Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8100/AAC72E0CFCCE11EA8C19D87FC4F9AE02/0D28CF20BA8B11EDB9005884C4F9AE02.roa
File: 0D28CF20BA8B11EDB9005884C4F9AE02.roa (raw, json)
Hash identifier: UPAdhP6YFyjmrGJdUcnaYaEmP/V0vP5ije6CWUGRc1I=
Subject key identifier: B6:C4:23:BE:66:59:5D:8D:4C:12:60:12:89:23:28:3D:30:8F:0C:9C
Certificate issuer: /CN=A91D8100/serialNumber=2BDF5CB3228BEC873ECEE75D6758354653823492
Certificate serial: 067F
Authority key identifier: 2B:DF:5C:B3:22:8B:EC:87:3E:CE:E7:5D:67:58:35:46:53:82:34:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K99csyKL7Ic-zuddZ1g1RlOCNJI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D8100/AAC72E0CFCCE11EA8C19D87FC4F9AE02/0D28CF20BA8B11EDB9005884C4F9AE02.roa
Signing time: Fri 08 Sep 2023 22:09:18 +0000
ROA not before: Fri 08 Sep 2023 22:09:18 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 140930
IP address blocks: 103.153.154.0/23 maxlen: 24
2406:4740:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 15 Dec 2023 10:03:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1663 (0x67f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D8100/serialNumber=2BDF5CB3228BEC873ECEE75D6758354653823492
Validity
Not Before: Sep 8 22:09:18 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64fb9b8e-de93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:47:52:0a:e2:18:6f:4b:06:c4:f4:51:7c:af:
2d:07:49:5e:93:fd:4a:e0:c8:02:5d:19:8c:2b:df:
72:eb:e3:48:f7:76:2c:af:8c:4e:11:fd:82:5e:a6:
b3:a3:9b:ed:67:a6:34:1b:ce:ce:10:8b:a2:1b:1b:
78:3d:56:c6:4b:c9:11:56:49:23:96:c9:ee:ee:f8:
b9:0f:78:cb:c4:42:2e:6b:ab:07:29:bf:49:75:4e:
89:31:5e:0f:7b:47:09:f5:7d:4a:eb:d4:87:c7:97:
50:4b:ba:70:76:21:b8:4b:cd:95:2a:c8:65:4a:be:
dc:da:9f:86:fd:47:a2:52:bb:86:b5:70:39:55:a7:
3b:c1:15:29:33:bd:4f:0a:e2:12:8a:28:73:53:eb:
db:a8:cc:63:47:0a:56:d2:c9:8b:61:79:cc:73:7e:
fd:0d:76:76:4a:19:ad:67:32:45:54:e7:16:65:8e:
04:f6:3e:e5:83:a9:8c:e9:81:84:49:61:fa:54:1c:
50:5a:59:88:3c:58:a6:40:8d:dd:67:bc:c2:44:a9:
be:2a:cc:11:61:f3:0d:49:49:d2:3c:24:b1:8a:8f:
08:9c:f7:ed:ec:ff:1a:01:aa:c1:2a:f3:d4:71:95:
19:80:db:ac:63:61:da:82:9b:01:ba:7f:ad:4e:73:
fc:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C4:23:BE:66:59:5D:8D:4C:12:60:12:89:23:28:3D:30:8F:0C:9C
X509v3 Authority Key Identifier:
keyid:2B:DF:5C:B3:22:8B:EC:87:3E:CE:E7:5D:67:58:35:46:53:82:34:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D8100/AAC72E0CFCCE11EA8C19D87FC4F9AE02/K99csyKL7Ic-zuddZ1g1RlOCNJI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K99csyKL7Ic-zuddZ1g1RlOCNJI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8100/AAC72E0CFCCE11EA8C19D87FC4F9AE02/0D28CF20BA8B11EDB9005884C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.153.154.0/23
IPv6:
2406:4740:1::/48
Signature Algorithm: sha256WithRSAEncryption
46:40:33:44:93:fc:ae:ff:65:d8:a4:65:5c:1f:d9:da:f4:2f:
8f:2f:2a:63:37:63:57:e1:16:20:40:02:82:f7:34:c0:dc:2a:
56:62:a2:8d:93:54:4f:ef:cd:3d:37:c2:1f:8b:d2:5a:93:de:
5f:a6:c8:db:3d:e4:df:38:f9:2e:52:ac:28:3f:1d:df:c0:bc:
1a:50:dd:7f:ab:e1:48:79:fc:f1:71:b9:22:4e:bb:a0:02:8b:
1a:50:4e:9d:b3:3d:b6:a9:00:82:12:49:dd:07:ba:03:ac:65:
d2:0a:a6:7e:b8:13:a2:93:52:7b:02:21:00:64:0c:b9:b6:99:
f8:b0:04:ad:81:e1:08:a6:9f:d1:b9:fe:00:c0:c0:a7:c8:12:
7b:8b:6f:80:9c:7b:40:78:a1:c3:46:2c:5f:2f:f5:44:02:57:
28:d1:00:0e:4f:21:09:70:b7:95:65:5b:75:0d:87:30:d7:21:
a5:99:fb:92:1e:7d:2d:d1:1e:32:2c:c7:7b:80:3a:21:06:10:
c7:a5:26:fa:f8:0e:64:ec:8f:3b:9b:6e:ed:54:98:01:a3:17:
c9:e7:ab:83:07:ac:bd:72:4b:84:9f:ff:48:ea:56:f4:fc:7b:
27:22:1d:49:ce:fd:16:99:fb:1c:86:14:af:9b:c9:cb:1e:75:
cb:e5:c2:c6
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBn8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDgxMDAxMTAvBgNVBAUTKDJCREY1Q0IzMjI4QkVDODczRUNFRTc1RDY3NTgzNTQ2
NTM4MjM0OTIwHhcNMjMwOTA4MjIwOTE4WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGZiOWI4ZS1kZTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs0dSCuIYb0sGxPRRfK8tB0lek/1K4MgCXRmMK99y6+NI93Ysr4xOEf2CXqaz
o5vtZ6Y0G87OEIuiGxt4PVbGS8kRVkkjlsnu7vi5D3jLxEIua6sHKb9JdU6JMV4P
e0cJ9X1K69SHx5dQS7pwdiG4S82VKshlSr7c2p+G/UeiUruGtXA5Vac7wRUpM71P
CuISiihzU+vbqMxjRwpW0smLYXnMc379DXZ2ShmtZzJFVOcWZY4E9j7lg6mM6YGE
SWH6VBxQWlmIPFimQI3dZ7zCRKm+KswRYfMNSUnSPCSxio8InPft7P8aAarBKvPU
cZUZgNusY2HagpsBun+tTnP8nwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFLbEI75m
WV2NTBJgEokjKD0wjwycMB8GA1UdIwQYMBaAFCvfXLMii+yHPs7nXWdYNUZTgjSS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODEwMC9BQUM3MkUwQ0ZD
Q0UxMUVBOEMxOUQ4N0ZDNEY5QUUwMi9LOTljc3lLTDdJYy16dWRkWjFnMVJsT0NO
SkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0s5OWNzeUtMN0ljLXp1ZGRaMWcxUmxPQ05KSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDgxMDAvQUFDNzJFMENGQ0NFMTFFQThDMTlEODdGQzRGOUFFMDIvMEQyOENGMjBC
QThCMTFFREI5MDA1ODg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnmZowDwQCAAIwCQMHACQGR0AAATANBgkqhkiG9w0BAQsF
AAOCAQEARkAzRJP8rv9l2KRlXB/Z2vQvjy8qYzdjV+EWIEACgvc0wNwqVmKijZNU
T+/NPTfCH4vSWpPeX6bI2z3k3zj5LlKsKD8d38C8GlDdf6vhSHn88XG5Ik67oAKL
GlBOnbM9tqkAghJJ3Qe6A6xl0gqmfrgTopNSewIhAGQMubaZ+LAErYHhCKaf0bn+
AMDAp8gSe4tvgJx7QHihw0YsXy/1RAJXKNEADk8hCXC3lWVbdQ2HMNchpZn7kh59
LdEeMizHe4A6IQYQx6Um+vgOZOyPO5tu7VSYAaMXyeergwesvXJLhJ//SOpW9Px7
JyIdSc79Fpn7HIYUr5vJyx51y+XCxg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:30 2024 by rpki-client on console-ams.rpki-client.org