Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/9828A8C0FFEB11ED8DD9A621C4F9AE02.roa
File: 9828A8C0FFEB11ED8DD9A621C4F9AE02.roa (raw, json)
Hash identifier: ZquFrbge+2IosoF/FRRkga3hclEyzOobHgdDyUnTYsI=
Subject key identifier: CA:4E:21:12:5A:A4:C7:E5:14:45:2D:A0:60:14:C3:AC:C3:6D:7A:61
Certificate issuer: /CN=A91C8F27/serialNumber=D1A36CD8ED2355082761A3DB13EDD30DFDA2CFD0
Certificate serial: 07AE
Authority key identifier: D1:A3:6C:D8:ED:23:55:08:27:61:A3:DB:13:ED:D3:0D:FD:A2:CF:D0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0aNs2O0jVQgnYaPbE-3TDf2iz9A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/9828A8C0FFEB11ED8DD9A621C4F9AE02.roa
Signing time: Wed 31 May 2023 19:44:46 +0000
ROA not before: Wed 31 May 2023 19:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.112.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Jun 2023 10:37:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1966 (0x7ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C8F27/serialNumber=D1A36CD8ED2355082761A3DB13EDD30DFDA2CFD0
Validity
Not Before: May 31 19:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6477a3ad-f611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:64:a7:e0:58:0d:8d:0c:d7:ba:27:56:4f:cd:
ce:f1:cf:68:f8:da:7a:3c:18:b0:2b:f4:1d:7a:e0:
03:46:a5:d0:56:a4:fe:aa:16:24:a3:be:05:ec:c4:
d0:d4:a0:64:73:3c:aa:6b:cd:dd:84:48:55:2a:c7:
05:72:22:72:64:a9:8e:3d:6c:d3:1a:81:39:d9:7f:
48:f1:cd:45:1c:0b:30:25:e4:34:ed:51:94:90:bb:
cc:e2:71:69:e9:7e:b8:a3:ab:79:be:c8:03:06:6f:
8f:5b:e9:f8:0a:78:11:55:ad:34:f9:f3:96:80:3c:
f6:8c:e1:e0:43:5e:85:43:e8:a7:7f:17:c9:fd:e6:
f8:2f:4c:2c:a5:96:07:c0:74:74:91:8e:ad:27:a4:
83:94:4e:1a:bf:44:1d:82:4a:db:96:d0:fa:0a:9c:
24:4f:cb:0b:5f:b2:8c:42:05:cf:89:e6:19:7a:99:
8a:ad:00:f1:f2:ea:a5:19:91:1f:2a:69:23:dc:52:
aa:50:bc:0c:85:e7:d6:12:11:2a:b3:a2:86:4a:77:
5a:c2:f3:27:fb:9f:91:8f:aa:d5:ad:37:05:0d:fd:
b3:43:c8:78:61:60:0a:a3:b1:d7:1c:4c:07:94:37:
72:70:88:74:6a:44:c7:a2:bc:e2:ff:9e:fe:55:fa:
c4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:4E:21:12:5A:A4:C7:E5:14:45:2D:A0:60:14:C3:AC:C3:6D:7A:61
X509v3 Authority Key Identifier:
keyid:D1:A3:6C:D8:ED:23:55:08:27:61:A3:DB:13:ED:D3:0D:FD:A2:CF:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/0aNs2O0jVQgnYaPbE-3TDf2iz9A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0aNs2O0jVQgnYaPbE-3TDf2iz9A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/9828A8C0FFEB11ED8DD9A621C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.2.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:2b:86:e0:df:d9:cf:f6:8c:86:c6:7a:75:58:4a:01:e1:1c:
36:72:37:9b:1e:af:57:9e:74:43:3d:02:39:c8:4d:ff:6c:dd:
31:f6:87:f3:f2:ef:7f:63:d0:6e:d4:44:ca:6a:b5:6e:a5:7f:
c1:f2:82:8c:f8:17:f1:8f:7e:0a:1f:8d:d6:fb:27:21:d0:9a:
3a:79:cd:40:6c:08:5d:ad:1d:0e:22:66:de:02:2b:a8:ce:51:
3a:68:05:2a:b7:c9:a3:27:5e:40:2b:93:c5:6b:4a:e0:b4:83:
f6:2f:0d:14:2e:b6:e6:c9:05:74:91:26:0b:a3:00:8a:ae:55:
7f:e3:cc:d8:b4:00:75:50:7c:48:27:b5:b6:37:b1:df:1a:e5:
af:48:e9:d2:b4:ae:6c:cb:10:4d:35:87:eb:f0:4f:89:67:fa:
ad:d1:c4:a3:77:07:c1:e8:af:fd:be:25:14:f4:89:00:ec:3d:
38:9b:40:32:02:0e:2b:c9:cc:19:81:f0:eb:4c:5c:4c:14:14:
85:94:94:19:5e:b2:a3:b1:f0:f2:fa:d3:ba:87:f5:3c:da:91:
dd:59:9c:56:20:b4:a8:9e:ea:47:38:0e:61:bb:a6:1a:88:da:
59:ee:23:89:99:96:15:b4:0a:75:6a:ef:3b:f4:90:fd:d1:6f:
aa:21:0f:56
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB64wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzhGMjcxMTAvBgNVBAUTKEQxQTM2Q0Q4RUQyMzU1MDgyNzYxQTNEQjEzRUREMzBE
RkRBMkNGRDAwHhcNMjMwNTMxMTk0NDQ2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc3YTNhZC1mNjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArGSn4FgNjQzXuidWT83O8c9o+Np6PBiwK/QdeuADRqXQVqT+qhYko74F7MTQ
1KBkczyqa83dhEhVKscFciJyZKmOPWzTGoE52X9I8c1FHAswJeQ07VGUkLvM4nFp
6X64o6t5vsgDBm+PW+n4CngRVa00+fOWgDz2jOHgQ16FQ+infxfJ/eb4L0wspZYH
wHR0kY6tJ6SDlE4av0QdgkrbltD6CpwkT8sLX7KMQgXPieYZepmKrQDx8uqlGZEf
Kmkj3FKqULwMhefWEhEqs6KGSndawvMn+5+Rj6rVrTcFDf2zQ8h4YWAKo7HXHEwH
lDdycIh0akTHorzi/57+VfrEmwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMpOIRJa
pMflFEUtoGAUw6zDbXphMB8GA1UdIwQYMBaAFNGjbNjtI1UIJ2Gj2xPt0w39os/Q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOEYyNy83RjUyMjlBOEIw
OTIxMUVBQjVEQkVDNThDNEY5QUUwMi8wYU5zMk8walZRZ25ZYVBiRS0zVERmMml6
OUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBhTnMyTzBqVlFnbllhUGJFLTNURGYyaXo5QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzhGMjcvN0Y1MjI5QThCMDkyMTFFQUI1REJFQzU4QzRGOUFFMDIvOTgyOEE4QzBG
RkVCMTFFRDhERDlBNjIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABncAIwDQYJKoZIhvcNAQELBQADggEBAEwrhuDf2c/2jIbG
enVYSgHhHDZyN5ser1eedEM9AjnITf9s3TH2h/Py739j0G7URMpqtW6lf8Hygoz4
F/GPfgofjdb7JyHQmjp5zUBsCF2tHQ4iZt4CK6jOUTpoBSq3yaMnXkArk8VrSuC0
g/YvDRQutubJBXSRJgujAIquVX/jzNi0AHVQfEgntbY3sd8a5a9I6dK0rmzLEE01
h+vwT4ln+q3RxKN3B8Hor/2+JRT0iQDsPTibQDICDivJzBmB8OtMXEwUFIWUlBle
sqOx8PL607qH9Tzakd1ZnFYgtKie6kc4DmG7phqI2lnuI4mZlhW0CnVq7zv0kP3R
b6ohD1Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:26 2024 by rpki-client on console-ams.rpki-client.org