Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CC1D/8CFE1D9AD1E211ED923C611FC4F9AE02/3685DD18D1E711EDB90DBF27C4F9AE02.roa
File: 3685DD18D1E711EDB90DBF27C4F9AE02.roa (raw, json)
Hash identifier: +lR/krFnUZE2Row8X1Cb9QHIr6UM6MNT1hYmObESOfM=
Subject key identifier: 4B:53:42:62:01:AA:4F:95:5E:4F:60:62:71:1D:8E:75:A1:AF:58:49
Certificate issuer: /CN=A911CC1D/serialNumber=FB0197D802A66186E840BD62E88EE40ED95E9529
Certificate serial: 56
Authority key identifier: FB:01:97:D8:02:A6:61:86:E8:40:BD:62:E8:8E:E4:0E:D9:5E:95:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-wGX2AKmYYboQL1i6I7kDtlelSk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CC1D/8CFE1D9AD1E211ED923C611FC4F9AE02/3685DD18D1E711EDB90DBF27C4F9AE02.roa
Signing time: Fri 01 Sep 2023 04:54:44 +0000
ROA not before: Fri 01 Sep 2023 04:54:44 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 136795
IP address blocks: 103.96.84.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 02 Feb 2024 00:42:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86 (0x56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CC1D/serialNumber=FB0197D802A66186E840BD62E88EE40ED95E9529
Validity
Not Before: Sep 1 04:54:44 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64f16e94-2caf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b6:60:e1:16:bb:af:73:9b:10:90:e2:bd:62:
07:37:40:13:ef:72:ce:01:11:ec:43:a1:b3:2c:e2:
10:d6:d1:03:d7:6a:9e:3a:4f:76:15:0b:fc:93:62:
c7:96:cd:23:aa:a5:a4:53:5a:ef:03:bb:41:5f:2e:
ef:ba:6a:5b:f6:5f:db:e6:21:ab:25:0d:0a:2b:2e:
4e:24:8a:3e:fa:0a:92:a0:f0:2a:e8:4f:9e:95:94:
db:3a:27:1b:0f:24:5f:8e:1c:5f:a8:29:40:de:98:
33:6f:c1:3c:f6:50:13:55:44:55:cc:a5:b8:28:a1:
6a:43:0a:50:b0:d4:b9:00:97:d0:81:d9:fd:4c:27:
94:9b:a6:bd:ac:c9:62:68:7c:6c:41:75:75:dd:b2:
7a:23:8b:b9:c3:ce:9e:35:56:6c:9c:3a:ad:d2:a2:
dc:05:11:67:ca:4f:03:16:34:c4:85:30:5c:48:1d:
5c:0b:c6:5f:c4:b4:1e:a6:04:27:87:ee:1b:31:3b:
53:71:0b:14:fc:7c:69:f3:7b:fe:84:ed:d2:4d:f6:
46:26:4b:a8:23:50:59:4f:56:38:98:e9:40:12:7e:
46:51:2c:1b:98:06:0a:fe:3a:2d:5d:90:c7:8a:61:
11:cc:58:ee:6a:e7:fb:18:a9:0f:47:5d:25:5b:44:
2f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:53:42:62:01:AA:4F:95:5E:4F:60:62:71:1D:8E:75:A1:AF:58:49
X509v3 Authority Key Identifier:
keyid:FB:01:97:D8:02:A6:61:86:E8:40:BD:62:E8:8E:E4:0E:D9:5E:95:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CC1D/8CFE1D9AD1E211ED923C611FC4F9AE02/-wGX2AKmYYboQL1i6I7kDtlelSk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-wGX2AKmYYboQL1i6I7kDtlelSk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CC1D/8CFE1D9AD1E211ED923C611FC4F9AE02/3685DD18D1E711EDB90DBF27C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.96.84.0/22
Signature Algorithm: sha256WithRSAEncryption
65:ca:a5:7c:a5:af:11:27:d7:fd:5f:47:29:12:f1:83:38:14:
78:53:27:0b:46:c8:8a:06:7f:32:61:ed:07:00:48:d5:db:dc:
45:da:a4:c6:c9:26:d8:5e:01:ed:db:5f:ce:b4:f3:cf:74:e4:
f9:7e:d1:57:af:b1:a1:8a:61:ff:29:f3:85:63:4f:68:0a:34:
bb:33:a7:ce:c0:84:37:f7:ee:6f:66:45:96:bd:15:0a:e6:f1:
b6:d1:0e:17:2c:76:a3:64:7d:0b:ca:fa:e2:a8:77:b3:33:f4:
fb:78:6f:29:df:cf:12:07:89:62:1d:b9:34:d1:7c:d9:e6:2f:
9b:a6:29:05:49:93:94:92:74:92:94:c1:74:c1:44:4a:9e:fa:
74:84:9e:83:04:51:27:0d:e5:1b:fa:76:9a:53:d9:85:28:8a:
02:c1:c6:44:75:49:37:ee:99:10:20:11:e5:5d:b2:33:60:13:
1b:c5:42:64:15:c2:e3:78:ab:40:62:16:68:50:bb:98:09:fd:
35:0f:e3:23:ad:ac:ce:7c:07:67:c3:76:6a:78:8c:be:fa:0b:
9b:a2:c9:5c:44:8a:9a:93:7a:1e:85:bf:94:0f:d1:78:24:21:
dc:97:bf:d4:7b:fe:00:47:8f:48:80:d8:14:e1:8a:17:bf:33:
cd:a2:b8:d2
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBVjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
Q0MxRDExMC8GA1UEBRMoRkIwMTk3RDgwMkE2NjE4NkU4NDBCRDYyRTg4RUU0MEVE
OTVFOTUyOTAeFw0yMzA5MDEwNDU0NDRaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZjE2ZTk0LTJjYWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCotmDhFruvc5sQkOK9Ygc3QBPvcs4BEexDobMs4hDW0QPXap46T3YVC/yTYseW
zSOqpaRTWu8Du0FfLu+6alv2X9vmIaslDQorLk4kij76CpKg8CroT56VlNs6JxsP
JF+OHF+oKUDemDNvwTz2UBNVRFXMpbgooWpDClCw1LkAl9CB2f1MJ5Sbpr2syWJo
fGxBdXXdsnoji7nDzp41VmycOq3SotwFEWfKTwMWNMSFMFxIHVwLxl/EtB6mBCeH
7hsxO1NxCxT8fGnze/6E7dJN9kYmS6gjUFlPVjiY6UASfkZRLBuYBgr+Oi1dkMeK
YRHMWO5q5/sYqQ9HXSVbRC9bAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUS1NCYgGq
T5VeT2BicR2OdaGvWEkwHwYDVR0jBBgwFoAU+wGX2AKmYYboQL1i6I7kDtlelSkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFDQzFELzhDRkUxRDlBRDFF
MjExRUQ5MjNDNjExRkM0RjlBRTAyLy13R1gyQUttWVlib1FMMWk2STdrRHRsZWxT
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvLXdHWDJBS21ZWWJvUUwxaTZJN2tEdGxlbFNrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
Q0MxRC84Q0ZFMUQ5QUQxRTIxMUVEOTIzQzYxMUZDNEY5QUUwMi8zNjg1REQxOEQx
RTcxMUVEQjkwREJGMjdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAmdgVDANBgkqhkiG9w0BAQsFAAOCAQEAZcqlfKWvESfX/V9H
KRLxgzgUeFMnC0bIigZ/MmHtBwBI1dvcRdqkxskm2F4B7dtfzrTzz3Tk+X7RV6+x
oYph/ynzhWNPaAo0uzOnzsCEN/fub2ZFlr0VCubxttEOFyx2o2R9C8r64qh3szP0
+3hvKd/PEgeJYh25NNF82eYvm6YpBUmTlJJ0kpTBdMFESp76dISegwRRJw3lG/p2
mlPZhSiKAsHGRHVJN+6ZECAR5V2yM2ATG8VCZBXC43irQGIWaFC7mAn9NQ/jI62s
znwHZ8N2aniMvvoLm6LJXESKmpN6HoW/lA/ReCQh3Je/1Hv+AEePSIDYFOGKF78z
zaK40g==
-----END CERTIFICATE-----
Generated at Fri Feb 2 01:59:34 2024 by rpki-client on console-ams.rpki-client.org