Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/58C4D518CFE211EB976CA358C4F9AE02.roa
File: 58C4D518CFE211EB976CA358C4F9AE02.roa (raw, json)
Hash identifier: aWfwKiRZp39rGbOvWYQXrHaPPJxOKKU8n0n1gRs62wo=
Subject key identifier: 13:D5:26:44:72:DA:2F:96:90:D4:15:FD:A7:E9:46:32:3F:64:C2:37
Certificate issuer: /CN=A91BBA80/serialNumber=060F7E77C00ACBE0868DC0B8FCA23D4A5F07D77A
Certificate serial: 0B48
Authority key identifier: 06:0F:7E:77:C0:0A:CB:E0:86:8D:C0:B8:FC:A2:3D:4A:5F:07:D7:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/58C4D518CFE211EB976CA358C4F9AE02.roa
Signing time: Wed 09 Aug 2023 07:33:44 +0000
ROA not before: Wed 09 Aug 2023 07:33:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50889
IP address blocks: 103.6.210.0/24 maxlen: 24
103.6.211.0/24 maxlen: 24
121.200.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Aug 2023 07:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2888 (0xb48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BBA80/serialNumber=060F7E77C00ACBE0868DC0B8FCA23D4A5F07D77A
Validity
Not Before: Aug 9 07:33:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64d34157-dd11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:40:29:0c:59:cb:0c:6e:b5:59:91:1c:d2:6e:
7c:77:13:28:ed:ab:09:e5:cc:8f:47:39:e0:1b:a5:
4d:ea:97:90:f1:2c:24:87:07:10:41:89:b9:10:5b:
66:e0:64:b8:30:98:c4:86:c6:64:a9:f3:19:91:52:
c1:bb:a4:9e:b5:7e:a5:89:8d:fd:c6:9d:d4:63:c9:
3e:53:ac:3b:ff:3c:d0:6a:30:cf:86:91:71:c0:75:
7b:94:da:14:79:ea:ac:8d:b8:36:1a:5a:77:85:fb:
21:27:41:3d:30:a4:e8:96:24:d3:49:8e:fb:c8:f7:
cd:05:4f:b0:e7:86:b3:49:fa:66:28:56:a3:b6:f2:
87:bd:42:41:8b:98:c0:77:d6:3b:6b:61:24:00:c6:
93:63:9a:1e:36:20:d6:33:d8:0b:39:61:28:5b:f9:
a3:5d:ee:00:fd:03:e4:be:e6:38:f2:47:5f:60:28:
4f:81:ab:99:bf:e2:91:86:51:e8:62:9e:6b:6c:2d:
a5:92:59:de:53:08:cd:7d:e9:be:d8:a6:f6:b5:4c:
a4:17:ac:8c:c0:c0:fa:c3:18:eb:cd:3b:54:59:26:
d8:79:ae:ce:47:36:44:11:c9:43:74:f5:af:0f:ab:
40:86:33:d2:d6:62:da:6a:02:1b:86:23:6d:fd:2d:
3b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:D5:26:44:72:DA:2F:96:90:D4:15:FD:A7:E9:46:32:3F:64:C2:37
X509v3 Authority Key Identifier:
keyid:06:0F:7E:77:C0:0A:CB:E0:86:8D:C0:B8:FC:A2:3D:4A:5F:07:D7:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/58C4D518CFE211EB976CA358C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.6.210.0/23
121.200.45.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:6a:f6:fe:2d:52:7f:88:22:ea:d2:01:b0:bd:2a:d9:da:fd:
16:0d:4b:dc:38:3f:c1:19:b9:06:e3:fb:2b:68:02:48:72:41:
28:bd:86:0d:08:bb:66:05:00:c7:b9:fa:09:37:1e:27:e5:ca:
64:41:2b:31:68:6f:84:56:f1:94:ad:3d:4c:3f:c7:f8:13:75:
7f:4f:ff:b1:ec:34:32:4c:c4:45:68:2f:de:b0:a1:5b:5c:20:
05:e1:fc:4c:3b:b6:35:5c:20:86:16:2a:c8:c0:32:7f:e9:b1:
69:c9:7e:6a:94:fc:fe:61:c8:70:a7:b8:b4:72:ed:1a:e7:c9:
dc:df:34:9c:8b:ce:cf:34:43:c5:99:91:13:ea:6c:06:34:a2:
5b:c4:fb:54:9f:59:82:65:24:54:6b:48:09:f5:1f:e1:70:ea:
b0:0e:44:b0:21:2d:2b:7a:d0:17:b8:90:05:eb:2b:df:9c:8e:
ac:d0:72:f3:04:33:6b:44:ce:98:50:12:ef:77:53:c1:7e:7c:
08:cf:77:71:38:4e:08:16:3f:e2:b1:8f:f3:d1:9a:36:9b:ea:
44:d0:0e:33:c8:03:aa:2a:9f:dd:ad:c6:30:61:71:dc:15:b0:
ad:bc:6a:6d:ad:eb:1b:71:18:2c:59:58:ca:64:3b:38:b2:d6:
11:5f:36:c4
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICC0gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkJBODAxMTAvBgNVBAUTKDA2MEY3RTc3QzAwQUNCRTA4NjhEQzBCOEZDQTIzRDRB
NUYwN0Q3N0EwHhcNMjMwODA5MDczMzQ0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQzNDE1Ny1kZDExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsUApDFnLDG61WZEc0m58dxMo7asJ5cyPRzngG6VN6peQ8SwkhwcQQYm5EFtm
4GS4MJjEhsZkqfMZkVLBu6SetX6liY39xp3UY8k+U6w7/zzQajDPhpFxwHV7lNoU
eeqsjbg2Glp3hfshJ0E9MKToliTTSY77yPfNBU+w54azSfpmKFajtvKHvUJBi5jA
d9Y7a2EkAMaTY5oeNiDWM9gLOWEoW/mjXe4A/QPkvuY48kdfYChPgauZv+KRhlHo
Yp5rbC2lklneUwjNfem+2Kb2tUykF6yMwMD6wxjrzTtUWSbYea7ORzZEEclDdPWv
D6tAhjPS1mLaagIbhiNt/S07VQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBPVJkRy
2i+WkNQV/afpRjI/ZMI3MB8GA1UdIwQYMBaAFAYPfnfACsvgho3AuPyiPUpfB9d6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQkE4MC9COThFODFENjA1
QjkxMUVBODIwODk5NkVDNEY5QUUwMi9CZzktZDhBS3ktQ0dqY0M0X0tJOVNsOEgx
M28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JnOS1kOEFLeS1DR2pjQzRfS0k5U2w4SDEzby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkJBODAvQjk4RTgxRDYwNUI5MTFFQTgyMDg5OTZFQzRGOUFFMDIvNThDNEQ1MThD
RkUyMTFFQjk3NkNBMzU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnBtIDBAB5yC0wDQYJKoZIhvcNAQELBQADggEBAD9q9v4t
Un+IIurSAbC9Ktna/RYNS9w4P8EZuQbj+ytoAkhyQSi9hg0Iu2YFAMe5+gk3Hifl
ymRBKzFob4RW8ZStPUw/x/gTdX9P/7HsNDJMxEVoL96woVtcIAXh/Ew7tjVcIIYW
KsjAMn/psWnJfmqU/P5hyHCnuLRy7RrnydzfNJyLzs80Q8WZkRPqbAY0olvE+1Sf
WYJlJFRrSAn1H+Fw6rAORLAhLSt60Be4kAXrK9+cjqzQcvMEM2tEzphQEu93U8F+
fAjPd3E4TggWP+Kxj/PRmjab6kTQDjPIA6oqn92txjBhcdwVsK28am2t6xtxGCxZ
WMpkOziy1hFfNsQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:23 2024 by rpki-client on console-ams.rpki-client.org