Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEBAA/2CFD3712CCD011ED98252E75C4F9AE02/7A0FB4068E1F11EEAFE1F960C4F9AE02.roa
File: 7A0FB4068E1F11EEAFE1F960C4F9AE02.roa (raw, json)
Hash identifier: cR77QaCBoV0uov60Rv8HMjIkDPDbWlnBawEb97VIGyU=
Subject key identifier: A2:E2:37:FD:D1:55:AF:15:15:52:FC:0E:02:D6:6E:6E:02:CE:7C:3F
Certificate issuer: /CN=A91CEBAA/serialNumber=32618618244C8D6B4BA60A2FED9723B998D9A170
Certificate serial: 011F
Authority key identifier: 32:61:86:18:24:4C:8D:6B:4B:A6:0A:2F:ED:97:23:B9:98:D9:A1:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MmGGGCRMjWtLpgov7ZcjuZjZoXA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CEBAA/2CFD3712CCD011ED98252E75C4F9AE02/7A0FB4068E1F11EEAFE1F960C4F9AE02.roa
Signing time: Wed 31 Jul 2024 05:16:13 +0000
ROA not before: Wed 31 Jul 2024 05:16:13 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 149870
IP address blocks: 103.189.232.0/24 maxlen: 24
103.189.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 20:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 287 (0x11f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CEBAA/serialNumber=32618618244C8D6B4BA60A2FED9723B998D9A170
Validity
Not Before: Jul 31 05:16:13 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66a9c89d-448f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:38:49:e8:1e:ce:eb:0c:41:76:cd:a3:4a:28:
a8:a2:1e:7a:32:2e:b0:fe:67:ad:88:71:34:b9:92:
d4:71:fb:86:95:ea:91:19:22:18:17:59:16:7d:57:
bb:b8:ae:0d:2f:ed:60:22:47:96:f8:6e:8c:26:bb:
92:39:58:52:ac:71:36:0a:2c:f5:7b:bb:00:3e:9e:
76:3c:e0:fc:d2:9c:1a:3d:39:e6:5e:1a:0f:4c:09:
f9:9e:10:41:e7:ee:f4:7c:b3:58:cc:55:81:1e:c1:
be:db:7f:1e:f6:7b:76:a6:0e:0e:14:75:60:3c:32:
79:11:03:20:f6:a0:ed:aa:9f:c7:b0:b7:08:4a:e2:
bc:ad:1b:e9:11:36:72:8c:b5:13:6f:bc:bb:c6:b2:
8a:56:73:91:38:45:f2:33:aa:e1:42:e3:4f:ca:60:
44:be:68:d4:0b:b8:9c:8e:62:48:e2:01:70:4b:e4:
88:31:7c:f6:b7:fd:bb:ff:8e:28:7e:20:73:6e:d8:
fb:60:e7:72:f1:59:55:8b:2a:b9:26:e2:8e:0e:4e:
0d:49:af:61:13:cf:22:ef:bc:5d:09:57:fb:fc:e5:
05:a8:bc:96:44:5b:c3:f2:c1:4f:ed:37:09:99:c8:
8b:68:0e:ea:56:c8:10:95:dd:0e:85:d4:02:94:03:
bf:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:E2:37:FD:D1:55:AF:15:15:52:FC:0E:02:D6:6E:6E:02:CE:7C:3F
X509v3 Authority Key Identifier:
keyid:32:61:86:18:24:4C:8D:6B:4B:A6:0A:2F:ED:97:23:B9:98:D9:A1:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CEBAA/2CFD3712CCD011ED98252E75C4F9AE02/MmGGGCRMjWtLpgov7ZcjuZjZoXA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MmGGGCRMjWtLpgov7ZcjuZjZoXA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEBAA/2CFD3712CCD011ED98252E75C4F9AE02/7A0FB4068E1F11EEAFE1F960C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.189.232.0/23
Signature Algorithm: sha256WithRSAEncryption
30:1b:30:d5:ba:44:fe:80:11:89:25:3e:fd:c5:d5:1f:a3:44:
dc:ba:f7:a6:21:e5:09:1f:44:dc:f7:1a:38:b0:65:aa:b8:9c:
51:53:1a:41:eb:a5:9e:5d:eb:0a:0f:15:16:d7:36:9a:c7:a9:
f9:ea:f8:75:34:79:97:26:e6:18:e9:d3:7e:42:58:ac:d7:16:
f7:0c:7d:5c:9e:df:ba:fe:a5:42:46:f6:6c:2d:ab:04:46:57:
bb:e5:12:30:d8:73:9b:f3:0b:53:fc:9f:14:ea:cd:65:45:ab:
55:ca:b2:d3:f3:38:0f:33:ed:4d:03:dc:01:2a:4a:90:3f:d2:
ff:dc:aa:b5:30:a5:bc:b4:28:89:e8:79:2c:df:0b:6c:59:a2:
7f:13:2d:51:81:9a:9f:0d:e5:c4:a5:bd:10:3a:a7:5f:01:7d:
7e:ab:53:71:2c:29:2c:18:3b:c1:dd:32:f0:9f:99:2b:c1:73:
d0:c0:e6:23:2f:6a:db:7a:e4:91:1a:0e:16:81:2d:b4:1d:c9:
42:50:45:69:b9:1a:b8:0a:d5:71:d1:9a:d5:b2:2d:9d:7f:a7:
43:98:03:60:11:bb:d0:ca:78:47:dd:27:90:28:81:0c:3a:07:
52:7c:9f:ff:bd:8b:e1:8f:c4:63:85:94:37:b7:38:00:4d:7e:
59:85:62:35
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAR8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0VCQUExMTAvBgNVBAUTKDMyNjE4NjE4MjQ0QzhENkI0QkE2MEEyRkVEOTcyM0I5
OThEOUExNzAwHhcNMjQwNzMxMDUxNjEzWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE5Yzg5ZC00NDhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+jhJ6B7O6wxBds2jSiiooh56Mi6w/metiHE0uZLUcfuGleqRGSIYF1kWfVe7
uK4NL+1gIkeW+G6MJruSOVhSrHE2Ciz1e7sAPp52POD80pwaPTnmXhoPTAn5nhBB
5+70fLNYzFWBHsG+238e9nt2pg4OFHVgPDJ5EQMg9qDtqp/HsLcISuK8rRvpETZy
jLUTb7y7xrKKVnOROEXyM6rhQuNPymBEvmjUC7icjmJI4gFwS+SIMXz2t/27/44o
fiBzbtj7YOdy8VlViyq5JuKODk4NSa9hE88i77xdCVf7/OUFqLyWRFvD8sFP7TcJ
mciLaA7qVsgQld0OhdQClAO/QwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKLiN/3R
Va8VFVL8DgLWbm4Cznw/MB8GA1UdIwQYMBaAFDJhhhgkTI1rS6YKL+2XI7mY2aFw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRUJBQS8yQ0ZEMzcxMkND
RDAxMUVEOTgyNTJFNzVDNEY5QUUwMi9NbUdHR0NSTWpXdExwZ292N1pjanVaalpv
WEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01tR0dHQ1JNald0THBnb3Y3WmNqdVpqWm9YQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0VCQUEvMkNGRDM3MTJDQ0QwMTFFRDk4MjUyRTc1QzRGOUFFMDIvN0EwRkI0MDY4
RTFGMTFFRUFGRTFGOTYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnvegwDQYJKoZIhvcNAQELBQADggEBADAbMNW6RP6AEYkl
Pv3F1R+jRNy696Yh5QkfRNz3GjiwZaq4nFFTGkHrpZ5d6woPFRbXNprHqfnq+HU0
eZcm5hjp035CWKzXFvcMfVye37r+pUJG9mwtqwRGV7vlEjDYc5vzC1P8nxTqzWVF
q1XKstPzOA8z7U0D3AEqSpA/0v/cqrUwpby0KInoeSzfC2xZon8TLVGBmp8N5cSl
vRA6p18BfX6rU3EsKSwYO8HdMvCfmSvBc9DA5iMvatt65JEaDhaBLbQdyUJQRWm5
GrgK1XHRmtWyLZ1/p0OYA2ARu9DKeEfdJ5AogQw6B1J8n/+9i+GPxGOFlDe3OABN
flmFYjU=
-----END CERTIFICATE-----
Generated at Tue Aug 13 22:03:44 2024 by rpki-client on console-fra.rpki-client.org