Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6131/0FCB3D3828D611EB84E4C93BC4F9AE02/7D8DACDAF51511EDB1103F6FC4F9AE02.roa
File: 7D8DACDAF51511EDB1103F6FC4F9AE02.roa (raw, json)
Hash identifier: Ozf0TU4NEPU1ycEaGY2dYMH6+1mPOLnZ3AcTtNESskQ=
Subject key identifier: 77:1D:E0:B2:EA:28:5E:6B:4A:42:0C:28:0D:65:32:F8:50:2E:65:ED
Certificate issuer: /CN=A91A6131/serialNumber=7B059CCC60BAAAFCF6F141216EFDD68E870C2551
Certificate serial: 0642
Authority key identifier: 7B:05:9C:CC:60:BA:AA:FC:F6:F1:41:21:6E:FD:D6:8E:87:0C:25:51
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewWczGC6qvz28UEhbv3WjocMJVE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A6131/0FCB3D3828D611EB84E4C93BC4F9AE02/7D8DACDAF51511EDB1103F6FC4F9AE02.roa
Signing time: Thu 18 May 2023 00:46:57 +0000
ROA not before: Thu 18 May 2023 00:46:57 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 834
IP address blocks: 43.255.82.0/24 maxlen: 24
43.255.83.0/24 maxlen: 24
103.238.129.0/24 maxlen: 24
103.238.131.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1602 (0x642)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A6131/serialNumber=7B059CCC60BAAAFCF6F141216EFDD68E870C2551
Validity
Not Before: May 18 00:46:57 2023 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=64657581-3673
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:33:05:5b:5c:74:e9:34:43:38:92:63:59:22:
f4:c2:4c:1c:58:11:85:50:67:8d:44:40:32:5a:db:
8e:c8:02:1c:70:80:9c:fc:93:2e:e6:3f:d6:ff:15:
50:6c:9b:74:3b:12:17:b8:2a:7e:10:8a:78:4b:fd:
a2:d1:d1:4e:fd:57:62:99:df:7b:5e:14:f2:04:f7:
f5:85:bc:47:24:52:4e:7b:16:7f:91:6c:88:58:da:
37:db:a0:63:73:f1:38:43:22:70:cd:a6:3d:24:22:
0a:84:88:c9:e3:00:66:11:56:63:f8:3c:6b:41:bc:
6b:54:f4:18:51:ee:5d:aa:14:ad:c0:be:e2:0a:f0:
1a:dd:2f:a9:fd:d2:10:e3:1d:7c:1d:27:ca:82:c7:
de:50:31:b7:11:48:3f:99:27:bc:53:a8:87:f5:7f:
5d:c6:94:a3:f5:61:93:b8:3d:12:6f:80:5a:d2:46:
f3:7c:26:32:e9:8d:ec:2c:f9:e4:cb:b2:54:e2:c4:
8d:ab:f5:df:39:1c:1e:a3:14:73:c2:ef:bd:e5:c0:
fa:3d:fd:77:f3:ad:ee:57:4b:79:e4:1b:2c:70:8c:
74:0d:6e:93:93:d6:04:e2:21:03:f1:49:9e:8d:62:
40:7a:db:71:c4:05:a3:e6:c0:2e:9e:d7:8b:3b:56:
a0:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:1D:E0:B2:EA:28:5E:6B:4A:42:0C:28:0D:65:32:F8:50:2E:65:ED
X509v3 Authority Key Identifier:
keyid:7B:05:9C:CC:60:BA:AA:FC:F6:F1:41:21:6E:FD:D6:8E:87:0C:25:51
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A6131/0FCB3D3828D611EB84E4C93BC4F9AE02/ewWczGC6qvz28UEhbv3WjocMJVE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewWczGC6qvz28UEhbv3WjocMJVE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6131/0FCB3D3828D611EB84E4C93BC4F9AE02/7D8DACDAF51511EDB1103F6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.82.0/23
103.238.129.0/24
103.238.131.0/24
Signature Algorithm: sha256WithRSAEncryption
85:7d:fd:de:38:84:86:7f:5c:c1:ef:ca:2e:94:93:58:20:60:
f0:28:47:4f:67:77:5b:8c:63:5d:e8:ee:93:fd:7a:5a:8f:f2:
bf:55:a7:de:35:c0:72:4b:03:3a:09:a5:b5:08:64:3e:cc:7b:
a7:55:32:7e:e6:65:94:e1:88:e3:52:46:84:5e:84:1d:35:64:
ff:cf:4e:2e:c3:b1:2b:d6:6e:ae:b8:cf:fb:04:f8:7f:36:68:
0d:25:35:38:eb:26:f4:4b:cc:18:03:b1:72:06:37:69:b5:eb:
e8:54:c1:0d:b7:a2:33:03:56:95:b6:9e:7d:1d:ef:83:7f:f4:
cb:2f:84:b6:2d:3c:96:be:1d:b9:50:1e:ef:85:c3:ef:20:28:
3f:98:a6:df:51:66:33:38:0f:b5:90:04:67:6f:de:de:81:e5:
83:62:4a:2d:17:1f:3f:87:95:a2:c2:64:4e:e0:c2:d1:d3:66:
10:40:c8:e5:d0:e5:a3:78:15:20:ad:f2:8e:a9:ee:67:18:9a:
42:eb:3e:10:b1:4b:3f:98:b1:1d:aa:eb:73:6b:08:6c:74:d0:
1e:af:a3:a5:a4:da:e7:51:1c:66:f8:30:2d:d2:c1:74:47:0e:
43:5c:2b:06:de:a1:a2:ef:e1:3e:da:38:5a:4b:be:ad:d6:47:
5c:bb:3c:5f
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBkIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTYxMzExMTAvBgNVBAUTKDdCMDU5Q0NDNjBCQUFBRkNGNkYxNDEyMTZFRkRENjhF
ODcwQzI1NTEwHhcNMjMwNTE4MDA0NjU3WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDY1NzU4MS0zNjczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1jMFW1x06TRDOJJjWSL0wkwcWBGFUGeNREAyWtuOyAIccICc/JMu5j/W/xVQ
bJt0OxIXuCp+EIp4S/2i0dFO/Vdimd97XhTyBPf1hbxHJFJOexZ/kWyIWNo326Bj
c/E4QyJwzaY9JCIKhIjJ4wBmEVZj+DxrQbxrVPQYUe5dqhStwL7iCvAa3S+p/dIQ
4x18HSfKgsfeUDG3EUg/mSe8U6iH9X9dxpSj9WGTuD0Sb4Ba0kbzfCYy6Y3sLPnk
y7JU4sSNq/XfORweoxRzwu+95cD6Pf13863uV0t55BsscIx0DW6Tk9YE4iED8Ume
jWJAettxxAWj5sAunteLO1agswIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFHcd4LLq
KF5rSkIMKA1lMvhQLmXtMB8GA1UdIwQYMBaAFHsFnMxguqr89vFBIW791o6HDCVR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjEzMS8wRkNCM0QzODI4
RDYxMUVCODRFNEM5M0JDNEY5QUUwMi9ld1djekdDNnF2ejI4VUVoYnYzV2pvY01K
VkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2V3V2N6R0M2cXZ6MjhVRWhidjNXam9jTUpWRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTYxMzEvMEZDQjNEMzgyOEQ2MTFFQjg0RTRDOTNCQzRGOUFFMDIvN0Q4REFDREFG
NTE1MTFFREIxMTAzRjZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAEr/1IDBABn7oEDBABn7oMwDQYJKoZIhvcNAQELBQADggEB
AIV9/d44hIZ/XMHvyi6Uk1ggYPAoR09nd1uMY13o7pP9elqP8r9Vp941wHJLAzoJ
pbUIZD7Me6dVMn7mZZThiONSRoRehB01ZP/PTi7DsSvWbq64z/sE+H82aA0lNTjr
JvRLzBgDsXIGN2m16+hUwQ23ojMDVpW2nn0d74N/9MsvhLYtPJa+HblQHu+Fw+8g
KD+Ypt9RZjM4D7WQBGdv3t6B5YNiSi0XHz+HlaLCZE7gwtHTZhBAyOXQ5aN4FSCt
8o6p7mcYmkLrPhCxSz+YsR2q63NrCGx00B6vo6Wk2udRHGb4MC3SwXRHDkNcKwbe
oaLv4T7aOFpLvq3WR1y7PF8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:00 2023 by rpki-client on console-ams.rpki-client.org