Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BE096/2FBB440E334511E998C5673BC4F9AE02/E191D2B698A111EAA2040281C4F9AE02.roa
File: E191D2B698A111EAA2040281C4F9AE02.roa (raw, json)
Hash identifier: 8AtzWdbNlf6QePd1Nd2j3E3Lxf0IFakwQ45sVBs7+c4=
Subject key identifier: F5:63:E1:5F:53:62:21:2E:49:AB:B3:0C:6D:53:31:B8:D0:52:C2:8D
Certificate issuer: /CN=A91BE096/serialNumber=4ABDA24AD7BD9E8D9CEFB35938D0A878804C62E4
Certificate serial: 0F44
Authority key identifier: 4A:BD:A2:4A:D7:BD:9E:8D:9C:EF:B3:59:38:D0:A8:78:80:4C:62:E4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sr2iSte9no2c77NZONCoeIBMYuQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BE096/2FBB440E334511E998C5673BC4F9AE02/E191D2B698A111EAA2040281C4F9AE02.roa
Signing time: Wed 18 Oct 2023 18:05:42 +0000
ROA not before: Wed 18 Oct 2023 18:05:42 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 132429
IP address blocks: 103.20.232.0/23 maxlen: 23
103.75.20.0/23 maxlen: 24
202.61.106.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3908 (0xf44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BE096/serialNumber=4ABDA24AD7BD9E8D9CEFB35938D0A878804C62E4
Validity
Not Before: Oct 18 18:05:42 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65301e76-392b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a8:c0:69:41:04:d8:67:e7:90:8a:d9:8a:76:
75:e5:dc:6b:1f:d6:8f:8e:21:e5:3e:ac:a1:4a:68:
30:8c:cb:0d:ff:75:60:30:c2:a5:bb:8b:0b:f2:49:
c3:d0:96:b0:cc:cb:da:c4:e4:0b:a0:89:99:8c:f5:
6e:09:ba:c1:5c:24:c6:2e:bd:2d:91:cc:00:d2:68:
1d:31:85:dd:0e:77:b6:f6:b8:10:1a:99:7d:00:fb:
73:a6:72:c3:2d:e4:ae:6c:a2:05:3a:f3:38:d9:f0:
5e:f8:a2:60:67:f6:30:e9:a7:dc:45:78:f0:56:1f:
a6:07:da:42:0c:00:fc:b5:f4:73:03:11:08:fe:07:
d9:d7:1c:0d:a3:be:7b:f3:a0:f4:b3:0c:bb:ae:b9:
61:33:ec:c7:20:a9:20:a1:6a:9e:62:d8:c7:92:15:
a4:46:ca:93:a0:ab:c6:44:d1:6c:65:a8:5d:41:a6:
b5:9d:d3:16:48:ad:c5:0b:46:bd:f0:ea:66:3c:46:
5b:0b:8e:43:91:2c:28:84:ab:ed:20:96:ea:89:81:
cf:bb:65:97:d4:14:49:93:2c:49:07:7c:70:a2:df:
74:02:05:1e:52:3d:55:c1:72:a8:fb:4d:a1:de:7d:
89:39:0b:b5:29:ca:db:1b:e0:70:2a:c3:1e:1e:8b:
fb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:63:E1:5F:53:62:21:2E:49:AB:B3:0C:6D:53:31:B8:D0:52:C2:8D
X509v3 Authority Key Identifier:
keyid:4A:BD:A2:4A:D7:BD:9E:8D:9C:EF:B3:59:38:D0:A8:78:80:4C:62:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BE096/2FBB440E334511E998C5673BC4F9AE02/Sr2iSte9no2c77NZONCoeIBMYuQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sr2iSte9no2c77NZONCoeIBMYuQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BE096/2FBB440E334511E998C5673BC4F9AE02/E191D2B698A111EAA2040281C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.232.0/23
103.75.20.0/23
202.61.106.0/23
Signature Algorithm: sha256WithRSAEncryption
74:e5:80:1e:a5:ba:57:d7:ae:47:33:18:e4:3f:00:ed:13:06:
32:f4:4b:d1:3d:7d:19:2a:2f:e7:5d:81:03:91:d7:16:8c:94:
bf:58:54:a9:2a:4c:07:23:3a:7c:6b:c3:5b:cc:9b:ef:d2:dd:
64:3b:60:f6:16:07:34:75:24:06:c4:10:22:62:f9:81:af:13:
fd:db:c8:70:e3:dd:26:52:ea:4e:6d:e5:15:52:39:bb:78:3a:
42:54:25:8e:5f:55:0b:4f:51:da:e1:fd:2a:ce:65:d7:d9:4d:
75:f3:bb:49:c7:ec:be:2f:5c:43:30:30:d9:da:24:16:5f:37:
eb:66:99:67:c2:2a:60:ca:74:d5:e5:26:47:19:ef:be:c6:49:
2e:b2:d6:cc:42:24:e2:29:47:53:71:d9:1e:18:a0:92:b4:bd:
3a:a3:36:4b:e5:57:5c:e4:a4:c0:90:ec:08:09:6e:ac:3b:5f:
5d:1c:8e:b6:05:eb:d7:c0:58:6b:56:a9:76:5d:f7:a1:3c:51:
22:78:1e:ba:38:3b:d5:b6:42:02:59:70:1a:2e:87:22:88:32:
97:d0:76:fa:41:24:c9:04:e6:ab:3b:b2:78:a2:01:93:ad:12:
3f:40:ab:db:31:94:60:89:2d:c3:eb:5a:2e:ee:de:85:aa:ef:
8e:70:2e:0a
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICD0QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkUwOTYxMTAvBgNVBAUTKDRBQkRBMjRBRDdCRDlFOEQ5Q0VGQjM1OTM4RDBBODc4
ODA0QzYyRTQwHhcNMjMxMDE4MTgwNTQyWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTMwMWU3Ni0zOTJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw6jAaUEE2GfnkIrZinZ15dxrH9aPjiHlPqyhSmgwjMsN/3VgMMKlu4sL8knD
0JawzMvaxOQLoImZjPVuCbrBXCTGLr0tkcwA0mgdMYXdDne29rgQGpl9APtzpnLD
LeSubKIFOvM42fBe+KJgZ/Yw6afcRXjwVh+mB9pCDAD8tfRzAxEI/gfZ1xwNo757
86D0swy7rrlhM+zHIKkgoWqeYtjHkhWkRsqToKvGRNFsZahdQaa1ndMWSK3FC0a9
8OpmPEZbC45DkSwohKvtIJbqiYHPu2WX1BRJkyxJB3xwot90AgUeUj1VwXKo+02h
3n2JOQu1KcrbG+BwKsMeHov7lQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFPVj4V9T
YiEuSauzDG1TMbjQUsKNMB8GA1UdIwQYMBaAFEq9okrXvZ6NnO+zWTjQqHiATGLk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRTA5Ni8yRkJCNDQwRTMz
NDUxMUU5OThDNTY3M0JDNEY5QUUwMi9TcjJpU3RlOW5vMmM3N05aT05Db2VJQk1Z
dVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NyMmlTdGU5bm8yYzc3TlpPTkNvZUlCTVl1US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkUwOTYvMkZCQjQ0MEUzMzQ1MTFFOTk4QzU2NzNCQzRGOUFFMDIvRTE5MUQyQjY5
OEExMTFFQUEyMDQwMjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAFnFOgDBAFnSxQDBAHKPWowDQYJKoZIhvcNAQELBQADggEB
AHTlgB6lulfXrkczGOQ/AO0TBjL0S9E9fRkqL+ddgQOR1xaMlL9YVKkqTAcjOnxr
w1vMm+/S3WQ7YPYWBzR1JAbEECJi+YGvE/3byHDj3SZS6k5t5RVSObt4OkJUJY5f
VQtPUdrh/SrOZdfZTXXzu0nH7L4vXEMwMNnaJBZfN+tmmWfCKmDKdNXlJkcZ777G
SS6y1sxCJOIpR1Nx2R4YoJK0vTqjNkvlV1zkpMCQ7AgJbqw7X10cjrYF69fAWGtW
qXZd96E8USJ4Hro4O9W2QgJZcBouhyKIMpfQdvpBJMkE5qs7sniiAZOtEj9Aq9sx
lGCJLcPrWi7u3oWq745wLgo=
-----END CERTIFICATE-----
Generated at Tue Dec 12 19:37:07 2023 by rpki-client on console-fra.rpki-client.org