Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/31CD59E4F70F11ECB416B06BC4F9AE02.roa
File: 31CD59E4F70F11ECB416B06BC4F9AE02.roa (raw, json)
Hash identifier: vkMmeFPTyA2n349ABbDXojDgIvNDKqkssO35g43TVWM=
Subject key identifier: 74:9D:B0:37:7A:C5:F8:1F:FE:86:86:D3:0F:AE:92:A2:19:12:33:14
Certificate issuer: /CN=A9197202/serialNumber=E3CF45F8051063BBDB317FDD151132A94004FD5B
Certificate serial: 05
Authority key identifier: E3:CF:45:F8:05:10:63:BB:DB:31:7F:DD:15:11:32:A9:40:04:FD:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/489F-AUQY7vbMX_dFREyqUAE_Vs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/31CD59E4F70F11ECB416B06BC4F9AE02.roa
Signing time: Tue 28 Jun 2022 18:52:49 +0000
ROA not before: Tue 28 Jun 2022 18:52:49 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 141432
IP address blocks: 103.189.68.0/23 maxlen: 23
103.189.68.0/24 maxlen: 24
103.189.69.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9197202/serialNumber=E3CF45F8051063BBDB317FDD151132A94004FD5B
Validity
Not Before: Jun 28 18:52:49 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62bb4e00-723b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a0:f2:e4:b5:1c:cf:73:23:57:08:5a:90:9c:
d4:0e:c8:05:52:4a:5c:0d:95:64:99:56:7d:82:13:
9d:dd:13:37:00:ee:77:82:59:8e:75:fd:18:04:25:
2f:52:a2:e1:ae:0f:ea:41:6c:ff:98:b7:02:a4:c1:
8d:b5:f4:94:68:1b:27:ea:d5:89:35:58:81:ea:4d:
f2:65:f5:15:72:db:1d:22:de:bd:f4:48:09:2f:1c:
2e:a5:02:e5:95:e2:67:b9:68:85:2a:36:7d:16:54:
8a:71:7f:35:56:bb:cd:34:47:68:79:7d:fc:86:ff:
1e:e5:02:c4:eb:b6:2c:45:f4:51:51:0b:d6:f3:f4:
b8:92:c3:c5:de:29:77:61:48:d6:4b:61:f2:48:8f:
7e:ba:7b:d3:3d:cd:15:c3:a6:7a:25:0a:83:b8:2a:
be:37:9b:fb:10:cc:67:ee:0d:c9:99:16:c1:b2:ee:
cf:0b:42:bd:dd:9c:c4:ed:13:5d:3f:27:99:da:6e:
b9:bc:1f:87:bb:74:97:6a:25:c1:17:bc:fc:05:4b:
8a:76:0a:26:20:bf:d1:e4:ab:bc:2d:3b:46:70:75:
b3:fe:dd:6b:91:b3:f9:3e:ad:03:00:98:b4:33:d7:
89:2c:45:02:45:8f:0b:1a:be:be:72:b3:40:59:ec:
b5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:9D:B0:37:7A:C5:F8:1F:FE:86:86:D3:0F:AE:92:A2:19:12:33:14
X509v3 Authority Key Identifier:
keyid:E3:CF:45:F8:05:10:63:BB:DB:31:7F:DD:15:11:32:A9:40:04:FD:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/489F-AUQY7vbMX_dFREyqUAE_Vs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/489F-AUQY7vbMX_dFREyqUAE_Vs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/31CD59E4F70F11ECB416B06BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.189.68.0/23
Signature Algorithm: sha256WithRSAEncryption
23:34:92:7c:aa:88:bf:8b:1a:4c:2d:cc:25:1e:97:03:de:3b:
3b:9b:8d:1f:a9:a9:35:1f:9b:74:d1:8a:b3:88:8b:39:7b:a3:
cf:98:c9:bf:63:03:eb:8c:da:7b:54:22:84:fe:20:71:74:d9:
b5:86:cd:ee:92:0e:2f:dc:88:ee:16:67:8f:46:5c:a5:48:4a:
c4:77:48:e0:96:14:1e:54:39:a6:9b:17:a8:85:46:25:37:03:
3f:17:62:b1:45:b9:42:08:ea:a7:95:31:e7:f9:8f:8a:a4:00:
70:47:84:3d:a1:54:cc:a3:55:ef:21:7a:82:95:ca:ff:48:68:
50:a4:81:d4:40:b4:9b:50:4f:d8:46:b4:ca:08:ca:64:fa:18:
46:70:cd:2c:f0:7e:90:03:03:3d:66:36:9f:77:7a:4c:6c:36:
7d:90:f7:95:2c:e6:03:99:a3:b6:2f:d0:78:ef:2f:20:55:4f:
c8:6c:e2:18:0e:61:ad:66:f8:b1:54:08:91:87:f3:7e:15:d1:
df:dd:02:fa:ee:42:29:a8:d6:52:58:08:86:c4:88:3f:e9:b5:
4b:f0:72:f7:a1:ad:12:c3:4c:29:cb:13:b8:05:6c:ab:cb:54:
e8:25:6c:c8:52:9c:0e:e1:f4:78:d7:1e:a9:c3:8f:ce:37:3e:
88:f2:0a:44
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NzIwMjExMC8GA1UEBRMoRTNDRjQ1RjgwNTEwNjNCQkRCMzE3RkREMTUxMTMyQTk0
MDA0RkQ1QjAeFw0yMjA2MjgxODUyNDlaFw0yMzA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyYmI0ZTAwLTcyM2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLoPLktRzPcyNXCFqQnNQOyAVSSlwNlWSZVn2CE53dEzcA7neCWY51/RgEJS9S
ouGuD+pBbP+YtwKkwY219JRoGyfq1Yk1WIHqTfJl9RVy2x0i3r30SAkvHC6lAuWV
4me5aIUqNn0WVIpxfzVWu800R2h5ffyG/x7lAsTrtixF9FFRC9bz9LiSw8XeKXdh
SNZLYfJIj366e9M9zRXDpnolCoO4Kr43m/sQzGfuDcmZFsGy7s8LQr3dnMTtE10/
J5nabrm8H4e7dJdqJcEXvPwFS4p2CiYgv9Hkq7wtO0ZwdbP+3WuRs/k+rQMAmLQz
14ksRQJFjwsavr5ys0BZ7LXhAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUdJ2wN3rF
+B/+hobTD66SohkSMxQwHwYDVR0jBBgwFoAU489F+AUQY7vbMX/dFREyqUAE/Vsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk3MjAyLzBBRkVDQTcwRjcw
ODExRUM5ODQ5RjM1RUM0RjlBRTAyLzQ4OUYtQVVRWTd2Yk1YX2RGUkV5cVVBRV9W
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNDg5Ri1BVVFZN3ZiTVhfZEZSRXlxVUFFX1ZzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NzIwMi8wQUZFQ0E3MEY3MDgxMUVDOTg0OUYzNUVDNEY5QUUwMi8zMUNENTlFNEY3
MEYxMUVDQjQxNkIwNkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe9RDANBgkqhkiG9w0BAQsFAAOCAQEAIzSSfKqIv4saTC3M
JR6XA947O5uNH6mpNR+bdNGKs4iLOXujz5jJv2MD64zae1QihP4gcXTZtYbN7pIO
L9yI7hZnj0ZcpUhKxHdI4JYUHlQ5ppsXqIVGJTcDPxdisUW5Qgjqp5Ux5/mPiqQA
cEeEPaFUzKNV7yF6gpXK/0hoUKSB1EC0m1BP2Ea0ygjKZPoYRnDNLPB+kAMDPWY2
n3d6TGw2fZD3lSzmA5mjti/QeO8vIFVPyGziGA5hrWb4sVQIkYfzfhXR390C+u5C
KajWUlgIhsSIP+m1S/By96GtEsNMKcsTuAVsq8tU6CVsyFKcDuH0eNceqcOPzjc+
iPIKRA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-ams.rpki-client.org