Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/D87E7394B85811EDA32AF260C4F9AE02.roa
File: D87E7394B85811EDA32AF260C4F9AE02.roa (raw, json)
Hash identifier: gXanUIwY19+pEvM7cdCE8LyFwf4sGehWtqGsYSPsW0g=
Subject key identifier: 14:3A:B2:DB:FC:DC:75:09:40:48:58:5F:73:F1:11:E1:B7:E9:4B:D4
Certificate issuer: /CN=A91B9E19/serialNumber=255290A01AA9B9118B66EEDA0F905F6D40DB05AE
Certificate serial: 0C2A
Authority key identifier: 25:52:90:A0:1A:A9:B9:11:8B:66:EE:DA:0F:90:5F:6D:40:DB:05:AE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JVKQoBqpuRGLZu7aD5BfbUDbBa4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/D87E7394B85811EDA32AF260C4F9AE02.roa
Signing time: Wed 26 Apr 2023 18:55:46 +0000
ROA not before: Wed 26 Apr 2023 18:55:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137185
IP address blocks: 103.88.92.0/24 maxlen: 24
103.88.93.0/24 maxlen: 24
103.88.94.0/24 maxlen: 24
103.88.95.0/24 maxlen: 24
220.158.192.0/24 maxlen: 24
220.158.193.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3114 (0xc2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9E19/serialNumber=255290A01AA9B9118B66EEDA0F905F6D40DB05AE
Validity
Not Before: Apr 26 18:55:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=644973b2-26f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:30:35:ea:06:f9:b7:79:aa:a9:3b:11:64:1f:
81:26:84:29:36:f9:09:d8:55:1a:74:d5:46:f6:41:
09:e4:a2:59:4a:34:cd:a7:4e:b3:3b:bf:54:0e:38:
d8:e6:0a:30:c6:b0:38:ce:04:e6:c5:d4:fb:ce:13:
7a:24:ec:7b:6b:fc:7e:ca:2d:e0:7e:a8:60:5c:25:
ea:4d:76:1c:94:51:45:d6:f3:a8:4f:05:03:ba:b6:
0e:bc:6d:85:5f:8e:b2:91:17:49:f2:87:26:69:c3:
d2:43:07:24:fa:f4:ce:6d:19:d2:f7:47:7a:15:8e:
5d:0b:98:b7:9f:bd:82:67:4e:6f:1c:15:da:e1:5a:
a6:51:5b:3d:d5:bd:90:c2:9d:93:1a:1e:0d:58:16:
e1:c5:f3:a6:39:f0:b2:1d:58:08:01:95:f9:40:15:
e3:cf:57:f4:e0:14:3c:11:4d:22:2f:75:d4:c6:bc:
a0:ad:5c:41:40:9b:d0:1d:5c:74:f2:7a:7b:61:5d:
ec:0b:15:c8:e6:d7:11:5c:1a:ed:71:34:83:45:1f:
ac:51:8f:a4:03:2d:d4:a6:61:c0:7a:34:ef:de:01:
66:c9:ae:2e:39:f3:e5:7a:b4:b5:94:76:8a:1a:11:
37:87:1b:89:cb:25:e6:1b:ec:b9:29:98:31:b0:7e:
1d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:3A:B2:DB:FC:DC:75:09:40:48:58:5F:73:F1:11:E1:B7:E9:4B:D4
X509v3 Authority Key Identifier:
keyid:25:52:90:A0:1A:A9:B9:11:8B:66:EE:DA:0F:90:5F:6D:40:DB:05:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/JVKQoBqpuRGLZu7aD5BfbUDbBa4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JVKQoBqpuRGLZu7aD5BfbUDbBa4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/D87E7394B85811EDA32AF260C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.92.0/22
220.158.192.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:dd:b8:29:22:1c:c6:98:ab:a4:01:88:92:aa:b4:46:a1:0d:
f5:30:a1:e4:ed:0e:a8:0b:8e:6d:ad:77:4d:65:b7:4a:5a:56:
db:0b:10:af:fb:cd:34:d1:a4:17:17:e9:17:5c:fa:4c:d0:a4:
28:53:58:76:7f:04:22:32:99:8f:eb:c1:5f:a4:b6:3a:ff:8c:
49:09:05:78:7c:7c:12:db:54:0d:05:c0:59:36:87:78:d5:dc:
c5:b7:10:7a:9d:3c:78:d9:f8:23:08:61:a4:72:d2:75:42:31:
ad:44:27:38:e1:81:5b:29:5f:f3:6d:33:c7:22:ed:fe:57:27:
e6:0d:cf:7b:c2:e7:e7:d2:33:9d:67:b8:da:4f:6f:2b:0d:4c:
ca:e3:a1:32:64:1e:ac:f5:0e:ab:25:33:9a:af:bd:ec:5c:26:
d4:a1:7f:97:9e:cf:17:b4:34:89:62:07:f4:9c:c1:9e:3b:99:
25:d3:b4:92:19:13:d5:9d:42:19:20:e3:09:49:d4:e2:4f:2a:
b1:e8:9e:d8:0f:ef:b4:be:a2:31:f1:91:83:74:06:49:37:9d:
05:0a:f8:38:72:d7:50:29:8d:e0:1f:c2:84:e0:79:8c:57:53:
5e:3e:d8:bf:9c:25:cb:b3:57:a4:7b:15:bf:a1:cd:9f:ff:5f:
12:8a:5e:61
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDCowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlFMTkxMTAvBgNVBAUTKDI1NTI5MEEwMUFBOUI5MTE4QjY2RUVEQTBGOTA1RjZE
NDBEQjA1QUUwHhcNMjMwNDI2MTg1NTQ2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDQ5NzNiMi0yNmY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2zA16gb5t3mqqTsRZB+BJoQpNvkJ2FUadNVG9kEJ5KJZSjTNp06zO79UDjjY
5gowxrA4zgTmxdT7zhN6JOx7a/x+yi3gfqhgXCXqTXYclFFF1vOoTwUDurYOvG2F
X46ykRdJ8ocmacPSQwck+vTObRnS90d6FY5dC5i3n72CZ05vHBXa4VqmUVs91b2Q
wp2TGh4NWBbhxfOmOfCyHVgIAZX5QBXjz1f04BQ8EU0iL3XUxrygrVxBQJvQHVx0
8np7YV3sCxXI5tcRXBrtcTSDRR+sUY+kAy3UpmHAejTv3gFmya4uOfPlerS1lHaK
GhE3hxuJyyXmG+y5KZgxsH4dOwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBQ6stv8
3HUJQEhYX3PxEeG36UvUMB8GA1UdIwQYMBaAFCVSkKAaqbkRi2bu2g+QX21A2wWu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUUxOS8zNTZGMkYzRUMx
QTUxMUU5QThCOEYzMzZDNEY5QUUwMi9KVktRb0JxcHVSR0xadTdhRDVCZmJVRGJC
YTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pWS1FvQnFwdVJHTFp1N2FENUJmYlVEYkJhNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlFMTkvMzU2RjJGM0VDMUE1MTFFOUE4QjhGMzM2QzRGOUFFMDIvRDg3RTczOTRC
ODU4MTFFREEzMkFGMjYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnWFwDBAHcnsAwDQYJKoZIhvcNAQELBQADggEBAC3duCki
HMaYq6QBiJKqtEahDfUwoeTtDqgLjm2td01lt0paVtsLEK/7zTTRpBcX6Rdc+kzQ
pChTWHZ/BCIymY/rwV+ktjr/jEkJBXh8fBLbVA0FwFk2h3jV3MW3EHqdPHjZ+CMI
YaRy0nVCMa1EJzjhgVspX/NtM8ci7f5XJ+YNz3vC5+fSM51nuNpPbysNTMrjoTJk
Hqz1DqslM5qvvexcJtShf5eezxe0NIliB/ScwZ47mSXTtJIZE9WdQhkg4wlJ1OJP
KrHontgP77S+ojHxkYN0Bkk3nQUK+Dhy11ApjeAfwoTgeYxXU14+2L+cJcuzV6R7
Fb+hzZ//XxKKXmE=
-----END CERTIFICATE-----
Generated at Thu Jul 20 09:13:38 2023 by rpki-client on console-ams.rpki-client.org