Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913ABFE/F1D5587E25F111EEB7B48058C4F9AE02/484A3E8025F311EEBD8BE35EC4F9AE02.roa
File: 484A3E8025F311EEBD8BE35EC4F9AE02.roa (raw, json)
Hash identifier: /USekJY2vkgFA0FLzWCtFt/NogYjahsvriw2hEEVZLI=
Subject key identifier: 67:D4:4A:DD:70:DD:8B:BD:4C:4F:12:34:23:13:93:43:5E:56:29:1B
Certificate issuer: /CN=A913ABFE/serialNumber=E588C73E6CB4FDB38B84EE40F8F9B64C50BE4B73
Certificate serial: 0D
Authority key identifier: E5:88:C7:3E:6C:B4:FD:B3:8B:84:EE:40:F8:F9:B6:4C:50:BE:4B:73
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5YjHPmy0_bOLhO5A-Pm2TFC-S3M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913ABFE/F1D5587E25F111EEB7B48058C4F9AE02/484A3E8025F311EEBD8BE35EC4F9AE02.roa
Signing time: Fri 28 Jul 2023 15:26:04 +0000
ROA not before: Fri 28 Jul 2023 15:26:04 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 151620
IP address blocks: 103.239.82.0/23 maxlen: 23
103.239.82.0/24 maxlen: 24
103.239.83.0/24 maxlen: 24
2001:df2:b640::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 09 Aug 2023 12:17:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13 (0xd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913ABFE/serialNumber=E588C73E6CB4FDB38B84EE40F8F9B64C50BE4B73
Validity
Not Before: Jul 28 15:26:04 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64c3de0c-7cd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:bf:1a:bf:cf:28:6d:28:2a:3a:14:04:c0:e1:
9d:bc:5f:d3:5c:52:de:38:41:b4:c9:d7:22:0f:4c:
7a:e1:dd:02:e1:66:98:19:ab:0f:f1:e3:17:58:3f:
72:0e:01:99:91:f9:6d:6f:65:21:77:e0:fc:45:54:
ca:eb:fb:9c:aa:50:77:3c:9b:57:6f:d8:16:f7:b1:
ae:5d:3c:c7:65:f3:07:5e:7f:f4:10:a4:48:46:61:
ff:36:ee:05:04:d4:0d:45:b2:30:45:d1:89:5f:e4:
14:f7:17:62:6e:e6:0f:3e:dd:3c:db:36:89:e1:bc:
ee:1b:f9:76:23:e7:4b:49:35:83:7d:e2:d1:9b:fc:
90:d8:fc:04:a6:d7:78:a7:c8:14:75:9e:ab:cd:d7:
10:d6:1d:93:89:34:7c:6e:1e:39:56:d5:ef:75:f9:
ce:8c:63:95:77:eb:35:f3:ce:36:03:66:88:75:62:
2d:15:7a:2e:40:7b:51:17:53:4f:54:da:1d:6c:15:
42:55:0f:25:d4:47:ef:c3:46:72:ef:66:b8:66:e8:
d8:78:de:35:de:22:17:08:56:76:3a:65:f4:5b:3f:
d2:85:02:b4:5b:41:bc:d4:4c:29:e9:e6:d2:e9:db:
e4:ab:82:74:cb:e6:08:b2:09:17:0d:f6:e4:a6:e5:
66:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D4:4A:DD:70:DD:8B:BD:4C:4F:12:34:23:13:93:43:5E:56:29:1B
X509v3 Authority Key Identifier:
keyid:E5:88:C7:3E:6C:B4:FD:B3:8B:84:EE:40:F8:F9:B6:4C:50:BE:4B:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913ABFE/F1D5587E25F111EEB7B48058C4F9AE02/5YjHPmy0_bOLhO5A-Pm2TFC-S3M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5YjHPmy0_bOLhO5A-Pm2TFC-S3M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913ABFE/F1D5587E25F111EEB7B48058C4F9AE02/484A3E8025F311EEBD8BE35EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.239.82.0/23
IPv6:
2001:df2:b640::/48
Signature Algorithm: sha256WithRSAEncryption
4a:53:54:98:8c:d9:ba:bd:02:b8:61:0c:0e:f8:fa:38:0f:19:
25:0c:d2:ca:fe:0a:d7:20:7b:ae:99:1b:d2:78:6c:15:93:33:
89:6e:8c:b7:b5:91:49:2a:87:fd:d3:49:4e:b9:99:e4:a7:81:
57:9b:47:60:77:f5:71:5c:dc:09:25:c5:4e:cc:48:f4:4f:83:
89:c7:5b:6a:81:d6:be:5f:ca:88:ee:a7:b3:6c:cd:ff:0a:c5:
54:74:cc:e1:a9:b7:eb:c9:fb:3b:e8:52:7a:81:9c:a6:6e:30:
04:9a:41:18:67:9b:f8:86:e8:ce:f8:92:4a:d2:74:1e:a0:e4:
1b:9e:b5:e1:1c:18:7b:67:3c:5e:4a:cb:31:73:7a:ff:bf:d9:
21:fe:e8:9a:28:b4:9b:ff:b6:d2:3a:3e:a9:5d:d4:30:d1:97:
7b:e5:05:1d:14:59:fe:81:a9:4a:96:dc:4e:95:8d:57:8b:ce:
b1:8d:00:88:91:e2:ab:e7:4c:a0:82:70:22:45:99:8e:25:85:
ec:0c:79:fc:0b:a1:dc:3a:f5:f6:1d:ae:7b:19:26:35:c6:68:
0d:d8:37:4d:be:16:7a:62:5c:e0:bd:79:7b:69:b7:1c:a2:b1:
ce:bc:7c:d7:e4:3f:28:64:1e:b8:0d:50:80:6e:c1:08:e4:8f:
7e:37:22:bd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBDTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
QUJGRTExMC8GA1UEBRMoRTU4OEM3M0U2Q0I0RkRCMzhCODRFRTQwRjhGOUI2NEM1
MEJFNEI3MzAeFw0yMzA3MjgxNTI2MDRaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0YzNkZTBjLTdjZDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDpvxq/zyhtKCo6FATA4Z28X9NcUt44QbTJ1yIPTHrh3QLhZpgZqw/x4xdYP3IO
AZmR+W1vZSF34PxFVMrr+5yqUHc8m1dv2Bb3sa5dPMdl8wdef/QQpEhGYf827gUE
1A1FsjBF0Ylf5BT3F2Ju5g8+3TzbNonhvO4b+XYj50tJNYN94tGb/JDY/ASm13in
yBR1nqvN1xDWHZOJNHxuHjlW1e91+c6MY5V36zXzzjYDZoh1Yi0Vei5Ae1EXU09U
2h1sFUJVDyXUR+/DRnLvZrhm6Nh43jXeIhcIVnY6ZfRbP9KFArRbQbzUTCnp5tLp
2+SrgnTL5giyCRcN9uSm5WZFAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUZ9RK3XDd
i71MTxI0IxOTQ15WKRswHwYDVR0jBBgwFoAU5YjHPmy0/bOLhO5A+Pm2TFC+S3Mw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTNBQkZFL0YxRDU1ODdFMjVG
MTExRUVCN0I0ODA1OEM0RjlBRTAyLzVZakhQbXkwX2JPTGhPNUEtUG0yVEZDLVMz
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNVlqSFBteTBfYk9MaE81QS1QbTJURkMtUzNNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
QUJGRS9GMUQ1NTg3RTI1RjExMUVFQjdCNDgwNThDNEY5QUUwMi80ODRBM0U4MDI1
RjMxMUVFQkQ4QkUzNUVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWfvUjAPBAIAAjAJAwcAIAEN8rZAMA0GCSqGSIb3DQEBCwUA
A4IBAQBKU1SYjNm6vQK4YQwO+Po4DxklDNLK/grXIHuumRvSeGwVkzOJboy3tZFJ
Kof900lOuZnkp4FXm0dgd/VxXNwJJcVOzEj0T4OJx1tqgda+X8qI7qezbM3/CsVU
dMzhqbfryfs76FJ6gZymbjAEmkEYZ5v4hujO+JJK0nQeoOQbnrXhHBh7ZzxeSssx
c3r/v9kh/uiaKLSb/7bSOj6pXdQw0Zd75QUdFFn+galKltxOlY1Xi86xjQCIkeKr
50yggnAiRZmOJYXsDHn8C6HcOvX2Ha57GSY1xmgN2DdNvhZ6YlzgvXl7abccorHO
vHzX5D8oZB64DVCAbsEI5I9+NyK9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:55 2024 by rpki-client on console-ams.rpki-client.org