Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/C5B79D8A880511EEBAD2AD7BC4F9AE02.roa
File: C5B79D8A880511EEBAD2AD7BC4F9AE02.roa (raw, json)
Hash identifier: Afd98HbIYQ2CtWCz8/J4cPkO5ijHRqi1M47xePHhZzw=
Subject key identifier: E4:BA:40:B2:9B:ED:9E:46:20:51:AB:61:3E:D4:D3:F3:08:EC:98:21
Certificate issuer: /CN=A91A8D22/serialNumber=A683F6724C02A13F2D39CF2F21500BE00380DDE3
Certificate serial: 33A8
Authority key identifier: A6:83:F6:72:4C:02:A1:3F:2D:39:CF:2F:21:50:0B:E0:03:80:DD:E3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poP2ckwCoT8tOc8vIVAL4AOA3eM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/C5B79D8A880511EEBAD2AD7BC4F9AE02.roa
Signing time: Tue 21 Nov 2023 00:34:47 +0000
ROA not before: Tue 21 Nov 2023 00:34:47 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 58731
IP address blocks: 103.112.36.0/22 maxlen: 22
180.189.160.0/20 maxlen: 20
2405:1f00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13224 (0x33a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A8D22/serialNumber=A683F6724C02A13F2D39CF2F21500BE00380DDE3
Validity
Not Before: Nov 21 00:34:47 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=655bfb27-a09e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f7:e6:12:b0:9c:b4:94:69:77:97:53:d7:c2:
a4:0a:09:bd:2b:74:f1:6b:30:b9:fe:ad:d3:89:a0:
8c:7d:cf:15:74:66:a9:48:6b:21:80:8e:d1:5f:cb:
70:58:dc:90:38:e3:cd:63:dd:a7:4a:44:78:3f:97:
89:37:25:b7:86:46:ce:be:e8:11:0b:8c:9c:5d:89:
fb:ff:6e:eb:f5:ec:8f:1d:13:70:d6:bf:aa:83:4f:
aa:5e:8e:99:fb:be:a4:5d:f1:46:0e:e0:06:db:32:
6a:29:98:6c:5d:34:1b:e4:7a:56:a6:01:ec:c2:43:
db:21:ac:02:51:66:e1:b5:ec:de:f8:b6:a4:b8:d8:
18:43:ab:7f:8b:93:f4:69:22:51:b4:06:79:08:e5:
9f:bf:97:5b:4d:68:95:be:12:6d:65:ef:5e:fc:bd:
e6:01:5c:eb:08:c1:b1:79:90:a3:6c:bd:8a:de:f8:
78:43:5d:a9:91:d6:60:3d:78:15:51:4e:79:29:92:
67:32:5d:c9:3b:21:dd:9d:61:bd:df:ec:cf:67:f0:
86:a0:df:92:63:d7:6e:73:bd:8f:5d:a7:eb:26:75:
52:09:14:30:c8:72:36:fa:0d:26:81:3c:5c:17:22:
ee:b2:e8:35:58:f7:0b:24:e6:8a:ec:95:fd:47:20:
ed:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:BA:40:B2:9B:ED:9E:46:20:51:AB:61:3E:D4:D3:F3:08:EC:98:21
X509v3 Authority Key Identifier:
keyid:A6:83:F6:72:4C:02:A1:3F:2D:39:CF:2F:21:50:0B:E0:03:80:DD:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/poP2ckwCoT8tOc8vIVAL4AOA3eM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poP2ckwCoT8tOc8vIVAL4AOA3eM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/C5B79D8A880511EEBAD2AD7BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.36.0/22
180.189.160.0/20
IPv6:
2405:1f00::/32
Signature Algorithm: sha256WithRSAEncryption
40:b5:08:ac:eb:8a:2e:da:1c:42:03:01:6d:5f:e3:a8:5b:97:
9f:c1:fb:36:c9:42:60:d3:87:ca:b4:f4:cd:97:7a:96:3a:d2:
4a:df:47:6e:2b:e3:43:81:c3:95:51:3a:9f:01:e7:a6:e5:39:
78:23:20:fa:06:37:17:b0:c5:dd:a7:17:73:7e:8e:22:01:7f:
88:e1:38:42:44:f0:ad:f5:e4:8c:35:e1:72:23:b7:b2:5c:85:
39:f9:8a:74:21:14:34:9a:ed:00:c0:a6:4a:74:4c:02:1c:21:
9f:04:9d:79:06:ee:22:0e:fd:c3:50:c4:87:75:7a:b2:e5:bf:
bf:75:42:b0:4d:d8:3d:7c:1e:06:b7:6a:03:18:19:04:b6:ed:
65:33:31:16:95:85:19:f7:28:09:e7:91:0d:f5:48:6b:62:55:
cd:d9:bc:9b:89:02:d2:c2:82:ad:fa:f0:31:fb:9b:d9:16:97:
9c:1c:7f:68:26:13:26:85:da:6a:b4:59:a7:e3:5e:25:5c:9a:
28:7f:c5:6f:53:3a:51:67:e7:7d:20:d6:0d:1f:a1:e0:b4:d0:
97:2f:67:a7:00:9a:f6:55:6c:37:4b:b0:c6:6e:6e:d7:84:c8:
5d:6c:5f:1e:7d:ea:96:0a:d4:c4:94:82:37:19:b0:67:9e:78:
44:f3:c4:04
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICM6gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QThEMjIxMTAvBgNVBAUTKEE2ODNGNjcyNEMwMkExM0YyRDM5Q0YyRjIxNTAwQkUw
MDM4MERERTMwHhcNMjMxMTIxMDAzNDQ3WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTViZmIyNy1hMDllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuvfmErCctJRpd5dT18KkCgm9K3TxazC5/q3TiaCMfc8VdGapSGshgI7RX8tw
WNyQOOPNY92nSkR4P5eJNyW3hkbOvugRC4ycXYn7/27r9eyPHRNw1r+qg0+qXo6Z
+76kXfFGDuAG2zJqKZhsXTQb5HpWpgHswkPbIawCUWbhteze+LakuNgYQ6t/i5P0
aSJRtAZ5COWfv5dbTWiVvhJtZe9e/L3mAVzrCMGxeZCjbL2K3vh4Q12pkdZgPXgV
UU55KZJnMl3JOyHdnWG93+zPZ/CGoN+SY9duc72PXafrJnVSCRQwyHI2+g0mgTxc
FyLusug1WPcLJOaK7JX9RyDtpwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFOS6QLKb
7Z5GIFGrYT7U0/MI7JghMB8GA1UdIwQYMBaAFKaD9nJMAqE/LTnPLyFQC+ADgN3j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOEQyMi8yNTI2OTc5ODFE
OTIxMUUyQjYxOENBRjQwOEIwMkNEMi9wb1AyY2t3Q29UOHRPYzh2SVZBTDRBT0Ez
ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BvUDJja3dDb1Q4dE9jOHZJVkFMNEFPQTNlTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QThEMjIvMjUyNjk3OTgxRDkyMTFFMkI2MThDQUY0MDhCMDJDRDIvQzVCNzlEOEE4
ODA1MTFFRUJBRDJBRDdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJncCQDBAS0vaAwDQQCAAIwBwMFACQFHwAwDQYJKoZIhvcN
AQELBQADggEBAEC1CKzrii7aHEIDAW1f46hbl5/B+zbJQmDTh8q09M2XepY60krf
R24r40OBw5VROp8B56blOXgjIPoGNxewxd2nF3N+jiIBf4jhOEJE8K315Iw14XIj
t7JchTn5inQhFDSa7QDApkp0TAIcIZ8EnXkG7iIO/cNQxId1erLlv791QrBN2D18
Hga3agMYGQS27WUzMRaVhRn3KAnnkQ31SGtiVc3ZvJuJAtLCgq368DH7m9kWl5wc
f2gmEyaF2mq0WafjXiVcmih/xW9TOlFn530g1g0foeC00JcvZ6cAmvZVbDdLsMZu
bteEyF1sXx596pYK1MSUgjcZsGeeeETzxAQ=
-----END CERTIFICATE-----
Generated at Fri Jan 5 11:41:24 2024 by rpki-client on console-fra.rpki-client.org