Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6504/91E06E84EFA711ED9B27356EC4F9AE02/62A1E28EEFBF11ED8772146BC4F9AE02.roa
File: 62A1E28EEFBF11ED8772146BC4F9AE02.roa (raw, json)
Hash identifier: bhMpw8DPzmrxD5cjF8cnqIknFs6j/akxRQbskkEXbpo=
Subject key identifier: BB:B9:3A:FB:D0:8D:9D:F4:04:7A:DE:4E:5C:C8:99:B0:9F:E3:C5:DC
Certificate issuer: /CN=A91C6504/serialNumber=0E44D19B7C9589B2342D051EB094493748DEEB4F
Certificate serial: 05
Authority key identifier: 0E:44:D1:9B:7C:95:89:B2:34:2D:05:1E:B0:94:49:37:48:DE:EB:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DkTRm3yVibI0LQUesJRJN0je608.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6504/91E06E84EFA711ED9B27356EC4F9AE02/62A1E28EEFBF11ED8772146BC4F9AE02.roa
Signing time: Thu 11 May 2023 05:47:59 +0000
ROA not before: Thu 11 May 2023 05:47:59 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 136993
IP address blocks: 103.69.152.0/22 maxlen: 24
180.149.236.0/24 maxlen: 24
180.149.237.0/24 maxlen: 24
180.149.238.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6504/serialNumber=0E44D19B7C9589B2342D051EB094493748DEEB4F
Validity
Not Before: May 11 05:47:59 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=645c818f-99a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:22:92:bb:86:0a:1a:57:9f:a8:84:42:76:91:
e5:26:01:86:5b:24:7a:78:e8:f3:8c:2f:20:4b:fa:
b7:eb:25:ab:86:da:7c:af:8c:7f:d0:27:f0:84:44:
b7:13:b3:de:5e:7c:85:96:52:43:a8:7d:06:68:17:
d9:2d:23:d2:93:7c:68:ad:ca:6b:02:83:9e:3e:6d:
af:ab:5f:76:2a:a7:58:2a:33:b7:df:52:47:f3:83:
95:c7:96:62:ff:d0:05:a7:9b:e5:c9:27:5c:39:82:
9f:f5:c2:e4:79:dd:ce:31:77:f8:d4:64:b7:3c:68:
10:dd:fe:3b:58:cb:37:1b:a6:d8:d4:18:e5:f5:f4:
66:57:a3:e6:c6:cf:24:4d:38:60:07:18:7e:47:5d:
8d:fa:40:81:c6:53:97:a9:d4:ff:f8:29:73:a3:6a:
80:3f:e3:d1:44:e5:d3:27:1f:30:7b:05:95:3c:c5:
2b:6d:e2:3d:d3:d5:05:c8:e0:49:0f:32:5b:0c:4d:
07:01:2b:1a:38:ba:7b:c1:8c:eb:bf:fa:6e:33:7e:
d2:a5:ff:22:e0:89:f5:65:33:cc:ea:fa:fd:78:a3:
c7:9f:4b:9a:55:d3:55:b1:82:de:82:29:c6:5c:4f:
d2:b7:85:3a:f1:11:e0:af:9c:b3:47:a9:9f:c1:b2:
ff:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B9:3A:FB:D0:8D:9D:F4:04:7A:DE:4E:5C:C8:99:B0:9F:E3:C5:DC
X509v3 Authority Key Identifier:
keyid:0E:44:D1:9B:7C:95:89:B2:34:2D:05:1E:B0:94:49:37:48:DE:EB:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6504/91E06E84EFA711ED9B27356EC4F9AE02/DkTRm3yVibI0LQUesJRJN0je608.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DkTRm3yVibI0LQUesJRJN0je608.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6504/91E06E84EFA711ED9B27356EC4F9AE02/62A1E28EEFBF11ED8772146BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.69.152.0/22
180.149.236.0/22
Signature Algorithm: sha256WithRSAEncryption
57:11:d1:01:20:bb:fa:2f:45:8e:d3:d6:63:9d:20:33:3c:fe:
e3:d7:9a:f9:3b:dc:b4:a1:60:33:78:2d:cd:1e:51:7f:64:61:
71:3d:97:5b:34:f2:40:4e:8f:8a:4e:44:73:fd:2e:61:05:0f:
fd:08:15:0e:22:2b:53:bd:ee:9a:8a:22:34:1e:65:39:c0:95:
14:35:7f:3b:f0:00:dc:44:f2:83:d0:69:28:76:9d:14:66:e2:
b3:67:3c:c8:2f:20:77:c8:a4:0b:8a:b8:6e:4c:6c:19:7e:7e:
52:ef:66:eb:79:27:1a:0e:fc:a3:3e:da:81:dc:1b:3f:af:91:
39:e8:d0:53:f7:63:8c:ac:7f:e1:77:d1:b6:73:5c:f8:c8:37:
2f:0c:f7:e5:6d:12:7e:ab:c7:f4:58:1b:2b:c2:e7:7a:a2:f7:
53:a6:e0:5c:d4:6e:4e:d4:d5:53:66:4d:0c:0d:4c:53:f9:99:
22:d5:4f:56:8d:c7:d0:28:47:02:28:e6:86:0e:ac:81:14:53:
7d:f3:21:28:75:fd:09:4c:b4:1a:25:7e:b1:2d:f8:81:fc:7b:
9d:71:9c:45:9d:f7:f1:cb:52:0d:31:05:d6:75:f8:52:0a:3c:
64:ae:e2:eb:2d:3c:e2:42:60:a5:f1:ca:f3:c9:d5:0e:af:4a:
f6:9b:b3:e5
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
NjUwNDExMC8GA1UEBRMoMEU0NEQxOUI3Qzk1ODlCMjM0MkQwNTFFQjA5NDQ5Mzc0
OERFRUI0RjAeFw0yMzA1MTEwNTQ3NTlaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NWM4MThmLTk5YTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDiIpK7hgoaV5+ohEJ2keUmAYZbJHp46POMLyBL+rfrJauG2nyvjH/QJ/CERLcT
s95efIWWUkOofQZoF9ktI9KTfGitymsCg54+ba+rX3Yqp1gqM7ffUkfzg5XHlmL/
0AWnm+XJJ1w5gp/1wuR53c4xd/jUZLc8aBDd/jtYyzcbptjUGOX19GZXo+bGzyRN
OGAHGH5HXY36QIHGU5ep1P/4KXOjaoA/49FE5dMnHzB7BZU8xStt4j3T1QXI4EkP
MlsMTQcBKxo4unvBjOu/+m4zftKl/yLgifVlM8zq+v14o8efS5pV01Wxgt6CKcZc
T9K3hTrxEeCvnLNHqZ/Bsv/FAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUu7k6+9CN
nfQEet5OXMiZsJ/jxdwwHwYDVR0jBBgwFoAUDkTRm3yVibI0LQUesJRJN0je608w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM2NTA0LzkxRTA2RTg0RUZB
NzExRUQ5QjI3MzU2RUM0RjlBRTAyL0RrVFJtM3lWaWJJMExRVWVzSlJKTjBqZTYw
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRGtUUm0zeVZpYkkwTFFVZXNKUkpOMGplNjA4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NjUwNC85MUUwNkU4NEVGQTcxMUVEOUIyNzM1NkVDNEY5QUUwMi82MkExRTI4RUVG
QkYxMUVEODc3MjE0NkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAmdFmAMEArSV7DANBgkqhkiG9w0BAQsFAAOCAQEAVxHRASC7
+i9FjtPWY50gMzz+49ea+TvctKFgM3gtzR5Rf2RhcT2XWzTyQE6Pik5Ec/0uYQUP
/QgVDiIrU73umooiNB5lOcCVFDV/O/AA3ETyg9BpKHadFGbis2c8yC8gd8ikC4q4
bkxsGX5+Uu9m63knGg78oz7agdwbP6+ROejQU/djjKx/4XfRtnNc+Mg3Lwz35W0S
fqvH9FgbK8LneqL3U6bgXNRuTtTVU2ZNDA1MU/mZItVPVo3H0ChHAijmhg6sgRRT
ffMhKHX9CUy0GiV+sS34gfx7nXGcRZ338ctSDTEF1nX4Ugo8ZK7i6y084kJgpfHK
88nVDq9K9puz5Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:06 2023 by rpki-client on console-fra.rpki-client.org