Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/B7225A2E04CE11EC870C414DC4F9AE02.roa
File: B7225A2E04CE11EC870C414DC4F9AE02.roa (raw, json)
Hash identifier: tXyyN9DWByQTiomAdkVxThPQfO2ov/ik/PEPme11La0=
Subject key identifier: C9:22:3E:43:5B:0A:83:25:17:A2:52:33:F0:23:EA:0F:02:89:2C:3B
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 3E6C
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/B7225A2E04CE11EC870C414DC4F9AE02.roa
Signing time: Tue 12 Sep 2023 02:41:25 +0000
ROA not before: Tue 12 Sep 2023 02:41:25 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 135921
IP address blocks: 103.45.232.0/22 maxlen: 24
103.69.188.0/22 maxlen: 22
103.98.148.0/22 maxlen: 22
2407:f1c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15980 (0x3e6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Sep 12 02:41:25 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64ffcfd5-b4e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c8:b5:d8:21:f4:06:15:4b:85:c2:70:8a:c6:
47:ef:fe:1c:7a:cd:06:f0:1d:e0:9c:c8:42:e8:fa:
45:71:d6:53:a9:5f:87:db:97:80:52:50:bb:21:6b:
1b:d2:15:00:8e:70:0c:94:a9:22:55:3c:b4:8d:99:
77:e1:72:f1:af:f8:a9:da:27:1d:94:93:30:52:98:
d7:23:2f:e3:85:a5:5c:a9:81:eb:cc:d7:55:b8:c5:
33:4e:b4:6e:09:76:cc:4a:39:f1:33:16:3c:da:5f:
cd:81:a7:ff:23:29:56:8b:7c:24:9f:dc:bb:e3:a6:
5d:d4:a8:48:13:cc:3e:a2:d5:5f:bc:0a:f3:d3:5a:
10:7e:bb:23:a5:82:cd:90:51:65:d7:87:4b:40:31:
8b:23:73:dd:d6:d3:ef:fd:60:28:22:56:fa:f0:49:
dc:73:85:6d:19:47:31:3a:21:a2:85:94:43:9a:cf:
2e:c6:ef:e2:a8:ed:48:3b:e1:2a:bd:41:b6:20:bc:
16:b5:24:c0:f6:18:00:c1:6e:c9:e1:3c:ac:35:4b:
42:08:e2:a3:fa:fa:fe:88:a3:49:47:ca:e0:15:c8:
f0:ce:48:e6:29:7b:f0:ee:71:70:fb:2d:05:8b:1d:
2d:5e:09:13:77:7e:51:17:70:dd:b9:77:35:db:c2:
b8:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:22:3E:43:5B:0A:83:25:17:A2:52:33:F0:23:EA:0F:02:89:2C:3B
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/B7225A2E04CE11EC870C414DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.45.232.0/22
103.69.188.0/22
103.98.148.0/22
IPv6:
2407:f1c0::/48
Signature Algorithm: sha256WithRSAEncryption
20:58:3e:47:82:18:90:b0:49:07:95:57:e9:1f:1c:c8:ee:dc:
7b:c9:8c:04:80:12:d8:a5:4a:20:3c:de:70:b3:4d:1b:7f:5e:
13:e7:97:f5:7f:db:05:98:9e:a7:db:63:d4:27:f6:d3:5b:18:
29:65:91:08:52:82:7e:89:95:29:ba:f1:d5:5e:5a:59:ca:f4:
d7:74:f4:b5:cb:59:a1:e3:07:8a:68:ae:93:15:e7:47:79:da:
25:c4:1f:30:b1:be:ef:49:9b:d9:b7:f2:bf:aa:ec:3e:43:d2:
e6:4e:ad:55:c9:76:ad:67:64:8d:4e:bd:ba:1e:69:7a:bb:43:
a4:9f:cc:bd:35:66:e4:6b:16:bf:ed:db:8e:7a:cd:49:3a:23:
e4:b2:25:a7:2d:08:cd:46:67:be:87:00:89:36:10:06:f5:5c:
f0:56:c5:d5:60:fb:53:0c:5f:ba:49:82:3f:00:55:44:a6:64:
17:a0:ac:8d:8e:9f:3e:ca:77:0d:df:51:20:7d:82:f6:f3:6a:
06:6e:d5:30:5a:a9:13:e7:56:e7:0e:1f:11:00:01:24:f4:1e:
c1:c3:95:95:3c:57:af:fc:d4:7f:f9:51:21:75:12:70:c3:21:
48:7b:4a:4c:5e:1c:11:fd:8f:75:a0:92:48:cb:2b:f1:14:21:
09:a9:c3:67
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICPmwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjMwOTEyMDI0MTI1WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGZmY2ZkNS1iNGU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz8i12CH0BhVLhcJwisZH7/4ces0G8B3gnMhC6PpFcdZTqV+H25eAUlC7IWsb
0hUAjnAMlKkiVTy0jZl34XLxr/ip2icdlJMwUpjXIy/jhaVcqYHrzNdVuMUzTrRu
CXbMSjnxMxY82l/Ngaf/IylWi3wkn9y746Zd1KhIE8w+otVfvArz01oQfrsjpYLN
kFFl14dLQDGLI3Pd1tPv/WAoIlb68Encc4VtGUcxOiGihZRDms8uxu/iqO1IO+Eq
vUG2ILwWtSTA9hgAwW7J4TysNUtCCOKj+vr+iKNJR8rgFcjwzkjmKXvw7nFw+y0F
ix0tXgkTd35RF3DduXc128K4UQIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFMkiPkNb
CoMlF6JSM/Aj6g8CiSw7MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQjcyMjVBMkUw
NENFMTFFQzg3MEM0MTREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E
LTArMBgEAgABMBIDBAJnLegDBAJnRbwDBAJnYpQwDwQCAAIwCQMHACQH8cAAADAN
BgkqhkiG9w0BAQsFAAOCAQEAIFg+R4IYkLBJB5VX6R8cyO7ce8mMBIAS2KVKIDze
cLNNG39eE+eX9X/bBZiep9tj1Cf201sYKWWRCFKCfomVKbrx1V5aWcr013T0tctZ
oeMHimiukxXnR3naJcQfMLG+70mb2bfyv6rsPkPS5k6tVcl2rWdkjU69uh5pertD
pJ/MvTVm5GsWv+3bjnrNSToj5LIlpy0IzUZnvocAiTYQBvVc8FbF1WD7UwxfukmC
PwBVRKZkF6CsjY6fPsp3Dd9RIH2C9vNqBm7VMFqpE+dW5w4fEQABJPQewcOVlTxX
r/zUf/lRIXUScMMhSHtKTF4cEf2PdaCSSMsr8RQhCanDZw==
-----END CERTIFICATE-----
Generated at Wed Dec 13 18:07:28 2023 by rpki-client on console-fra.rpki-client.org