Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/D7B9E4DEED3611EE9380FE4CC4F9AE02.roa
File: D7B9E4DEED3611EE9380FE4CC4F9AE02.roa (raw, json)
Hash identifier: UnMzm2lbUuyXlGiVWeGh9/N3ohmZdEWVILtuPc1h/g4=
Subject key identifier: 6F:29:08:F8:F6:2A:2E:9B:36:50:29:AD:75:9D:E3:36:39:D6:C2:4B
Certificate issuer: /CN=A919F9A8/serialNumber=87B62C34E8DC5D40238C0F6BDE91156E5D06A44B
Certificate serial: 10
Authority key identifier: 87:B6:2C:34:E8:DC:5D:40:23:8C:0F:6B:DE:91:15:6E:5D:06:A4:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7YsNOjcXUAjjA9r3pEVbl0GpEs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/D7B9E4DEED3611EE9380FE4CC4F9AE02.roa
Signing time: Thu 28 Mar 2024 19:10:30 +0000
ROA not before: Thu 28 Mar 2024 19:10:30 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 150113
IP address blocks: 103.190.232.0/24 maxlen: 24
2400:9320::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 29 Mar 2024 03:28:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16 (0x10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919F9A8/serialNumber=87B62C34E8DC5D40238C0F6BDE91156E5D06A44B
Validity
Not Before: Mar 28 19:10:30 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=6605c0a6-8aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:43:69:98:ec:b7:b5:4a:bb:73:e8:1a:27:9c:
5c:1f:a8:dd:95:65:41:b3:7f:24:5b:c7:60:a3:59:
06:79:0e:8f:7d:51:fc:cf:f4:8f:06:d0:ee:b4:34:
9b:19:de:4b:43:3a:20:d4:44:65:84:c1:48:10:a8:
95:1c:7f:11:ff:3a:da:a0:62:ea:30:eb:df:3f:da:
30:d7:79:c4:9a:8f:d0:fe:8c:5a:77:4c:80:f4:da:
fe:7f:5d:8f:18:a9:b0:a2:92:6f:e7:68:4b:ae:dd:
e9:21:72:6a:9f:bd:58:6e:98:ac:b0:b4:70:33:24:
5b:41:ea:60:10:a6:5f:eb:50:ee:9b:7c:a5:ea:21:
d2:22:54:de:d8:25:8a:ab:f3:77:f1:1d:24:38:eb:
7b:83:14:1e:06:13:a5:73:01:02:41:1c:59:bf:5c:
72:e3:75:bd:b2:30:bb:65:51:d0:46:49:91:e9:7d:
d5:49:3b:de:72:5c:77:59:21:63:90:a1:f3:32:65:
f0:3d:af:b6:59:3e:a6:57:dd:2b:50:ea:a9:20:f6:
a3:73:a7:e2:5a:49:8c:8e:63:44:fb:4a:5b:02:59:
8e:91:c3:c8:31:99:00:3c:39:6d:5c:3f:10:08:9e:
98:a8:bb:7c:0e:30:50:e9:cf:31:62:a9:81:3a:44:
39:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:29:08:F8:F6:2A:2E:9B:36:50:29:AD:75:9D:E3:36:39:D6:C2:4B
X509v3 Authority Key Identifier:
keyid:87:B6:2C:34:E8:DC:5D:40:23:8C:0F:6B:DE:91:15:6E:5D:06:A4:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/h7YsNOjcXUAjjA9r3pEVbl0GpEs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7YsNOjcXUAjjA9r3pEVbl0GpEs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/D7B9E4DEED3611EE9380FE4CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.190.232.0/24
IPv6:
2400:9320::/48
Signature Algorithm: sha256WithRSAEncryption
0d:b1:7f:63:63:f3:a9:47:44:ef:1c:38:7e:0b:81:33:b1:fa:
f8:3e:20:9c:32:59:12:75:a1:5e:d9:30:25:a4:f9:db:d6:8d:
1a:e3:35:0c:47:50:3c:a4:08:a6:68:59:04:f4:92:3f:85:ab:
9e:22:6c:ac:1b:f4:40:96:c6:17:c6:85:b1:63:bc:9d:20:a2:
76:17:95:79:2e:9d:39:58:e9:89:fa:47:2d:4e:e8:e9:7a:b3:
33:36:0b:dc:83:31:4b:fe:8f:bb:c5:69:d5:66:7b:1e:80:a5:
53:2b:95:36:81:db:31:7f:c8:be:3e:c9:91:3b:81:b7:86:78:
5d:ec:3c:34:17:4d:15:fd:ee:2f:c5:46:c9:13:2c:d4:af:51:
70:a3:36:49:1c:2b:b1:9f:d1:59:bf:c1:14:af:b7:37:55:08:
5d:b1:c5:31:e2:6d:2f:ad:7a:cd:e6:83:9c:ab:ad:c7:ce:86:
75:41:2d:ec:53:95:48:46:95:67:a0:6a:cc:8e:f7:ba:62:a8:
f3:d6:0f:33:24:d3:d0:fe:56:f2:99:51:d6:13:43:66:35:dd:
11:55:f1:9d:97:27:4e:0c:08:9d:09:be:6e:7c:2d:19:ba:dc:
3a:7b:82:06:66:0b:ba:fc:69:51:16:84:14:24:17:b7:09:07:
f2:54:1b:0c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
RjlBODExMC8GA1UEBRMoODdCNjJDMzRFOERDNUQ0MDIzOEMwRjZCREU5MTE1NkU1
RDA2QTQ0QjAeFw0yNDAzMjgxOTEwMzBaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MDVjMGE2LThhZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2Q2mY7Le1Srtz6BonnFwfqN2VZUGzfyRbx2CjWQZ5Do99UfzP9I8G0O60NJsZ
3ktDOiDURGWEwUgQqJUcfxH/OtqgYuow698/2jDXecSaj9D+jFp3TID02v5/XY8Y
qbCikm/naEuu3ekhcmqfvVhumKywtHAzJFtB6mAQpl/rUO6bfKXqIdIiVN7YJYqr
83fxHSQ463uDFB4GE6VzAQJBHFm/XHLjdb2yMLtlUdBGSZHpfdVJO95yXHdZIWOQ
ofMyZfA9r7ZZPqZX3StQ6qkg9qNzp+JaSYyOY0T7SlsCWY6Rw8gxmQA8OW1cPxAI
npiou3wOMFDpzzFiqYE6RDlXAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUbykI+PYq
Lps2UCmtdZ3jNjnWwkswHwYDVR0jBBgwFoAUh7YsNOjcXUAjjA9r3pEVbl0GpEsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlGOUE4L0I5MjMwNkZFRUI2
QTExRUU5QzAzQjcxMUM0RjlBRTAyL2g3WXNOT2pjWFVBampBOXIzcEVWYmwwR3BF
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaDdZc05PamNYVUFqakE5cjNwRVZibDBHcEVzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
RjlBOC9COTIzMDZGRUVCNkExMUVFOUMwM0I3MTFDNEY5QUUwMi9EN0I5RTRERUVE
MzYxMUVFOTM4MEZFNENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAGe+6DAPBAIAAjAJAwcAJACTIAAAMA0GCSqGSIb3DQEBCwUA
A4IBAQANsX9jY/OpR0TvHDh+C4Ezsfr4PiCcMlkSdaFe2TAlpPnb1o0a4zUMR1A8
pAimaFkE9JI/haueImysG/RAlsYXxoWxY7ydIKJ2F5V5Lp05WOmJ+kctTujperMz
NgvcgzFL/o+7xWnVZnsegKVTK5U2gdsxf8i+PsmRO4G3hnhd7Dw0F00V/e4vxUbJ
EyzUr1FwozZJHCuxn9FZv8EUr7c3VQhdscUx4m0vrXrN5oOcq63HzoZ1QS3sU5VI
RpVnoGrMjve6Yqjz1g8zJNPQ/lbymVHWE0NmNd0RVfGdlydODAidCb5ufC0Zutw6
e4IGZgu6/GlRFoQUJBe3CQfyVBsM
-----END CERTIFICATE-----
Generated at Fri Mar 29 04:05:02 2024 by rpki-client on console-ams.rpki-client.org