Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B12FB/E0D64514ED1D11ECB5FF2B24C4F9AE02/1BB004005A5F11ED87558C5DC4F9AE02.roa
File: 1BB004005A5F11ED87558C5DC4F9AE02.roa (raw, json)
Hash identifier: EPB0POPuaJnR3EAX5W3o5hMoK4zClEoq+wotK/05WWY=
Subject key identifier: AF:CC:68:7B:90:D8:7F:25:2D:AC:08:66:D9:C6:B3:87:64:94:F3:E3
Certificate issuer: /CN=A91B12FB/serialNumber=59118DD753F0530EDC2B8C3BE263BEDB0CCEBC0E
Certificate serial: 023C
Authority key identifier: 59:11:8D:D7:53:F0:53:0E:DC:2B:8C:3B:E2:63:BE:DB:0C:CE:BC:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WRGN11PwUw7cK4w74mO-2wzOvA4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B12FB/E0D64514ED1D11ECB5FF2B24C4F9AE02/1BB004005A5F11ED87558C5DC4F9AE02.roa
Signing time: Mon 29 Jul 2024 03:04:46 +0000
ROA not before: Mon 29 Jul 2024 03:04:46 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 136146
IP address blocks: 103.189.140.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 27 Oct 2024 14:09:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 572 (0x23c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B12FB/serialNumber=59118DD753F0530EDC2B8C3BE263BEDB0CCEBC0E
Validity
Not Before: Jul 29 03:04:46 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66a706ce-9a84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f3:cb:a3:9f:15:41:20:ac:d0:5b:de:46:ea:
11:e7:c0:50:a3:4a:24:78:38:b6:03:84:8d:78:49:
c3:70:d1:19:0a:79:5b:ee:97:6a:d0:0d:9e:0c:fa:
33:3a:8b:38:9e:d8:f2:3a:37:f4:8e:da:4c:49:5d:
ed:ec:53:37:19:93:99:fa:78:0d:58:2b:b6:29:90:
28:04:6d:da:4e:f7:50:d7:3c:89:67:fa:75:f1:d4:
67:a8:21:c2:ea:e5:32:39:ba:25:75:ab:7b:4d:bd:
b5:94:56:3a:df:27:fe:b5:91:5d:ef:37:bb:04:5c:
54:11:a4:5e:7c:6d:6d:b8:3f:65:2a:fd:e4:ed:69:
6e:d5:ea:4a:2d:5b:5c:47:a0:44:b5:d6:8c:a9:44:
b0:f0:60:1d:38:82:c0:84:79:cf:35:a5:8f:9b:44:
c0:4e:3f:b2:e3:ff:de:36:74:35:77:30:cc:59:39:
34:ff:1a:52:bc:08:e2:18:3a:b8:0e:d1:f0:f8:b2:
14:fc:75:70:d6:e5:3f:04:ff:0f:b3:58:27:25:88:
2e:ea:a1:c7:fd:f7:74:41:d6:33:e0:5a:05:22:07:
43:3c:2b:3e:01:e0:f5:07:cc:b1:06:f6:a7:b5:b4:
17:e1:c6:ac:e5:63:e9:e6:e5:c7:29:16:7c:34:39:
dd:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:CC:68:7B:90:D8:7F:25:2D:AC:08:66:D9:C6:B3:87:64:94:F3:E3
X509v3 Authority Key Identifier:
keyid:59:11:8D:D7:53:F0:53:0E:DC:2B:8C:3B:E2:63:BE:DB:0C:CE:BC:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B12FB/E0D64514ED1D11ECB5FF2B24C4F9AE02/WRGN11PwUw7cK4w74mO-2wzOvA4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WRGN11PwUw7cK4w74mO-2wzOvA4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B12FB/E0D64514ED1D11ECB5FF2B24C4F9AE02/1BB004005A5F11ED87558C5DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.189.140.0/23
Signature Algorithm: sha256WithRSAEncryption
58:a6:d6:c7:fc:55:9b:12:73:0f:d4:41:15:80:3d:1b:2f:3f:
4d:d3:f4:f8:3d:93:b0:b6:46:a9:a7:e9:08:d1:94:6d:73:4f:
f7:3c:07:c9:13:42:3f:7f:63:0a:60:1e:22:51:cf:71:33:4e:
26:22:da:c3:d7:39:bc:6a:20:cc:b6:39:d8:f8:77:61:90:59:
97:b1:ee:37:3b:3c:74:9d:f8:74:e3:5b:2a:95:ec:96:d3:00:
95:59:c9:fd:58:3d:30:f4:13:87:9f:96:0b:e4:3c:86:6a:2d:
c7:3e:6d:23:ef:70:7c:52:77:f6:c6:d3:5d:9a:a9:ff:60:ac:
84:30:a9:5a:6c:89:64:35:e9:8f:a8:97:2a:f7:e8:05:a6:c7:
dc:01:e4:69:b1:b6:bc:89:36:6e:d7:75:20:35:fc:aa:be:18:
bb:8b:e4:be:1d:43:cf:84:8b:48:d2:0c:ba:d4:50:d7:94:38:
32:b8:39:09:76:f2:c4:d0:83:d5:4a:a9:21:d3:9e:39:33:94:
21:8b:c7:c7:e6:8c:61:1b:b4:9d:6a:43:23:58:b8:35:61:85:
55:f6:2b:5e:9f:0f:3b:e6:88:c1:01:c2:73:ad:f1:ed:4f:1d:
a4:81:a9:1b:31:a6:8a:99:4a:ff:52:67:d5:c3:26:0e:41:9b:
6f:06:aa:c3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAjwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjEyRkIxMTAvBgNVBAUTKDU5MTE4REQ3NTNGMDUzMEVEQzJCOEMzQkUyNjNCRURC
MENDRUJDMEUwHhcNMjQwNzI5MDMwNDQ2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE3MDZjZS05YTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2vPLo58VQSCs0FveRuoR58BQo0okeDi2A4SNeEnDcNEZCnlb7pdq0A2eDPoz
Oos4ntjyOjf0jtpMSV3t7FM3GZOZ+ngNWCu2KZAoBG3aTvdQ1zyJZ/p18dRnqCHC
6uUyOboldat7Tb21lFY63yf+tZFd7ze7BFxUEaRefG1tuD9lKv3k7Wlu1epKLVtc
R6BEtdaMqUSw8GAdOILAhHnPNaWPm0TATj+y4//eNnQ1dzDMWTk0/xpSvAjiGDq4
DtHw+LIU/HVw1uU/BP8Ps1gnJYgu6qHH/fd0QdYz4FoFIgdDPCs+AeD1B8yxBvan
tbQX4cas5WPp5uXHKRZ8NDnd1QIDAQABo4IClTCCApEwHQYDVR0OBBYEFK/MaHuQ
2H8lLawIZtnGs4dklPPjMB8GA1UdIwQYMBaAFFkRjddT8FMO3CuMO+JjvtsMzrwO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMTJGQi9FMEQ2NDUxNEVE
MUQxMUVDQjVGRjJCMjRDNEY5QUUwMi9XUkdOMTFQd1V3N2NLNHc3NG1PLTJ3ek92
QTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dSR04xMVB3VXc3Y0s0dzc0bU8tMnd6T3ZBNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjEyRkIvRTBENjQ1MTRFRDFEMTFFQ0I1RkYyQjI0QzRGOUFFMDIvMUJCMDA0MDA1
QTVGMTFFRDg3NTU4QzVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnvYwwDQYJKoZIhvcNAQELBQADggEBAFim1sf8VZsScw/U
QRWAPRsvP03T9Pg9k7C2Rqmn6QjRlG1zT/c8B8kTQj9/YwpgHiJRz3EzTiYi2sPX
ObxqIMy2Odj4d2GQWZex7jc7PHSd+HTjWyqV7JbTAJVZyf1YPTD0E4eflgvkPIZq
Lcc+bSPvcHxSd/bG012aqf9grIQwqVpsiWQ16Y+olyr36AWmx9wB5GmxtryJNm7X
dSA1/Kq+GLuL5L4dQ8+Ei0jSDLrUUNeUODK4OQl28sTQg9VKqSHTnjkzlCGLx8fm
jGEbtJ1qQyNYuDVhhVX2K16fDzvmiMEBwnOt8e1PHaSBqRsxpoqZSv9SZ9XDJg5B
m28GqsM=
-----END CERTIFICATE-----
Generated at Sun Oct 27 15:59:45 2024 by rpki-client on console-fra.rpki-client.org