Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91944AB/6FE306A6C2C811EB98D9DA79C4F9AE02/156AD19CC2CB11EBA1EC047AC4F9AE02.roa
File: 156AD19CC2CB11EBA1EC047AC4F9AE02.roa (raw, json)
Hash identifier: Luq9kxCsinQMGFf+3nwGH9oA7EV3MfRO4SSc5sRt7Oc=
Subject key identifier: 10:86:DA:9F:86:DF:8F:71:37:3D:0E:D6:72:92:3A:86:B0:26:24:DD
Certificate issuer: /CN=A91944AB/serialNumber=6A1219726D239C82F5A44601127D1AF8725CE0ED
Certificate serial: 0441
Authority key identifier: 6A:12:19:72:6D:23:9C:82:F5:A4:46:01:12:7D:1A:F8:72:5C:E0:ED
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ahIZcm0jnIL1pEYBEn0a-HJc4O0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91944AB/6FE306A6C2C811EB98D9DA79C4F9AE02/156AD19CC2CB11EBA1EC047AC4F9AE02.roa
Signing time: Fri 05 May 2023 02:43:02 +0000
ROA not before: Fri 05 May 2023 02:43:02 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 142157
IP address blocks: 103.167.18.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Oct 2023 06:40:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1089 (0x441)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91944AB/serialNumber=6A1219726D239C82F5A44601127D1AF8725CE0ED
Validity
Not Before: May 5 02:43:02 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64546d36-2859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:35:04:a8:0f:cd:79:6c:eb:4a:de:38:5b:c5:
a6:ae:eb:d6:71:23:9b:ea:d8:6c:0f:32:2c:e4:e4:
d4:ca:37:bf:6b:af:8c:e3:88:69:28:de:f7:ae:dd:
5f:47:77:01:18:54:d8:76:ab:91:4b:80:ec:c8:8d:
c5:3a:75:d8:da:bf:08:bb:b8:a2:57:8d:ab:46:13:
04:bc:13:2b:dd:19:02:fb:ff:e7:a7:13:dd:40:74:
72:15:1d:4c:47:40:95:80:db:2f:bd:b2:09:6b:e9:
5b:f9:8e:6d:18:3b:b7:09:e9:3e:09:18:41:3d:7e:
0f:a7:fa:80:3f:0c:a5:f0:6b:70:49:51:61:8e:65:
3c:bf:8a:1c:1c:19:5b:5c:a8:ca:f7:35:56:2e:be:
af:16:dc:6b:48:9b:ac:f5:67:89:66:04:76:0b:48:
99:16:52:34:40:02:b8:6b:86:22:4c:6e:d6:2c:ae:
d8:d8:6c:3a:de:1f:54:46:25:95:e1:e4:f7:18:61:
4f:b3:bd:c7:72:b1:e7:5c:5a:0a:b7:38:ec:3f:67:
75:2f:70:89:e2:d9:48:87:0f:66:f1:87:b8:a7:86:
4b:1e:21:42:c2:1c:c2:ed:1d:3c:5f:47:43:25:ce:
77:4f:92:f4:d5:21:f7:2b:8e:e1:8b:8d:69:96:59:
c2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:86:DA:9F:86:DF:8F:71:37:3D:0E:D6:72:92:3A:86:B0:26:24:DD
X509v3 Authority Key Identifier:
keyid:6A:12:19:72:6D:23:9C:82:F5:A4:46:01:12:7D:1A:F8:72:5C:E0:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91944AB/6FE306A6C2C811EB98D9DA79C4F9AE02/ahIZcm0jnIL1pEYBEn0a-HJc4O0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ahIZcm0jnIL1pEYBEn0a-HJc4O0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91944AB/6FE306A6C2C811EB98D9DA79C4F9AE02/156AD19CC2CB11EBA1EC047AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.18.0/23
Signature Algorithm: sha256WithRSAEncryption
72:ce:88:83:66:92:9a:03:a7:1c:8d:14:c3:20:e3:b8:99:ac:
9b:fc:48:10:c6:f9:fd:bc:20:fd:3d:ae:76:ef:6a:32:a1:29:
eb:5c:11:6b:6c:ba:70:73:e8:3c:77:03:bc:29:ad:9b:73:67:
a9:9a:02:8f:7e:e5:95:41:d4:80:9a:f2:ec:03:e4:27:8a:51:
c6:03:a5:aa:81:7f:32:53:b0:d0:31:a6:3f:0b:73:85:a8:b6:
b7:75:82:01:13:66:52:31:68:46:a5:ef:cc:c7:97:76:92:af:
ae:53:a7:fc:9d:2a:32:08:5d:c1:2f:ae:10:48:06:a3:87:82:
71:14:d5:cb:3e:be:a1:1e:3f:4d:c4:b9:89:c4:66:f6:04:71:
b3:97:b9:0b:a4:2d:d9:7e:be:ee:41:0e:fb:1a:71:76:ef:8b:
8b:39:f8:1c:c6:5e:79:94:bb:33:01:ab:89:b9:3c:28:ac:17:
34:f3:6f:7f:da:fc:8f:57:07:5b:30:01:0e:1b:80:9c:57:99:
12:6e:a5:c8:71:3d:ca:fa:19:93:ef:d4:b9:ed:d4:01:b7:70:
03:46:70:7a:80:e1:8d:dc:56:d5:cd:25:dd:13:cd:33:7f:54:
41:39:63:95:24:41:ff:29:cf:2f:e3:d0:59:d7:f9:43:ef:c4:
ac:95:cb:43
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBEEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTQ0QUIxMTAvBgNVBAUTKDZBMTIxOTcyNkQyMzlDODJGNUE0NDYwMTEyN0QxQUY4
NzI1Q0UwRUQwHhcNMjMwNTA1MDI0MzAyWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDU0NmQzNi0yODU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxjUEqA/NeWzrSt44W8WmruvWcSOb6thsDzIs5OTUyje/a6+M44hpKN73rt1f
R3cBGFTYdquRS4DsyI3FOnXY2r8Iu7iiV42rRhMEvBMr3RkC+//npxPdQHRyFR1M
R0CVgNsvvbIJa+lb+Y5tGDu3Cek+CRhBPX4Pp/qAPwyl8GtwSVFhjmU8v4ocHBlb
XKjK9zVWLr6vFtxrSJus9WeJZgR2C0iZFlI0QAK4a4YiTG7WLK7Y2Gw63h9URiWV
4eT3GGFPs73HcrHnXFoKtzjsP2d1L3CJ4tlIhw9m8Ye4p4ZLHiFCwhzC7R08X0dD
Jc53T5L01SH3K47hi41pllnC2wIDAQABo4IClTCCApEwHQYDVR0OBBYEFBCG2p+G
349xNz0O1nKSOoawJiTdMB8GA1UdIwQYMBaAFGoSGXJtI5yC9aRGARJ9GvhyXODt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDRBQi82RkUzMDZBNkMy
QzgxMUVCOThEOURBNzlDNEY5QUUwMi9haElaY20wam5JTDFwRVlCRW4wYS1ISmM0
TzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FoSVpjbTBqbklMMXBFWUJFbjBhLUhKYzRPMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTQ0QUIvNkZFMzA2QTZDMkM4MTFFQjk4RDlEQTc5QzRGOUFFMDIvMTU2QUQxOUND
MkNCMTFFQkExRUMwNDdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnpxIwDQYJKoZIhvcNAQELBQADggEBAHLOiINmkpoDpxyN
FMMg47iZrJv8SBDG+f28IP09rnbvajKhKetcEWtsunBz6Dx3A7wprZtzZ6maAo9+
5ZVB1ICa8uwD5CeKUcYDpaqBfzJTsNAxpj8Lc4Wotrd1ggETZlIxaEal78zHl3aS
r65Tp/ydKjIIXcEvrhBIBqOHgnEU1cs+vqEeP03EuYnEZvYEcbOXuQukLdl+vu5B
DvsacXbvi4s5+BzGXnmUuzMBq4m5PCisFzTzb3/a/I9XB1swAQ4bgJxXmRJupchx
Pcr6GZPv1Lnt1AG3cANGcHqA4Y3cVtXNJd0TzTN/VEE5Y5UkQf8pzy/j0FnX+UPv
xKyVy0M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:47 2024 by rpki-client on console-ams.rpki-client.org