Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/AFDB25C0945F11EEBF6FF347C4F9AE02.roa
File: AFDB25C0945F11EEBF6FF347C4F9AE02.roa (raw, json)
Hash identifier: 71Pc4R2W3bMPfU+3wEUlxM3HgwXIoo4ipLGdp57j/gA=
Subject key identifier: 7B:11:9B:27:EB:E7:99:3A:12:A8:2F:F4:BB:65:92:68:AD:52:E6:E8
Certificate issuer: /CN=A91C8F27/serialNumber=D1A36CD8ED2355082761A3DB13EDD30DFDA2CFD0
Certificate serial: 0815
Authority key identifier: D1:A3:6C:D8:ED:23:55:08:27:61:A3:DB:13:ED:D3:0D:FD:A2:CF:D0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0aNs2O0jVQgnYaPbE-3TDf2iz9A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/AFDB25C0945F11EEBF6FF347C4F9AE02.roa
Signing time: Wed 06 Dec 2023 17:48:39 +0000
ROA not before: Wed 06 Dec 2023 17:48:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.112.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Dec 2023 15:28:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2069 (0x815)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C8F27/serialNumber=D1A36CD8ED2355082761A3DB13EDD30DFDA2CFD0
Validity
Not Before: Dec 6 17:48:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6570b3f7-a8b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b4:eb:cd:b2:98:bb:f8:9f:59:c9:87:4f:92:
52:b3:59:7e:33:03:37:b4:ed:9b:da:3c:ff:db:4d:
2f:85:76:83:7c:2c:05:6a:61:88:5b:a1:1c:f9:b8:
7a:a2:34:1a:97:ba:85:53:90:f4:21:37:3f:c5:ce:
96:1e:fa:43:0c:89:38:40:8f:98:9e:bf:83:a8:d7:
8d:95:8d:a2:2a:d1:4b:59:65:4c:41:f1:a3:c4:e7:
58:f1:9b:6f:9b:58:b3:9e:8d:3c:e5:48:68:e5:d9:
3d:9c:05:99:15:7c:24:ce:48:87:62:63:e0:2e:f1:
7a:54:46:b9:88:f9:57:15:2f:39:3d:3c:5e:eb:c4:
81:92:2f:2b:9c:d2:63:6f:40:cc:f8:c8:9d:b4:61:
df:9b:44:3e:e3:2a:cb:b4:f4:65:c3:18:2b:4f:da:
7b:f5:91:2d:ea:4a:da:7a:94:c6:0f:ff:30:0f:74:
20:9f:a2:e9:07:30:e6:a6:66:56:c5:8a:04:b2:9d:
aa:f0:b6:28:6e:9f:a6:c7:50:eb:54:d7:e5:2f:49:
21:31:44:01:8b:8a:50:69:04:53:d1:68:5f:96:85:
29:da:d7:45:36:58:b2:28:dc:62:f8:35:1b:94:a2:
38:5d:6e:b0:7f:5c:cd:6c:fe:be:e8:aa:e4:4b:41:
b8:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:11:9B:27:EB:E7:99:3A:12:A8:2F:F4:BB:65:92:68:AD:52:E6:E8
X509v3 Authority Key Identifier:
keyid:D1:A3:6C:D8:ED:23:55:08:27:61:A3:DB:13:ED:D3:0D:FD:A2:CF:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/0aNs2O0jVQgnYaPbE-3TDf2iz9A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0aNs2O0jVQgnYaPbE-3TDf2iz9A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/AFDB25C0945F11EEBF6FF347C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.0.0/24
Signature Algorithm: sha256WithRSAEncryption
54:67:20:25:b4:de:69:ee:9a:f4:89:72:25:dc:77:9d:27:c5:
bd:14:d5:b9:4e:ac:0a:1d:ec:89:ef:d5:e4:9b:ec:06:05:32:
9e:ff:90:af:20:60:57:31:35:e5:03:b2:51:a9:1c:ca:ca:a7:
0a:ef:df:d9:4f:68:63:b0:cd:49:a9:af:24:f5:dd:63:91:35:
db:74:47:4f:e0:1e:d0:1b:17:60:6a:16:a6:52:95:88:40:19:
63:68:e4:b6:d0:dc:53:58:77:80:2a:34:22:ba:35:27:d8:a7:
bb:77:0d:02:89:ec:18:10:09:b1:ec:60:6a:22:08:a3:bb:1a:
77:16:52:7b:ce:96:20:6c:aa:a7:39:9f:03:b5:36:82:cf:a9:
63:54:c3:50:be:21:cb:cf:ce:07:c0:74:cb:61:d2:38:f2:04:
da:7f:54:f7:f1:b0:8b:9d:f7:93:94:85:53:13:61:87:1f:1f:
5d:4a:1d:ff:a1:1d:6e:0f:e8:43:5d:04:89:df:37:36:89:ce:
c9:f1:28:f6:dd:60:13:af:6c:0b:26:eb:76:19:0c:ca:b0:57:
04:99:88:eb:45:9b:c9:73:63:5b:65:f2:1d:ac:bf:3c:05:37:
9f:5f:ff:76:34:20:f2:3a:da:f1:ea:64:e8:f9:56:06:3a:ab:
bc:38:54:c5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCBUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzhGMjcxMTAvBgNVBAUTKEQxQTM2Q0Q4RUQyMzU1MDgyNzYxQTNEQjEzRUREMzBE
RkRBMkNGRDAwHhcNMjMxMjA2MTc0ODM5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTcwYjNmNy1hOGI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2rTrzbKYu/ifWcmHT5JSs1l+MwM3tO2b2jz/200vhXaDfCwFamGIW6Ec+bh6
ojQal7qFU5D0ITc/xc6WHvpDDIk4QI+Ynr+DqNeNlY2iKtFLWWVMQfGjxOdY8Ztv
m1izno085Uho5dk9nAWZFXwkzkiHYmPgLvF6VEa5iPlXFS85PTxe68SBki8rnNJj
b0DM+MidtGHfm0Q+4yrLtPRlwxgrT9p79ZEt6kraepTGD/8wD3Qgn6LpBzDmpmZW
xYoEsp2q8LYobp+mx1DrVNflL0khMUQBi4pQaQRT0WhfloUp2tdFNliyKNxi+DUb
lKI4XW6wf1zNbP6+6KrkS0G4wwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHsRmyfr
55k6Eqgv9LtlkmitUuboMB8GA1UdIwQYMBaAFNGjbNjtI1UIJ2Gj2xPt0w39os/Q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOEYyNy83RjUyMjlBOEIw
OTIxMUVBQjVEQkVDNThDNEY5QUUwMi8wYU5zMk8walZRZ25ZYVBiRS0zVERmMml6
OUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBhTnMyTzBqVlFnbllhUGJFLTNURGYyaXo5QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzhGMjcvN0Y1MjI5QThCMDkyMTFFQUI1REJFQzU4QzRGOUFFMDIvQUZEQjI1QzA5
NDVGMTFFRUJGNkZGMzQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABncAAwDQYJKoZIhvcNAQELBQADggEBAFRnICW03mnumvSJ
ciXcd50nxb0U1blOrAod7Inv1eSb7AYFMp7/kK8gYFcxNeUDslGpHMrKpwrv39lP
aGOwzUmpryT13WORNdt0R0/gHtAbF2BqFqZSlYhAGWNo5LbQ3FNYd4AqNCK6NSfY
p7t3DQKJ7BgQCbHsYGoiCKO7GncWUnvOliBsqqc5nwO1NoLPqWNUw1C+IcvPzgfA
dMth0jjyBNp/VPfxsIud95OUhVMTYYcfH11KHf+hHW4P6ENdBInfNzaJzsnxKPbd
YBOvbAsm63YZDMqwVwSZiOtFm8lzY1tl8h2svzwFN59f/3Y0IPI62vHqZOj5VgY6
q7w4VMU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org