Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/EE8F9E6EA55211EEA06EC210C4F9AE02.roa
File: EE8F9E6EA55211EEA06EC210C4F9AE02.roa (raw, json)
Hash identifier: muw6no7VmEhIV6HOrO589JIYyg5uHT9KsSY/00nwBzQ=
Subject key identifier: DD:E6:FD:59:E8:37:4E:8B:AE:6B:17:84:16:F4:4A:BF:00:3B:E6:F7
Certificate issuer: /CN=A91B59E5/serialNumber=E47BF70254532697D20D0D3110F625370D65FA83
Certificate serial: 68
Authority key identifier: E4:7B:F7:02:54:53:26:97:D2:0D:0D:31:10:F6:25:37:0D:65:FA:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/EE8F9E6EA55211EEA06EC210C4F9AE02.roa
Signing time: Thu 28 Dec 2023 07:30:59 +0000
ROA not before: Thu 28 Dec 2023 07:30:59 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 134475
IP address blocks: 103.237.112.0/24 maxlen: 24
103.237.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jan 2024 07:42:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104 (0x68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B59E5/serialNumber=E47BF70254532697D20D0D3110F625370D65FA83
Validity
Not Before: Dec 28 07:30:59 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=658d2433-a77b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:09:53:97:ef:3d:ef:31:34:37:f8:20:d2:af:
2c:75:1f:67:51:86:68:ee:cf:9a:fa:76:e7:7c:9f:
9c:8b:98:33:1f:c4:7e:eb:26:95:5e:72:9a:da:49:
f6:86:ad:21:13:e9:85:d1:fa:42:32:64:aa:1b:21:
01:a6:1c:fa:3d:9f:58:25:23:f7:4f:80:25:1c:48:
81:8c:1b:29:87:57:99:cb:19:d0:65:7d:ae:08:58:
57:69:cd:5a:63:9a:ea:7d:05:c0:78:09:59:e5:a6:
7c:fb:90:62:8a:18:b8:04:81:ee:96:99:1b:c8:e9:
27:ca:29:33:2e:09:38:72:60:de:ee:01:7e:71:fb:
27:41:03:21:1f:23:8f:fb:73:04:d4:93:ca:4a:ea:
74:95:b9:34:2a:ae:23:cf:1e:ef:f4:f5:8a:dc:ce:
d1:bd:8a:9e:c5:d9:1d:20:bf:c4:9a:42:9a:8a:11:
db:30:7e:2f:49:65:6e:38:25:e9:05:64:70:f5:12:
4d:da:f8:4a:51:ba:9f:2d:0b:ac:21:8e:c2:fd:50:
05:74:6f:db:2d:a7:e4:5f:a4:7e:d2:94:f2:f1:35:
5a:a4:57:82:e9:fb:2c:62:81:cc:57:fc:64:af:6d:
47:4d:b5:df:19:29:d9:e0:38:99:6c:05:cf:59:96:
59:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:E6:FD:59:E8:37:4E:8B:AE:6B:17:84:16:F4:4A:BF:00:3B:E6:F7
X509v3 Authority Key Identifier:
keyid:E4:7B:F7:02:54:53:26:97:D2:0D:0D:31:10:F6:25:37:0D:65:FA:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/EE8F9E6EA55211EEA06EC210C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.237.112.0/24
103.237.114.0/24
Signature Algorithm: sha256WithRSAEncryption
03:f3:f3:50:bb:78:37:e8:b3:e8:f4:c2:45:b7:b2:7f:93:d9:
b2:2d:7e:b3:a9:78:88:20:55:0a:48:eb:59:29:78:db:b7:17:
94:a2:cb:22:05:3e:bc:1b:95:48:81:82:01:d5:dc:79:8f:7d:
52:3a:69:72:2c:3f:89:2f:3b:4a:b7:5d:cb:fb:3b:71:3b:55:
40:51:dd:19:6d:45:4d:12:ca:83:ab:8d:e9:7f:d1:92:c3:69:
05:34:21:8d:e5:39:62:cb:09:a2:1e:2d:b7:05:d7:de:14:df:
8d:40:01:af:0f:26:89:fb:df:9d:de:f0:3f:3a:31:e6:a9:94:
7a:f8:f7:2f:b7:9e:ec:31:bd:d4:a8:64:22:25:2a:9c:ba:e4:
91:bf:a5:e5:a0:e2:51:5f:33:e0:3d:bd:d3:87:31:38:d4:ef:
02:65:d0:9e:5e:6d:d1:51:2c:b5:bf:35:ab:f9:d4:7a:d7:bc:
f8:5d:a8:a2:fc:04:8c:52:44:d4:8d:8f:29:33:ca:5e:c5:59:
4f:ec:d0:7b:db:72:c6:56:0a:44:ca:bb:23:d8:48:e8:88:72:
20:03:7c:00:6d:76:a1:57:a5:59:ec:9c:2a:37:c5:44:83:e1:
1a:7d:79:91:6a:13:67:8c:cf:f7:4d:ba:e6:5a:c5:87:d1:ab:
fc:6b:b0:97
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBaDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
NTlFNTExMC8GA1UEBRMoRTQ3QkY3MDI1NDUzMjY5N0QyMEQwRDMxMTBGNjI1Mzcw
RDY1RkE4MzAeFw0yMzEyMjgwNzMwNTlaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1OGQyNDMzLWE3N2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCbCVOX7z3vMTQ3+CDSryx1H2dRhmjuz5r6dud8n5yLmDMfxH7rJpVecpraSfaG
rSET6YXR+kIyZKobIQGmHPo9n1glI/dPgCUcSIGMGymHV5nLGdBlfa4IWFdpzVpj
mup9BcB4CVnlpnz7kGKKGLgEge6WmRvI6SfKKTMuCThyYN7uAX5x+ydBAyEfI4/7
cwTUk8pK6nSVuTQqriPPHu/09YrcztG9ip7F2R0gv8SaQpqKEdswfi9JZW44JekF
ZHD1Ek3a+EpRup8tC6whjsL9UAV0b9stp+RfpH7SlPLxNVqkV4Lp+yxigcxX/GSv
bUdNtd8ZKdngOJlsBc9Zllk/AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQU3eb9Weg3
TouuaxeEFvRKvwA75vcwHwYDVR0jBBgwFoAU5Hv3AlRTJpfSDQ0xEPYlNw1l+oMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI1OUU1L0REOUYxRjdDM0Mw
MTExRUU5MUNCRTE1N0M0RjlBRTAyLzVIdjNBbFJUSnBmU0RRMHhFUFlsTncxbC1v
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNUh2M0FsUlRKcGZTRFEweEVQWWxOdzFsLW9NLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NTlFNS9ERDlGMUY3QzNDMDExMUVFOTFDQkUxNTdDNEY5QUUwMi9FRThGOUU2RUE1
NTIxMUVFQTA2RUMyMTBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAGftcAMEAGftcjANBgkqhkiG9w0BAQsFAAOCAQEAA/PzULt4
N+iz6PTCRbeyf5PZsi1+s6l4iCBVCkjrWSl427cXlKLLIgU+vBuVSIGCAdXceY99
Ujppciw/iS87Srddy/s7cTtVQFHdGW1FTRLKg6uN6X/RksNpBTQhjeU5YssJoh4t
twXX3hTfjUABrw8mifvfnd7wPzox5qmUevj3L7ee7DG91KhkIiUqnLrkkb+l5aDi
UV8z4D2904cxONTvAmXQnl5t0VEstb81q/nUete8+F2oovwEjFJE1I2PKTPKXsVZ
T+zQe9tyxlYKRMq7I9hI6IhyIAN8AG12oVelWeycKjfFRIPhGn15kWoTZ4zP9026
5lrFh9Gr/Guwlw==
-----END CERTIFICATE-----
Generated at Tue Jan 9 11:02:42 2024 by rpki-client on console-ams.rpki-client.org