Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91896D4/5E9E64347B9611ED8BDFE311C4F9AE02/D3FC58FA3ABB11EE85D33859C4F9AE02.roa
File: D3FC58FA3ABB11EE85D33859C4F9AE02.roa (raw, json)
Hash identifier: CMyZWKnujvduWxugf0nbYLVlrB082eTYercD4Q1qq+M=
Subject key identifier: 29:B1:6D:A3:5A:DB:80:D6:15:CD:D6:27:20:9E:13:2E:38:A1:5E:DA
Certificate issuer: /CN=A91896D4/serialNumber=4AB7079A9699D2AB9D68DE4AE4327C40BB2C50DB
Certificate serial: 85
Authority key identifier: 4A:B7:07:9A:96:99:D2:AB:9D:68:DE:4A:E4:32:7C:40:BB:2C:50:DB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SrcHmpaZ0qudaN5K5DJ8QLssUNs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91896D4/5E9E64347B9611ED8BDFE311C4F9AE02/D3FC58FA3ABB11EE85D33859C4F9AE02.roa
Signing time: Mon 14 Aug 2023 16:01:28 +0000
ROA not before: Mon 14 Aug 2023 16:01:28 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 150774
IP address blocks: 103.167.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Aug 2023 14:40:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133 (0x85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91896D4/serialNumber=4AB7079A9699D2AB9D68DE4AE4327C40BB2C50DB
Validity
Not Before: Aug 14 16:01:28 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64da4fd8-3146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c4:f5:97:d4:90:a5:ff:d4:63:05:84:d1:d5:
df:05:30:ef:1b:07:c4:01:45:86:02:36:e1:05:43:
59:af:75:5f:b3:1b:b8:d1:7a:76:96:45:2d:1f:44:
eb:a1:84:43:c2:eb:b6:e0:3d:38:64:a5:5e:29:b2:
80:90:63:5c:f8:f7:66:9a:41:b4:57:df:9f:9f:dd:
7c:54:cb:e5:1e:38:e5:23:97:6c:26:63:36:27:91:
7b:3f:ad:38:26:8b:8a:2b:58:08:dc:d1:10:26:dc:
ab:4c:63:f2:1f:46:78:72:a2:46:55:61:a6:07:64:
66:42:1c:39:43:40:34:43:46:71:0f:df:cd:1a:9a:
23:66:b9:7c:f9:3c:5d:1e:ba:32:1b:bb:00:72:60:
fa:4b:1b:15:b3:06:b7:0f:b8:e0:2a:f5:f0:cf:c6:
47:04:16:cf:02:c5:d6:c6:58:e4:2c:44:a8:9e:0e:
95:38:e9:fa:1b:7c:79:49:8c:74:cb:50:4d:73:ea:
e3:60:9b:b0:76:48:41:d3:2c:ed:fc:66:85:23:8a:
d8:72:02:37:45:f0:eb:6b:b9:84:69:9a:a0:40:5b:
77:c2:74:5c:22:43:7b:0f:d2:86:7b:7c:e2:05:27:
69:e6:de:a1:19:29:bb:9d:ae:b3:9b:c8:23:70:f3:
10:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B1:6D:A3:5A:DB:80:D6:15:CD:D6:27:20:9E:13:2E:38:A1:5E:DA
X509v3 Authority Key Identifier:
keyid:4A:B7:07:9A:96:99:D2:AB:9D:68:DE:4A:E4:32:7C:40:BB:2C:50:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91896D4/5E9E64347B9611ED8BDFE311C4F9AE02/SrcHmpaZ0qudaN5K5DJ8QLssUNs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SrcHmpaZ0qudaN5K5DJ8QLssUNs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91896D4/5E9E64347B9611ED8BDFE311C4F9AE02/D3FC58FA3ABB11EE85D33859C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.209.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:d8:a2:19:97:e9:0d:09:b7:41:1f:02:0f:41:7b:af:aa:fa:
4d:96:e8:9e:2a:5b:83:58:23:34:09:42:f3:f2:e9:c6:8f:42:
cd:ce:22:ec:bd:36:b5:c0:43:fa:92:48:23:cf:8a:d4:91:39:
d9:b4:be:67:3a:c3:2f:aa:fa:fc:05:07:1b:05:8b:6f:06:33:
cd:12:2d:97:90:b5:75:46:90:01:60:d6:19:26:56:67:4a:71:
f2:cd:2a:e0:4a:69:7b:a6:cb:ee:e3:e0:2f:e3:ef:57:34:f4:
49:9c:18:04:d7:c5:38:bd:83:5b:4e:7b:3b:52:22:ec:55:56:
14:c8:07:f7:aa:2b:14:29:42:2c:26:a8:37:33:25:ae:c8:c8:
25:b1:78:84:80:38:c2:9d:d0:5a:45:ec:54:d5:15:70:90:49:
2d:27:45:b4:12:72:4b:cc:83:58:0b:c8:5d:0f:78:b3:d7:08:
0c:e0:37:b8:3f:59:3e:dd:85:fd:fa:58:08:9d:5f:ae:6b:24:
59:60:e4:aa:9d:40:f8:cd:1b:45:42:e1:51:4e:23:be:2a:32:
da:85:11:cc:b0:78:52:a2:bc:2c:02:9f:64:25:44:2d:cd:2a:
14:dc:6e:47:68:6b:b1:48:f5:74:ed:01:a1:29:37:3e:ad:63:
63:31:bb:14
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAIUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODk2RDQxMTAvBgNVBAUTKDRBQjcwNzlBOTY5OUQyQUI5RDY4REU0QUU0MzI3QzQw
QkIyQzUwREIwHhcNMjMwODE0MTYwMTI4WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRhNGZkOC0zMTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6sT1l9SQpf/UYwWE0dXfBTDvGwfEAUWGAjbhBUNZr3Vfsxu40Xp2lkUtH0Tr
oYRDwuu24D04ZKVeKbKAkGNc+PdmmkG0V9+fn918VMvlHjjlI5dsJmM2J5F7P604
JouKK1gI3NEQJtyrTGPyH0Z4cqJGVWGmB2RmQhw5Q0A0Q0ZxD9/NGpojZrl8+Txd
HroyG7sAcmD6SxsVswa3D7jgKvXwz8ZHBBbPAsXWxljkLESong6VOOn6G3x5SYx0
y1BNc+rjYJuwdkhB0yzt/GaFI4rYcgI3RfDra7mEaZqgQFt3wnRcIkN7D9KGe3zi
BSdp5t6hGSm7na6zm8gjcPMQUQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCmxbaNa
24DWFc3WJyCeEy44oV7aMB8GA1UdIwQYMBaAFEq3B5qWmdKrnWjeSuQyfEC7LFDb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OTZENC81RTlFNjQzNDdC
OTYxMUVEOEJERkUzMTFDNEY5QUUwMi9TcmNIbXBhWjBxdWRhTjVLNURKOFFMc3NV
TnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NyY0htcGFaMHF1ZGFONUs1REo4UUxzc1VOcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODk2RDQvNUU5RTY0MzQ3Qjk2MTFFRDhCREZFMzExQzRGOUFFMDIvRDNGQzU4RkEz
QUJCMTFFRTg1RDMzODU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnp9EwDQYJKoZIhvcNAQELBQADggEBAH/YohmX6Q0Jt0Ef
Ag9Be6+q+k2W6J4qW4NYIzQJQvPy6caPQs3OIuy9NrXAQ/qSSCPPitSROdm0vmc6
wy+q+vwFBxsFi28GM80SLZeQtXVGkAFg1hkmVmdKcfLNKuBKaXumy+7j4C/j71c0
9EmcGATXxTi9g1tOeztSIuxVVhTIB/eqKxQpQiwmqDczJa7IyCWxeISAOMKd0FpF
7FTVFXCQSS0nRbQSckvMg1gLyF0PeLPXCAzgN7g/WT7dhf36WAidX65rJFlg5Kqd
QPjNG0VC4VFOI74qMtqFEcyweFKivCwCn2QlRC3NKhTcbkdoa7FI9XTtAaEpNz6t
Y2MxuxQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:14 2024 by rpki-client on console-fra.rpki-client.org