Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/48D538D20B8D11EC8BF08B24C4F9AE02.roa
File: 48D538D20B8D11EC8BF08B24C4F9AE02.roa (raw, json)
Hash identifier: smIyKwSUBQiaGl7AnWz67HxKLQ4WxfFH5ZAu9FBUSbk=
Subject key identifier: 35:53:74:10:53:AD:09:26:18:EC:14:48:22:77:03:68:12:8D:22:F2
Certificate issuer: /CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Certificate serial: 0458
Authority key identifier: D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/48D538D20B8D11EC8BF08B24C4F9AE02.roa
Signing time: Fri 20 May 2022 00:46:33 +0000
ROA not before: Fri 20 May 2022 00:46:33 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 51659
IP address blocks: 103.54.152.0/23 maxlen: 23
103.54.152.0/24 maxlen: 24
103.54.153.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1112 (0x458)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Validity
Not Before: May 20 00:46:33 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=6286e4e9-c732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:66:16:c1:56:14:1e:35:a8:b2:48:26:5a:33:
e5:f0:ea:80:bd:64:20:9d:22:18:bf:60:b8:4c:2b:
2c:da:17:79:58:42:dc:77:7f:1e:09:75:94:7b:42:
97:20:02:0c:7e:9c:98:ec:6d:2c:db:bc:0b:5e:b4:
03:39:c2:9b:f9:b9:1a:fb:45:23:79:8a:43:f8:5a:
bb:c0:4d:e1:82:07:bc:b6:a4:de:32:29:88:03:bf:
08:c9:b2:2b:88:9e:34:99:bf:6e:85:cc:03:40:83:
6c:46:49:f8:09:0a:83:49:ef:b9:be:9d:43:31:60:
3c:96:71:1e:d4:bf:e7:84:78:11:75:f2:ff:b4:12:
eb:03:3c:7c:c3:a3:26:e4:47:e2:b6:40:7c:50:06:
d8:57:ef:55:3c:4f:ce:90:91:af:bd:3d:d7:15:13:
df:a8:7b:91:9b:70:21:08:03:52:c6:a0:e3:28:86:
87:38:b5:da:5f:b7:3f:ff:09:5c:99:4e:2c:2b:a9:
78:93:ba:ad:66:12:93:29:dd:e4:47:3f:ab:f6:14:
62:da:46:d3:7d:ed:96:02:c4:05:de:bb:17:30:51:
d5:99:dd:4a:20:8f:5e:be:e0:03:06:79:44:0b:f9:
1e:90:90:d5:3a:ed:0c:b8:56:27:93:76:77:88:fd:
6b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:53:74:10:53:AD:09:26:18:EC:14:48:22:77:03:68:12:8D:22:F2
X509v3 Authority Key Identifier:
keyid:D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1eU68RWZfH-juGVS-V9RFK80Bek.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/48D538D20B8D11EC8BF08B24C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.54.152.0/23
Signature Algorithm: sha256WithRSAEncryption
32:41:82:a5:e7:85:c9:3e:21:e7:54:06:ac:98:19:2f:b1:10:
97:32:1b:0d:75:38:b1:fb:55:5e:d9:63:e3:cb:1e:12:97:11:
b1:e1:68:9e:2f:ca:8f:52:d8:6f:57:f4:96:f0:5a:3e:8d:e0:
62:81:f7:e9:0c:d9:f0:dd:c6:01:db:07:48:3c:af:85:e7:30:
62:5d:ed:ff:f9:56:15:9e:bc:d5:4b:bc:76:38:6f:1a:3d:f1:
5c:75:b1:97:b5:b6:70:33:7b:25:7e:57:03:cc:fa:6c:dc:a9:
15:39:88:db:1e:15:6e:97:fa:51:9a:52:c9:16:e1:2b:e9:b3:
89:a8:64:c4:d9:41:f1:ea:74:f5:9c:1a:6d:d9:9c:f1:bb:9c:
74:e3:a9:e5:2e:52:27:cc:d4:06:70:fc:89:22:c1:90:12:e2:
63:c7:9a:17:ac:9b:96:e8:60:2b:4f:37:ce:3c:25:68:31:f2:
44:7f:40:a2:e3:d8:39:e5:14:64:0c:7b:e2:51:5e:55:e2:c8:
8f:e3:23:45:e8:87:4b:d6:41:e2:e6:40:1d:77:20:7a:56:21:
70:ee:ff:5d:8d:9e:d7:89:59:d1:76:17:58:b9:e6:18:5b:c2:
cc:35:13:4b:f4:77:d0:f4:bd:12:7a:36:73:ac:ec:d7:ce:9d:
3f:99:d6:ac
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBFgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQwRDIxMTAvBgNVBAUTKEQ1RTUzQUYxMTU5OTdDN0ZBM0I4NjU1MkY5NUY1MTE0
QUYzNDA1RTkwHhcNMjIwNTIwMDA0NjMzWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjg2ZTRlOS1jNzMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv2YWwVYUHjWoskgmWjPl8OqAvWQgnSIYv2C4TCss2hd5WELcd38eCXWUe0KX
IAIMfpyY7G0s27wLXrQDOcKb+bka+0UjeYpD+Fq7wE3hgge8tqTeMimIA78IybIr
iJ40mb9uhcwDQINsRkn4CQqDSe+5vp1DMWA8lnEe1L/nhHgRdfL/tBLrAzx8w6Mm
5EfitkB8UAbYV+9VPE/OkJGvvT3XFRPfqHuRm3AhCANSxqDjKIaHOLXaX7c//wlc
mU4sK6l4k7qtZhKTKd3kRz+r9hRi2kbTfe2WAsQF3rsXMFHVmd1KII9evuADBnlE
C/kekJDVOu0MuFYnk3Z3iP1rIwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDVTdBBT
rQkmGOwUSCJ3A2gSjSLyMB8GA1UdIwQYMBaAFNXlOvEVmXx/o7hlUvlfURSvNAXp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDBEMi81OTM3RDQzRTM1
QUQxMUVCODFFRUFEMTJDNEY5QUUwMi8xZVU2OFJXWmZILWp1R1ZTLVY5UkZLODBC
ZWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFlVTY4UldaZkgtanVHVlMtVjlSRks4MEJlay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQwRDIvNTkzN0Q0M0UzNUFEMTFFQjgxRUVBRDEyQzRGOUFFMDIvNDhENTM4RDIw
QjhEMTFFQzhCRjA4QjI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnNpgwDQYJKoZIhvcNAQELBQADggEBADJBgqXnhck+IedU
BqyYGS+xEJcyGw11OLH7VV7ZY+PLHhKXEbHhaJ4vyo9S2G9X9JbwWj6N4GKB9+kM
2fDdxgHbB0g8r4XnMGJd7f/5VhWevNVLvHY4bxo98Vx1sZe1tnAzeyV+VwPM+mzc
qRU5iNseFW6X+lGaUskW4Svps4moZMTZQfHqdPWcGm3ZnPG7nHTjqeUuUifM1AZw
/IkiwZAS4mPHmhesm5boYCtPN848JWgx8kR/QKLj2DnlFGQMe+JRXlXiyI/jI0Xo
h0vWQeLmQB13IHpWIXDu/12NnteJWdF2F1i55hhbwsw1E0v0d9D0vRJ6NnOs7NfO
nT+Z1qw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:43 2023 by rpki-client on console-ams.rpki-client.org