NnLMURAInDoqrjt+u+c2aqUBAdAvb/j8s/qA5lMnl8RlsOPlaVdj6y5IpiakJp3H
Cr+rzg2XfUBhPSZ6nCzvY0K0c+T3r74rP+JAKXuch1QMadAujeUcR6BWxG9Bwiz4
0GeFC0k6kl81lUcSJr+WMNBRHToPgL8Eq06gbCQdE0QCNmUJN+KNNl0bL/yNWfgt
aK/sxQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:59 2023 by rpki-client on console-ams.rpki-client.org