Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6131/0FCB3D3828D611EB84E4C93BC4F9AE02/33FE205ABD9C11EDB0611421C4F9AE02.roa
File: 33FE205ABD9C11EDB0611421C4F9AE02.roa (raw, json)
Hash identifier: tWsH9NEW8gnZ+EAU0LG+Bg7Nb8lGPyvOSsKCyVwxMi8=
Subject key identifier: 79:55:EF:BB:67:BD:BD:9E:CF:44:9F:89:44:23:37:6A:59:01:18:10
Certificate issuer: /CN=A91A6131/serialNumber=7B059CCC60BAAAFCF6F141216EFDD68E870C2551
Certificate serial: 063D
Authority key identifier: 7B:05:9C:CC:60:BA:AA:FC:F6:F1:41:21:6E:FD:D6:8E:87:0C:25:51
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewWczGC6qvz28UEhbv3WjocMJVE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A6131/0FCB3D3828D611EB84E4C93BC4F9AE02/33FE205ABD9C11EDB0611421C4F9AE02.roa
Signing time: Mon 15 May 2023 18:36:57 +0000
ROA not before: Mon 15 May 2023 18:36:57 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 834
IP address blocks: 43.255.82.0/24 maxlen: 24
43.255.83.0/24 maxlen: 24
103.238.129.0/24 maxlen: 24
103.238.130.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1597 (0x63d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A6131/serialNumber=7B059CCC60BAAAFCF6F141216EFDD68E870C2551
Validity
Not Before: May 15 18:36:57 2023 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=64627bc9-39c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:20:d6:f6:68:49:d3:db:c2:e1:6e:88:11:0b:
21:9f:07:71:22:ea:54:cd:8c:3d:3d:7c:05:f4:dc:
73:e0:8d:a8:08:58:6e:30:83:e4:a6:06:2f:52:15:
02:3d:3e:1e:c4:47:17:2e:ef:b1:33:1a:b5:5f:ba:
d9:5e:5a:cd:d4:2a:1e:38:a8:da:b4:dc:6d:87:25:
d9:60:a1:20:2b:97:d3:c2:a9:3f:83:db:53:cd:70:
a2:59:8e:62:8f:3f:34:6e:c8:a8:49:f3:1d:27:5c:
3d:0d:fb:ef:24:22:33:cb:c5:ee:27:9f:e1:68:6c:
10:ba:3a:bb:68:fd:19:fe:65:32:47:f5:55:20:19:
2a:e3:41:f6:18:93:80:d4:7e:29:44:59:f9:2b:f0:
1d:94:fd:95:41:ed:88:a1:58:97:27:da:e5:24:24:
9f:1d:2d:f5:f1:cd:0d:89:20:70:ac:ac:85:f9:19:
a2:37:a3:4e:71:14:d5:dd:09:9b:99:b2:4f:b3:de:
24:62:57:26:89:08:dc:8d:07:71:fd:9d:57:d5:6e:
1e:35:1d:1e:7b:e1:59:21:d2:14:44:22:68:cc:e1:
e8:c2:ce:ef:da:5a:a7:ca:66:5c:22:b3:52:17:03:
90:8c:54:28:e7:e5:ed:57:4b:40:1b:90:e4:d4:a2:
50:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:55:EF:BB:67:BD:BD:9E:CF:44:9F:89:44:23:37:6A:59:01:18:10
X509v3 Authority Key Identifier:
keyid:7B:05:9C:CC:60:BA:AA:FC:F6:F1:41:21:6E:FD:D6:8E:87:0C:25:51
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A6131/0FCB3D3828D611EB84E4C93BC4F9AE02/ewWczGC6qvz28UEhbv3WjocMJVE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewWczGC6qvz28UEhbv3WjocMJVE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6131/0FCB3D3828D611EB84E4C93BC4F9AE02/33FE205ABD9C11EDB0611421C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.82.0/23
103.238.129.0-103.238.130.255
Signature Algorithm: sha256WithRSAEncryption
3d:17:0a:bd:9b:30:1e:f8:82:eb:bc:c8:cb:44:22:e2:5a:0c:
61:ea:e2:d5:ca:37:7b:35:1e:4c:c3:16:3c:3a:18:96:73:87:
b2:d1:12:e5:9a:78:40:54:ff:06:df:3a:28:6e:87:f9:94:42:
12:59:3b:0b:77:12:f5:f1:7c:12:df:30:eb:40:f3:30:bb:21:
63:6f:78:ea:9c:a0:34:f3:17:e6:5a:32:77:2e:7e:a3:1f:98:
20:80:ac:3e:7d:06:d1:46:42:64:26:79:43:61:0b:02:cd:98:
70:58:f1:e6:3e:a7:4d:79:65:de:80:b3:25:a4:e9:1b:99:39:
25:55:fa:a8:9b:93:c2:80:27:eb:b7:e1:e9:88:84:47:89:eb:
e6:f1:e1:b3:7c:a1:0b:7f:54:19:26:6b:0e:b3:fb:00:a7:11:
3d:95:df:e2:51:29:ec:97:dc:55:fe:13:c4:40:19:bf:06:12:
aa:ea:18:2b:8c:0a:b4:36:29:86:9c:ec:8a:e5:db:ea:33:c4:
93:aa:80:ec:30:21:14:d1:39:8a:e6:8b:56:0e:1f:9f:44:f7:
99:c4:17:08:08:4c:bf:84:8a:06:7a:a9:30:86:bc:bd:8e:e7:
31:e8:be:69:2a:a4:75:b2:33:3e:16:4f:eb:9d:33:ca:cb:8d:
7d:04:3e:be
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICBj0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTYxMzExMTAvBgNVBAUTKDdCMDU5Q0NDNjBCQUFBRkNGNkYxNDEyMTZFRkRENjhF
ODcwQzI1NTEwHhcNMjMwNTE1MTgzNjU3WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDYyN2JjOS0zOWMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnyDW9mhJ09vC4W6IEQshnwdxIupUzYw9PXwF9Nxz4I2oCFhuMIPkpgYvUhUC
PT4exEcXLu+xMxq1X7rZXlrN1CoeOKjatNxthyXZYKEgK5fTwqk/g9tTzXCiWY5i
jz80bsioSfMdJ1w9DfvvJCIzy8XuJ5/haGwQujq7aP0Z/mUyR/VVIBkq40H2GJOA
1H4pRFn5K/AdlP2VQe2IoViXJ9rlJCSfHS318c0NiSBwrKyF+RmiN6NOcRTV3Qmb
mbJPs94kYlcmiQjcjQdx/Z1X1W4eNR0ee+FZIdIURCJozOHows7v2lqnymZcIrNS
FwOQjFQo5+XtV0tAG5Dk1KJQCQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFHlV77tn
vb2ez0SfiUQjN2pZARgQMB8GA1UdIwQYMBaAFHsFnMxguqr89vFBIW791o6HDCVR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjEzMS8wRkNCM0QzODI4
RDYxMUVCODRFNEM5M0JDNEY5QUUwMi9ld1djekdDNnF2ejI4VUVoYnYzV2pvY01K
VkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2V3V2N6R0M2cXZ6MjhVRWhidjNXam9jTUpWRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTYxMzEvMEZDQjNEMzgyOEQ2MTFFQjg0RTRDOTNCQzRGOUFFMDIvMzNGRTIwNUFC
RDlDMTFFREIwNjExNDIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBAEr/1IwDAMEAGfugQMEAGfugjANBgkqhkiG9w0BAQsFAAOC
AQEAPRcKvZswHviC67zIy0Qi4loMYeri1co3ezUeTMMWPDoYlnOHstES5Zp4QFT/
Bt86KG6H+ZRCElk7C3cS9fF8Et8w60DzMLshY2946pygNPMX5loydy5+ox+YIICs
Pn0G0UZCZCZ5Q2ELAs2YcFjx5j6nTXll3oCzJaTpG5k5JVX6qJuTwoAn67fh6YiE
R4nr5vHhs3yhC39UGSZrDrP7AKcRPZXf4lEp7JfcVf4TxEAZvwYSquoYK4wKtDYp
hpzsiuXb6jPEk6qA7DAhFNE5iuaLVg4fn0T3mcQXCAhMv4SKBnqpMIa8vY7nMei+
aSqkdbIzPhZP650zysuNfQQ+vg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:00 2023 by rpki-client on console-ams.rpki-client.org