Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/8C5134E40E5611EE8EA03372C4F9AE02.roa
File: 8C5134E40E5611EE8EA03372C4F9AE02.roa (raw, json)
Hash identifier: PWdL51pYHTztAS54M3yPRx7MD4xKDRPhTzpAb+xmNjk=
Subject key identifier: 0D:98:56:3E:A8:1B:49:5D:89:A8:03:04:AD:D2:47:4F:74:A3:3E:7B
Certificate issuer: /CN=A91383F0/serialNumber=1036C1E0FFE1CFC37D655D89FA65D65FE22E1F7A
Certificate serial: 09
Authority key identifier: 10:36:C1:E0:FF:E1:CF:C3:7D:65:5D:89:FA:65:D6:5F:E2:2E:1F:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/8C5134E40E5611EE8EA03372C4F9AE02.roa
Signing time: Mon 19 Jun 2023 04:05:38 +0000
ROA not before: Mon 19 Jun 2023 04:05:38 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 138362
IP address blocks: 103.221.66.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Jun 2023 03:16:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91383F0/serialNumber=1036C1E0FFE1CFC37D655D89FA65D65FE22E1F7A
Validity
Not Before: Jun 19 04:05:38 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=648fd412-8a3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:ae:a3:82:e8:6a:63:5e:e3:60:70:00:75:7c:
16:24:3a:5e:d2:b7:7f:76:ab:f7:a7:5f:b2:13:f3:
0b:bc:6e:04:c7:3f:ec:a2:63:f4:03:0e:eb:6b:ae:
01:04:76:54:65:34:83:69:36:e9:bb:bd:8f:6a:64:
0b:65:7e:c7:eb:a8:b8:49:64:d1:93:68:9d:8f:b4:
4d:af:9d:54:2f:91:26:02:b8:0d:3f:28:b8:ed:52:
fa:6e:92:a7:51:85:70:6e:a4:54:16:e4:77:24:19:
70:c3:d1:97:43:a7:f3:78:4a:ff:dc:6a:22:17:ff:
af:cb:b8:a8:bb:f0:3b:9b:5d:c8:30:22:eb:0b:fc:
83:c4:da:3e:99:4f:08:8a:4d:6e:2b:09:cc:f5:cc:
81:fe:45:e0:d1:ec:27:f5:cb:e4:31:f0:ab:a2:93:
7a:1d:8d:ac:74:8d:b3:08:53:f4:9b:55:f0:7d:53:
1f:d8:67:eb:a4:d8:0a:c5:4f:15:de:c8:12:ca:fe:
53:73:39:25:74:ef:3f:e3:21:89:b5:bc:73:1b:60:
d5:60:aa:63:30:ad:57:38:b0:d4:f2:29:b7:24:52:
f6:9c:5e:77:47:b5:80:73:87:30:a3:ad:33:d3:3f:
89:30:17:db:3a:99:9d:ac:99:be:17:c4:2b:bb:9b:
b2:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:98:56:3E:A8:1B:49:5D:89:A8:03:04:AD:D2:47:4F:74:A3:3E:7B
X509v3 Authority Key Identifier:
keyid:10:36:C1:E0:FF:E1:CF:C3:7D:65:5D:89:FA:65:D6:5F:E2:2E:1F:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/8C5134E40E5611EE8EA03372C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.66.0/23
Signature Algorithm: sha256WithRSAEncryption
08:8d:44:76:c8:5c:2a:ba:98:2b:11:06:31:a9:cc:7f:99:a6:
03:36:ce:c4:04:75:c2:d2:75:56:14:d8:50:9a:50:e2:4e:41:
d3:66:a6:92:89:a0:b7:f2:77:c3:45:86:a0:25:d2:d2:da:1f:
e8:ea:a7:14:f3:8e:73:a1:29:67:d7:d8:96:75:6d:c9:a5:e5:
8b:0c:cb:6f:cb:fc:40:ba:b9:e7:ed:84:37:2c:23:3e:c4:e3:
21:10:e3:88:99:23:3c:c9:62:fd:8b:c4:59:36:cf:f3:0a:15:
9e:f1:23:a2:ac:68:49:04:6d:68:de:d0:a7:9e:d7:a4:67:d4:
6b:00:2c:5b:6e:9b:9b:80:8e:a7:16:4c:4a:b7:85:c2:71:15:
bf:de:4d:f5:de:e4:4c:3d:1c:8e:9f:e5:42:ae:85:05:7e:83:
e1:8f:15:91:10:f1:41:f0:c1:7f:00:29:e3:3f:f9:18:80:3d:
6d:55:b9:69:80:b3:c8:d4:fc:5e:88:ad:02:ba:7e:e7:ec:cc:
26:89:e4:e1:91:bd:e8:c3:cc:36:d0:ca:83:ca:99:6b:cb:46:
02:35:17:37:5b:4b:03:78:45:7f:e5:ba:e2:dd:b3:d0:1d:08:
2a:50:e2:a7:b3:98:8c:7b:8e:ed:a5:b7:3b:88:62:af:78:7d:
47:a8:1b:66
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
ODNGMDExMC8GA1UEBRMoMTAzNkMxRTBGRkUxQ0ZDMzdENjU1RDg5RkE2NUQ2NUZF
MjJFMUY3QTAeFw0yMzA2MTkwNDA1MzhaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0OGZkNDEyLThhM2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDzrqOC6GpjXuNgcAB1fBYkOl7St392q/enX7IT8wu8bgTHP+yiY/QDDutrrgEE
dlRlNINpNum7vY9qZAtlfsfrqLhJZNGTaJ2PtE2vnVQvkSYCuA0/KLjtUvpukqdR
hXBupFQW5HckGXDD0ZdDp/N4Sv/caiIX/6/LuKi78DubXcgwIusL/IPE2j6ZTwiK
TW4rCcz1zIH+ReDR7Cf1y+Qx8Kuik3odjax0jbMIU/SbVfB9Ux/YZ+uk2ArFTxXe
yBLK/lNzOSV07z/jIYm1vHMbYNVgqmMwrVc4sNTyKbckUvacXndHtYBzhzCjrTPT
P4kwF9s6mZ2smb4XxCu7m7JDAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUDZhWPqgb
SV2JqAMErdJHT3SjPnswHwYDVR0jBBgwFoAUEDbB4P/hz8N9ZV2J+mXWX+IuH3ow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM4M0YwL0RDRkNBNkEyMEE4
MzExRUU5RTZBOTI1MEM0RjlBRTAyL0VEYkI0UF9oejhOOVpWMkotbVhXWC1JdUgz
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRURiQjRQX2h6OE45WlYySi1tWFdYLUl1SDNvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
ODNGMC9EQ0ZDQTZBMjBBODMxMUVFOUU2QTkyNTBDNEY5QUUwMi84QzUxMzRFNDBF
NTYxMUVFOEVBMDMzNzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWfdQjANBgkqhkiG9w0BAQsFAAOCAQEACI1EdshcKrqYKxEG
ManMf5mmAzbOxAR1wtJ1VhTYUJpQ4k5B02amkomgt/J3w0WGoCXS0tof6OqnFPOO
c6EpZ9fYlnVtyaXliwzLb8v8QLq55+2ENywjPsTjIRDjiJkjPMli/YvEWTbP8woV
nvEjoqxoSQRtaN7Qp57XpGfUawAsW26bm4COpxZMSreFwnEVv95N9d7kTD0cjp/l
Qq6FBX6D4Y8VkRDxQfDBfwAp4z/5GIA9bVW5aYCzyNT8XoitArp+5+zMJonk4ZG9
6MPMNtDKg8qZa8tGAjUXN1tLA3hFf+W64t2z0B0IKlDip7OYjHuO7aW3O4hir3h9
R6gbZg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org