Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B34B8/1391B69610F811EA8F18611FC4F9AE02/595DF42AEF6B11EBAD94EE65C4F9AE02.roa
File: 595DF42AEF6B11EBAD94EE65C4F9AE02.roa (raw, json)
Hash identifier: I+7IYzxzV13FqQl5Ed/47ZcQMQAFzF81hhf1t3KEBL4=
Subject key identifier: AE:16:D9:72:D7:88:21:84:3A:19:70:F4:DA:9D:FC:A5:DD:2F:98:B2
Certificate issuer: /CN=A91B34B8/serialNumber=97337110C75AA32C37B8E74C8CF5C340A2DD06F5
Certificate serial: 0A92
Authority key identifier: 97:33:71:10:C7:5A:A3:2C:37:B8:E7:4C:8C:F5:C3:40:A2:DD:06:F5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lzNxEMdaoyw3uOdMjPXDQKLdBvU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B34B8/1391B69610F811EA8F18611FC4F9AE02/595DF42AEF6B11EBAD94EE65C4F9AE02.roa
Signing time: Sun 02 Apr 2023 20:27:11 +0000
ROA not before: Sun 02 Apr 2023 20:27:11 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 63969
IP address blocks: 103.85.156.0/22 maxlen: 24
144.48.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 15:59:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2706 (0xa92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B34B8/serialNumber=97337110C75AA32C37B8E74C8CF5C340A2DD06F5
Validity
Not Before: Apr 2 20:27:11 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=6429e51e-d862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8d:b8:f8:06:94:e6:e9:df:27:de:42:02:d1:
4a:0a:16:ab:dd:21:db:4c:a9:a5:c2:87:52:11:7c:
93:cf:fc:14:18:c4:cb:bb:94:42:20:a8:14:61:c3:
87:61:b3:67:d8:d4:c4:05:cc:f0:90:55:a2:6d:88:
15:d2:e4:7f:3c:bf:b0:d6:4c:88:5e:b2:59:91:f7:
f1:7f:46:d1:9d:5b:b1:b3:db:76:ea:6d:2c:9c:82:
0b:64:48:1b:44:be:6b:48:42:8f:15:7f:33:f1:0e:
2d:a3:ec:b7:41:48:ac:92:8c:e1:09:18:52:fb:3d:
1e:fd:d5:0f:fa:1f:f2:ee:27:fa:58:2b:b6:81:c7:
79:07:50:7f:db:da:52:c8:0d:05:3d:ab:94:40:57:
9f:a9:a1:ff:92:00:5a:c9:c0:89:59:51:b6:79:37:
bb:ea:8b:f5:7d:6b:83:6c:5f:96:28:d5:7a:02:71:
40:b5:b3:82:de:b3:4a:2c:d0:c7:07:a7:94:93:fa:
36:45:c4:d1:39:62:f4:07:c2:1c:db:0e:fa:0c:ac:
9b:7e:cc:78:44:96:74:d6:d8:70:e6:df:8a:1c:43:
3d:47:90:91:d8:83:87:66:26:76:e4:4d:9e:34:17:
43:57:1a:a6:b0:3d:d1:3a:ce:5b:bf:21:b4:3b:f6:
91:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:16:D9:72:D7:88:21:84:3A:19:70:F4:DA:9D:FC:A5:DD:2F:98:B2
X509v3 Authority Key Identifier:
keyid:97:33:71:10:C7:5A:A3:2C:37:B8:E7:4C:8C:F5:C3:40:A2:DD:06:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B34B8/1391B69610F811EA8F18611FC4F9AE02/lzNxEMdaoyw3uOdMjPXDQKLdBvU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lzNxEMdaoyw3uOdMjPXDQKLdBvU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B34B8/1391B69610F811EA8F18611FC4F9AE02/595DF42AEF6B11EBAD94EE65C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.85.156.0/22
144.48.116.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:a9:a1:a2:48:90:93:b4:2d:9e:8d:0c:4a:d9:c0:1f:b6:75:
01:85:39:b8:4e:78:9d:a0:7e:f2:f4:a2:9c:b3:c9:40:15:bc:
f8:e4:8c:26:d9:ed:bc:a1:d7:54:fc:c8:19:22:43:2e:a6:42:
4b:b6:13:41:ec:e3:61:5c:e6:89:32:95:8f:80:b9:ba:e0:8d:
ea:04:de:fb:dc:92:00:7c:cf:f5:4e:3d:21:e5:5a:bc:13:38:
51:7d:db:3e:f5:e0:ab:7a:52:b1:1d:e1:e0:70:3e:ad:c3:26:
36:16:43:a5:95:57:ea:61:96:fc:8e:de:41:92:34:bd:91:c2:
3e:ee:d8:db:c0:c9:ea:ff:89:9e:ae:6f:21:2c:a4:db:08:d2:
ed:54:ce:a5:02:42:3d:db:47:27:fe:c7:39:64:38:ff:9b:61:
51:b5:b6:0a:72:97:59:ac:0f:ea:67:6d:ec:d6:28:f5:38:fe:
6a:b2:61:d7:3c:77:f8:9a:71:29:e5:e2:39:2d:69:9c:31:4c:
d0:6a:55:2d:7a:65:ac:1e:b9:21:b9:6f:ce:6f:ed:8b:05:f8:
36:ca:2f:dd:83:15:bf:fb:99:85:4b:66:87:aa:36:86:e6:4e:
10:60:5e:72:97:ee:36:0f:94:0b:2b:ae:9a:4b:e2:54:a6:e5:
3d:96:0d:3d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCpIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjM0QjgxMTAvBgNVBAUTKDk3MzM3MTEwQzc1QUEzMkMzN0I4RTc0QzhDRjVDMzQw
QTJERDA2RjUwHhcNMjMwNDAyMjAyNzExWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDI5ZTUxZS1kODYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz424+AaU5unfJ95CAtFKChar3SHbTKmlwodSEXyTz/wUGMTLu5RCIKgUYcOH
YbNn2NTEBczwkFWibYgV0uR/PL+w1kyIXrJZkffxf0bRnVuxs9t26m0snIILZEgb
RL5rSEKPFX8z8Q4to+y3QUiskozhCRhS+z0e/dUP+h/y7if6WCu2gcd5B1B/29pS
yA0FPauUQFefqaH/kgBaycCJWVG2eTe76ov1fWuDbF+WKNV6AnFAtbOC3rNKLNDH
B6eUk/o2RcTROWL0B8Ic2w76DKybfsx4RJZ01thw5t+KHEM9R5CR2IOHZiZ25E2e
NBdDVxqmsD3ROs5bvyG0O/aR5QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFK4W2XLX
iCGEOhlw9Nqd/KXdL5iyMB8GA1UdIwQYMBaAFJczcRDHWqMsN7jnTIz1w0Ci3Qb1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMzRCOC8xMzkxQjY5NjEw
RjgxMUVBOEYxODYxMUZDNEY5QUUwMi9sek54RU1kYW95dzN1T2RNalBYRFFLTGRC
dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2x6TnhFTWRhb3l3M3VPZE1qUFhEUUtMZEJ2VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjM0QjgvMTM5MUI2OTYxMEY4MTFFQThGMTg2MTFGQzRGOUFFMDIvNTk1REY0MkFF
RjZCMTFFQkFEOTRFRTY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnVZwDBAKQMHQwDQYJKoZIhvcNAQELBQADggEBAH+poaJI
kJO0LZ6NDErZwB+2dQGFObhOeJ2gfvL0opyzyUAVvPjkjCbZ7byh11T8yBkiQy6m
Qku2E0Hs42Fc5okylY+AubrgjeoE3vvckgB8z/VOPSHlWrwTOFF92z714Kt6UrEd
4eBwPq3DJjYWQ6WVV+phlvyO3kGSNL2Rwj7u2NvAyer/iZ6ubyEspNsI0u1UzqUC
Qj3bRyf+xzlkOP+bYVG1tgpyl1msD+pnbezWKPU4/mqyYdc8d/iacSnl4jktaZwx
TNBqVS16ZaweuSG5b85v7YsF+DbKL92DFb/7mYVLZoeqNobmThBgXnKX7jYPlAsr
rppL4lSm5T2WDT0=
-----END CERTIFICATE-----
Generated at Fri Mar 22 18:51:28 2024 by rpki-client on console-ams.rpki-client.org