Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91583E4/05FEF44A9E0C11EDBA9D1D26C4F9AE02/BC2C8BA89E0F11ED9444E53FC4F9AE02.roa
File: BC2C8BA89E0F11ED9444E53FC4F9AE02.roa (raw, json)
Hash identifier: pAmnlLFmLPVZdKjAM6/52uFxkvool9KkIIBLWEtX0Ug=
Subject key identifier: 9B:39:F1:75:53:E4:87:D3:3D:82:F0:A1:A9:E2:75:A7:5E:87:74:9D
Certificate issuer: /CN=A91583E4/serialNumber=8A74EF40E65A127C0E666B14A6C6574A536F3673
Certificate serial: 02
Authority key identifier: 8A:74:EF:40:E6:5A:12:7C:0E:66:6B:14:A6:C6:57:4A:53:6F:36:73
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/inTvQOZaEnwOZmsUpsZXSlNvNnM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91583E4/05FEF44A9E0C11EDBA9D1D26C4F9AE02/BC2C8BA89E0F11ED9444E53FC4F9AE02.roa
Signing time: Fri 27 Jan 2023 06:56:34 +0000
ROA not before: Fri 27 Jan 2023 06:56:34 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 150738
IP address blocks: 103.76.194.0/23 maxlen: 23
103.76.194.0/24 maxlen: 24
103.76.195.0/24 maxlen: 24
2001:df1:e1c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91583E4/serialNumber=8A74EF40E65A127C0E666B14A6C6574A536F3673
Validity
Not Before: Jan 27 06:56:34 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63d375a2-ff45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:14:08:e1:7b:2b:40:f8:43:36:bc:7d:e4:6b:
d5:f9:33:72:62:2f:42:73:37:2f:a8:39:f4:19:a3:
21:75:c8:6c:96:31:da:c3:25:80:eb:19:1a:f4:9f:
4c:53:44:aa:41:4b:25:07:a6:93:ed:ef:86:ce:5f:
cb:b9:84:3f:43:18:35:4c:75:2a:59:f6:eb:45:08:
bb:14:58:25:4b:51:96:58:c3:bc:d8:a5:a1:63:21:
3b:cf:e0:93:95:84:b6:a5:a8:31:52:4c:b4:37:89:
3e:fb:91:e2:ae:da:db:3f:b1:ce:95:8a:53:4a:01:
44:ea:41:2d:cc:8c:ed:6b:11:46:bc:01:ed:c6:55:
c7:98:98:a8:36:40:37:28:48:27:7f:26:2f:a2:c7:
43:e7:08:17:38:0c:31:87:a1:18:fd:52:99:e8:a8:
44:09:cd:fe:13:d5:71:1b:fd:78:94:98:93:b6:9d:
00:63:13:36:c8:9b:56:ed:95:c6:b8:30:49:f0:68:
ab:1f:cf:ca:83:d5:e7:20:32:d0:13:4a:34:b3:3d:
58:8c:b3:8c:d8:29:1d:2e:09:45:98:9b:62:10:2b:
05:ab:35:f8:ff:ed:2a:d3:b9:97:71:a9:4c:8f:48:
80:8b:92:ec:f1:11:ee:2e:64:04:11:b8:aa:8a:8a:
c7:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:39:F1:75:53:E4:87:D3:3D:82:F0:A1:A9:E2:75:A7:5E:87:74:9D
X509v3 Authority Key Identifier:
keyid:8A:74:EF:40:E6:5A:12:7C:0E:66:6B:14:A6:C6:57:4A:53:6F:36:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91583E4/05FEF44A9E0C11EDBA9D1D26C4F9AE02/inTvQOZaEnwOZmsUpsZXSlNvNnM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/inTvQOZaEnwOZmsUpsZXSlNvNnM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91583E4/05FEF44A9E0C11EDBA9D1D26C4F9AE02/BC2C8BA89E0F11ED9444E53FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.76.194.0/23
IPv6:
2001:df1:e1c0::/48
Signature Algorithm: sha256WithRSAEncryption
2a:d2:93:24:d7:6f:dc:88:b1:f9:82:b2:66:5c:50:b9:d3:f2:
9f:3a:7a:4d:e1:09:75:af:78:f7:37:99:0c:a2:aa:3f:33:b5:
90:b2:e1:29:98:26:a6:b4:76:6c:4a:41:08:e9:6d:69:25:4c:
6a:e9:cb:9d:46:1b:a1:23:8d:c4:b7:4b:b9:1e:03:a4:20:b4:
75:42:c1:1e:f4:f8:6b:f0:9a:0f:f6:dc:54:55:90:ba:15:e0:
2d:12:19:d4:08:56:6b:80:2a:49:75:b6:18:c4:81:9e:3d:bc:
fe:21:8d:d9:49:8e:03:f3:ed:49:b1:ab:8a:12:17:a4:40:ae:
a8:43:6b:46:52:1e:43:d5:4a:55:59:9a:fe:87:1a:ae:2f:e5:
c4:03:cf:41:c3:35:a6:e5:3e:d4:0f:e0:4b:44:47:66:10:54:
75:84:9e:a5:65:39:b6:3d:8d:b9:38:e6:44:80:0f:3d:41:cb:
07:a3:c0:a6:b6:bc:73:a6:1c:6f:46:da:b9:8a:2f:d6:e3:da:
e8:7c:a4:f3:90:a4:c1:0d:14:49:a6:09:19:a4:0c:1c:b9:9d:
9a:c4:b8:c0:30:0e:ab:c2:4c:94:12:c8:98:96:9d:35:6e:fb:
7d:ff:6f:2d:3a:8e:c4:39:e5:ee:7f:a2:5c:13:48:7a:47:cd:
2f:57:83:d9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
ODNFNDExMC8GA1UEBRMoOEE3NEVGNDBFNjVBMTI3QzBFNjY2QjE0QTZDNjU3NEE1
MzZGMzY3MzAeFw0yMzAxMjcwNjU2MzRaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZDM3NWEyLWZmNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCiFAjheytA+EM2vH3ka9X5M3JiL0JzNy+oOfQZoyF1yGyWMdrDJYDrGRr0n0xT
RKpBSyUHppPt74bOX8u5hD9DGDVMdSpZ9utFCLsUWCVLUZZYw7zYpaFjITvP4JOV
hLalqDFSTLQ3iT77keKu2ts/sc6VilNKAUTqQS3MjO1rEUa8Ae3GVceYmKg2QDco
SCd/Ji+ix0PnCBc4DDGHoRj9UpnoqEQJzf4T1XEb/XiUmJO2nQBjEzbIm1btlca4
MEnwaKsfz8qD1ecgMtATSjSzPViMs4zYKR0uCUWYm2IQKwWrNfj/7SrTuZdxqUyP
SICLkuzxEe4uZAQRuKqKiseRAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUmznxdVPk
h9M9gvChqeJ1p16HdJ0wHwYDVR0jBBgwFoAUinTvQOZaEnwOZmsUpsZXSlNvNnMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4M0U0LzA1RkVGNDRBOUUw
QzExRURCQTlEMUQyNkM0RjlBRTAyL2luVHZRT1phRW53T1ptc1Vwc1pYU2xOdk5u
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaW5UdlFPWmFFbndPWm1zVXBzWlhTbE52Tm5NLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
ODNFNC8wNUZFRjQ0QTlFMEMxMUVEQkE5RDFEMjZDNEY5QUUwMi9CQzJDOEJBODlF
MEYxMUVEOTQ0NEU1M0ZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWdMwjAPBAIAAjAJAwcAIAEN8eHAMA0GCSqGSIb3DQEBCwUA
A4IBAQAq0pMk12/ciLH5grJmXFC50/KfOnpN4Ql1r3j3N5kMoqo/M7WQsuEpmCam
tHZsSkEI6W1pJUxq6cudRhuhI43Et0u5HgOkILR1QsEe9Phr8JoP9txUVZC6FeAt
EhnUCFZrgCpJdbYYxIGePbz+IY3ZSY4D8+1JsauKEhekQK6oQ2tGUh5D1UpVWZr+
hxquL+XEA89BwzWm5T7UD+BLREdmEFR1hJ6lZTm2PY25OOZEgA89QcsHo8Cmtrxz
phxvRtq5ii/W49rofKTzkKTBDRRJpgkZpAwcuZ2axLjAMA6rwkyUEsiYlp01bvt9
/28tOo7EOeXuf6JcE0h6R80vV4PZ
-----END CERTIFICATE-----
Generated at Sun Dec 31 08:32:13 2023 by rpki-client on console-ams.rpki-client.org