Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/381DAA2897FF11EE925E6436C4F9AE02.roa
File: 381DAA2897FF11EE925E6436C4F9AE02.roa (raw, json)
Hash identifier: /4jtYaKGg5kY1BuRSeuddxSk0Z07F0JNSwAGMXJL89U=
Subject key identifier: 3A:50:05:07:98:ED:7A:73:62:3F:21:EF:74:BB:99:2E:1B:01:C2:64
Certificate issuer: /CN=A91B59E5/serialNumber=E47BF70254532697D20D0D3110F625370D65FA83
Certificate serial: 61
Authority key identifier: E4:7B:F7:02:54:53:26:97:D2:0D:0D:31:10:F6:25:37:0D:65:FA:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/381DAA2897FF11EE925E6436C4F9AE02.roa
Signing time: Thu 28 Dec 2023 04:48:04 +0000
ROA not before: Thu 28 Dec 2023 04:48:04 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 134475
IP address blocks: 103.237.112.0/24 maxlen: 24
103.237.115.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97 (0x61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B59E5/serialNumber=E47BF70254532697D20D0D3110F625370D65FA83
Validity
Not Before: Dec 28 04:48:04 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=658cfe04-b3b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:78:32:99:8f:0f:49:69:33:c4:af:7a:13:a3:
3d:08:15:5b:32:68:86:e1:53:1a:73:8b:3e:c5:e3:
c4:e4:d6:bc:5c:41:29:c2:fd:8a:f1:8a:dd:61:d3:
9a:4f:56:a0:20:ce:76:cd:0e:ed:63:30:74:bb:ed:
0f:6b:63:9c:f2:ac:3c:a5:c3:da:bd:e6:e3:bc:28:
c1:07:d8:10:c0:cf:21:b7:2f:f1:39:7f:73:d0:af:
55:db:7a:ae:63:dc:02:e9:ff:ff:ca:9a:30:23:4d:
51:8b:fc:64:2b:3e:63:22:b1:74:52:8d:94:ec:e4:
81:37:3e:8c:6c:2a:63:0e:36:4c:18:06:45:4b:15:
1f:df:bb:8c:5e:6f:fb:d4:2a:d5:a6:65:1b:2b:e7:
38:c0:31:f5:c3:55:36:6a:86:9b:48:0c:a5:ce:8a:
84:e7:ed:41:56:d4:48:fb:09:69:e3:45:07:30:d8:
f7:e3:ca:d8:ea:3a:38:33:40:df:80:25:2d:4e:81:
dc:31:99:cd:77:8d:f1:83:5f:e6:5b:16:cc:66:d1:
c1:57:f9:f1:5d:83:ad:ad:a6:48:b2:b5:88:08:f5:
f8:be:01:33:11:60:6a:9e:cb:d7:db:bf:54:8c:10:
14:29:8a:43:81:79:38:c5:5d:51:75:17:45:7d:09:
09:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:50:05:07:98:ED:7A:73:62:3F:21:EF:74:BB:99:2E:1B:01:C2:64
X509v3 Authority Key Identifier:
keyid:E4:7B:F7:02:54:53:26:97:D2:0D:0D:31:10:F6:25:37:0D:65:FA:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/381DAA2897FF11EE925E6436C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.237.112.0/24
103.237.115.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:8f:ec:91:35:d3:f0:28:fc:9e:28:c2:0e:3c:03:49:38:61:
d9:71:16:ed:03:53:8f:d8:51:00:a3:0d:46:b0:b9:60:63:2b:
3c:cd:d1:d2:d5:12:55:c5:26:17:be:2a:1a:10:25:3c:d7:60:
43:a2:6e:14:48:9e:3b:40:3b:65:4d:c7:09:52:61:1a:11:09:
75:a7:5e:90:0c:2b:df:8d:58:75:ee:c2:9d:61:b1:e0:01:cf:
40:05:51:23:27:3f:84:c9:25:4c:18:3b:d4:04:06:41:9a:34:
74:bf:1f:a9:99:28:ff:d7:30:71:92:16:05:39:a8:2c:b1:ff:
d4:bb:41:88:0f:87:a5:c7:5e:27:30:2a:1a:40:94:fd:c7:9e:
43:67:5c:aa:fd:9e:93:99:02:b3:9c:36:df:5b:29:8e:78:e4:
06:aa:7b:ea:f1:61:24:f3:37:95:0b:ee:31:71:21:ac:25:c1:
c0:19:85:35:40:13:65:97:a9:b5:1b:36:9e:a4:7e:e0:d5:25:
5f:5c:83:85:d4:1d:ef:2d:e9:d2:68:01:4a:80:8a:a2:03:af:
a9:03:aa:e3:f7:e6:95:08:3f:56:95:26:17:af:c7:8d:bd:ae:
00:9e:5d:09:6f:6e:4c:36:d4:ce:44:e8:c0:9c:78:60:27:13:
16:ab:a5:9b
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBYTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
NTlFNTExMC8GA1UEBRMoRTQ3QkY3MDI1NDUzMjY5N0QyMEQwRDMxMTBGNjI1Mzcw
RDY1RkE4MzAeFw0yMzEyMjgwNDQ4MDRaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1OGNmZTA0LWIzYjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIeDKZjw9JaTPEr3oToz0IFVsyaIbhUxpziz7F48Tk1rxcQSnC/Yrxit1h05pP
VqAgznbNDu1jMHS77Q9rY5zyrDylw9q95uO8KMEH2BDAzyG3L/E5f3PQr1Xbeq5j
3ALp///KmjAjTVGL/GQrPmMisXRSjZTs5IE3PoxsKmMONkwYBkVLFR/fu4xeb/vU
KtWmZRsr5zjAMfXDVTZqhptIDKXOioTn7UFW1Ej7CWnjRQcw2PfjytjqOjgzQN+A
JS1Ogdwxmc13jfGDX+ZbFsxm0cFX+fFdg62tpkiytYgI9fi+ATMRYGqey9fbv1SM
EBQpikOBeTjFXVF1F0V9CQkVAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUOlAFB5jt
enNiPyHvdLuZLhsBwmQwHwYDVR0jBBgwFoAU5Hv3AlRTJpfSDQ0xEPYlNw1l+oMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI1OUU1L0REOUYxRjdDM0Mw
MTExRUU5MUNCRTE1N0M0RjlBRTAyLzVIdjNBbFJUSnBmU0RRMHhFUFlsTncxbC1v
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNUh2M0FsUlRKcGZTRFEweEVQWWxOdzFsLW9NLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NTlFNS9ERDlGMUY3QzNDMDExMUVFOTFDQkUxNTdDNEY5QUUwMi8zODFEQUEyODk3
RkYxMUVFOTI1RTY0MzZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAGftcAMEAGftczANBgkqhkiG9w0BAQsFAAOCAQEAjo/skTXT
8Cj8nijCDjwDSThh2XEW7QNTj9hRAKMNRrC5YGMrPM3R0tUSVcUmF74qGhAlPNdg
Q6JuFEieO0A7ZU3HCVJhGhEJdadekAwr341Yde7CnWGx4AHPQAVRIyc/hMklTBg7
1AQGQZo0dL8fqZko/9cwcZIWBTmoLLH/1LtBiA+HpcdeJzAqGkCU/ceeQ2dcqv2e
k5kCs5w231spjnjkBqp76vFhJPM3lQvuMXEhrCXBwBmFNUATZZeptRs2nqR+4NUl
X1yDhdQd7y3p0mgBSoCKogOvqQOq4/fmlQg/VpUmF6/Hjb2uAJ5dCW9uTDbUzkTo
wJx4YCcTFqulmw==
-----END CERTIFICATE-----
Generated at Thu Dec 28 09:45:13 2023 by rpki-client on console-ams.rpki-client.org