Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7890/ADE13186DADF11EDB1F9D719C4F9AE02/E8B33B7CDC7B11EDA91AFC47C4F9AE02.roa
File: E8B33B7CDC7B11EDA91AFC47C4F9AE02.roa (raw, json)
Hash identifier: /ecfPyuJ7JHk4pALO+OpN9SziMjA1JjlocsbyE1ZAzI=
Subject key identifier: FA:04:DC:AD:1D:25:C0:F9:73:96:3E:65:75:07:B6:FD:8C:E3:DA:A5
Certificate issuer: /CN=A91A7890/serialNumber=C8392445154A211457468DC92675C6B2BC9C448B
Certificate serial: 04
Authority key identifier: C8:39:24:45:15:4A:21:14:57:46:8D:C9:26:75:C6:B2:BC:9C:44:8B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yDkkRRVKIRRXRo3JJnXGsrycRIs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A7890/ADE13186DADF11EDB1F9D719C4F9AE02/E8B33B7CDC7B11EDA91AFC47C4F9AE02.roa
Signing time: Sun 16 Apr 2023 17:27:07 +0000
ROA not before: Sun 16 Apr 2023 17:27:07 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 138556
IP address blocks: 103.132.20.0/24 maxlen: 24
103.132.21.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A7890/serialNumber=C8392445154A211457468DC92675C6B2BC9C448B
Validity
Not Before: Apr 16 17:27:07 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=643c2fea-9b0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:50:ff:bf:f3:50:49:70:25:a9:b7:a6:ce:7c:
a4:31:a4:47:b4:7e:02:eb:7e:d3:e9:6a:34:39:64:
63:b1:0c:6f:7c:a1:23:40:3d:59:55:da:08:7b:f3:
49:6d:66:34:ce:f9:77:e6:69:3d:35:71:7e:09:1d:
7b:fc:9c:4a:61:c4:fb:f3:b7:5c:da:e1:0c:53:b7:
c0:7f:96:aa:49:e7:c2:ac:33:e4:98:f5:99:78:f2:
90:d2:4a:3b:1f:14:c7:75:80:51:3b:24:9f:74:7b:
2f:d3:b7:47:d6:63:6f:ad:7a:1e:fd:1f:da:c7:32:
f1:40:25:ee:6d:a2:3e:95:5b:49:b1:47:96:3c:6c:
c0:e5:e6:bf:2e:ae:26:b0:80:70:ae:8d:b0:6f:15:
96:c9:56:ff:36:fc:68:f7:6d:b1:94:31:2e:a8:2d:
2b:97:6a:15:cb:33:f8:e0:b5:ac:0f:d3:0c:01:d4:
28:3f:0b:b1:33:ff:04:c4:0d:ae:f8:bc:9f:33:1b:
6e:84:64:e8:0d:29:a6:c6:ea:3a:b0:62:0e:03:3d:
16:43:d2:23:86:23:6d:25:cc:ce:bf:2b:41:d6:cd:
a3:ca:06:72:0c:a3:8a:c6:bb:89:38:d8:03:da:f7:
ac:ca:d1:4c:2d:7d:cc:ac:84:fe:e8:ee:0a:ed:8a:
74:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:04:DC:AD:1D:25:C0:F9:73:96:3E:65:75:07:B6:FD:8C:E3:DA:A5
X509v3 Authority Key Identifier:
keyid:C8:39:24:45:15:4A:21:14:57:46:8D:C9:26:75:C6:B2:BC:9C:44:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A7890/ADE13186DADF11EDB1F9D719C4F9AE02/yDkkRRVKIRRXRo3JJnXGsrycRIs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yDkkRRVKIRRXRo3JJnXGsrycRIs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7890/ADE13186DADF11EDB1F9D719C4F9AE02/E8B33B7CDC7B11EDA91AFC47C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.132.20.0/23
Signature Algorithm: sha256WithRSAEncryption
55:f0:83:52:99:8a:e8:fd:06:38:fa:21:2a:18:3b:c5:ee:ed:
77:d7:ba:06:58:36:f6:21:5e:5f:be:9d:e9:48:31:48:20:a5:
b6:a0:24:6d:3b:55:04:af:46:04:1a:d7:5f:2e:99:45:b3:77:
b4:5a:9d:06:75:fd:51:08:47:44:1e:4a:c7:22:20:a9:1f:c1:
6d:1e:05:15:08:c0:d6:d1:35:fa:36:92:60:28:ed:50:17:2e:
7a:fd:81:03:55:9e:d1:58:36:cd:c7:f0:a4:ab:58:0f:5e:a7:
4c:61:ac:05:62:1f:38:62:e8:e5:ad:c2:e2:e9:7a:de:73:c9:
1a:55:e8:85:75:2d:7f:b3:a4:bb:9c:22:12:44:c5:4a:84:c8:
3d:e0:ae:22:89:9e:b5:2c:87:8c:94:2e:20:bf:bd:05:06:e4:
4d:9d:b2:f5:6b:1f:8d:e6:03:3f:38:3b:c8:8c:13:21:4e:75:
14:ac:76:0a:6f:75:f0:bd:8a:e2:e8:6c:6e:51:c1:07:41:38:
60:da:2f:f2:26:c6:ca:3d:de:81:56:64:9e:f5:21:19:5d:7d:
a6:d6:c1:e0:3b:ae:c9:a4:1b:ed:b9:fd:8d:5d:84:97:9b:af:
3c:e8:bd:ff:b9:02:05:2b:7d:06:c7:a9:59:43:55:b4:88:8f:
34:ed:fc:aa
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
Nzg5MDExMC8GA1UEBRMoQzgzOTI0NDUxNTRBMjExNDU3NDY4REM5MjY3NUM2QjJC
QzlDNDQ4QjAeFw0yMzA0MTYxNzI3MDdaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0M2MyZmVhLTliMGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDmUP+/81BJcCWpt6bOfKQxpEe0fgLrftPpajQ5ZGOxDG98oSNAPVlV2gh780lt
ZjTO+XfmaT01cX4JHXv8nEphxPvzt1za4QxTt8B/lqpJ58KsM+SY9Zl48pDSSjsf
FMd1gFE7JJ90ey/Tt0fWY2+teh79H9rHMvFAJe5toj6VW0mxR5Y8bMDl5r8uriaw
gHCujbBvFZbJVv82/Gj3bbGUMS6oLSuXahXLM/jgtawP0wwB1Cg/C7Ez/wTEDa74
vJ8zG26EZOgNKabG6jqwYg4DPRZD0iOGI20lzM6/K0HWzaPKBnIMo4rGu4k42APa
96zK0UwtfcyshP7o7grtinQJAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU+gTcrR0l
wPlzlj5ldQe2/Yzj2qUwHwYDVR0jBBgwFoAUyDkkRRVKIRRXRo3JJnXGsrycRIsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3ODkwL0FERTEzMTg2REFE
RjExRURCMUY5RDcxOUM0RjlBRTAyL3lEa2tSUlZLSVJSWFJvM0pKblhHc3J5Y1JJ
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIveURra1JSVktJUlJYUm8zSkpuWEdzcnljUklzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
Nzg5MC9BREUxMzE4NkRBREYxMUVEQjFGOUQ3MTlDNEY5QUUwMi9FOEIzM0I3Q0RD
N0IxMUVEQTkxQUZDNDdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWeEFDANBgkqhkiG9w0BAQsFAAOCAQEAVfCDUpmK6P0GOPoh
Khg7xe7td9e6Blg29iFeX76d6UgxSCCltqAkbTtVBK9GBBrXXy6ZRbN3tFqdBnX9
UQhHRB5KxyIgqR/BbR4FFQjA1tE1+jaSYCjtUBcuev2BA1We0Vg2zcfwpKtYD16n
TGGsBWIfOGLo5a3C4ul63nPJGlXohXUtf7Oku5wiEkTFSoTIPeCuIometSyHjJQu
IL+9BQbkTZ2y9WsfjeYDPzg7yIwTIU51FKx2Cm918L2K4uhsblHBB0E4YNov8ibG
yj3egVZknvUhGV19ptbB4DuuyaQb7bn9jV2El5uvPOi9/7kCBSt9BsepWUNVtIiP
NO38qg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:03 2023 by rpki-client on console-fra.rpki-client.org