Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/E0B3A87CA69711ED9DFF0870C4F9AE02.roa
File: E0B3A87CA69711ED9DFF0870C4F9AE02.roa (raw, json)
Hash identifier: zimqvxOmy95RPu1rH5QZfKu+GFhtBsemJIGrU+LWIdI=
Subject key identifier: F0:02:4B:CC:56:97:F5:E0:27:6A:08:EB:64:91:9B:82:04:B5:CE:2E
Certificate issuer: /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Certificate serial: 05BC
Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/E0B3A87CA69711ED9DFF0870C4F9AE02.roa
Signing time: Wed 04 Oct 2023 23:41:35 +0000
ROA not before: Wed 04 Oct 2023 23:41:35 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 58600
IP address blocks: 103.9.40.0/22 maxlen: 24
103.224.128.0/22 maxlen: 24
163.47.104.0/22 maxlen: 24
2403:c900::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1468 (0x5bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Validity
Not Before: Oct 4 23:41:35 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=651df82f-be46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:45:3b:94:7e:8f:02:de:26:87:2b:81:a2:28:
c7:da:56:92:95:8d:df:b2:55:3f:0b:25:13:16:40:
e1:b9:a7:44:c4:1f:95:28:eb:6f:58:5e:c9:99:96:
66:5a:38:cc:64:ca:1b:b0:eb:71:94:cc:4e:02:f6:
ec:d2:4e:50:85:01:65:64:25:ad:e3:ca:2c:62:53:
ca:8f:75:a9:f1:09:41:58:28:b9:b4:db:c0:8c:99:
b1:1e:1f:80:70:14:a7:2d:ac:64:b2:4d:e0:60:99:
cf:ab:ea:00:7c:81:0d:19:e9:1f:8d:38:6d:13:3d:
92:08:62:c5:fb:6a:cb:5a:43:62:ec:9c:43:76:15:
30:24:e6:5d:64:f6:87:7e:d0:be:a9:d2:fb:d0:b1:
fd:f0:57:30:cd:38:6a:8e:19:97:08:ef:76:f3:18:
c0:b9:34:bb:2f:02:d7:60:b2:94:9b:81:c8:f3:09:
52:74:c0:83:cf:49:01:f3:77:45:f7:f8:7c:42:73:
74:b8:e7:f6:3b:f9:0f:f0:43:25:7f:ec:42:71:10:
38:2e:b6:10:b9:8e:63:1a:79:31:b3:6d:21:f4:c6:
8d:25:ae:48:66:36:8d:da:da:ce:07:4a:71:87:88:
d2:88:44:4e:3e:eb:38:04:d5:a3:38:57:07:16:2f:
a2:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:02:4B:CC:56:97:F5:E0:27:6A:08:EB:64:91:9B:82:04:B5:CE:2E
X509v3 Authority Key Identifier:
keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/E0B3A87CA69711ED9DFF0870C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.9.40.0/22
103.224.128.0/22
163.47.104.0/22
IPv6:
2403:c900::/32
Signature Algorithm: sha256WithRSAEncryption
75:ad:ce:9f:ae:7c:5f:ca:57:8d:75:a2:33:f7:92:1c:ea:b9:
1d:3f:67:0d:40:6c:14:eb:5a:f3:f1:b5:93:d9:75:54:3b:be:
8f:f1:05:d7:b8:d5:20:fc:9e:2b:83:cd:46:32:72:19:c6:6c:
50:d2:d3:b8:c5:94:19:2a:9e:df:e2:1e:90:84:76:11:19:d0:
75:71:9b:01:82:27:1c:96:7c:e5:51:c3:3d:a1:65:e0:38:73:
70:ed:b1:57:26:0f:47:5b:38:2f:c9:4a:66:af:e7:ef:3d:da:
98:fc:f1:cf:40:42:db:c3:16:12:63:f9:25:64:bd:f1:86:fe:
27:ee:9e:7b:f9:9f:29:da:3d:d2:10:0d:bf:58:bb:e3:80:38:
bf:dd:08:39:7c:e1:1f:92:c7:17:1c:f6:89:f8:f9:44:6e:f3:
f2:82:93:18:93:be:69:42:4e:86:d9:6b:37:45:d6:5a:77:ca:
e3:9f:2d:15:a6:cc:8a:43:9e:5b:7e:77:68:eb:ce:52:5e:d1:
f8:24:c0:51:ca:56:79:43:7b:cf:48:88:f1:bb:67:ad:65:64:
e3:90:2e:f9:0c:75:51:a0:85:06:e4:68:c0:cf:38:95:50:eb:
60:eb:60:e2:c3:21:b3:38:34:81:ed:98:67:ef:0f:10:90:1a:
99:41:12:00
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICBbwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC
NjBEQjFCMkMwHhcNMjMxMDA0MjM0MTM1WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFkZjgyZi1iZTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnkU7lH6PAt4mhyuBoijH2laSlY3fslU/CyUTFkDhuadExB+VKOtvWF7JmZZm
WjjMZMobsOtxlMxOAvbs0k5QhQFlZCWt48osYlPKj3Wp8QlBWCi5tNvAjJmxHh+A
cBSnLaxksk3gYJnPq+oAfIENGekfjThtEz2SCGLF+2rLWkNi7JxDdhUwJOZdZPaH
ftC+qdL70LH98FcwzThqjhmXCO928xjAuTS7LwLXYLKUm4HI8wlSdMCDz0kB83dF
9/h8QnN0uOf2O/kP8EMlf+xCcRA4LrYQuY5jGnkxs20h9MaNJa5IZjaN2trOB0px
h4jSiEROPus4BNWjOFcHFi+i+wIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFPACS8xW
l/XgJ2oI62SRm4IEtc4uMB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2
QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvRTBCM0E4N0NB
Njk3MTFFRDlERkYwODcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAJnCSgDBAJn4IADBAKjL2gwDQQCAAIwBwMFACQDyQAwDQYJ
KoZIhvcNAQELBQADggEBAHWtzp+ufF/KV411ojP3khzquR0/Zw1AbBTrWvPxtZPZ
dVQ7vo/xBde41SD8niuDzUYychnGbFDS07jFlBkqnt/iHpCEdhEZ0HVxmwGCJxyW
fOVRwz2hZeA4c3DtsVcmD0dbOC/JSmav5+892pj88c9AQtvDFhJj+SVkvfGG/ifu
nnv5nynaPdIQDb9Yu+OAOL/dCDl84R+Sxxcc9on4+URu8/KCkxiTvmlCTobZazdF
1lp3yuOfLRWmzIpDnlt+d2jrzlJe0fgkwFHKVnlDe89IiPG7Z61lZOOQLvkMdVGg
hQbkaMDPOJVQ62DrYOLDIbM4NIHtmGfvDxCQGplBEgA=
-----END CERTIFICATE-----
Generated at Wed Dec 13 08:57:32 2023 by rpki-client on console-fra.rpki-client.org