Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBECF/C064F8C8183C11EBB945EC0BC4F9AE02/79352EC8C83111EB9207DA5DC4F9AE02.roa
File: 79352EC8C83111EB9207DA5DC4F9AE02.roa (raw, json)
Hash identifier: WnfZDDwQDw9yYWlUPiNVYCHuNkeedhneqJZl8B1YFPQ=
Subject key identifier: BC:95:2C:45:7C:E6:C6:F5:63:BC:DA:CD:A4:69:4A:49:99:BD:0A:D1
Certificate issuer: /CN=A91FBECF/serialNumber=BF44A2B72233FF48BA793028AC5FAFA02ADCFFD0
Certificate serial: 0662
Authority key identifier: BF:44:A2:B7:22:33:FF:48:BA:79:30:28:AC:5F:AF:A0:2A:DC:FF:D0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v0SityIz_0i6eTAorF-voCrc_9A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FBECF/C064F8C8183C11EBB945EC0BC4F9AE02/79352EC8C83111EB9207DA5DC4F9AE02.roa
Signing time: Thu 14 Dec 2023 23:11:38 +0000
ROA not before: Thu 14 Dec 2023 23:11:38 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 59243
IP address blocks: 103.254.36.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 05:39:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1634 (0x662)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FBECF/serialNumber=BF44A2B72233FF48BA793028AC5FAFA02ADCFFD0
Validity
Not Before: Dec 14 23:11:38 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=657b8ba9-3fb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:63:0f:0e:21:f5:7f:af:81:b1:e1:52:7c:7f:
e1:8f:5a:45:26:86:a9:2b:15:30:02:18:28:b0:6f:
b8:a1:29:2d:ee:27:c4:10:6a:00:65:09:db:1c:cd:
e6:06:20:d9:99:a1:88:b6:16:7b:47:00:e0:ab:32:
f3:71:99:dd:fa:57:cb:39:af:4f:b6:51:0a:aa:45:
cc:38:b8:7f:11:3f:93:35:26:29:59:38:9d:a9:8b:
de:a3:b4:c2:95:4c:a6:65:dd:9a:09:91:14:eb:45:
60:a1:85:9e:a5:89:74:74:7d:7a:23:00:7d:e5:59:
17:37:3c:98:ef:fb:c7:4b:24:d4:40:cd:c7:76:b8:
85:e5:d1:b2:fd:4d:4b:9a:5e:5a:29:53:e0:fd:b2:
21:9b:47:1b:66:b4:93:cb:27:59:78:b9:d5:24:37:
84:d8:8c:9c:88:23:d6:cc:40:48:36:94:b6:83:80:
0d:52:ca:a1:c1:f1:25:74:1c:b7:56:eb:61:8a:c2:
24:e6:b1:fc:83:29:6c:ed:36:07:e2:5f:0a:df:4a:
ee:5f:44:df:0b:2e:e9:7f:ce:8c:ca:53:e4:be:e0:
0b:60:ad:4e:d1:17:af:5a:32:01:bd:ca:9e:b8:bb:
d8:af:45:ca:c7:00:c5:b6:91:0c:4a:c9:40:9a:67:
34:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:95:2C:45:7C:E6:C6:F5:63:BC:DA:CD:A4:69:4A:49:99:BD:0A:D1
X509v3 Authority Key Identifier:
keyid:BF:44:A2:B7:22:33:FF:48:BA:79:30:28:AC:5F:AF:A0:2A:DC:FF:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FBECF/C064F8C8183C11EBB945EC0BC4F9AE02/v0SityIz_0i6eTAorF-voCrc_9A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v0SityIz_0i6eTAorF-voCrc_9A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBECF/C064F8C8183C11EBB945EC0BC4F9AE02/79352EC8C83111EB9207DA5DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.254.36.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:4c:79:ee:63:04:2a:2f:37:f4:c5:f6:41:ba:85:ff:fe:2f:
5f:70:10:2b:a7:87:90:1d:65:6d:68:2a:d0:cd:d0:f0:f1:f8:
5a:b4:41:8c:a7:ad:fd:bb:fd:24:d3:a7:bc:c0:83:d5:7c:8c:
ce:7d:21:59:12:b4:0a:c3:c3:b6:5c:b9:f5:1c:3b:4e:5c:20:
1b:92:18:43:a1:72:ed:5c:a0:54:ee:5c:d4:72:c9:3c:66:04:
a3:a5:cf:b6:61:d6:a6:3d:94:37:e0:c6:1b:f0:c5:ff:cf:fb:
a8:ab:57:7d:93:6c:0f:cc:c8:12:54:77:ec:c0:1d:aa:36:41:
99:f2:78:c4:5a:55:c0:52:72:65:ff:2d:b8:8c:2c:79:da:90:
1e:2c:68:e3:69:56:b7:5b:f9:a7:3c:88:e4:d1:2c:04:57:0e:
f4:f5:6c:1a:7e:c1:ee:f4:c4:af:df:82:85:33:b3:a6:dd:98:
1c:c4:de:dd:8b:68:fc:92:bc:03:81:4a:4d:e3:2b:78:81:3f:
bb:be:28:59:fd:1f:28:f5:e0:2e:03:09:a4:41:77:32:a4:2f:
5c:c8:85:7e:25:39:ca:6b:ba:72:14:fb:2b:a7:52:6c:ae:32:
18:4f:33:65:27:1b:eb:77:8e:e5:40:5f:1b:a8:26:23:45:6b:
02:88:c6:45
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBmIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkJFQ0YxMTAvBgNVBAUTKEJGNDRBMkI3MjIzM0ZGNDhCQTc5MzAyOEFDNUZBRkEw
MkFEQ0ZGRDAwHhcNMjMxMjE0MjMxMTM4WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTdiOGJhOS0zZmIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuWMPDiH1f6+BseFSfH/hj1pFJoapKxUwAhgosG+4oSkt7ifEEGoAZQnbHM3m
BiDZmaGIthZ7RwDgqzLzcZnd+lfLOa9PtlEKqkXMOLh/ET+TNSYpWTidqYveo7TC
lUymZd2aCZEU60VgoYWepYl0dH16IwB95VkXNzyY7/vHSyTUQM3HdriF5dGy/U1L
ml5aKVPg/bIhm0cbZrSTyydZeLnVJDeE2IyciCPWzEBINpS2g4ANUsqhwfEldBy3
VuthisIk5rH8gyls7TYH4l8K30ruX0TfCy7pf86MylPkvuALYK1O0RevWjIBvcqe
uLvYr0XKxwDFtpEMSslAmmc0fQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLyVLEV8
5sb1Y7zazaRpSkmZvQrRMB8GA1UdIwQYMBaAFL9EorciM/9IunkwKKxfr6Aq3P/Q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkVDRi9DMDY0RjhDODE4
M0MxMUVCQjk0NUVDMEJDNEY5QUUwMi92MFNpdHlJel8waTZlVEFvckYtdm9DcmNf
OUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3YwU2l0eUl6XzBpNmVUQW9yRi12b0NyY185QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkJFQ0YvQzA2NEY4QzgxODNDMTFFQkI5NDVFQzBCQzRGOUFFMDIvNzkzNTJFQzhD
ODMxMTFFQjkyMDdEQTVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn/iQwDQYJKoZIhvcNAQELBQADggEBAGpMee5jBCovN/TF
9kG6hf/+L19wECunh5AdZW1oKtDN0PDx+Fq0QYynrf27/STTp7zAg9V8jM59IVkS
tArDw7ZcufUcO05cIBuSGEOhcu1coFTuXNRyyTxmBKOlz7Zh1qY9lDfgxhvwxf/P
+6irV32TbA/MyBJUd+zAHao2QZnyeMRaVcBScmX/LbiMLHnakB4saONpVrdb+ac8
iOTRLARXDvT1bBp+we70xK/fgoUzs6bdmBzE3t2LaPySvAOBSk3jK3iBP7u+KFn9
Hyj14C4DCaRBdzKkL1zIhX4lOcprunIU+yunUmyuMhhPM2UnG+t3juVAXxuoJiNF
awKIxkU=
-----END CERTIFICATE-----
Generated at Tue Feb 27 06:52:53 2024 by rpki-client on console-ams.rpki-client.org