Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/3395F8F43CA911EE8FE44F3FC4F9AE02.roa
File: 3395F8F43CA911EE8FE44F3FC4F9AE02.roa (raw, json)
Hash identifier: tOv7Kd/1HESwfZEGu5zFFYD4h7pAr4FZeFsxpfmKdxE=
Subject key identifier: 50:05:94:1F:AB:94:52:33:39:29:F8:AA:15:D4:06:4C:57:6E:7F:A8
Certificate issuer: /CN=A91B59E5/serialNumber=E47BF70254532697D20D0D3110F625370D65FA83
Certificate serial: 03
Authority key identifier: E4:7B:F7:02:54:53:26:97:D2:0D:0D:31:10:F6:25:37:0D:65:FA:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/3395F8F43CA911EE8FE44F3FC4F9AE02.roa
Signing time: Thu 17 Aug 2023 02:53:11 +0000
ROA not before: Thu 17 Aug 2023 02:53:11 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 133320
IP address blocks: 45.118.9.0/24 maxlen: 24
103.58.41.0/24 maxlen: 24
103.237.112.0/22 maxlen: 22
2001:df6:a900::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B59E5/serialNumber=E47BF70254532697D20D0D3110F625370D65FA83
Validity
Not Before: Aug 17 02:53:11 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=64dd8b97-04ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:82:30:97:22:16:3f:f2:27:b5:0a:50:54:93:
d5:96:78:86:da:59:e2:f3:09:7b:c5:76:af:c6:f4:
be:29:ff:17:27:75:bf:5e:db:e8:8a:df:55:40:08:
39:7a:4c:3c:04:04:8b:dd:1f:6a:7a:cc:84:00:71:
b8:98:3d:55:fb:3a:06:48:34:4a:1e:b1:92:59:ce:
9f:ba:36:ec:b0:2b:ed:b2:f6:05:7a:bb:6b:f3:76:
c0:47:c5:3a:6e:31:63:df:5c:8a:bf:94:df:5c:08:
63:bc:61:69:47:6c:83:34:ff:38:ab:3f:c6:31:8d:
24:b2:68:a7:64:84:67:0e:ac:e9:8a:d0:1d:0f:ee:
77:a0:69:82:a9:90:3d:ea:2e:46:92:d5:6e:03:14:
38:c8:b2:7e:da:cb:6b:2d:82:52:d6:c8:c8:02:01:
8c:02:d2:c3:36:87:f9:2d:54:fc:e0:f1:b1:2c:85:
16:82:8f:cf:57:c3:28:13:ec:78:f4:80:ae:29:fa:
0e:13:48:9c:5f:20:dc:4f:34:7f:ac:a9:c5:f6:11:
8f:13:45:11:e9:1d:da:87:ea:31:8d:51:c9:63:be:
3a:14:2a:ab:ba:b6:46:0d:81:da:e9:89:1a:9c:a2:
10:e6:80:14:aa:f4:a5:81:99:44:42:f6:56:cc:dc:
30:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:05:94:1F:AB:94:52:33:39:29:F8:AA:15:D4:06:4C:57:6E:7F:A8
X509v3 Authority Key Identifier:
keyid:E4:7B:F7:02:54:53:26:97:D2:0D:0D:31:10:F6:25:37:0D:65:FA:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/3395F8F43CA911EE8FE44F3FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.118.9.0/24
103.58.41.0/24
103.237.112.0/22
IPv6:
2001:df6:a900::/48
Signature Algorithm: sha256WithRSAEncryption
19:22:ec:8c:65:e8:fa:e6:88:90:4d:22:35:92:96:77:f2:b6:
17:bd:24:6e:b0:78:f2:92:b3:93:34:e7:73:8e:d9:0e:5b:01:
6e:6a:f2:6d:85:e2:99:35:13:23:af:7e:ab:b2:46:dc:c7:79:
2b:20:11:46:fd:30:68:39:1f:fd:b0:ef:d7:c0:6c:8d:93:91:
e0:26:8c:42:32:c3:c7:99:18:17:04:80:58:0f:f4:ae:e4:29:
4e:6b:ca:71:e0:37:55:94:f3:18:34:62:ce:29:ef:c8:33:4e:
01:55:a0:e3:c7:15:57:25:7f:c3:22:63:c5:bb:62:89:12:5d:
a5:a7:4b:98:23:a1:b7:ea:35:03:e8:33:b9:ba:27:bb:55:30:
ed:71:5e:ea:11:9d:df:f0:b7:17:39:b9:a1:29:8a:3c:f7:0b:
9f:7f:18:7f:85:e1:69:97:c2:3d:09:81:87:64:6d:56:1e:47:
53:bb:67:9f:5e:9f:e3:e2:2d:2a:d8:cb:a1:71:91:b4:a2:76:
21:0d:81:d9:1e:1e:52:01:b2:2d:1a:ac:ae:15:d3:df:f3:d4:
42:17:c3:cf:4a:39:a5:be:81:b3:d3:56:a7:bd:4d:c2:36:b5:
8d:01:b9:47:f3:49:f7:6d:f4:82:b9:27:67:b5:80:a6:9b:6c:
84:f9:22:0d
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
NTlFNTExMC8GA1UEBRMoRTQ3QkY3MDI1NDUzMjY5N0QyMEQwRDMxMTBGNjI1Mzcw
RDY1RkE4MzAeFw0yMzA4MTcwMjUzMTFaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZGQ4Yjk3LTA0YmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/gjCXIhY/8ie1ClBUk9WWeIbaWeLzCXvFdq/G9L4p/xcndb9e2+iK31VACDl6
TDwEBIvdH2p6zIQAcbiYPVX7OgZINEoesZJZzp+6NuywK+2y9gV6u2vzdsBHxTpu
MWPfXIq/lN9cCGO8YWlHbIM0/zirP8YxjSSyaKdkhGcOrOmK0B0P7negaYKpkD3q
LkaS1W4DFDjIsn7ay2stglLWyMgCAYwC0sM2h/ktVPzg8bEshRaCj89XwygT7Hj0
gK4p+g4TSJxfINxPNH+sqcX2EY8TRRHpHdqH6jGNUcljvjoUKqu6tkYNgdrpiRqc
ohDmgBSq9KWBmURC9lbM3DApAgMBAAGjggKyMIICrjAdBgNVHQ4EFgQUUAWUH6uU
UjM5KfiqFdQGTFduf6gwHwYDVR0jBBgwFoAU5Hv3AlRTJpfSDQ0xEPYlNw1l+oMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI1OUU1L0REOUYxRjdDM0Mw
MTExRUU5MUNCRTE1N0M0RjlBRTAyLzVIdjNBbFJUSnBmU0RRMHhFUFlsTncxbC1v
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNUh2M0FsUlRKcGZTRFEweEVQWWxOdzFsLW9NLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NTlFNS9ERDlGMUY3QzNDMDExMUVFOTFDQkUxNTdDNEY5QUUwMi8zMzk1RjhGNDND
QTkxMUVFOEZFNDRGM0ZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA8BggrBgEFBQcBBwEB/wQt
MCswGAQCAAEwEgMEAC12CQMEAGc6KQMEAmftcDAPBAIAAjAJAwcAIAEN9qkAMA0G
CSqGSIb3DQEBCwUAA4IBAQAZIuyMZej65oiQTSI1kpZ38rYXvSRusHjykrOTNOdz
jtkOWwFuavJtheKZNRMjr36rskbcx3krIBFG/TBoOR/9sO/XwGyNk5HgJoxCMsPH
mRgXBIBYD/Su5ClOa8px4DdVlPMYNGLOKe/IM04BVaDjxxVXJX/DImPFu2KJEl2l
p0uYI6G36jUD6DO5uie7VTDtcV7qEZ3f8LcXObmhKYo89wuffxh/heFpl8I9CYGH
ZG1WHkdTu2efXp/j4i0q2MuhcZG0onYhDYHZHh5SAbItGqyuFdPf89RCF8PPSjml
voGz01anvU3CNrWNAblH80n3bfSCuSdntYCmm2yE+SIN
-----END CERTIFICATE-----
Generated at Fri Aug 18 08:53:06 2023 by rpki-client on console-ams.rpki-client.org