Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEBAA/2CFD3712CCD011ED98252E75C4F9AE02/1B3A1B385DFF11EE9DE4F546C4F9AE02.roa
File: 1B3A1B385DFF11EE9DE4F546C4F9AE02.roa (raw, json)
Hash identifier: PsaX3Y63fl7BztZV1H6TGF7huSnE9iqojWwt367mMdE=
Subject key identifier: 41:22:CA:1E:70:6D:05:EE:DC:15:A2:3E:20:15:C4:D3:74:AF:9C:74
Certificate issuer: /CN=A91CEBAA/serialNumber=32618618244C8D6B4BA60A2FED9723B998D9A170
Certificate serial: 74
Authority key identifier: 32:61:86:18:24:4C:8D:6B:4B:A6:0A:2F:ED:97:23:B9:98:D9:A1:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MmGGGCRMjWtLpgov7ZcjuZjZoXA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CEBAA/2CFD3712CCD011ED98252E75C4F9AE02/1B3A1B385DFF11EE9DE4F546C4F9AE02.roa
Signing time: Sat 30 Sep 2023 10:09:05 +0000
ROA not before: Sat 30 Sep 2023 10:09:05 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 149870
IP address blocks: 103.189.232.0/24 maxlen: 24
103.189.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Nov 2023 18:53:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116 (0x74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CEBAA/serialNumber=32618618244C8D6B4BA60A2FED9723B998D9A170
Validity
Not Before: Sep 30 10:09:05 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=6517f3c1-bb47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:97:24:b3:1f:73:ca:8d:19:77:8c:93:ed:e9:
80:d7:1b:ad:17:81:84:ae:3a:36:65:e3:c2:0c:2d:
84:dd:88:4e:b3:e7:1e:7a:57:f9:ee:19:9a:f2:98:
09:27:dd:3f:dc:42:27:77:d8:a0:9e:09:4d:b2:d0:
d8:b9:5d:9b:b3:8e:a4:50:9c:2e:f7:50:04:b0:5b:
87:e6:ab:65:9b:fb:99:14:f2:e6:81:3b:ff:9b:87:
fe:7b:8a:1c:e1:ae:2b:95:09:d6:23:01:80:b1:15:
a5:ed:4e:58:ed:23:22:7c:60:43:7a:fa:b5:2d:2a:
a1:4c:85:07:47:0d:c8:19:dd:32:32:76:30:f8:6b:
15:98:64:90:9c:54:ac:c4:b1:8e:85:31:94:d3:a3:
48:5b:06:cc:9e:5f:5f:a3:94:26:53:ca:3c:cf:7d:
50:0a:6a:71:1c:48:6c:69:d8:ad:36:09:9b:cb:93:
ee:d8:00:30:1a:7a:17:59:0c:be:64:02:32:df:d7:
d2:80:86:8c:25:c1:25:01:0d:95:24:86:26:61:ac:
29:9f:d6:29:ca:15:a9:98:07:75:01:84:73:22:67:
50:03:46:e4:ea:f0:76:20:4d:f9:cb:12:e9:a8:6f:
0c:ce:46:73:22:92:c0:1c:f8:88:a5:5a:71:ca:cd:
a1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:22:CA:1E:70:6D:05:EE:DC:15:A2:3E:20:15:C4:D3:74:AF:9C:74
X509v3 Authority Key Identifier:
keyid:32:61:86:18:24:4C:8D:6B:4B:A6:0A:2F:ED:97:23:B9:98:D9:A1:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CEBAA/2CFD3712CCD011ED98252E75C4F9AE02/MmGGGCRMjWtLpgov7ZcjuZjZoXA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MmGGGCRMjWtLpgov7ZcjuZjZoXA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEBAA/2CFD3712CCD011ED98252E75C4F9AE02/1B3A1B385DFF11EE9DE4F546C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.189.232.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:05:99:61:4c:05:09:0d:fb:25:5c:cb:a3:44:b2:ec:ef:55:
93:11:f9:11:74:9a:9a:e8:08:8d:0a:9f:ad:1b:7e:ef:f7:99:
21:93:4c:44:91:df:a9:59:ed:30:c8:df:22:f5:67:cc:34:0e:
97:ac:a4:ef:b9:bb:d5:b3:05:71:f3:ac:b4:33:7f:33:29:d2:
eb:37:71:7c:5c:51:a2:48:11:f5:7b:93:dc:cb:fa:8d:0e:ab:
56:8f:11:77:cd:c5:bf:c6:e1:c2:4e:e9:91:e5:12:8a:34:7f:
95:ee:0b:92:03:56:77:80:16:ed:e0:1a:42:71:2a:ba:70:90:
d6:50:03:50:8a:48:e7:6c:24:c6:20:51:61:65:e2:8d:55:bb:
9c:45:6c:52:f1:51:d0:82:c0:85:9e:2f:2b:e0:70:29:0c:ef:
24:f9:09:ee:7f:6f:73:2a:5c:22:d6:5c:91:76:e5:8c:0c:06:
66:65:4c:ae:20:c0:b8:88:72:d4:1c:d5:7a:ef:7e:a1:49:bc:
56:13:39:da:9f:73:bc:ba:d7:5f:cd:78:65:ce:39:0e:1d:e6:
64:d4:44:ce:a2:1e:bf:8d:76:24:02:c9:d6:a7:f7:d2:ff:2c:
34:de:80:c0:8d:38:58:51:7e:77:88:a3:fa:4c:f2:74:3a:a9:
60:ec:c0:81
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBdDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RUJBQTExMC8GA1UEBRMoMzI2MTg2MTgyNDRDOEQ2QjRCQTYwQTJGRUQ5NzIzQjk5
OEQ5QTE3MDAeFw0yMzA5MzAxMDA5MDVaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MTdmM2MxLWJiNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIlySzH3PKjRl3jJPt6YDXG60XgYSuOjZl48IMLYTdiE6z5x56V/nuGZrymAkn
3T/cQid32KCeCU2y0Ni5XZuzjqRQnC73UASwW4fmq2Wb+5kU8uaBO/+bh/57ihzh
riuVCdYjAYCxFaXtTljtIyJ8YEN6+rUtKqFMhQdHDcgZ3TIydjD4axWYZJCcVKzE
sY6FMZTTo0hbBsyeX1+jlCZTyjzPfVAKanEcSGxp2K02CZvLk+7YADAaehdZDL5k
AjLf19KAhowlwSUBDZUkhiZhrCmf1inKFamYB3UBhHMiZ1ADRuTq8HYgTfnLEumo
bwzORnMiksAc+IilWnHKzaEjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUQSLKHnBt
Be7cFaI+IBXE03SvnHQwHwYDVR0jBBgwFoAUMmGGGCRMjWtLpgov7ZcjuZjZoXAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFQkFBLzJDRkQzNzEyQ0NE
MDExRUQ5ODI1MkU3NUM0RjlBRTAyL01tR0dHQ1JNald0THBnb3Y3WmNqdVpqWm9Y
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTW1HR0dDUk1qV3RMcGdvdjdaY2p1Wmpab1hBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RUJBQS8yQ0ZEMzcxMkNDRDAxMUVEOTgyNTJFNzVDNEY5QUUwMi8xQjNBMUIzODVE
RkYxMUVFOURFNEY1NDZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe96DANBgkqhkiG9w0BAQsFAAOCAQEAbQWZYUwFCQ37JVzL
o0Sy7O9VkxH5EXSamugIjQqfrRt+7/eZIZNMRJHfqVntMMjfIvVnzDQOl6yk77m7
1bMFcfOstDN/MynS6zdxfFxRokgR9XuT3Mv6jQ6rVo8Rd83Fv8bhwk7pkeUSijR/
le4LkgNWd4AW7eAaQnEqunCQ1lADUIpI52wkxiBRYWXijVW7nEVsUvFR0ILAhZ4v
K+BwKQzvJPkJ7n9vcypcItZckXbljAwGZmVMriDAuIhy1BzVeu9+oUm8VhM52p9z
vLrXX814Zc45Dh3mZNREzqIev412JALJ1qf30v8sNN6AwI04WFF+d4ij+kzydDqp
YOzAgQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:27 2024 by rpki-client on console-ams.rpki-client.org