Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/EFF515CA052211EEA91C2E1BC4F9AE02.roa
File: EFF515CA052211EEA91C2E1BC4F9AE02.roa (raw, json)
Hash identifier: /Yq3Ocdkt6FIy8CDX/TzqukBsjJn2BK8aq3xZJCz3xg=
Subject key identifier: 64:21:67:76:AF:CB:E0:68:9E:EA:3F:8E:67:84:F4:6B:8C:D4:5C:36
Certificate issuer: /CN=A91AFF15/serialNumber=599A78D4BBCE13D4D813DEF9167CD35747EA0260
Certificate serial: 0822
Authority key identifier: 59:9A:78:D4:BB:CE:13:D4:D8:13:DE:F9:16:7C:D3:57:47:EA:02:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WZp41LvOE9TYE975FnzTV0fqAmA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/EFF515CA052211EEA91C2E1BC4F9AE02.roa
Signing time: Wed 07 Jun 2023 12:58:08 +0000
ROA not before: Wed 07 Jun 2023 12:58:08 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 141432
IP address blocks: 103.72.0.0/24 maxlen: 24
103.72.1.0/24 maxlen: 24
103.194.92.0/24 maxlen: 24
103.194.93.0/24 maxlen: 24
103.194.94.0/24 maxlen: 24
103.194.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2082 (0x822)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AFF15/serialNumber=599A78D4BBCE13D4D813DEF9167CD35747EA0260
Validity
Not Before: Jun 7 12:58:08 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64807edf-4789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:06:0e:0d:e6:b5:db:5b:8b:11:a4:97:73:4b:
31:30:5a:a7:78:2f:ff:fa:ed:cc:f8:00:98:d5:17:
78:be:89:57:14:a0:0c:4f:05:90:df:fe:36:47:cd:
b4:96:23:21:f7:0f:92:4e:94:e4:b8:db:dc:ea:d9:
04:e3:46:e2:90:c8:55:1d:ec:d2:65:1c:e8:77:3e:
ff:a8:46:99:10:6c:eb:e1:15:92:01:f1:44:ac:82:
82:dd:cb:5c:42:90:96:47:ad:3f:d0:22:32:de:c5:
3c:be:86:88:14:e8:ad:e9:6d:f4:6a:b8:b0:c5:f8:
d7:d6:b1:9a:b0:73:fa:7f:f5:dc:d9:f3:86:48:ac:
0f:7a:41:34:53:82:bc:45:8b:2a:4e:6a:46:fc:a9:
da:c5:c9:63:43:7d:f3:7f:56:c0:9a:e3:cd:2b:84:
3b:f6:29:38:8c:8a:13:c9:46:06:f6:95:c0:be:21:
b7:d4:b0:53:c1:b6:c7:ed:03:0b:bd:c0:f7:9e:86:
f7:a0:76:b9:67:0e:89:41:59:22:cd:88:49:e7:99:
b0:92:c8:26:53:b3:8b:e1:91:0e:b6:5c:3d:59:69:
b0:4e:70:34:e6:50:c7:02:a6:e8:92:43:71:62:0f:
d3:b0:d0:2f:f0:8d:06:11:38:58:04:d2:e4:4f:84:
9d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:21:67:76:AF:CB:E0:68:9E:EA:3F:8E:67:84:F4:6B:8C:D4:5C:36
X509v3 Authority Key Identifier:
keyid:59:9A:78:D4:BB:CE:13:D4:D8:13:DE:F9:16:7C:D3:57:47:EA:02:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/WZp41LvOE9TYE975FnzTV0fqAmA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WZp41LvOE9TYE975FnzTV0fqAmA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/EFF515CA052211EEA91C2E1BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.0.0/23
103.194.92.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:c9:2c:02:e5:fc:7a:c1:f4:ab:83:81:29:86:91:fe:7a:3d:
a1:96:26:11:fd:e8:ab:39:78:07:6b:5b:d7:9e:41:ac:7b:ae:
71:91:0b:32:67:ca:74:51:33:f3:42:9b:00:cb:1c:34:c2:b8:
4d:a9:13:62:dc:f0:5f:f5:9a:4e:2c:1d:51:5e:37:c9:91:4f:
f8:98:74:5a:b3:f7:55:6e:c9:ef:a7:39:2c:13:b2:b6:cd:84:
4c:ef:27:0e:fd:fa:1e:a6:3d:54:41:47:1c:d2:d5:43:8e:9d:
7a:a2:4e:7f:75:d9:88:76:fa:6d:e5:2b:4a:03:b4:29:1b:71:
4c:44:42:51:2b:d5:23:59:a1:6d:b8:5a:92:4d:c3:c2:92:48:
22:d8:f7:e9:ad:16:b0:13:cc:0e:7e:36:15:9a:d8:84:e9:81:
20:76:a2:00:fe:a8:34:e5:4f:a2:d9:38:75:de:82:69:92:ce:
8b:f8:c4:2b:72:ba:c6:69:4a:fd:9d:35:b4:07:96:75:22:10:
9e:20:ce:d7:7c:d6:a4:85:5e:47:52:32:e1:16:4f:b7:8f:91:
69:df:b5:5d:49:12:8a:dd:0e:b5:09:26:11:25:95:91:20:59:
30:ed:8d:07:7b:90:86:2a:f3:ad:cc:3b:78:c8:3c:5a:08:99:
bb:d2:72:36
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCCIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUZGMTUxMTAvBgNVBAUTKDU5OUE3OEQ0QkJDRTEzRDREODEzREVGOTE2N0NEMzU3
NDdFQTAyNjAwHhcNMjMwNjA3MTI1ODA4WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgwN2VkZi00Nzg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyAYODea121uLEaSXc0sxMFqneC//+u3M+ACY1Rd4volXFKAMTwWQ3/42R820
liMh9w+STpTkuNvc6tkE40bikMhVHezSZRzodz7/qEaZEGzr4RWSAfFErIKC3ctc
QpCWR60/0CIy3sU8voaIFOit6W30ariwxfjX1rGasHP6f/Xc2fOGSKwPekE0U4K8
RYsqTmpG/KnaxcljQ33zf1bAmuPNK4Q79ik4jIoTyUYG9pXAviG31LBTwbbH7QML
vcD3nob3oHa5Zw6JQVkizYhJ55mwksgmU7OL4ZEOtlw9WWmwTnA05lDHAqbokkNx
Yg/TsNAv8I0GEThYBNLkT4SdvQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGQhZ3av
y+Bonuo/jmeE9GuM1Fw2MB8GA1UdIwQYMBaAFFmaeNS7zhPU2BPe+RZ801dH6gJg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRkYxNS9CNDc4NUJFODhE
NEMxMUVBQkJERDNBNzRDNEY5QUUwMi9XWnA0MUx2T0U5VFlFOTc1Rm56VFYwZnFB
bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dacDQxTHZPRTlUWUU5NzVGbnpUVjBmcUFtQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUZGMTUvQjQ3ODVCRTg4RDRDMTFFQUJCREQzQTc0QzRGOUFFMDIvRUZGNTE1Q0Ew
NTIyMTFFRUE5MUMyRTFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnSAADBAJnwlwwDQYJKoZIhvcNAQELBQADggEBALXJLALl
/HrB9KuDgSmGkf56PaGWJhH96Ks5eAdrW9eeQax7rnGRCzJnynRRM/NCmwDLHDTC
uE2pE2Lc8F/1mk4sHVFeN8mRT/iYdFqz91Vuye+nOSwTsrbNhEzvJw79+h6mPVRB
RxzS1UOOnXqiTn912Yh2+m3lK0oDtCkbcUxEQlEr1SNZoW24WpJNw8KSSCLY9+mt
FrATzA5+NhWa2ITpgSB2ogD+qDTlT6LZOHXegmmSzov4xCtyusZpSv2dNbQHlnUi
EJ4gztd81qSFXkdSMuEWT7ePkWnftV1JEordDrUJJhEllZEgWTDtjQd7kIYq863M
O3jIPFoImbvScjY=
-----END CERTIFICATE-----
Generated at Mon Sep 25 14:56:09 2023 by rpki-client on console-fra.rpki-client.org