Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91173B6/10F48486E19F11EABD4A2313C4F9AE02/6A9B3B460C6F11ECB6BB2235C4F9AE02.roa
File: 6A9B3B460C6F11ECB6BB2235C4F9AE02.roa (raw, json)
Hash identifier: anex1XoQ+qkpus3zlNqwfFvA47y/XNRSw+CtXfSVl2M=
Subject key identifier: 17:91:CF:23:58:4A:3E:DA:68:E6:EA:A1:C0:26:DE:F2:96:9C:B5:FB
Certificate issuer: /CN=A91173B6/serialNumber=545887D7719748B469D053FF316A6A57AB996233
Certificate serial: 06BD
Authority key identifier: 54:58:87:D7:71:97:48:B4:69:D0:53:FF:31:6A:6A:57:AB:99:62:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VFiH13GXSLRp0FP_MWpqV6uZYjM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91173B6/10F48486E19F11EABD4A2313C4F9AE02/6A9B3B460C6F11ECB6BB2235C4F9AE02.roa
Signing time: Thu 24 Aug 2023 21:58:37 +0000
ROA not before: Thu 24 Aug 2023 21:58:37 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 132113
IP address blocks: 103.70.192.0/22 maxlen: 24
103.76.158.0/23 maxlen: 24
2401:5840::/32 maxlen: 40
Validation: Failed, certificate revoked on Fri 02 Feb 2024 02:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1725 (0x6bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91173B6/serialNumber=545887D7719748B469D053FF316A6A57AB996233
Validity
Not Before: Aug 24 21:58:37 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64e7d28d-6f25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:dd:94:c1:1b:8f:5f:08:35:a3:ff:e0:ae:a9:
af:6e:e7:b1:44:dd:fd:5a:74:50:9d:d9:b4:2c:3c:
2a:bd:25:ac:d1:67:d2:40:a6:84:18:3e:92:5a:a7:
5a:38:80:10:9a:a2:2c:f6:7c:63:9c:e2:98:ea:31:
4c:76:22:d0:26:b4:08:ef:3c:be:5f:66:97:55:8b:
1c:27:d1:3e:f7:1a:66:06:16:4d:a9:f3:3c:12:80:
66:2f:4e:af:18:25:85:a2:20:d0:84:e9:0c:b5:e2:
84:e2:7c:02:30:d6:ec:38:52:7d:a3:fe:6e:16:cb:
d7:1f:b6:d4:b2:70:8b:27:a9:83:16:55:d4:4b:c5:
52:71:02:fb:f2:15:ef:cb:ad:f4:3e:95:69:65:1e:
79:9e:a7:79:a0:a6:21:b9:c8:65:ad:87:21:34:d9:
a5:d7:a8:45:9a:09:e6:ad:28:ef:15:97:27:f1:a7:
bf:2b:a5:1a:26:dc:b6:70:d9:c4:f5:d6:27:aa:69:
13:0f:04:4f:03:cb:a9:9a:f7:c1:57:f4:ed:a0:8c:
63:35:10:36:af:36:31:44:5d:de:2c:12:df:3f:38:
60:29:15:bd:43:b1:ea:96:19:b8:ab:61:48:1c:0e:
3b:2d:e5:b0:42:8d:f2:09:bf:42:a5:00:50:80:53:
cf:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:91:CF:23:58:4A:3E:DA:68:E6:EA:A1:C0:26:DE:F2:96:9C:B5:FB
X509v3 Authority Key Identifier:
keyid:54:58:87:D7:71:97:48:B4:69:D0:53:FF:31:6A:6A:57:AB:99:62:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91173B6/10F48486E19F11EABD4A2313C4F9AE02/VFiH13GXSLRp0FP_MWpqV6uZYjM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VFiH13GXSLRp0FP_MWpqV6uZYjM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91173B6/10F48486E19F11EABD4A2313C4F9AE02/6A9B3B460C6F11ECB6BB2235C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.70.192.0/22
103.76.158.0/23
IPv6:
2401:5840::/32
Signature Algorithm: sha256WithRSAEncryption
76:23:36:d6:3c:00:16:3d:14:84:4c:a9:f8:31:e6:17:22:b8:
22:9b:0e:ab:ee:6d:8c:04:4b:b5:67:3a:99:9e:10:0d:09:29:
1d:d6:94:45:d6:8f:33:93:d4:13:e3:29:36:c8:d6:09:1b:fd:
af:55:55:18:d6:72:98:08:dd:48:56:f3:57:42:35:f4:96:5d:
b7:6b:47:7d:cc:9d:06:81:4f:97:2e:4d:88:13:7e:4d:f5:88:
af:64:d8:25:18:b5:4a:e5:70:24:bb:49:8e:95:3e:21:55:f3:
f7:b7:24:b2:9e:97:8d:a9:2c:43:98:ea:85:ef:e8:2f:94:17:
36:83:7d:02:cf:ca:f7:96:c1:7d:93:3b:a6:f2:25:29:f0:4c:
49:61:f5:94:43:cf:5f:b3:b8:a5:6a:ff:f9:6d:0d:c1:0b:86:
79:d5:9b:20:02:ca:ec:42:1f:9b:60:7e:69:fc:ad:56:cb:8d:
e8:12:07:e2:95:e7:d2:e3:ae:9e:ae:85:04:6d:05:62:17:69:
7d:f5:23:b8:76:b1:da:7e:6d:83:81:19:c7:67:2c:0e:ff:33:
71:2d:dc:42:b0:78:76:05:d0:01:36:49:40:04:e1:c1:62:46:
62:48:57:6a:1a:51:e2:a8:67:6d:05:5e:83:5e:6e:ea:d4:50:
8a:38:6d:21
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBr0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTczQjYxMTAvBgNVBAUTKDU0NTg4N0Q3NzE5NzQ4QjQ2OUQwNTNGRjMxNkE2QTU3
QUI5OTYyMzMwHhcNMjMwODI0MjE1ODM3WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGU3ZDI4ZC02ZjI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo92UwRuPXwg1o//grqmvbuexRN39WnRQndm0LDwqvSWs0WfSQKaEGD6SWqda
OIAQmqIs9nxjnOKY6jFMdiLQJrQI7zy+X2aXVYscJ9E+9xpmBhZNqfM8EoBmL06v
GCWFoiDQhOkMteKE4nwCMNbsOFJ9o/5uFsvXH7bUsnCLJ6mDFlXUS8VScQL78hXv
y630PpVpZR55nqd5oKYhuchlrYchNNml16hFmgnmrSjvFZcn8ae/K6UaJty2cNnE
9dYnqmkTDwRPA8upmvfBV/TtoIxjNRA2rzYxRF3eLBLfPzhgKRW9Q7Hqlhm4q2FI
HA47LeWwQo3yCb9CpQBQgFPPKwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFBeRzyNY
Sj7aaObqocAm3vKWnLX7MB8GA1UdIwQYMBaAFFRYh9dxl0i0adBT/zFqalermWIz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzNCNi8xMEY0ODQ4NkUx
OUYxMUVBQkQ0QTIzMTNDNEY5QUUwMi9WRmlIMTNHWFNMUnAwRlBfTVdwcVY2dVpZ
ak0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZGaUgxM0dYU0xScDBGUF9NV3BxVjZ1WllqTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTczQjYvMTBGNDg0ODZFMTlGMTFFQUJENEEyMzEzQzRGOUFFMDIvNkE5QjNCNDYw
QzZGMTFFQ0I2QkIyMjM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnRsADBAFnTJ4wDQQCAAIwBwMFACQBWEAwDQYJKoZIhvcN
AQELBQADggEBAHYjNtY8ABY9FIRMqfgx5hciuCKbDqvubYwES7VnOpmeEA0JKR3W
lEXWjzOT1BPjKTbI1gkb/a9VVRjWcpgI3UhW81dCNfSWXbdrR33MnQaBT5cuTYgT
fk31iK9k2CUYtUrlcCS7SY6VPiFV8/e3JLKel42pLEOY6oXv6C+UFzaDfQLPyveW
wX2TO6byJSnwTElh9ZRDz1+zuKVq//ltDcELhnnVmyACyuxCH5tgfmn8rVbLjegS
B+KV59Ljrp6uhQRtBWIXaX31I7h2sdp+bYOBGcdnLA7/M3Et3EKweHYF0AE2SUAE
4cFiRmJIV2oaUeKoZ20FXoNeburUUIo4bSE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org