Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913C432/2DCABA685CF211E984939224C4F9AE02/B69EC0F4F7AE11ED9B3B2A2FC4F9AE02.roa
File: B69EC0F4F7AE11ED9B3B2A2FC4F9AE02.roa (raw, json)
Hash identifier: 1XyY6lbrMM12jJqxl+LgUd/yka1vSf0wcXLPo5AL5MM=
Subject key identifier: 95:C2:B9:D3:3C:9C:BD:37:F8:78:5E:FD:B8:24:84:CD:01:09:99:A4
Certificate issuer: /CN=A913C432/serialNumber=329DA03DB9944751498A5FCA53C85DAA60CB9A32
Certificate serial: 0E43
Authority key identifier: 32:9D:A0:3D:B9:94:47:51:49:8A:5F:CA:53:C8:5D:AA:60:CB:9A:32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Mp2gPbmUR1FJil_KU8hdqmDLmjI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913C432/2DCABA685CF211E984939224C4F9AE02/B69EC0F4F7AE11ED9B3B2A2FC4F9AE02.roa
Signing time: Sun 21 May 2023 08:08:48 +0000
ROA not before: Sun 21 May 2023 08:08:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137449
IP address blocks: 103.138.24.0/22 maxlen: 24
2404:bec0::/32 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3651 (0xe43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913C432/serialNumber=329DA03DB9944751498A5FCA53C85DAA60CB9A32
Validity
Not Before: May 21 08:08:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6469d190-4a49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:bf:25:fa:d1:6c:b5:db:da:e6:56:6f:06:10:
d4:1d:42:99:31:42:1a:8f:aa:85:6d:56:31:91:36:
09:dc:09:e7:c9:ee:90:2e:de:07:12:93:af:8c:0a:
f2:6f:de:3f:26:f7:9d:88:52:b5:f8:d9:da:67:ca:
dd:e5:ad:f9:56:93:74:29:29:b5:ba:f5:60:f9:a1:
75:55:34:95:49:d1:67:79:6a:48:d0:33:c0:a6:71:
ab:96:d9:4f:aa:20:b7:93:db:57:63:bb:a9:4f:bc:
fc:4b:36:81:28:58:68:fb:be:80:61:00:e9:47:86:
22:88:3b:63:17:93:6f:44:db:a9:15:8b:82:4e:1d:
27:fb:ff:32:f4:72:22:e6:ed:bb:b2:78:76:3e:1c:
c6:0b:45:e7:0c:f9:87:fe:78:a3:e1:70:da:47:64:
29:89:f9:a9:58:7b:e9:76:5d:b0:68:66:eb:8e:35:
80:27:a6:a3:c4:6d:1f:7c:7b:3e:a4:da:a9:ad:18:
6f:77:ad:9f:cc:94:bc:11:1c:ff:87:28:4c:d7:53:
b6:fc:eb:11:c9:be:85:4f:26:84:bd:a0:ee:f8:26:
4c:b4:d7:d9:5d:01:e1:06:73:fa:9d:14:dc:63:2e:
9c:4c:2c:87:ce:28:ef:40:b3:a0:9c:bc:8c:dd:e9:
3b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C2:B9:D3:3C:9C:BD:37:F8:78:5E:FD:B8:24:84:CD:01:09:99:A4
X509v3 Authority Key Identifier:
keyid:32:9D:A0:3D:B9:94:47:51:49:8A:5F:CA:53:C8:5D:AA:60:CB:9A:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913C432/2DCABA685CF211E984939224C4F9AE02/Mp2gPbmUR1FJil_KU8hdqmDLmjI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Mp2gPbmUR1FJil_KU8hdqmDLmjI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C432/2DCABA685CF211E984939224C4F9AE02/B69EC0F4F7AE11ED9B3B2A2FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.24.0/22
IPv6:
2404:bec0::/32
Signature Algorithm: sha256WithRSAEncryption
e9:1a:1f:a0:48:f4:d6:76:21:94:7a:e1:03:a5:95:4a:6a:53:
bc:15:2d:41:4a:2d:92:da:9b:5e:e6:ac:23:e5:0f:7f:09:ea:
07:e0:8c:53:70:d9:23:df:89:92:44:24:fb:09:a9:3b:0f:1b:
41:04:aa:f1:5a:52:12:98:22:f9:c1:ff:b5:14:8b:f2:0e:56:
17:51:54:a2:ce:b8:f9:5b:7b:c1:67:51:7b:16:8c:c4:5d:b9:
4a:35:31:bb:fb:2e:8a:ac:0d:fb:1d:68:f5:a3:d0:d9:a3:ed:
41:d5:9b:70:7b:fa:d9:43:50:37:d2:58:92:e1:d3:3e:48:b7:
0b:26:00:82:16:6d:c2:32:63:6d:f1:18:e1:d8:04:71:0c:68:
f1:08:00:d8:42:05:a1:aa:bd:1c:1c:cd:3b:92:ea:76:68:75:
4d:2d:7d:d7:b0:3e:88:6f:a0:7f:0e:de:05:eb:58:4c:b8:fe:
fe:16:9e:83:cb:93:de:d5:be:6b:9e:a1:b8:b7:33:d1:24:03:
23:72:d0:cc:9f:69:aa:bf:9a:6f:58:e1:f0:d9:b9:11:a6:5c:
fa:f3:26:12:80:a7:a9:d6:68:10:ab:fc:4d:67:56:5b:78:e6:
f2:0a:c4:20:b8:60:18:e7:10:1e:c7:2d:fc:bf:c8:cc:50:6e:
e5:18:d2:4f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDkMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0M0MzIxMTAvBgNVBAUTKDMyOURBMDNEQjk5NDQ3NTE0OThBNUZDQTUzQzg1REFB
NjBDQjlBMzIwHhcNMjMwNTIxMDgwODQ4WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDY5ZDE5MC00YTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyb8l+tFstdva5lZvBhDUHUKZMUIaj6qFbVYxkTYJ3Annye6QLt4HEpOvjAry
b94/JvediFK1+NnaZ8rd5a35VpN0KSm1uvVg+aF1VTSVSdFneWpI0DPApnGrltlP
qiC3k9tXY7upT7z8SzaBKFho+76AYQDpR4YiiDtjF5NvRNupFYuCTh0n+/8y9HIi
5u27snh2PhzGC0XnDPmH/nij4XDaR2QpifmpWHvpdl2waGbrjjWAJ6ajxG0ffHs+
pNqprRhvd62fzJS8ERz/hyhM11O2/OsRyb6FTyaEvaDu+CZMtNfZXQHhBnP6nRTc
Yy6cTCyHzijvQLOgnLyM3ek7lwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFJXCudM8
nL03+Hhe/bgkhM0BCZmkMB8GA1UdIwQYMBaAFDKdoD25lEdRSYpfylPIXapgy5oy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzQzMi8yRENBQkE2ODVD
RjIxMUU5ODQ5MzkyMjRDNEY5QUUwMi9NcDJnUGJtVVIxRkppbF9LVThoZHFtRExt
akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01wMmdQYm1VUjFGSmlsX0tVOGhkcW1ETG1qSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0M0MzIvMkRDQUJBNjg1Q0YyMTFFOTg0OTM5MjI0QzRGOUFFMDIvQjY5RUMwRjRG
N0FFMTFFRDlCM0IyQTJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnihgwDQQCAAIwBwMFACQEvsAwDQYJKoZIhvcNAQELBQAD
ggEBAOkaH6BI9NZ2IZR64QOllUpqU7wVLUFKLZLam17mrCPlD38J6gfgjFNw2SPf
iZJEJPsJqTsPG0EEqvFaUhKYIvnB/7UUi/IOVhdRVKLOuPlbe8FnUXsWjMRduUo1
Mbv7LoqsDfsdaPWj0Nmj7UHVm3B7+tlDUDfSWJLh0z5ItwsmAIIWbcIyY23xGOHY
BHEMaPEIANhCBaGqvRwczTuS6nZodU0tfdewPohvoH8O3gXrWEy4/v4WnoPLk97V
vmueobi3M9EkAyNy0Myfaaq/mm9Y4fDZuRGmXPrzJhKAp6nWaBCr/E1nVlt45vIK
xCC4YBjnEB7HLfy/yMxQbuUY0k8=
-----END CERTIFICATE-----
Generated at Thu Nov 2 08:27:38 2023 by rpki-client on console-fra.rpki-client.org