Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEFBB/D896B5C8EA6A11EDB5B6B55EC4F9AE02/AFA0083CEA6E11EDAD551A55C4F9AE02.roa
File: AFA0083CEA6E11EDAD551A55C4F9AE02.roa (raw, json)
Hash identifier: DzxRZGdQyX60xL6Ii484VSVvPycYqpsWz1z9KnZKegg=
Subject key identifier: 7B:B9:04:1F:FB:94:28:67:FF:4E:69:A0:5C:8D:24:71:ED:3A:D5:B8
Certificate issuer: /CN=A91FEFBB/serialNumber=DA75AB0FB3AA875AFADF5A38F852BDCC1DD826F7
Certificate serial: 02
Authority key identifier: DA:75:AB:0F:B3:AA:87:5A:FA:DF:5A:38:F8:52:BD:CC:1D:D8:26:F7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2nWrD7Oqh1r631o4-FK9zB3YJvc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FEFBB/D896B5C8EA6A11EDB5B6B55EC4F9AE02/AFA0083CEA6E11EDAD551A55C4F9AE02.roa
Signing time: Thu 04 May 2023 11:27:44 +0000
ROA not before: Thu 04 May 2023 11:27:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 151189
IP address blocks: 103.158.236.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 09 May 2023 13:27:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FEFBB/serialNumber=DA75AB0FB3AA875AFADF5A38F852BDCC1DD826F7
Validity
Not Before: May 4 11:27:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645396af-e7d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:7c:44:16:93:6d:95:b8:59:02:02:8c:f0:f2:
f2:38:14:c7:a8:20:e7:dd:6e:dc:6b:bf:df:51:cf:
6c:dc:be:f7:19:69:49:69:d6:38:ba:d3:6c:69:6a:
ca:ee:4e:eb:b4:a6:1a:2d:b5:95:d2:47:c2:19:81:
85:fb:0c:fd:40:d3:cc:b0:e2:c2:ea:6a:bf:b5:db:
16:fe:7c:ce:7f:ca:7e:f2:1d:3e:89:49:b2:92:45:
6b:dd:32:6c:33:fb:7a:2d:cc:83:3f:f7:82:dd:5e:
4b:42:99:e0:38:50:f3:4a:4a:fe:a5:03:95:df:5e:
48:9c:46:a0:9f:37:b0:c6:bf:fb:fb:fc:55:8d:59:
f9:13:7c:a4:93:40:f9:15:58:a5:98:ec:93:08:72:
d5:0f:9a:ff:98:eb:e3:db:f6:4e:2a:96:f8:e5:20:
a7:cc:c4:82:df:f9:4d:1e:b1:98:d0:85:6d:d8:98:
98:fb:8d:86:c2:d6:01:e0:65:cd:e9:14:72:74:e3:
08:28:88:79:0c:89:ba:21:b4:b3:70:15:8a:9d:e5:
4f:06:31:79:e7:e3:b6:32:c3:61:53:b8:c4:ae:19:
6f:9e:11:64:5a:3c:5d:82:b4:f4:97:f9:90:33:68:
71:1e:8b:78:59:dd:01:e6:48:87:3c:af:da:d6:15:
00:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:B9:04:1F:FB:94:28:67:FF:4E:69:A0:5C:8D:24:71:ED:3A:D5:B8
X509v3 Authority Key Identifier:
keyid:DA:75:AB:0F:B3:AA:87:5A:FA:DF:5A:38:F8:52:BD:CC:1D:D8:26:F7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FEFBB/D896B5C8EA6A11EDB5B6B55EC4F9AE02/2nWrD7Oqh1r631o4-FK9zB3YJvc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2nWrD7Oqh1r631o4-FK9zB3YJvc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEFBB/D896B5C8EA6A11EDB5B6B55EC4F9AE02/AFA0083CEA6E11EDAD551A55C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.158.236.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:ed:69:13:17:53:ae:87:6e:58:02:bf:0b:a1:0b:61:4c:d2:
8c:4a:83:a9:d9:b2:d6:ed:95:9d:98:dc:8f:27:fa:b9:7e:22:
75:ce:df:09:84:a0:bc:93:30:dc:16:01:e2:db:a8:2b:5d:c5:
eb:26:35:47:f2:e2:a9:c6:77:8b:f4:67:90:f7:2b:16:a0:d9:
b4:22:00:cd:c0:ea:36:38:2b:f7:7d:49:22:f7:93:5f:77:93:
9e:cc:74:01:19:0d:d2:c5:8f:01:d5:36:9a:81:0a:b0:67:c6:
ef:10:57:70:26:f7:0f:6b:a6:c5:8f:bb:1e:16:3b:26:85:17:
b3:bc:cf:1f:f5:ab:a7:fd:cb:5e:29:67:8b:0a:4c:9f:9b:e9:
ef:75:a2:a2:69:7b:07:36:e4:90:18:81:cc:9a:ad:f3:41:82:
2f:8c:e7:68:15:f0:93:2e:b9:73:98:54:81:1a:a7:20:b1:ea:
ae:c0:ef:45:c1:64:82:ea:3e:19:c3:02:7c:b9:56:28:59:62:
8a:1b:87:17:ef:47:77:ff:f5:8b:23:40:04:6a:1b:4f:61:98:
ff:ef:d6:8b:46:d0:6d:05:d5:21:8a:de:f8:1d:3b:7d:3e:2a:
28:f0:43:5f:e8:24:af:8f:4e:17:b9:bd:2a:ba:f9:1a:77:7b:
52:0b:b2:40
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
RUZCQjExMC8GA1UEBRMoREE3NUFCMEZCM0FBODc1QUZBREY1QTM4Rjg1MkJEQ0Mx
REQ4MjZGNzAeFw0yMzA1MDQxMTI3NDRaFw0yNDA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NTM5NmFmLWU3ZDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDsfEQWk22VuFkCAozw8vI4FMeoIOfdbtxrv99Rz2zcvvcZaUlp1ji602xpasru
Tuu0phottZXSR8IZgYX7DP1A08yw4sLqar+12xb+fM5/yn7yHT6JSbKSRWvdMmwz
+3otzIM/94LdXktCmeA4UPNKSv6lA5XfXkicRqCfN7DGv/v7/FWNWfkTfKSTQPkV
WKWY7JMIctUPmv+Y6+Pb9k4qlvjlIKfMxILf+U0esZjQhW3YmJj7jYbC1gHgZc3p
FHJ04wgoiHkMibohtLNwFYqd5U8GMXnn47Yyw2FTuMSuGW+eEWRaPF2CtPSX+ZAz
aHEei3hZ3QHmSIc8r9rWFQDDAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUe7kEH/uU
KGf/TmmgXI0kce061bgwHwYDVR0jBBgwFoAU2nWrD7Oqh1r631o4+FK9zB3YJvcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZFRkJCL0Q4OTZCNUM4RUE2
QTExRURCNUI2QjU1RUM0RjlBRTAyLzJuV3JEN09xaDFyNjMxbzQtRks5ekIzWUp2
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMm5XckQ3T3FoMXI2MzFvNC1GSzl6QjNZSnZjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
RUZCQi9EODk2QjVDOEVBNkExMUVEQjVCNkI1NUVDNEY5QUUwMi9BRkEwMDgzQ0VB
NkUxMUVEQUQ1NTFBNTVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWee7DANBgkqhkiG9w0BAQsFAAOCAQEAP+1pExdTroduWAK/
C6ELYUzSjEqDqdmy1u2VnZjcjyf6uX4idc7fCYSgvJMw3BYB4tuoK13F6yY1R/Li
qcZ3i/RnkPcrFqDZtCIAzcDqNjgr931JIveTX3eTnsx0ARkN0sWPAdU2moEKsGfG
7xBXcCb3D2umxY+7HhY7JoUXs7zPH/Wrp/3LXilniwpMn5vp73Wioml7BzbkkBiB
zJqt80GCL4znaBXwky65c5hUgRqnILHqrsDvRcFkguo+GcMCfLlWKFliihuHF+9H
d//1iyNABGobT2GY/+/Wi0bQbQXVIYre+B07fT4qKPBDX+gkr49OF7m9Krr5Gnd7
UguyQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:40 2024 by rpki-client on console-ams.rpki-client.org