Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/DDFF55027FBF11EE90F07247C4F9AE02.roa
File: DDFF55027FBF11EE90F07247C4F9AE02.roa (raw, json)
Hash identifier: 5HqLsfFFRcIA7zV49nKh6BANohyAInGF4VO99TfdVbc=
Subject key identifier: CD:D4:EB:8C:56:A8:0F:27:5E:08:7E:2C:F6:AC:4E:0D:92:FD:98:A1
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4092
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/DDFF55027FBF11EE90F07247C4F9AE02.roa
Signing time: Thu 16 Nov 2023 04:39:37 +0000
ROA not before: Thu 16 Nov 2023 04:39:37 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 150875
IP address blocks: 103.252.74.0/23 maxlen: 23
2401:2360::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Nov 2023 07:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16530 (0x4092)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Nov 16 04:39:37 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=65559d09-647b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ec:25:e5:68:90:81:48:88:39:a6:58:98:7d:
88:b6:5b:89:09:52:2c:c1:e2:08:16:bd:ae:0e:15:
86:52:76:96:ee:d7:bc:68:ea:da:a1:bc:e2:cf:8c:
9f:3a:53:be:e2:c0:b0:68:06:6e:be:da:b3:20:6f:
7a:f8:73:66:9e:98:44:6e:15:05:5e:51:9e:7a:d4:
db:3f:f1:76:9d:cc:8e:7f:15:96:09:08:21:38:a9:
12:52:87:87:8a:73:94:37:23:f9:fd:5f:67:63:31:
8a:17:1b:05:4c:bb:8c:86:26:47:77:a4:d0:51:a8:
de:43:6a:5b:ad:30:55:cf:f4:4a:44:a6:23:1e:44:
98:2b:88:33:c2:b6:a1:5c:65:d5:59:59:8d:33:66:
f0:ae:8a:15:86:50:bc:b8:28:2c:bf:11:a8:43:9a:
8b:e1:e3:20:7b:a7:dc:55:e9:1e:20:3d:b7:9d:1a:
12:e8:e0:75:cb:08:93:2c:fb:ab:72:a9:f5:74:c9:
1b:1d:2a:e7:2e:dd:36:d6:a4:6e:88:62:14:7c:86:
77:10:a1:4b:da:83:5d:a5:97:c6:4e:8a:31:ba:16:
88:92:42:cd:c8:7d:14:37:7b:11:b1:92:3a:33:28:
41:22:44:b1:09:6b:36:1d:3d:da:46:d4:6f:32:4e:
dc:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:D4:EB:8C:56:A8:0F:27:5E:08:7E:2C:F6:AC:4E:0D:92:FD:98:A1
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/DDFF55027FBF11EE90F07247C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.252.74.0/23
IPv6:
2401:2360::/48
Signature Algorithm: sha256WithRSAEncryption
16:7a:43:64:85:00:0e:bc:22:bf:8e:02:a5:da:5a:45:34:d6:
09:8f:eb:b2:ee:f5:08:f6:6d:be:a0:11:9e:d5:72:2a:a2:c9:
d3:97:8e:6a:c5:f4:58:85:de:6b:85:15:6b:6a:c4:3c:cc:bb:
c4:75:91:5b:6f:00:01:7b:60:e2:f1:3b:25:5c:d0:91:57:07:
6b:f7:1a:ce:4f:b4:a4:df:4d:ab:b6:4a:33:dc:a3:b1:db:5e:
c6:e4:4a:48:28:72:7a:13:05:8d:b2:ce:6d:0f:63:38:e7:78:
d3:74:24:b6:52:29:c2:93:d8:a6:fc:db:50:4e:35:91:a0:3f:
46:a8:64:c2:9a:96:4d:3f:41:45:43:9e:85:db:7d:d4:9d:5f:
ae:3f:4b:25:88:eb:a2:a5:c9:f9:21:54:9e:08:97:f7:82:5e:
ff:c2:d9:a9:81:b9:a9:52:8d:4f:14:ce:73:a0:68:c4:4e:85:
e3:64:61:e0:92:50:ca:85:98:28:bd:74:75:27:1a:aa:92:80:
5d:17:a1:69:e2:be:30:7c:bc:64:03:3b:a9:83:9d:4c:7b:b2:
a6:95:ba:60:8d:e4:50:9a:a5:57:c6:4d:76:e9:e2:f8:d6:40:
da:a3:24:cc:95:9f:a1:12:2d:5d:a8:91:07:50:44:cf:41:18:
48:ad:df:2a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICQJIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjMxMTE2MDQzOTM3WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTU1OWQwOS02NDdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqOwl5WiQgUiIOaZYmH2ItluJCVIsweIIFr2uDhWGUnaW7te8aOraobziz4yf
OlO+4sCwaAZuvtqzIG96+HNmnphEbhUFXlGeetTbP/F2ncyOfxWWCQghOKkSUoeH
inOUNyP5/V9nYzGKFxsFTLuMhiZHd6TQUajeQ2pbrTBVz/RKRKYjHkSYK4gzwrah
XGXVWVmNM2bwrooVhlC8uCgsvxGoQ5qL4eMge6fcVekeID23nRoS6OB1ywiTLPur
cqn1dMkbHSrnLt021qRuiGIUfIZ3EKFL2oNdpZfGTooxuhaIkkLNyH0UN3sRsZI6
MyhBIkSxCWs2HT3aRtRvMk7cAwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFM3U64xW
qA8nXgh+LPasTg2S/ZihMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRERGRjU1MDI3
RkJGMTFFRTkwRjA3MjQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFn/EowDwQCAAIwCQMHACQBI2AAADANBgkqhkiG9w0BAQsF
AAOCAQEAFnpDZIUADrwiv44CpdpaRTTWCY/rsu71CPZtvqARntVyKqLJ05eOasX0
WIXea4UVa2rEPMy7xHWRW28AAXtg4vE7JVzQkVcHa/cazk+0pN9Nq7ZKM9yjsdte
xuRKSChyehMFjbLObQ9jOOd403QktlIpwpPYpvzbUE41kaA/RqhkwpqWTT9BRUOe
hdt91J1frj9LJYjroqXJ+SFUngiX94Je/8LZqYG5qVKNTxTOc6BoxE6F42Rh4JJQ
yoWYKL10dScaqpKAXRehaeK+MHy8ZAM7qYOdTHuyppW6YI3kUJqlV8ZNduni+NZA
2qMkzJWfoRItXaiRB1BEz0EYSK3fKg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org