Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/DF7D72D28A8811EE986F3825C4F9AE02.roa
File: DF7D72D28A8811EE986F3825C4F9AE02.roa (raw, json)
Hash identifier: RGr8hXQMjJdFndE7Gzhb7d7xv7E7MbpTwlhT5BeLBfE=
Subject key identifier: 46:61:98:3F:26:96:51:68:1D:79:F6:77:D6:A9:22:15:03:DA:2D:72
Certificate issuer: /CN=A91BB07D/serialNumber=D4310690DCEB7EE4A18DA3579ACAD174818646A3
Certificate serial: 91
Authority key identifier: D4:31:06:90:DC:EB:7E:E4:A1:8D:A3:57:9A:CA:D1:74:81:86:46:A3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1DEGkNzrfuShjaNXmsrRdIGGRqM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/DF7D72D28A8811EE986F3825C4F9AE02.roa
Signing time: Sun 12 May 2024 04:23:12 +0000
ROA not before: Sun 12 May 2024 04:23:12 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 137443
IP address blocks: 103.117.136.0/22 maxlen: 22
2403:1a40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 21 May 2024 01:11:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145 (0x91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BB07D/serialNumber=D4310690DCEB7EE4A18DA3579ACAD174818646A3
Validity
Not Before: May 12 04:23:12 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=6640442f-7fce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7e:67:ab:54:03:3c:a2:7d:2b:2c:2a:f6:7d:
94:33:e4:55:7f:94:ff:64:05:7f:39:28:9c:3f:b1:
b3:25:c8:d4:cc:8f:52:92:f7:8b:ff:2f:1c:95:c2:
fa:c7:4f:cc:ce:78:f2:41:74:64:86:f6:84:0b:64:
50:73:67:13:fd:ed:ec:39:79:e0:eb:ec:32:f4:f1:
f2:d8:c9:fc:76:b3:f6:e9:f2:e3:0f:f8:5c:aa:62:
01:6b:ef:87:e1:c8:81:c4:28:2b:bf:47:54:9c:7e:
14:a2:54:08:00:c7:de:dd:70:7a:4d:fe:7d:4a:73:
b5:e7:85:19:74:e6:4f:df:29:46:3a:8a:0c:90:85:
9b:97:46:0e:b9:a2:97:10:82:07:fa:66:51:30:9f:
1a:be:96:82:f4:47:e0:50:4e:76:41:02:31:b0:12:
8a:9c:87:ee:be:8d:29:00:68:64:85:8d:1a:89:10:
7c:1b:2b:09:dd:19:8c:86:81:93:14:5a:32:20:ec:
7a:49:d8:88:81:ed:9f:6b:77:e1:01:8b:b8:82:30:
ec:78:7b:69:42:84:01:7a:e6:49:27:60:df:b0:2c:
77:fa:51:99:7c:29:38:eb:99:40:6a:60:4c:7e:17:
91:43:03:62:ae:06:4e:4f:dd:6d:cd:38:28:f2:83:
e1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:61:98:3F:26:96:51:68:1D:79:F6:77:D6:A9:22:15:03:DA:2D:72
X509v3 Authority Key Identifier:
keyid:D4:31:06:90:DC:EB:7E:E4:A1:8D:A3:57:9A:CA:D1:74:81:86:46:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/1DEGkNzrfuShjaNXmsrRdIGGRqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1DEGkNzrfuShjaNXmsrRdIGGRqM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/DF7D72D28A8811EE986F3825C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.117.136.0/22
IPv6:
2403:1a40::/32
Signature Algorithm: sha256WithRSAEncryption
0d:fd:03:63:3e:04:43:26:c2:b2:11:9a:92:44:3e:a3:22:43:
0e:d5:dc:33:ce:4d:7b:3d:49:48:19:cd:59:9e:2f:d7:36:f9:
4a:73:3b:c1:c8:9a:bd:fc:83:9f:3c:af:ea:5a:75:ca:3b:ad:
32:aa:fc:af:c9:a1:9e:1e:36:e5:76:8b:78:ae:cc:7b:ec:8f:
68:7d:95:37:36:27:a2:91:2a:33:a0:3b:93:2b:90:ec:5a:e0:
d6:b1:bc:d8:0e:0c:83:bd:44:49:34:cc:b4:b7:09:fd:0f:b1:
47:15:6a:f9:0d:04:dc:e5:1f:1b:9c:e0:a5:2f:a5:9f:ed:4b:
45:fd:83:07:e8:12:df:c9:47:51:c5:c8:f1:2b:24:a8:04:52:
87:a5:29:21:1a:a5:35:1c:e0:86:e5:11:74:98:ea:c2:0b:ba:
c9:de:35:71:e1:40:78:87:18:f6:bf:d4:06:dc:95:ff:d8:21:
b1:09:6c:15:b4:8b:c1:9e:54:17:eb:9e:df:c9:c7:29:8c:b7:
ce:68:7a:89:fe:80:59:41:8e:fc:a7:12:d0:5d:85:73:09:34:
ae:43:1f:2b:02:98:fd:66:51:2c:72:c1:ac:2f:b5:f9:e9:21:
b3:36:2b:f6:11:08:f6:6c:93:94:47:e2:07:29:71:21:6a:97:
e1:8d:53:1e
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAJEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkIwN0QxMTAvBgNVBAUTKEQ0MzEwNjkwRENFQjdFRTRBMThEQTM1NzlBQ0FEMTc0
ODE4NjQ2QTMwHhcNMjQwNTEyMDQyMzEyWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQwNDQyZi03ZmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvH5nq1QDPKJ9Kywq9n2UM+RVf5T/ZAV/OSicP7GzJcjUzI9SkveL/y8clcL6
x0/MznjyQXRkhvaEC2RQc2cT/e3sOXng6+wy9PHy2Mn8drP26fLjD/hcqmIBa++H
4ciBxCgrv0dUnH4UolQIAMfe3XB6Tf59SnO154UZdOZP3ylGOooMkIWbl0YOuaKX
EIIH+mZRMJ8avpaC9EfgUE52QQIxsBKKnIfuvo0pAGhkhY0aiRB8GysJ3RmMhoGT
FFoyIOx6SdiIge2fa3fhAYu4gjDseHtpQoQBeuZJJ2DfsCx3+lGZfCk465lAamBM
fheRQwNirgZOT91tzTgo8oPhJQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFEZhmD8m
llFoHXn2d9apIhUD2i1yMB8GA1UdIwQYMBaAFNQxBpDc637koY2jV5rK0XSBhkaj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjA3RC9FOUI0ODUzQzRB
QzQxMUVFOTgzOTM4NkZDNEY5QUUwMi8xREVHa056cmZ1U2hqYU5YbXNyUmRJR0dS
cU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFERUdrTnpyZnVTaGphTlhtc3JSZElHR1JxTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkIwN0QvRTlCNDg1M0M0QUM0MTFFRTk4MzkzODZGQzRGOUFFMDIvREY3RDcyRDI4
QTg4MTFFRTk4NkYzODI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJndYgwDQQCAAIwBwMFACQDGkAwDQYJKoZIhvcNAQELBQAD
ggEBAA39A2M+BEMmwrIRmpJEPqMiQw7V3DPOTXs9SUgZzVmeL9c2+UpzO8HImr38
g588r+padco7rTKq/K/JoZ4eNuV2i3iuzHvsj2h9lTc2J6KRKjOgO5MrkOxa4Nax
vNgODIO9REk0zLS3Cf0PsUcVavkNBNzlHxuc4KUvpZ/tS0X9gwfoEt/JR1HFyPEr
JKgEUoelKSEapTUc4IblEXSY6sILusneNXHhQHiHGPa/1Abclf/YIbEJbBW0i8Ge
VBfrnt/JxymMt85oeon+gFlBjvynEtBdhXMJNK5DHysCmP1mUSxywawvtfnpIbM2
K/YRCPZsk5RH4gcpcSFql+GNUx4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:58 2024 by rpki-client on console-ams.rpki-client.org