Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/798E8CF45F9611EDA8B4CE5CC4F9AE02.roa
File: 798E8CF45F9611EDA8B4CE5CC4F9AE02.roa (raw, json)
Hash identifier: d8YT7si4V/Th/bQqTKrN8dxu1LcrH/nXpC1TY0nwRkE=
Subject key identifier: 36:5C:B0:6B:AD:EF:E8:45:08:A3:08:DC:CC:63:C2:5F:6A:07:D8:D2
Certificate issuer: /CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Certificate serial: 0318
Authority key identifier: 61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/798E8CF45F9611EDA8B4CE5CC4F9AE02.roa
Signing time: Tue 31 Jan 2023 16:52:22 +0000
ROA not before: Tue 31 Jan 2023 16:52:22 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 30938
IP address blocks: 103.101.85.0/24 maxlen: 24
103.101.86.0/24 maxlen: 24
103.101.87.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 792 (0x318)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Validity
Not Before: Jan 31 16:52:22 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63d94746-3389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:92:48:83:42:5f:6e:2d:75:50:71:49:73:f3:
79:ff:e0:0f:f4:b4:0e:6a:29:ca:38:1f:28:36:f0:
a5:ac:55:02:22:ae:51:ea:0d:58:c3:d0:5e:2e:23:
59:bf:9d:62:c4:80:8a:c8:ba:17:31:ea:1d:80:c0:
09:e6:d3:7a:52:48:a0:d1:76:c3:f7:5a:1a:36:47:
93:b6:4c:eb:7d:11:74:d8:47:8a:6a:37:69:11:99:
a8:1c:bc:cf:f8:b5:2a:77:f7:ca:de:0a:2b:f2:bd:
dc:ba:e9:aa:a3:c0:eb:2c:42:38:9f:87:c4:49:11:
ba:19:c3:96:77:64:ed:05:23:34:76:55:2c:98:fc:
c3:63:dc:68:1f:68:69:76:15:a1:4e:13:6d:37:17:
e8:3d:06:ea:e6:4f:23:8a:c9:73:0b:36:fb:e4:55:
5b:42:5f:ce:c2:d0:f2:61:3f:34:0d:fa:89:e7:64:
c4:44:49:a4:7d:aa:a3:1d:a1:ae:08:3b:c3:d4:cb:
f6:dd:ef:b1:4f:b6:aa:11:02:cb:70:41:fd:31:81:
f3:5f:df:1e:1b:0b:65:c5:3f:d6:3e:56:a9:44:f4:
8f:6d:f9:0e:65:83:3f:72:ee:d4:00:aa:ef:69:37:
a3:5f:39:5b:3c:fe:74:5d:8a:e9:f3:fe:e9:c6:19:
ab:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:5C:B0:6B:AD:EF:E8:45:08:A3:08:DC:CC:63:C2:5F:6A:07:D8:D2
X509v3 Authority Key Identifier:
keyid:61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/YYQdHtq_n_D2AYxhEBevcZYnok0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/798E8CF45F9611EDA8B4CE5CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.101.85.0-103.101.87.255
Signature Algorithm: sha256WithRSAEncryption
8c:a0:01:99:ce:65:4c:35:06:c0:20:70:f4:7d:58:99:b1:5b:
a6:ad:9e:7b:ee:f6:37:a2:83:fd:b6:98:96:77:89:07:62:f1:
12:46:88:f7:cb:7d:67:f1:57:b9:2b:8f:8b:90:45:88:d5:55:
7c:7e:5f:e0:bd:4a:fb:24:3a:a8:91:f0:ec:57:6a:15:dd:92:
15:8a:2d:01:8f:e9:f9:b7:52:bb:61:bb:b6:b6:d3:b8:c5:f7:
a3:f4:8d:41:7b:d4:e1:35:f5:58:eb:8f:b2:27:f8:86:27:8b:
f2:e2:1d:da:c1:a9:7c:6e:9d:37:84:d9:2d:5a:08:1d:87:5e:
8d:bb:42:59:f2:bc:05:52:1b:44:25:78:cb:44:e6:63:27:5a:
a3:6c:3a:29:b0:2b:4e:1d:8a:df:70:99:72:83:b5:60:17:96:
99:2b:4a:54:19:4c:a0:4d:43:34:04:40:4a:82:46:19:a7:e5:
3e:1b:c9:00:06:f5:2c:7a:4e:89:4c:be:40:90:84:2b:68:97:
0f:24:f6:61:93:85:b9:ff:06:38:23:f4:ab:c0:d9:8f:3a:d0:
b3:b4:c4:4e:e6:8f:ea:4d:2c:d9:e2:d7:21:7f:86:95:47:39:
19:bc:ae:71:94:9b:43:de:68:6d:3f:6b:be:aa:7f:44:1b:49:
24:09:44:6c
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICAxgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTczNzMxMTAvBgNVBAUTKDYxODQxRDFFREFCRjlGRjBGNjAxOEM2MTEwMTdBRjcx
OTYyN0EyNEQwHhcNMjMwMTMxMTY1MjIyWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Q5NDc0Ni0zMzg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArJJIg0Jfbi11UHFJc/N5/+AP9LQOainKOB8oNvClrFUCIq5R6g1Yw9BeLiNZ
v51ixICKyLoXMeodgMAJ5tN6Ukig0XbD91oaNkeTtkzrfRF02EeKajdpEZmoHLzP
+LUqd/fK3gor8r3cuumqo8DrLEI4n4fESRG6GcOWd2TtBSM0dlUsmPzDY9xoH2hp
dhWhThNtNxfoPQbq5k8jislzCzb75FVbQl/OwtDyYT80DfqJ52TEREmkfaqjHaGu
CDvD1Mv23e+xT7aqEQLLcEH9MYHzX98eGwtlxT/WPlapRPSPbfkOZYM/cu7UAKrv
aTejXzlbPP50XYrp8/7pxhmrOwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFDZcsGut
7+hFCKMI3Mxjwl9qB9jSMB8GA1UdIwQYMBaAFGGEHR7av5/w9gGMYRAXr3GWJ6JN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzM3My9CRkE5QzM2MjIz
QUExMUVDQTgxMTZCMjdDNEY5QUUwMi9ZWVFkSHRxX25fRDJBWXhoRUJldmNaWW5v
azAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lZUWRIdHFfbl9EMkFZeGhFQmV2Y1pZbm9rMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTczNzMvQkZBOUMzNjIyM0FBMTFFQ0E4MTE2QjI3QzRGOUFFMDIvNzk4RThDRjQ1
Rjk2MTFFREE4QjRDRTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAGdlVQMEA2dlUDANBgkqhkiG9w0BAQsFAAOCAQEAjKAB
mc5lTDUGwCBw9H1YmbFbpq2ee+72N6KD/baYlneJB2LxEkaI98t9Z/FXuSuPi5BF
iNVVfH5f4L1K+yQ6qJHw7FdqFd2SFYotAY/p+bdSu2G7trbTuMX3o/SNQXvU4TX1
WOuPsif4hieL8uId2sGpfG6dN4TZLVoIHYdejbtCWfK8BVIbRCV4y0TmYydao2w6
KbArTh2K33CZcoO1YBeWmStKVBlMoE1DNARASoJGGaflPhvJAAb1LHpOiUy+QJCE
K2iXDyT2YZOFuf8GOCP0q8DZjzrQs7TETuaP6k0s2eLXIX+GlUc5GbyucZSbQ95o
bT9rvqp/RBtJJAlEbA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:33 2023 by rpki-client on console-ams.rpki-client.org