Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/28D09E2AFEDB11EEA881E940C4F9AE02.roa
File: 28D09E2AFEDB11EEA881E940C4F9AE02.roa (raw, json)
Hash identifier: nXWZ2/pYwTLZViSoSEhyjUc1RO0e4Y2o+WEznTviI4A=
Subject key identifier: A7:8E:D6:A8:94:0A:7F:17:B2:96:C0:AC:4E:F0:AC:BA:32:31:3D:87
Certificate issuer: /CN=A91B59E5/serialNumber=E47BF70254532697D20D0D3110F625370D65FA83
Certificate serial: C0
Authority key identifier: E4:7B:F7:02:54:53:26:97:D2:0D:0D:31:10:F6:25:37:0D:65:FA:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/28D09E2AFEDB11EEA881E940C4F9AE02.roa
Signing time: Mon 06 May 2024 07:13:19 +0000
ROA not before: Mon 06 May 2024 07:13:19 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 134475
IP address blocks: 103.58.41.0/24 maxlen: 24
103.237.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 May 2024 07:52:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 192 (0xc0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B59E5/serialNumber=E47BF70254532697D20D0D3110F625370D65FA83
Validity
Not Before: May 6 07:13:19 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6638830e-896b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:32:b9:05:6c:0d:dc:b5:f6:e2:9e:b6:c4:d3:
a2:f9:47:6a:44:99:68:c0:61:8d:5c:63:a8:5e:7f:
94:6c:f9:55:0c:6f:86:e3:81:ed:14:54:0b:f0:3f:
00:08:1f:38:08:78:98:40:9f:4b:86:dd:32:f6:88:
a0:77:28:3b:70:0f:3c:11:e0:93:b2:f0:74:65:75:
4d:88:3f:73:6b:d6:0f:45:cd:16:f0:1d:ac:8a:4d:
12:91:1f:db:92:fa:e7:51:a0:20:fc:01:c3:60:13:
ac:d0:c6:00:eb:0d:6b:d0:64:cc:84:3c:b6:af:84:
9a:6e:05:98:eb:68:79:4a:08:37:7b:cc:cf:7d:fd:
87:fe:84:9b:2d:6d:a2:3e:63:73:79:ab:92:2e:f5:
e9:12:59:17:30:c5:f9:5a:fd:c5:5b:40:b6:50:15:
1c:02:f7:63:b5:3f:c6:e6:52:f3:22:ff:0a:f4:a1:
b2:11:9a:ef:10:02:63:a4:b5:d5:b6:39:1e:f1:ff:
20:91:10:7c:2c:f7:cb:50:25:e4:36:3b:b9:aa:16:
09:3d:25:75:9b:d8:88:c8:00:19:bf:1c:13:c4:24:
d8:0c:bf:de:9d:b4:e9:bb:5f:de:d0:fb:cf:68:fb:
50:7f:41:8d:3c:f1:14:db:cb:4d:ab:6d:e2:2f:ef:
e2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:8E:D6:A8:94:0A:7F:17:B2:96:C0:AC:4E:F0:AC:BA:32:31:3D:87
X509v3 Authority Key Identifier:
keyid:E4:7B:F7:02:54:53:26:97:D2:0D:0D:31:10:F6:25:37:0D:65:FA:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/28D09E2AFEDB11EEA881E940C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.58.41.0/24
103.237.112.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:90:69:d3:4f:0a:30:2e:79:fb:5c:51:20:5e:ab:90:c7:84:
75:10:37:d6:44:f8:f3:52:28:1f:79:06:a4:07:c5:d1:36:ff:
45:c7:5a:6f:ba:49:80:a3:38:74:a0:ed:09:9b:bb:0a:1b:f5:
ed:2f:d5:ca:ff:c3:e7:8f:d5:40:a7:3c:be:2b:f7:08:45:e0:
f1:0f:5d:82:66:3a:06:8a:7c:cc:44:9a:6f:81:4f:d2:ce:a6:
42:99:42:15:29:c2:a9:be:9d:9f:00:da:ed:9c:bb:c2:85:47:
09:55:8c:57:12:f1:c5:6c:f8:55:18:cf:be:1d:79:bc:7a:d4:
1b:5d:e9:f8:d8:72:bf:37:83:64:3b:38:d5:45:a4:81:7c:e7:
20:38:a9:50:97:10:b0:79:e6:d3:3d:2b:ff:83:b2:5f:c5:0c:
60:71:bd:c6:25:97:01:c1:98:b3:ee:a7:65:bb:59:02:9a:ed:
9c:ca:a0:f3:23:1e:88:82:2f:2b:ee:34:36:5a:cd:b8:f6:d1:
60:c6:9e:50:a5:cb:16:51:ab:10:4d:52:75:83:a6:ae:b1:42:
d4:ca:61:62:df:ad:e9:46:a5:ef:87:cc:22:85:43:19:24:25:
86:d4:20:51:aa:78:bd:f8:11:0a:8a:25:ae:ac:ac:47:3d:13:
27:10:36:6e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAMAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjU5RTUxMTAvBgNVBAUTKEU0N0JGNzAyNTQ1MzI2OTdEMjBEMEQzMTEwRjYyNTM3
MEQ2NUZBODMwHhcNMjQwNTA2MDcxMzE5WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM4ODMwZS04OTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8jK5BWwN3LX24p62xNOi+UdqRJlowGGNXGOoXn+UbPlVDG+G44HtFFQL8D8A
CB84CHiYQJ9Lht0y9oigdyg7cA88EeCTsvB0ZXVNiD9za9YPRc0W8B2sik0SkR/b
kvrnUaAg/AHDYBOs0MYA6w1r0GTMhDy2r4SabgWY62h5Sgg3e8zPff2H/oSbLW2i
PmNzeauSLvXpElkXMMX5Wv3FW0C2UBUcAvdjtT/G5lLzIv8K9KGyEZrvEAJjpLXV
tjke8f8gkRB8LPfLUCXkNju5qhYJPSV1m9iIyAAZvxwTxCTYDL/enbTpu1/e0PvP
aPtQf0GNPPEU28tNq23iL+/i7QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKeO1qiU
Cn8XspbArE7wrLoyMT2HMB8GA1UdIwQYMBaAFOR79wJUUyaX0g0NMRD2JTcNZfqD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTlFNS9ERDlGMUY3QzND
MDExMUVFOTFDQkUxNTdDNEY5QUUwMi81SHYzQWxSVEpwZlNEUTB4RVBZbE53MWwt
b00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVIdjNBbFJUSnBmU0RRMHhFUFlsTncxbC1vTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjU5RTUvREQ5RjFGN0MzQzAxMTFFRTkxQ0JFMTU3QzRGOUFFMDIvMjhEMDlFMkFG
RURCMTFFRUE4ODFFOTQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnOikDBABn7XAwDQYJKoZIhvcNAQELBQADggEBALSQadNP
CjAueftcUSBeq5DHhHUQN9ZE+PNSKB95BqQHxdE2/0XHWm+6SYCjOHSg7Qmbuwob
9e0v1cr/w+eP1UCnPL4r9whF4PEPXYJmOgaKfMxEmm+BT9LOpkKZQhUpwqm+nZ8A
2u2cu8KFRwlVjFcS8cVs+FUYz74debx61Btd6fjYcr83g2Q7ONVFpIF85yA4qVCX
ELB55tM9K/+Dsl/FDGBxvcYllwHBmLPup2W7WQKa7ZzKoPMjHoiCLyvuNDZazbj2
0WDGnlClyxZRqxBNUnWDpq6xQtTKYWLfrelGpe+HzCKFQxkkJYbUIFGqeL34EQqK
Ja6srEc9EycQNm4=
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:29 2024 by rpki-client on console-fra.rpki-client.org