Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA867/816E7462197F11EF8D16684FC4F9AE02/CD7F03AC199411EF9F001610C4F9AE02.roa
File: CD7F03AC199411EF9F001610C4F9AE02.roa (raw, json)
Hash identifier: 6xn/XL0UX+S7rLAhkedXueif8pTM2dQkM3TkgBeiE1c=
Subject key identifier: 25:51:60:86:C8:15:71:44:6E:82:5E:69:6A:92:A6:FC:81:E7:F5:FA
Certificate issuer: /CN=A91BA867/serialNumber=75A40CED24ACAD62C58AB28EA0E0F7C5E5E1C788
Certificate serial: 0D
Authority key identifier: 75:A4:0C:ED:24:AC:AD:62:C5:8A:B2:8E:A0:E0:F7:C5:E5:E1:C7:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/daQM7SSsrWLFirKOoOD3xeXhx4g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BA867/816E7462197F11EF8D16684FC4F9AE02/CD7F03AC199411EF9F001610C4F9AE02.roa
Signing time: Thu 30 May 2024 02:34:40 +0000
ROA not before: Thu 30 May 2024 02:34:40 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 152712
IP address blocks: 103.49.122.0/23 maxlen: 23
103.49.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 May 2024 07:44:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13 (0xd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BA867/serialNumber=75A40CED24ACAD62C58AB28EA0E0F7C5E5E1C788
Validity
Not Before: May 30 02:34:40 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6657e5c0-7cee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0f:a2:5c:7e:6f:ca:a0:57:be:91:a4:10:0a:
5b:7e:0c:e1:27:4f:e8:cd:b9:53:a9:58:78:4c:67:
bb:37:c8:f3:56:a9:bd:7c:71:f6:6a:c7:79:37:f9:
91:3d:19:fc:76:9e:a0:2f:7b:7c:1d:45:dd:9b:61:
1f:63:9f:33:78:9c:be:6f:2d:0f:d5:48:0d:92:f7:
69:4a:08:e4:99:ff:fe:07:b4:9f:52:bd:1b:d3:12:
67:ff:56:47:7b:ae:ff:0e:b9:05:a7:63:bd:ae:c7:
4c:5e:55:78:70:b4:a3:f6:c7:90:0d:14:d4:14:b1:
8b:99:33:6c:61:b6:19:f1:0c:1f:63:e1:96:c4:01:
8f:df:5a:e1:86:fb:96:c4:69:1b:05:24:e0:48:1b:
b0:1c:23:01:d3:87:1b:79:bb:d8:f5:1b:d6:f3:88:
42:45:59:6e:69:48:4c:49:58:9b:6a:40:39:dc:c3:
12:12:10:da:8d:40:9d:94:62:f7:e6:0d:a6:aa:79:
5f:06:1b:7e:38:26:19:f1:bb:57:2f:69:63:27:11:
e2:8f:e5:bf:d1:28:6d:eb:f6:1a:d3:51:81:62:03:
55:d1:27:d4:91:15:6a:63:31:64:9f:e8:b1:9d:13:
ca:19:f9:65:88:00:fa:c4:10:0d:1d:81:99:86:2e:
3e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:51:60:86:C8:15:71:44:6E:82:5E:69:6A:92:A6:FC:81:E7:F5:FA
X509v3 Authority Key Identifier:
keyid:75:A4:0C:ED:24:AC:AD:62:C5:8A:B2:8E:A0:E0:F7:C5:E5:E1:C7:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BA867/816E7462197F11EF8D16684FC4F9AE02/daQM7SSsrWLFirKOoOD3xeXhx4g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/daQM7SSsrWLFirKOoOD3xeXhx4g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA867/816E7462197F11EF8D16684FC4F9AE02/CD7F03AC199411EF9F001610C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.49.122.0/23
Signature Algorithm: sha256WithRSAEncryption
58:3d:9c:10:38:6d:e8:c0:a7:78:0c:a4:65:0c:ab:4d:aa:52:
3d:99:ea:b1:be:3a:b8:d9:28:70:81:6f:d1:e5:e1:4b:07:59:
fa:e7:24:04:07:de:0e:26:a3:b9:b2:e5:e7:ab:79:08:37:d4:
37:2c:08:e1:a4:83:b7:f4:72:f2:30:90:87:2a:71:67:ca:00:
23:76:88:9f:df:54:80:76:d7:c5:af:7e:8e:5a:4e:08:33:76:
b3:bc:99:53:96:c4:bb:36:de:01:17:45:3c:08:88:60:38:0c:
13:30:d5:e8:e9:07:6c:68:7c:31:a1:d1:75:c2:c2:4e:2b:9c:
24:87:48:9c:8e:e0:ae:e4:d0:67:30:98:0e:70:6b:ec:ff:8f:
58:e2:c5:5a:41:0d:51:72:c3:71:ba:27:c4:f1:af:5b:7d:b5:
34:0e:0f:9e:9f:a7:0f:2a:39:a6:aa:42:ef:30:51:6f:c3:17:
05:68:f9:e8:05:7c:fa:e9:dc:96:7b:36:14:37:c0:8f:25:47:
75:2d:a7:6d:57:d3:ed:c6:ef:bc:4f:c1:cc:40:8e:7d:0b:8a:
55:a5:b0:ee:9d:4f:50:16:bf:fb:1e:2f:1d:e9:5d:50:b5:62:
0d:4f:be:f6:ee:a4:64:83:14:94:52:6f:f5:fc:18:90:b7:a6:
3b:3f:b5:f7
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBDTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
QTg2NzExMC8GA1UEBRMoNzVBNDBDRUQyNEFDQUQ2MkM1OEFCMjhFQTBFMEY3QzVF
NUUxQzc4ODAeFw0yNDA1MzAwMjM0NDBaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NTdlNWMwLTdjZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2D6Jcfm/KoFe+kaQQClt+DOEnT+jNuVOpWHhMZ7s3yPNWqb18cfZqx3k3+ZE9
Gfx2nqAve3wdRd2bYR9jnzN4nL5vLQ/VSA2S92lKCOSZ//4HtJ9SvRvTEmf/Vkd7
rv8OuQWnY72ux0xeVXhwtKP2x5ANFNQUsYuZM2xhthnxDB9j4ZbEAY/fWuGG+5bE
aRsFJOBIG7AcIwHThxt5u9j1G9bziEJFWW5pSExJWJtqQDncwxISENqNQJ2UYvfm
DaaqeV8GG344Jhnxu1cvaWMnEeKP5b/RKG3r9hrTUYFiA1XRJ9SRFWpjMWSf6LGd
E8oZ+WWIAPrEEA0dgZmGLj5PAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUJVFghsgV
cURugl5papKm/IHn9fowHwYDVR0jBBgwFoAUdaQM7SSsrWLFirKOoOD3xeXhx4gw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJBODY3LzgxNkU3NDYyMTk3
RjExRUY4RDE2Njg0RkM0RjlBRTAyL2RhUU03U1NzcldMRmlyS09vT0QzeGVYaHg0
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZGFRTTdTU3NyV0xGaXJLT29PRDN4ZVhoeDRnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
QTg2Ny84MTZFNzQ2MjE5N0YxMUVGOEQxNjY4NEZDNEY5QUUwMi9DRDdGMDNBQzE5
OTQxMUVGOUYwMDE2MTBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcxejANBgkqhkiG9w0BAQsFAAOCAQEAWD2cEDht6MCneAyk
ZQyrTapSPZnqsb46uNkocIFv0eXhSwdZ+uckBAfeDiajubLl56t5CDfUNywI4aSD
t/Ry8jCQhypxZ8oAI3aIn99UgHbXxa9+jlpOCDN2s7yZU5bEuzbeARdFPAiIYDgM
EzDV6OkHbGh8MaHRdcLCTiucJIdInI7gruTQZzCYDnBr7P+PWOLFWkENUXLDcbon
xPGvW321NA4Pnp+nDyo5pqpC7zBRb8MXBWj56AV8+unclns2FDfAjyVHdS2nbVfT
7cbvvE/BzECOfQuKVaWw7p1PUBa/+x4vHeldULViDU++9u6kZIMUlFJv9fwYkLem
Oz+19w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org