Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCF3D/DE29D50C13F411EEB304E233C4F9AE02/AA298F8813FC11EEAD14AF35C4F9AE02.roa
File: AA298F8813FC11EEAD14AF35C4F9AE02.roa (raw, json)
Hash identifier: XFAUTOiEs80LHM//Q4vJiTfDoKsU8lxBRnJudvc0D5c=
Subject key identifier: AF:44:A4:3C:39:2D:E0:E9:5B:A8:5E:AE:6D:52:55:20:3B:3C:05:AB
Certificate issuer: /CN=A91DCF3D/serialNumber=4540A2F9BB8619F64862D096C84C938E88AF3C6C
Certificate serial: 02
Authority key identifier: 45:40:A2:F9:BB:86:19:F6:48:62:D0:96:C8:4C:93:8E:88:AF:3C:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RUCi-buGGfZIYtCWyEyTjoivPGw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DCF3D/DE29D50C13F411EEB304E233C4F9AE02/AA298F8813FC11EEAD14AF35C4F9AE02.roa
Signing time: Mon 26 Jun 2023 08:37:20 +0000
ROA not before: Mon 26 Jun 2023 08:37:20 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 9919
IP address blocks: 103.215.230.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 19 Apr 2024 05:13:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DCF3D/serialNumber=4540A2F9BB8619F64862D096C84C938E88AF3C6C
Validity
Not Before: Jun 26 08:37:20 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64994e40-9307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:42:2a:dd:63:8d:8d:93:5e:12:ca:11:e8:e2:
fa:25:43:07:40:6a:fd:d9:9a:f9:04:da:f0:ec:67:
5b:da:00:9a:33:82:fc:a4:9a:de:28:f0:df:7d:26:
53:0f:4f:bf:aa:dc:0c:62:d6:1f:9b:8f:31:38:1a:
71:62:61:70:af:11:40:4a:ce:a2:07:bc:14:4a:36:
0a:b3:c6:7c:41:03:3c:3d:92:f3:29:42:67:9d:12:
58:8e:b6:a4:5a:6d:cc:cb:87:ee:dc:64:68:d4:8c:
8b:a2:64:1a:fa:90:bc:2f:67:6a:88:fe:de:b0:48:
bc:2d:d6:9d:ba:e3:87:49:28:fd:83:ae:64:ca:88:
9a:42:81:c2:5f:5c:be:4c:84:0a:68:ea:6f:0a:1d:
05:d6:a2:22:99:29:29:5b:5a:06:ad:db:10:58:03:
9d:cd:38:10:e5:de:01:06:dd:a3:f4:ef:49:d3:a7:
a6:d4:cf:fa:b9:b7:06:9e:6a:b0:c9:2b:90:f3:b1:
00:59:c4:66:75:34:1b:74:46:00:f5:61:60:a1:42:
fa:85:d9:43:65:ff:11:0b:37:d6:85:5f:d1:6a:01:
53:43:f7:44:01:64:d3:3f:9c:24:95:1b:2e:48:14:
e2:02:3a:67:9e:e6:56:7f:3b:c4:a8:7d:68:b8:7d:
6d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:44:A4:3C:39:2D:E0:E9:5B:A8:5E:AE:6D:52:55:20:3B:3C:05:AB
X509v3 Authority Key Identifier:
keyid:45:40:A2:F9:BB:86:19:F6:48:62:D0:96:C8:4C:93:8E:88:AF:3C:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DCF3D/DE29D50C13F411EEB304E233C4F9AE02/RUCi-buGGfZIYtCWyEyTjoivPGw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RUCi-buGGfZIYtCWyEyTjoivPGw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCF3D/DE29D50C13F411EEB304E233C4F9AE02/AA298F8813FC11EEAD14AF35C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.215.230.0/23
Signature Algorithm: sha256WithRSAEncryption
56:cd:ca:bb:1c:55:79:dd:6c:dc:22:6d:db:f8:45:69:b8:91:
f6:6f:6b:c8:d0:ba:86:26:00:dd:3c:cc:35:29:24:ec:63:a0:
8c:cc:3a:ee:16:28:7a:e4:17:c7:68:5b:19:25:27:05:e1:af:
38:81:96:57:83:d2:3a:61:8d:09:88:2c:06:83:0c:14:f5:b6:
cd:61:2a:10:32:ed:da:04:a5:f7:f1:da:18:73:08:e4:88:0b:
0e:56:d1:c5:6c:19:ca:cd:9f:31:43:b1:e6:ee:c5:05:64:3a:
22:34:b9:cc:db:f9:b9:3c:51:73:29:06:f0:2d:34:86:58:5c:
14:d8:87:10:5b:91:2c:df:a7:51:94:60:db:cb:fa:b5:1e:4a:
38:66:20:84:87:9f:11:f4:20:f6:d1:d9:6f:36:b0:d7:69:2e:
7d:73:ea:76:cb:aa:04:e4:3b:06:14:9e:fa:73:76:2d:51:17:
99:ec:b1:9e:f8:c0:58:0a:9f:7e:67:c1:60:72:6a:24:e3:c1:
06:b7:55:70:ab:60:ce:ff:b4:93:27:fb:b9:77:b7:b4:9d:21:
ba:42:f5:1b:09:84:a0:5e:b5:f3:29:f4:0f:44:ba:c8:99:14:
a3:f9:3b:e9:6a:02:cf:6b:c4:1d:09:d5:f6:d2:11:0d:72:ac:
68:a0:1b:2c
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
Q0YzRDExMC8GA1UEBRMoNDU0MEEyRjlCQjg2MTlGNjQ4NjJEMDk2Qzg0QzkzOEU4
OEFGM0M2QzAeFw0yMzA2MjYwODM3MjBaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0OTk0ZTQwLTkzMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDbQirdY42Nk14SyhHo4volQwdAav3ZmvkE2vDsZ1vaAJozgvykmt4o8N99JlMP
T7+q3Axi1h+bjzE4GnFiYXCvEUBKzqIHvBRKNgqzxnxBAzw9kvMpQmedEliOtqRa
bczLh+7cZGjUjIuiZBr6kLwvZ2qI/t6wSLwt1p2644dJKP2DrmTKiJpCgcJfXL5M
hApo6m8KHQXWoiKZKSlbWgat2xBYA53NOBDl3gEG3aP070nTp6bUz/q5twaearDJ
K5DzsQBZxGZ1NBt0RgD1YWChQvqF2UNl/xELN9aFX9FqAVND90QBZNM/nCSVGy5I
FOICOmee5lZ/O8SofWi4fW0tAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUr0SkPDkt
4OlbqF6ubVJVIDs8BaswHwYDVR0jBBgwFoAURUCi+buGGfZIYtCWyEyTjoivPGww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURDRjNEL0RFMjlENTBDMTNG
NDExRUVCMzA0RTIzM0M0RjlBRTAyL1JVQ2ktYnVHR2ZaSVl0Q1d5RXlUam9pdlBH
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUlVDaS1idUdHZlpJWXRDV3lFeVRqb2l2UEd3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
Q0YzRC9ERTI5RDUwQzEzRjQxMUVFQjMwNEUyMzNDNEY5QUUwMi9BQTI5OEY4ODEz
RkMxMUVFQUQxNEFGMzVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWfX5jANBgkqhkiG9w0BAQsFAAOCAQEAVs3KuxxVed1s3CJt
2/hFabiR9m9ryNC6hiYA3TzMNSkk7GOgjMw67hYoeuQXx2hbGSUnBeGvOIGWV4PS
OmGNCYgsBoMMFPW2zWEqEDLt2gSl9/HaGHMI5IgLDlbRxWwZys2fMUOx5u7FBWQ6
IjS5zNv5uTxRcykG8C00hlhcFNiHEFuRLN+nUZRg28v6tR5KOGYghIefEfQg9tHZ
bzaw12kufXPqdsuqBOQ7BhSe+nN2LVEXmeyxnvjAWAqffmfBYHJqJOPBBrdVcKtg
zv+0kyf7uXe3tJ0hukL1GwmEoF618yn0D0S6yJkUo/k76WoCz2vEHQnV9tIRDXKs
aKAbLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:30 2024 by rpki-client on console-ams.rpki-client.org