Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91187A6/9EBE69608E7C11EA9833105EC4F9AE02/8599E35E8E7E11EA955D1E64C4F9AE02.roa
File: 8599E35E8E7E11EA955D1E64C4F9AE02.roa (raw, json)
Hash identifier: 8yT7q3ltEDJNMx/pwe5As+3k0H3mH4NXmPADclVaMYU=
Subject key identifier: EE:04:6D:CE:48:59:1E:6B:CC:CC:7C:52:5B:67:0C:A1:7C:5A:4E:85
Certificate issuer: /CN=A91187A6/serialNumber=3088B17AB7E99664579B6C17DA9202BB7A29F6F4
Certificate serial: 084F
Authority key identifier: 30:88:B1:7A:B7:E9:96:64:57:9B:6C:17:DA:92:02:BB:7A:29:F6:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MIixerfplmRXm2wX2pICu3op9vQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91187A6/9EBE69608E7C11EA9833105EC4F9AE02/8599E35E8E7E11EA955D1E64C4F9AE02.roa
Signing time: Fri 06 Oct 2023 20:58:15 +0000
ROA not before: Fri 06 Oct 2023 20:58:15 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 132528
IP address blocks: 103.73.108.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 16 Apr 2024 19:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2127 (0x84f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91187A6/serialNumber=3088B17AB7E99664579B6C17DA9202BB7A29F6F4
Validity
Not Before: Oct 6 20:58:15 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=652074e6-478d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3f:e7:35:42:0b:47:2a:0b:99:ea:ef:8e:74:
02:a3:b7:dc:ef:7c:9a:57:dc:66:b5:55:fd:2c:09:
e5:e5:9d:50:62:49:a9:4e:1f:78:27:8a:29:e2:cc:
f7:b1:16:b6:7d:21:1e:d7:7c:66:da:fa:75:da:ca:
4b:dc:a4:a1:47:c4:e4:9e:3b:67:5b:b3:b3:5e:fc:
1c:49:b1:53:d5:d4:e0:98:5b:9f:34:21:c3:18:0c:
83:e1:d9:4c:8a:f2:b8:52:e5:16:4d:12:5a:5b:54:
df:11:f4:5a:97:0f:5c:61:3f:03:14:b5:20:8f:10:
5a:36:b9:db:c3:ff:20:b2:47:b4:46:a0:14:64:7c:
69:c5:4f:09:dd:ac:ea:0e:49:f9:6d:86:7d:4a:93:
52:ce:8d:c4:fa:fe:0b:ae:e2:d8:dc:fa:32:02:16:
85:05:73:cf:3b:bd:f9:bb:85:90:e5:aa:f6:57:2b:
8b:92:c2:f4:cf:da:9c:2b:50:d2:96:c7:32:a6:93:
04:e0:87:19:7d:d7:37:5d:a1:fc:ac:13:bc:27:15:
24:b7:d8:e9:23:92:56:23:5e:e3:bf:c7:47:d8:bc:
00:87:8f:ae:ea:29:2b:63:b6:23:cc:e4:6e:60:d8:
68:a2:c0:2e:9b:00:94:23:7b:2e:bd:31:5a:7c:4e:
ae:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:04:6D:CE:48:59:1E:6B:CC:CC:7C:52:5B:67:0C:A1:7C:5A:4E:85
X509v3 Authority Key Identifier:
keyid:30:88:B1:7A:B7:E9:96:64:57:9B:6C:17:DA:92:02:BB:7A:29:F6:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91187A6/9EBE69608E7C11EA9833105EC4F9AE02/MIixerfplmRXm2wX2pICu3op9vQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MIixerfplmRXm2wX2pICu3op9vQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91187A6/9EBE69608E7C11EA9833105EC4F9AE02/8599E35E8E7E11EA955D1E64C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.73.108.0/22
Signature Algorithm: sha256WithRSAEncryption
95:0a:02:81:8e:61:75:4a:95:12:76:ed:12:ed:3d:1e:c2:31:
0b:75:0e:1e:9a:3c:ef:1e:24:a3:d7:d7:a5:18:67:94:41:d1:
53:74:28:ce:7c:35:9e:31:7d:f1:9b:13:e0:d6:ce:1d:1b:60:
31:94:27:dd:d6:b1:03:22:6c:07:fe:b0:38:55:dd:c8:f7:2a:
a6:af:11:da:62:91:88:8c:6a:90:f0:ee:3d:8e:10:3e:9d:fd:
9a:d1:a0:94:ea:da:58:72:08:c6:f1:09:66:26:37:89:b1:c8:
67:e1:ec:ca:f3:b8:b3:39:75:ab:c1:af:d5:76:8a:51:ee:fa:
51:35:33:5f:2a:42:03:7c:da:f1:e8:38:c2:1f:2c:7e:ba:b7:
fb:74:4b:e5:b3:74:5e:c1:4c:cd:75:29:06:7f:dc:be:1b:2d:
48:ba:58:46:9e:85:39:ee:04:0a:87:38:82:06:d9:db:aa:e2:
25:72:61:a4:88:40:64:66:64:06:cc:6e:fa:0b:f4:3e:98:3b:
39:56:12:98:1f:66:54:09:79:4d:0e:b7:4c:ab:22:2b:9f:50:
23:35:c0:3f:08:1a:32:2d:f6:a1:61:33:9f:67:9c:b7:89:e2:
b8:09:8d:23:2a:f5:8b:66:0c:69:e5:33:ff:c8:4e:54:4b:e4:
45:cd:73:35
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCE8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTg3QTYxMTAvBgNVBAUTKDMwODhCMTdBQjdFOTk2NjQ1NzlCNkMxN0RBOTIwMkJC
N0EyOUY2RjQwHhcNMjMxMDA2MjA1ODE1WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTIwNzRlNi00NzhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxD/nNUILRyoLmervjnQCo7fc73yaV9xmtVX9LAnl5Z1QYkmpTh94J4op4sz3
sRa2fSEe13xm2vp12spL3KShR8TknjtnW7OzXvwcSbFT1dTgmFufNCHDGAyD4dlM
ivK4UuUWTRJaW1TfEfRalw9cYT8DFLUgjxBaNrnbw/8gske0RqAUZHxpxU8J3azq
Dkn5bYZ9SpNSzo3E+v4LruLY3PoyAhaFBXPPO735u4WQ5ar2VyuLksL0z9qcK1DS
lscyppME4IcZfdc3XaH8rBO8JxUkt9jpI5JWI17jv8dH2LwAh4+u6ikrY7YjzORu
YNhoosAumwCUI3suvTFafE6uHwIDAQABo4IClTCCApEwHQYDVR0OBBYEFO4Ebc5I
WR5rzMx8UltnDKF8Wk6FMB8GA1UdIwQYMBaAFDCIsXq36ZZkV5tsF9qSArt6Kfb0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODdBNi85RUJFNjk2MDhF
N0MxMUVBOTgzMzEwNUVDNEY5QUUwMi9NSWl4ZXJmcGxtUlhtMndYMnBJQ3Uzb3A5
dlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01JaXhlcmZwbG1SWG0yd1gycElDdTNvcDl2US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTg3QTYvOUVCRTY5NjA4RTdDMTFFQTk4MzMxMDVFQzRGOUFFMDIvODU5OUUzNUU4
RTdFMTFFQTk1NUQxRTY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnSWwwDQYJKoZIhvcNAQELBQADggEBAJUKAoGOYXVKlRJ2
7RLtPR7CMQt1Dh6aPO8eJKPX16UYZ5RB0VN0KM58NZ4xffGbE+DWzh0bYDGUJ93W
sQMibAf+sDhV3cj3KqavEdpikYiMapDw7j2OED6d/ZrRoJTq2lhyCMbxCWYmN4mx
yGfh7MrzuLM5davBr9V2ilHu+lE1M18qQgN82vHoOMIfLH66t/t0S+WzdF7BTM11
KQZ/3L4bLUi6WEaehTnuBAqHOIIG2duq4iVyYaSIQGRmZAbMbvoL9D6YOzlWEpgf
ZlQJeU0Ot0yrIiufUCM1wD8IGjIt9qFhM59nnLeJ4rgJjSMq9YtmDGnlM//ITlRL
5EXNczU=
-----END CERTIFICATE-----
Generated at Tue Apr 16 21:40:06 2024 by rpki-client on console-fra.rpki-client.org