Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF5F7/44FCE568C78411EBAD4C9659C4F9AE02/E2323DE4C7A411EC8667B90EC4F9AE02.roa
File: E2323DE4C7A411EC8667B90EC4F9AE02.roa (raw, json)
Hash identifier: bbpyn4Ndfj1AaVlTR/3XVyNpFmhvkHlYW99YbVAUV8Y=
Subject key identifier: C5:BB:5A:47:CC:65:00:16:77:52:EE:CE:3B:DF:92:4F:41:E3:19:95
Certificate issuer: /CN=A91AF5F7/serialNumber=0A277D26A9C2402B8A1CD4577935E4F3C259C19F
Certificate serial: 0558
Authority key identifier: 0A:27:7D:26:A9:C2:40:2B:8A:1C:D4:57:79:35:E4:F3:C2:59:C1:9F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cid9JqnCQCuKHNRXeTXk88JZwZ8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AF5F7/44FCE568C78411EBAD4C9659C4F9AE02/E2323DE4C7A411EC8667B90EC4F9AE02.roa
Signing time: Tue 08 Oct 2024 23:32:31 +0000
ROA not before: Tue 08 Oct 2024 23:32:31 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 207190
IP address blocks: 103.101.206.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 09:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1368 (0x558)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AF5F7/serialNumber=0A277D26A9C2402B8A1CD4577935E4F3C259C19F
Validity
Not Before: Oct 8 23:32:31 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6705c10f-f5fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6b:46:df:91:98:72:b0:6a:b9:9d:63:1d:2e:
3e:2b:6b:b2:b7:75:27:7e:9c:87:fe:58:b0:cc:56:
8f:a4:58:8e:94:68:54:6f:f3:80:41:e0:33:99:0a:
16:2c:18:84:31:63:47:b5:d0:2a:0f:be:fe:c1:ce:
b1:31:af:0e:f6:2a:3a:04:f3:16:86:e9:20:06:46:
4c:a6:ff:2c:e7:93:b1:96:ac:3a:1b:a1:f2:eb:7a:
b4:49:8b:9f:85:52:1e:f7:82:a3:ff:37:e3:55:eb:
4a:ce:12:d7:f1:bf:68:e1:dc:cc:31:5f:69:d3:10:
23:ac:36:03:c1:92:cf:80:ea:fc:d6:a4:52:6e:3e:
ad:51:27:c8:4b:f0:c1:9f:2b:49:88:22:11:f4:f1:
d7:20:3c:8f:bf:24:6c:52:4c:2a:eb:0c:5d:2f:5e:
45:cd:77:7d:ec:08:ac:d6:23:34:6d:24:9b:fc:33:
d8:5a:ba:d7:9a:07:00:d2:d0:59:47:64:f6:06:9b:
10:70:75:ff:95:83:ea:49:7d:41:d5:49:c9:a1:2d:
29:0c:fa:d8:ce:73:8e:7d:40:7d:05:0c:ce:94:39:
ec:59:3d:55:3d:9f:a7:a2:fd:29:53:95:06:18:56:
3b:09:e3:22:c9:bf:61:1d:be:78:84:b3:0f:29:a4:
e0:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:BB:5A:47:CC:65:00:16:77:52:EE:CE:3B:DF:92:4F:41:E3:19:95
X509v3 Authority Key Identifier:
keyid:0A:27:7D:26:A9:C2:40:2B:8A:1C:D4:57:79:35:E4:F3:C2:59:C1:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AF5F7/44FCE568C78411EBAD4C9659C4F9AE02/Cid9JqnCQCuKHNRXeTXk88JZwZ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cid9JqnCQCuKHNRXeTXk88JZwZ8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF5F7/44FCE568C78411EBAD4C9659C4F9AE02/E2323DE4C7A411EC8667B90EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.101.206.0/23
Signature Algorithm: sha256WithRSAEncryption
24:33:fb:f7:36:62:85:3a:f2:1a:0e:c6:d8:d6:5e:03:a9:4b:
35:d4:fc:e9:5e:84:ad:ad:cc:e7:42:8f:ab:9f:03:07:8c:c0:
6a:36:1a:1f:8a:41:6c:54:9d:4c:79:96:30:33:d5:84:b4:ef:
0e:1f:05:cb:d0:19:67:53:a2:b8:63:9e:7e:c8:54:a7:da:49:
26:2b:f9:fa:9c:87:fc:5d:9b:91:ef:f9:b1:d9:ed:90:3a:4c:
de:e2:75:cd:60:d8:59:47:2d:a3:5f:46:04:2f:2b:db:fa:94:
d9:09:d1:c9:b5:04:ee:f0:d0:8e:2d:c6:a0:67:c7:d7:8c:68:
ca:18:47:30:b5:b2:6e:d4:f9:6a:bf:95:5f:56:89:b0:2d:87:
f4:72:5a:77:12:fa:0d:3a:00:d2:c1:bd:9e:80:a9:3b:65:54:
ae:b6:86:40:ee:0c:94:ce:d5:3f:8d:df:1e:78:12:3f:e9:5b:
33:24:b9:cf:b5:69:c2:81:50:88:bb:df:d5:55:0a:80:4b:cb:
45:77:8e:b9:a4:bc:33:9f:87:3c:ea:4e:5a:a4:79:61:b9:e6:
97:ae:cf:22:5c:f7:12:c5:75:fe:ca:5a:9c:18:b4:bb:14:57:
7c:42:7c:7a:25:87:d0:dc:a5:b4:3b:8b:fb:45:1e:8c:85:3f:
43:7b:03:51
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBVgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUY1RjcxMTAvBgNVBAUTKDBBMjc3RDI2QTlDMjQwMkI4QTFDRDQ1Nzc5MzVFNEYz
QzI1OUMxOUYwHhcNMjQxMDA4MjMzMjMxWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzA1YzEwZi1mNWZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuGtG35GYcrBquZ1jHS4+K2uyt3UnfpyH/liwzFaPpFiOlGhUb/OAQeAzmQoW
LBiEMWNHtdAqD77+wc6xMa8O9io6BPMWhukgBkZMpv8s55Oxlqw6G6Hy63q0SYuf
hVIe94Kj/zfjVetKzhLX8b9o4dzMMV9p0xAjrDYDwZLPgOr81qRSbj6tUSfIS/DB
nytJiCIR9PHXIDyPvyRsUkwq6wxdL15FzXd97Ais1iM0bSSb/DPYWrrXmgcA0tBZ
R2T2BpsQcHX/lYPqSX1B1UnJoS0pDPrYznOOfUB9BQzOlDnsWT1VPZ+nov0pU5UG
GFY7CeMiyb9hHb54hLMPKaTg7QIDAQABo4IClTCCApEwHQYDVR0OBBYEFMW7WkfM
ZQAWd1Luzjvfkk9B4xmVMB8GA1UdIwQYMBaAFAonfSapwkArihzUV3k15PPCWcGf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjVGNy80NEZDRTU2OEM3
ODQxMUVCQUQ0Qzk2NTlDNEY5QUUwMi9DaWQ5SnFuQ1FDdUtITlJYZVRYazg4Slp3
WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NpZDlKcW5DUUN1S0hOUlhlVFhrODhKWndaOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUY1RjcvNDRGQ0U1NjhDNzg0MTFFQkFENEM5NjU5QzRGOUFFMDIvRTIzMjNERTRD
N0E0MTFFQzg2NjdCOTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnZc4wDQYJKoZIhvcNAQELBQADggEBACQz+/c2YoU68hoO
xtjWXgOpSzXU/OlehK2tzOdCj6ufAweMwGo2Gh+KQWxUnUx5ljAz1YS07w4fBcvQ
GWdTorhjnn7IVKfaSSYr+fqch/xdm5Hv+bHZ7ZA6TN7idc1g2FlHLaNfRgQvK9v6
lNkJ0cm1BO7w0I4txqBnx9eMaMoYRzC1sm7U+Wq/lV9WibAth/RyWncS+g06ANLB
vZ6AqTtlVK62hkDuDJTO1T+N3x54Ej/pWzMkuc+1acKBUIi739VVCoBLy0V3jrmk
vDOfhzzqTlqkeWG55peuzyJc9xLFdf7KWpwYtLsUV3xCfHolh9DcpbQ7i/tFHoyF
P0N7A1E=
-----END CERTIFICATE-----
Generated at Thu Oct 10 10:40:02 2024 by rpki-client on console-ams.rpki-client.org