Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEBAA/2CFD3712CCD011ED98252E75C4F9AE02/8017D6A2FAF011EDB3766D7AC4F9AE02.roa
File: 8017D6A2FAF011EDB3766D7AC4F9AE02.roa (raw, json)
Hash identifier: awQL7iBZUp9otZ/wawC4D6aw5ycwYmRotQMW+HYbSJk=
Subject key identifier: 11:9D:BF:4E:32:C2:DA:64:40:9F:69:31:AD:7A:0B:03:A0:B7:48:30
Certificate issuer: /CN=A91CEBAA/serialNumber=32618618244C8D6B4BA60A2FED9723B998D9A170
Certificate serial: 6B
Authority key identifier: 32:61:86:18:24:4C:8D:6B:4B:A6:0A:2F:ED:97:23:B9:98:D9:A1:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MmGGGCRMjWtLpgov7ZcjuZjZoXA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CEBAA/2CFD3712CCD011ED98252E75C4F9AE02/8017D6A2FAF011EDB3766D7AC4F9AE02.roa
Signing time: Tue 26 Sep 2023 12:10:40 +0000
ROA not before: Tue 26 Sep 2023 12:10:40 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 149870
IP address blocks: 103.189.232.0/24 maxlen: 24
103.189.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Sep 2023 13:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107 (0x6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CEBAA/serialNumber=32618618244C8D6B4BA60A2FED9723B998D9A170
Validity
Not Before: Sep 26 12:10:40 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=6512ca40-6ad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:aa:89:65:96:e3:23:78:6b:05:a0:30:b0:17:
f4:b9:58:21:1c:fb:f5:79:d7:32:89:07:12:be:2c:
57:76:48:1a:7c:28:31:b8:c2:2b:34:ba:db:28:e8:
fc:5c:86:11:32:57:6c:b4:e0:85:39:03:bf:64:eb:
ed:8d:f8:ae:dc:28:de:df:0b:dc:8b:3c:0c:c2:0d:
71:37:7f:97:dd:63:57:23:8a:c8:9b:cf:fa:cc:7e:
ca:64:f5:4d:0c:58:23:79:1f:bc:8c:e6:38:bc:0e:
5f:26:3f:b1:da:d2:ec:f5:2e:fa:ba:95:f8:40:f6:
e4:f9:cc:ee:eb:15:c7:71:3b:b6:c2:86:b6:63:7b:
e1:ae:d0:f0:0c:b2:7d:bc:f2:53:92:33:75:e5:dd:
75:59:75:3c:94:89:00:d9:d4:d9:68:7c:b3:a8:5a:
01:59:a9:62:18:ef:18:31:fc:54:cf:d5:7c:d6:1f:
f8:36:ab:d9:aa:e8:68:28:73:62:15:24:6f:9b:33:
e8:88:20:26:0c:14:39:43:91:25:a7:7b:b4:87:27:
d2:cd:df:8b:a2:c9:ea:49:a2:7c:02:e3:b9:3b:3f:
28:cc:b1:a0:08:a1:c6:95:18:c0:8b:93:7d:86:ef:
e7:e4:8a:e6:22:4e:41:52:3e:d1:b6:79:81:1b:92:
45:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:9D:BF:4E:32:C2:DA:64:40:9F:69:31:AD:7A:0B:03:A0:B7:48:30
X509v3 Authority Key Identifier:
keyid:32:61:86:18:24:4C:8D:6B:4B:A6:0A:2F:ED:97:23:B9:98:D9:A1:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CEBAA/2CFD3712CCD011ED98252E75C4F9AE02/MmGGGCRMjWtLpgov7ZcjuZjZoXA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MmGGGCRMjWtLpgov7ZcjuZjZoXA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEBAA/2CFD3712CCD011ED98252E75C4F9AE02/8017D6A2FAF011EDB3766D7AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.189.232.0/23
Signature Algorithm: sha256WithRSAEncryption
04:c5:0c:fb:0e:e0:32:fc:c7:7c:b9:44:a3:32:51:fb:73:1a:
b1:d3:df:22:4c:d2:e5:53:88:95:b5:22:f4:4d:22:16:e6:63:
09:bb:3c:04:03:25:c9:2c:73:79:c2:3b:d3:60:c7:11:72:3d:
06:5d:b0:c3:67:e3:11:db:6d:30:02:3f:34:28:98:fb:1f:db:
f1:c2:91:80:2d:c7:4e:46:c8:67:ff:45:64:c8:9f:71:3a:53:
3b:9f:94:34:34:d1:48:9b:d3:50:f0:c1:1a:34:79:91:ac:42:
30:37:f4:22:23:84:67:73:b5:92:7f:a4:9b:15:f5:e5:ad:38:
13:4e:73:cd:0c:4e:f4:ea:10:c3:db:d0:e4:90:95:15:5e:20:
11:12:f6:d8:ec:c1:0a:8c:a5:ca:07:c5:11:38:ec:dc:2a:74:
3a:4a:ba:05:9e:f1:b9:4e:c3:62:25:1f:99:2b:7a:ae:ae:b5:
69:f4:5c:dc:f1:a1:7c:65:74:51:42:14:d4:c9:59:9f:53:7c:
ef:ea:5a:34:c8:b5:09:e9:28:36:0b:f1:82:e0:c2:bd:3e:e6:
9a:21:d4:dd:e0:11:f3:2e:a5:65:19:69:44:34:8b:bd:cd:26:
3a:67:90:78:48:23:e6:6d:78:e1:93:61:a4:a0:65:d5:21:27:
5a:18:b5:1c
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBazANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RUJBQTExMC8GA1UEBRMoMzI2MTg2MTgyNDRDOEQ2QjRCQTYwQTJGRUQ5NzIzQjk5
OEQ5QTE3MDAeFw0yMzA5MjYxMjEwNDBaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MTJjYTQwLTZhZDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIqollluMjeGsFoDCwF/S5WCEc+/V51zKJBxK+LFd2SBp8KDG4wis0utso6Pxc
hhEyV2y04IU5A79k6+2N+K7cKN7fC9yLPAzCDXE3f5fdY1cjisibz/rMfspk9U0M
WCN5H7yM5ji8Dl8mP7Ha0uz1Lvq6lfhA9uT5zO7rFcdxO7bChrZje+Gu0PAMsn28
8lOSM3Xl3XVZdTyUiQDZ1NlofLOoWgFZqWIY7xgx/FTP1XzWH/g2q9mq6Ggoc2IV
JG+bM+iIICYMFDlDkSWne7SHJ9LN34uiyepJonwC47k7PyjMsaAIocaVGMCLk32G
7+fkiuYiTkFSPtG2eYEbkkX3AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUEZ2/TjLC
2mRAn2kxrXoLA6C3SDAwHwYDVR0jBBgwFoAUMmGGGCRMjWtLpgov7ZcjuZjZoXAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFQkFBLzJDRkQzNzEyQ0NE
MDExRUQ5ODI1MkU3NUM0RjlBRTAyL01tR0dHQ1JNald0THBnb3Y3WmNqdVpqWm9Y
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTW1HR0dDUk1qV3RMcGdvdjdaY2p1Wmpab1hBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RUJBQS8yQ0ZEMzcxMkNDRDAxMUVEOTgyNTJFNzVDNEY5QUUwMi84MDE3RDZBMkZB
RjAxMUVEQjM3NjZEN0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe96DANBgkqhkiG9w0BAQsFAAOCAQEABMUM+w7gMvzHfLlE
ozJR+3MasdPfIkzS5VOIlbUi9E0iFuZjCbs8BAMlySxzecI702DHEXI9Bl2ww2fj
EdttMAI/NCiY+x/b8cKRgC3HTkbIZ/9FZMifcTpTO5+UNDTRSJvTUPDBGjR5kaxC
MDf0IiOEZ3O1kn+kmxX15a04E05zzQxO9OoQw9vQ5JCVFV4gERL22OzBCoylygfF
ETjs3Cp0Okq6BZ7xuU7DYiUfmSt6rq61afRc3PGhfGV0UUIU1MlZn1N87+paNMi1
CekoNgvxguDCvT7mmiHU3eAR8y6lZRlpRDSLvc0mOmeQeEgj5m144ZNhpKBl1SEn
Whi1HA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:27 2024 by rpki-client on console-ams.rpki-client.org