Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/5D4D6294136B11ED8319D72FC4F9AE02.roa
File: 5D4D6294136B11ED8319D72FC4F9AE02.roa (raw, json)
Hash identifier: UoiBN8vgMU66xGF45KCOWXAtRpA+L+FsgWaSlOuKtnM=
Subject key identifier: BC:48:BD:56:24:AC:40:FE:51:1D:24:36:40:74:18:10:77:31:85:52
Certificate issuer: /CN=A91B1018/serialNumber=AFD0955A7DD7F9B0EC2A44A11D937207C2754A63
Certificate serial: 030B
Authority key identifier: AF:D0:95:5A:7D:D7:F9:B0:EC:2A:44:A1:1D:93:72:07:C2:75:4A:63
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r9CVWn3X-bDsKkShHZNyB8J1SmM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/5D4D6294136B11ED8319D72FC4F9AE02.roa
Signing time: Fri 19 Apr 2024 03:35:12 +0000
ROA not before: Fri 19 Apr 2024 03:35:12 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 149513
IP address blocks: 103.181.164.0/23 maxlen: 24
2400:5a60::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 25 Apr 2024 19:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 779 (0x30b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B1018/serialNumber=AFD0955A7DD7F9B0EC2A44A11D937207C2754A63
Validity
Not Before: Apr 19 03:35:12 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=6621e670-2cf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:1d:58:74:73:1d:1a:15:33:ce:1f:df:d7:fd:
14:7b:5f:e7:41:2f:00:56:21:65:da:e5:38:67:48:
53:23:be:9d:42:cb:f8:35:d4:0c:61:21:8a:80:05:
44:43:1f:4f:97:78:1f:df:3d:b3:a2:5e:b6:80:d7:
ac:47:a5:5b:5e:f1:fc:4b:6a:db:51:f6:ec:c6:90:
11:f7:dd:c2:47:b5:bc:6a:53:64:08:9a:9e:6e:b1:
5b:cc:b7:8a:c1:57:4a:1b:d3:40:eb:77:51:ed:a3:
44:19:87:f2:11:47:01:b2:7c:8f:b5:de:a6:68:05:
98:00:0a:84:de:6f:1c:7c:8f:58:ab:3e:e1:58:37:
75:ae:4a:0e:2c:d1:8a:bc:5f:9c:61:27:ab:96:c5:
88:de:72:4b:f7:80:f1:01:a7:09:5b:2f:25:77:16:
76:ea:28:7c:32:81:34:28:8f:7b:4c:df:54:91:f9:
a2:a5:70:31:6a:9c:33:d4:84:d6:de:63:7f:54:27:
b2:e1:c1:2a:32:6f:2f:73:a1:ab:68:6a:7a:01:06:
1a:a7:c8:1b:93:b3:01:1f:33:ee:ce:6a:d7:79:5d:
89:c7:13:c1:6f:87:d5:7d:47:93:f1:05:22:73:62:
34:68:0c:6e:0e:f9:f2:70:47:24:7f:86:5d:84:1f:
23:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:48:BD:56:24:AC:40:FE:51:1D:24:36:40:74:18:10:77:31:85:52
X509v3 Authority Key Identifier:
keyid:AF:D0:95:5A:7D:D7:F9:B0:EC:2A:44:A1:1D:93:72:07:C2:75:4A:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/r9CVWn3X-bDsKkShHZNyB8J1SmM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r9CVWn3X-bDsKkShHZNyB8J1SmM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/5D4D6294136B11ED8319D72FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.181.164.0/23
IPv6:
2400:5a60::/40
Signature Algorithm: sha256WithRSAEncryption
7d:79:ec:43:67:cd:1b:ad:b7:71:bf:d5:10:56:19:11:c4:46:
31:9f:5d:47:f6:05:29:2d:7f:e5:69:70:00:fa:c6:b5:05:06:
1b:83:98:ce:88:8d:f3:b4:d4:68:79:f4:fa:58:3a:e4:25:47:
72:35:dd:a1:a8:60:0a:ea:e1:86:30:02:35:c9:65:db:8c:af:
73:3d:15:fc:80:b1:2a:cd:e3:ee:b6:c6:e1:f7:fd:ea:35:b2:
39:0d:fe:90:49:92:97:5d:9b:c0:46:0c:60:20:ab:c1:2d:1f:
b9:4b:6d:82:6a:15:6f:9d:3a:69:8a:b1:19:91:5e:eb:94:30:
49:9f:34:0b:07:43:9b:45:da:ab:39:02:90:e8:05:61:8a:70:
91:8b:db:4c:41:8f:e9:b9:25:cd:4f:09:8e:a6:90:b2:cf:40:
11:d8:d5:ad:d3:67:97:d5:ad:af:b2:4c:07:a2:08:bf:a3:2a:
55:db:da:24:ff:39:a7:75:99:39:a3:45:6c:96:2b:8c:fb:a7:
29:96:2d:30:20:06:e4:f6:d5:2d:a9:06:ac:1b:d4:1d:46:f4:
e9:45:32:bb:7c:36:8f:3a:72:99:6c:a6:4d:83:cf:61:60:ab:
40:d4:55:c2:02:b1:86:69:36:1f:80:27:68:48:7d:fc:d9:eb:
4c:37:e5:26
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICAwswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjEwMTgxMTAvBgNVBAUTKEFGRDA5NTVBN0REN0Y5QjBFQzJBNDRBMTFEOTM3MjA3
QzI3NTRBNjMwHhcNMjQwNDE5MDMzNTEyWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjIxZTY3MC0yY2Y5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1h1YdHMdGhUzzh/f1/0Ue1/nQS8AViFl2uU4Z0hTI76dQsv4NdQMYSGKgAVE
Qx9Pl3gf3z2zol62gNesR6VbXvH8S2rbUfbsxpAR993CR7W8alNkCJqebrFbzLeK
wVdKG9NA63dR7aNEGYfyEUcBsnyPtd6maAWYAAqE3m8cfI9Yqz7hWDd1rkoOLNGK
vF+cYSerlsWI3nJL94DxAacJWy8ldxZ26ih8MoE0KI97TN9UkfmipXAxapwz1ITW
3mN/VCey4cEqMm8vc6GraGp6AQYap8gbk7MBHzPuzmrXeV2JxxPBb4fVfUeT8QUi
c2I0aAxuDvnycEckf4ZdhB8jewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLxIvVYk
rED+UR0kNkB0GBB3MYVSMB8GA1UdIwQYMBaAFK/QlVp91/mw7CpEoR2TcgfCdUpj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMTAxOC84ODM2RkE2MDhE
NEMxMUVDOTg4QUU4NURDNEY5QUUwMi9yOUNWV24zWC1iRHNLa1NoSFpOeUI4SjFT
bU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3I5Q1ZXbjNYLWJEc0trU2hIWk55QjhKMVNtTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjEwMTgvODgzNkZBNjA4RDRDMTFFQzk4OEFFODVEQzRGOUFFMDIvNUQ0RDYyOTQx
MzZCMTFFRDgzMTlENzJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBAFntaQwDgQCAAIwCAMGACQAWmAAMA0GCSqGSIb3DQEBCwUA
A4IBAQB9eexDZ80brbdxv9UQVhkRxEYxn11H9gUpLX/laXAA+sa1BQYbg5jOiI3z
tNRoefT6WDrkJUdyNd2hqGAK6uGGMAI1yWXbjK9zPRX8gLEqzePutsbh9/3qNbI5
Df6QSZKXXZvARgxgIKvBLR+5S22CahVvnTppirEZkV7rlDBJnzQLB0ObRdqrOQKQ
6AVhinCRi9tMQY/puSXNTwmOppCyz0AR2NWt02eX1a2vskwHogi/oypV29ok/zmn
dZk5o0VsliuM+6cpli0wIAbk9tUtqQasG9QdRvTpRTK7fDaPOnKZbKZNg89hYKtA
1FXCArGGaTYfgCdoSH382etMN+Um
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org