Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CC510/EC31E258BD1111EAB380A722C4F9AE02/3B5B53BE2A1E11EFA4826386C4F9AE02.roa
File: 3B5B53BE2A1E11EFA4826386C4F9AE02.roa (raw, json)
Hash identifier: lqBnfcsKwLVa1wnibuq5/4EqyxxRgSMVq7OcnXF8CS0=
Subject key identifier: AF:80:16:D8:67:51:FE:05:7B:81:A4:C1:99:81:83:13:26:01:1A:BF
Certificate issuer: /CN=A91CC510/serialNumber=F61D9BA30AE355C803F80DCCF2C415DE007D7953
Certificate serial: 0805
Authority key identifier: F6:1D:9B:A3:0A:E3:55:C8:03:F8:0D:CC:F2:C4:15:DE:00:7D:79:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9h2bowrjVcgD-A3M8sQV3gB9eVM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CC510/EC31E258BD1111EAB380A722C4F9AE02/3B5B53BE2A1E11EFA4826386C4F9AE02.roa
Signing time: Fri 14 Jun 2024 07:18:00 +0000
ROA not before: Fri 14 Jun 2024 07:18:00 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 32167
IP address blocks: 103.152.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Jun 2024 05:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2053 (0x805)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CC510/serialNumber=F61D9BA30AE355C803F80DCCF2C415DE007D7953
Validity
Not Before: Jun 14 07:18:00 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=666beea8-d0c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:86:30:87:d1:4e:bb:21:aa:28:40:4e:0e:9d:
2c:f3:ca:1d:1f:d5:20:a4:42:af:f8:25:7d:04:b5:
46:48:c9:3e:2d:4c:6e:36:12:dc:e7:78:7e:2b:5a:
af:93:f1:de:c5:99:63:99:12:19:58:aa:b6:a5:c6:
92:fc:bb:47:3a:e3:7b:06:dd:08:0c:34:d6:96:35:
71:60:3b:cd:29:2f:04:a8:b4:6d:ed:ee:81:a7:fb:
28:fe:b3:54:cf:4b:10:e8:79:bf:8f:b4:7f:fa:c0:
82:49:9c:38:3e:c9:54:0a:98:4b:f8:a1:fc:b3:7b:
c6:90:f8:7f:a0:76:e0:36:d4:c9:d1:55:8f:e7:20:
a2:f6:ff:66:ca:34:67:4a:9a:67:29:b1:53:c2:42:
c1:af:dc:9a:60:5a:ee:b8:31:f9:f3:91:16:6d:c2:
5f:70:52:85:b8:6e:f6:c1:14:61:90:c5:cd:9c:9d:
b2:56:d7:4e:09:24:b8:a8:20:0f:57:c6:b1:08:f8:
d8:68:b3:2c:14:a1:25:3e:8d:22:8e:a9:1f:e5:42:
06:99:56:53:6b:c4:49:ca:ca:12:34:f2:80:0f:a7:
0c:62:b3:f7:b8:4e:e2:71:8f:c7:28:42:0a:1e:cd:
a7:cd:a3:64:0b:fb:f1:76:1f:04:c0:9f:b5:bb:b2:
5c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:80:16:D8:67:51:FE:05:7B:81:A4:C1:99:81:83:13:26:01:1A:BF
X509v3 Authority Key Identifier:
keyid:F6:1D:9B:A3:0A:E3:55:C8:03:F8:0D:CC:F2:C4:15:DE:00:7D:79:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CC510/EC31E258BD1111EAB380A722C4F9AE02/9h2bowrjVcgD-A3M8sQV3gB9eVM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9h2bowrjVcgD-A3M8sQV3gB9eVM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CC510/EC31E258BD1111EAB380A722C4F9AE02/3B5B53BE2A1E11EFA4826386C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.226.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:8b:77:cc:18:e6:a4:43:3f:4e:76:5c:53:c6:ef:9d:00:39:
aa:92:9c:4f:21:1c:a2:8e:bc:24:1e:e0:76:83:91:c3:ee:cb:
7c:79:d4:e6:fc:ac:26:6b:84:95:8e:66:96:2d:d7:ee:3b:49:
89:8e:1e:eb:ff:b7:e9:da:ef:24:06:59:28:c2:e5:38:74:fc:
f7:f4:10:05:7a:c4:02:9d:52:c0:14:04:98:af:6f:84:01:ae:
e9:21:c0:92:d7:8b:f6:56:a1:eb:f5:e7:ed:48:0e:83:ae:1d:
5f:93:bc:de:0f:c4:54:80:35:d8:79:f6:b2:f0:31:d3:0e:db:
e8:07:67:f7:27:73:93:a3:42:f5:63:76:5b:ec:e1:12:84:a7:
f1:30:81:6d:50:5c:31:bf:1a:c0:bf:21:8b:f4:3c:9d:f5:fd:
07:7d:64:bd:6d:e4:b3:b5:48:b2:e9:05:c1:cd:5d:6c:81:c9:
b6:f9:ce:f7:6b:f3:97:56:f5:de:e3:24:f4:0c:3b:75:35:25:
b3:a8:68:82:cd:43:ff:5f:75:df:91:bd:ff:e6:ed:79:ca:d0:
84:ce:5e:23:cc:48:94:07:b8:9f:0d:ae:f8:99:ad:d0:79:63:
c8:95:44:d1:74:c0:79:a4:02:4b:6a:a3:26:e4:97:3c:d9:d2:
ba:95:83:8f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCAUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0M1MTAxMTAvBgNVBAUTKEY2MUQ5QkEzMEFFMzU1QzgwM0Y4MERDQ0YyQzQxNURF
MDA3RDc5NTMwHhcNMjQwNjE0MDcxODAwWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjZiZWVhOC1kMGM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp4Ywh9FOuyGqKEBODp0s88odH9UgpEKv+CV9BLVGSMk+LUxuNhLc53h+K1qv
k/HexZljmRIZWKq2pcaS/LtHOuN7Bt0IDDTWljVxYDvNKS8EqLRt7e6Bp/so/rNU
z0sQ6Hm/j7R/+sCCSZw4PslUCphL+KH8s3vGkPh/oHbgNtTJ0VWP5yCi9v9myjRn
SppnKbFTwkLBr9yaYFruuDH585EWbcJfcFKFuG72wRRhkMXNnJ2yVtdOCSS4qCAP
V8axCPjYaLMsFKElPo0ijqkf5UIGmVZTa8RJysoSNPKAD6cMYrP3uE7icY/HKEIK
Hs2nzaNkC/vxdh8EwJ+1u7JcTQIDAQABo4IClTCCApEwHQYDVR0OBBYEFK+AFthn
Uf4Fe4GkwZmBgxMmARq/MB8GA1UdIwQYMBaAFPYdm6MK41XIA/gNzPLEFd4AfXlT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQzUxMC9FQzMxRTI1OEJE
MTExMUVBQjM4MEE3MjJDNEY5QUUwMi85aDJib3dyalZjZ0QtQTNNOHNRVjNnQjll
Vk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzloMmJvd3JqVmNnRC1BM004c1FWM2dCOWVWTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0M1MTAvRUMzMUUyNThCRDExMTFFQUIzODBBNzIyQzRGOUFFMDIvM0I1QjUzQkUy
QTFFMTFFRkE0ODI2Mzg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnmOIwDQYJKoZIhvcNAQELBQADggEBAJuLd8wY5qRDP052
XFPG750AOaqSnE8hHKKOvCQe4HaDkcPuy3x51Ob8rCZrhJWOZpYt1+47SYmOHuv/
t+na7yQGWSjC5Th0/Pf0EAV6xAKdUsAUBJivb4QBrukhwJLXi/ZWoev15+1IDoOu
HV+TvN4PxFSANdh59rLwMdMO2+gHZ/cnc5OjQvVjdlvs4RKEp/EwgW1QXDG/GsC/
IYv0PJ31/Qd9ZL1t5LO1SLLpBcHNXWyBybb5zvdr85dW9d7jJPQMO3U1JbOoaILN
Q/9fdd+Rvf/m7XnK0ITOXiPMSJQHuJ8NrviZrdB5Y8iVRNF0wHmkAktqoybklzzZ
0rqVg48=
-----END CERTIFICATE-----
Generated at Tue Jun 25 09:54:29 2024 by rpki-client on console-ams.rpki-client.org