Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A45E0/23BF2F26113E11EA88E87876C4F9AE02/F98D85B47D4E11EE96250133C4F9AE02.roa
File: F98D85B47D4E11EE96250133C4F9AE02.roa (raw, json)
Hash identifier: HZ6rurUGauZmfAHhLdzAHQMPIKRX78Wfa3wVbyjvXpU=
Subject key identifier: 3B:C5:35:04:01:33:49:63:32:22:EF:28:5B:E7:B2:CC:64:88:FB:C3
Certificate issuer: /CN=A91A45E0/serialNumber=6B0CB59503DA895FF94269D7A9BC20261704DCE9
Certificate serial: 0B01
Authority key identifier: 6B:0C:B5:95:03:DA:89:5F:F9:42:69:D7:A9:BC:20:26:17:04:DC:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/awy1lQPaiV_5QmnXqbwgJhcE3Ok.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A45E0/23BF2F26113E11EA88E87876C4F9AE02/F98D85B47D4E11EE96250133C4F9AE02.roa
Signing time: Tue 07 Nov 2023 09:21:37 +0000
ROA not before: Tue 07 Nov 2023 09:21:37 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 150748
IP address blocks: 103.100.234.0/24 maxlen: 24
103.100.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Feb 2024 08:52:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2817 (0xb01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A45E0/serialNumber=6B0CB59503DA895FF94269D7A9BC20261704DCE9
Validity
Not Before: Nov 7 09:21:37 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=654a01a1-2548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:29:90:b2:26:c8:5e:8b:c1:cb:98:00:72:9e:
1f:e9:9a:f9:14:1b:e3:d2:80:20:e5:5f:d0:56:ef:
96:42:c6:30:86:28:57:d6:1e:89:4b:d5:5f:a1:70:
29:da:fb:fe:a9:18:0f:99:69:67:37:8c:c3:57:d2:
28:54:48:57:4f:52:24:16:a5:68:d4:46:3f:ce:07:
15:17:e7:0c:48:dd:5f:f2:36:f5:38:f2:91:4b:4e:
3e:6b:21:de:37:ba:5b:56:49:3f:c1:62:14:20:a4:
53:91:2b:21:64:49:33:f0:d0:6d:6f:94:97:19:bf:
2f:97:62:d1:24:77:fa:85:48:10:5b:db:f2:b2:09:
48:e2:16:c9:95:f3:27:ce:d3:60:38:84:4d:a0:33:
5b:c5:21:ba:09:ae:33:19:9b:ab:e9:57:00:6e:7c:
84:9d:6f:9c:e5:90:a2:e4:2f:56:ce:a6:fe:bc:4c:
97:aa:9d:58:bf:43:f4:d6:81:31:f8:c0:5d:25:c9:
5e:89:67:59:25:12:8c:a8:10:d4:71:d8:27:8e:2b:
26:dd:57:55:18:ac:38:71:03:1d:98:90:77:61:9a:
12:54:ab:e5:cc:1c:0b:f8:82:39:0b:3f:a6:14:29:
a2:16:fc:0c:71:7c:b2:07:5a:fd:36:5b:a0:ec:94:
12:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C5:35:04:01:33:49:63:32:22:EF:28:5B:E7:B2:CC:64:88:FB:C3
X509v3 Authority Key Identifier:
keyid:6B:0C:B5:95:03:DA:89:5F:F9:42:69:D7:A9:BC:20:26:17:04:DC:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A45E0/23BF2F26113E11EA88E87876C4F9AE02/awy1lQPaiV_5QmnXqbwgJhcE3Ok.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/awy1lQPaiV_5QmnXqbwgJhcE3Ok.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A45E0/23BF2F26113E11EA88E87876C4F9AE02/F98D85B47D4E11EE96250133C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.100.234.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:ae:50:b9:72:39:87:4c:4f:72:26:ef:87:72:df:37:dc:61:
ef:89:be:ac:42:e6:02:1b:b9:ff:c6:4a:df:6b:79:f5:d0:46:
e6:0c:15:ea:67:ea:b1:de:17:51:59:97:5b:09:d3:51:64:d3:
eb:53:3e:54:b4:cf:67:5e:db:1f:a7:2c:5a:f8:d8:63:fa:48:
80:1f:25:7c:62:26:97:bd:e3:ec:fb:23:e1:92:c2:5d:68:1c:
88:db:3a:eb:d2:6a:e6:39:20:2a:c3:4c:0f:0e:02:11:6e:87:
0f:6c:9d:4f:70:da:62:09:42:30:73:19:20:6c:1a:af:09:fc:
36:2c:64:77:a5:8c:d2:37:ec:55:f2:d9:50:94:58:63:81:de:
3f:f6:27:89:31:bd:a6:65:25:3f:5a:02:c8:79:cf:8f:4f:f6:
e5:2a:10:44:16:11:25:85:d1:85:3c:8c:36:7d:47:17:03:2a:
32:a7:f1:aa:74:52:9f:b2:18:e6:5c:7c:09:40:bb:c2:07:5d:
50:63:84:5e:8e:e7:df:99:ca:8c:51:70:d8:2a:04:e8:7b:10:
79:ed:fc:0a:79:9b:1a:e9:20:36:06:be:df:e0:4b:21:56:93:
12:da:b6:d2:d2:f8:94:e4:11:e4:73:28:f2:d6:8e:f8:dd:64:
82:bb:2d:19
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCwEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ1RTAxMTAvBgNVBAUTKDZCMENCNTk1MDNEQTg5NUZGOTQyNjlEN0E5QkMyMDI2
MTcwNERDRTkwHhcNMjMxMTA3MDkyMTM3WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTRhMDFhMS0yNTQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1SmQsibIXovBy5gAcp4f6Zr5FBvj0oAg5V/QVu+WQsYwhihX1h6JS9VfoXAp
2vv+qRgPmWlnN4zDV9IoVEhXT1IkFqVo1EY/zgcVF+cMSN1f8jb1OPKRS04+ayHe
N7pbVkk/wWIUIKRTkSshZEkz8NBtb5SXGb8vl2LRJHf6hUgQW9vysglI4hbJlfMn
ztNgOIRNoDNbxSG6Ca4zGZur6VcAbnyEnW+c5ZCi5C9Wzqb+vEyXqp1Yv0P01oEx
+MBdJcleiWdZJRKMqBDUcdgnjism3VdVGKw4cQMdmJB3YZoSVKvlzBwL+II5Cz+m
FCmiFvwMcXyyB1r9Nlug7JQSOwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDvFNQQB
M0ljMiLvKFvnssxkiPvDMB8GA1UdIwQYMBaAFGsMtZUD2olf+UJp16m8ICYXBNzp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDVFMC8yM0JGMkYyNjEx
M0UxMUVBODhFODc4NzZDNEY5QUUwMi9hd3kxbFFQYWlWXzVRbW5YcWJ3Z0poY0Uz
T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2F3eTFsUVBhaVZfNVFtblhxYndnSmhjRTNPay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ1RTAvMjNCRjJGMjYxMTNFMTFFQTg4RTg3ODc2QzRGOUFFMDIvRjk4RDg1QjQ3
RDRFMTFFRTk2MjUwMTMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnZOowDQYJKoZIhvcNAQELBQADggEBALeuULlyOYdMT3Im
74dy3zfcYe+JvqxC5gIbuf/GSt9refXQRuYMFepn6rHeF1FZl1sJ01Fk0+tTPlS0
z2de2x+nLFr42GP6SIAfJXxiJpe94+z7I+GSwl1oHIjbOuvSauY5ICrDTA8OAhFu
hw9snU9w2mIJQjBzGSBsGq8J/DYsZHeljNI37FXy2VCUWGOB3j/2J4kxvaZlJT9a
Ash5z49P9uUqEEQWESWF0YU8jDZ9RxcDKjKn8ap0Up+yGOZcfAlAu8IHXVBjhF6O
59+ZyoxRcNgqBOh7EHnt/Ap5mxrpIDYGvt/gSyFWkxLattLS+JTkEeRzKPLWjvjd
ZIK7LRk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:53 2024 by rpki-client on console-ams.rpki-client.org