Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7DFB/C8E5084CEE6F11ED8D18BD52C4F9AE02/A5146D9A1A7A11EE93062656C4F9AE02.roa
File: A5146D9A1A7A11EE93062656C4F9AE02.roa (raw, json)
Hash identifier: EEeYBXNsA8J0QQ/53lX+VWDhuk4AsD5CjKlK+8WK/LQ=
Subject key identifier: 9D:B2:91:FE:C0:E0:DF:CA:DB:A0:C7:4C:D9:DE:EA:20:5B:81:72:67
Certificate issuer: /CN=A91C7DFB/serialNumber=DA137F01D70BB1D3E7512E1DE941730225D39570
Certificate serial: 46
Authority key identifier: DA:13:7F:01:D7:0B:B1:D3:E7:51:2E:1D:E9:41:73:02:25:D3:95:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2hN_AdcLsdPnUS4d6UFzAiXTlXA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7DFB/C8E5084CEE6F11ED8D18BD52C4F9AE02/A5146D9A1A7A11EE93062656C4F9AE02.roa
Signing time: Thu 14 Sep 2023 10:30:52 +0000
ROA not before: Thu 14 Sep 2023 10:30:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150142
IP address blocks: 103.134.32.0/24 maxlen: 24
103.134.33.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70 (0x46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7DFB/serialNumber=DA137F01D70BB1D3E7512E1DE941730225D39570
Validity
Not Before: Sep 14 10:30:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6502e0dc-0c8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:68:75:31:26:71:41:6e:71:f6:e8:cc:c4:40:
86:b5:a8:8b:34:4e:d3:44:41:fb:73:8f:a6:90:ce:
b6:4d:d8:1b:c4:ac:fb:f5:8e:e0:5a:d1:08:19:41:
a1:f5:e0:d3:c3:9e:15:7c:e0:f5:51:41:35:b4:f1:
bf:f1:51:89:46:a5:f1:d2:3f:55:29:67:4a:24:00:
bc:32:e6:4f:44:5f:7d:ce:42:6e:f7:00:85:b4:8b:
81:4a:8d:ba:b7:eb:9b:cf:8d:2a:93:ab:34:aa:2f:
b5:ed:e2:65:6d:75:2e:e3:2b:e6:af:02:b4:87:65:
c8:94:c2:2e:51:a9:24:92:dd:22:b4:1d:f9:48:a0:
03:e2:b9:54:46:0e:e2:05:0c:f7:54:11:f7:e6:d0:
87:d2:15:06:d4:a1:34:58:2e:93:4d:09:6f:1a:11:
69:d4:ec:e3:de:e9:57:09:21:7f:e8:10:9e:c9:f8:
bc:5b:50:a8:63:64:bf:b3:a0:d0:36:58:4f:51:fe:
98:0b:51:8d:06:f4:19:df:b9:0f:71:5c:9c:4d:5e:
5d:dd:e8:81:6a:61:9e:84:1a:6d:5b:38:45:ac:34:
1c:95:0f:45:eb:bb:f3:20:39:5a:2f:3d:42:6d:2d:
c4:6f:d4:00:01:4d:1a:0c:68:78:f3:c1:73:29:a8:
6e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B2:91:FE:C0:E0:DF:CA:DB:A0:C7:4C:D9:DE:EA:20:5B:81:72:67
X509v3 Authority Key Identifier:
keyid:DA:13:7F:01:D7:0B:B1:D3:E7:51:2E:1D:E9:41:73:02:25:D3:95:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7DFB/C8E5084CEE6F11ED8D18BD52C4F9AE02/2hN_AdcLsdPnUS4d6UFzAiXTlXA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2hN_AdcLsdPnUS4d6UFzAiXTlXA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7DFB/C8E5084CEE6F11ED8D18BD52C4F9AE02/A5146D9A1A7A11EE93062656C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.32.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:60:33:49:43:c2:0e:c6:46:56:fa:2a:83:37:f0:42:9d:c7:
de:a7:5a:30:d5:1f:bb:47:f8:bc:08:f0:7f:ce:01:be:06:d1:
9f:f6:12:17:62:20:04:43:cf:b8:c8:6d:3b:ac:c4:bb:91:4c:
74:b1:23:87:75:ee:3b:3d:b0:66:f7:40:04:9e:9e:15:6d:ff:
8c:9e:ec:35:e9:b7:e2:b8:a3:08:61:4d:ca:22:83:57:3b:5a:
da:a6:78:26:ab:42:69:ff:a2:87:5c:df:93:63:a6:c0:ae:8e:
33:22:05:e9:aa:78:d6:76:c2:e3:79:2c:d0:ac:5f:28:56:19:
b6:cd:d8:5b:89:44:e0:85:ca:a2:fc:ce:24:9e:74:30:6a:a6:
99:d8:cc:56:ec:25:87:d7:93:5c:20:e9:fe:16:d3:77:f3:ef:
55:94:91:39:dc:d5:a4:bf:db:7e:2d:52:9c:cc:08:88:e6:ee:
ab:cc:84:ef:94:1a:2a:3d:14:9b:4b:47:95:02:8c:c1:34:f1:
bf:ad:c4:ac:71:59:ec:be:ca:0b:32:21:ec:e8:25:73:3f:08:
c8:92:ae:39:07:6d:a5:56:3c:c8:75:4f:96:59:e5:9e:c9:f4:
29:21:01:66:7e:02:90:be:d3:bf:28:c6:4c:60:fd:33:6e:8f:
d7:56:56:30
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBRjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
N0RGQjExMC8GA1UEBRMoREExMzdGMDFENzBCQjFEM0U3NTEyRTFERTk0MTczMDIy
NUQzOTU3MDAeFw0yMzA5MTQxMDMwNTJaFw0yNDA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MDJlMGRjLTBjOGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIaHUxJnFBbnH26MzEQIa1qIs0TtNEQftzj6aQzrZN2BvErPv1juBa0QgZQaH1
4NPDnhV84PVRQTW08b/xUYlGpfHSP1UpZ0okALwy5k9EX33OQm73AIW0i4FKjbq3
65vPjSqTqzSqL7Xt4mVtdS7jK+avArSHZciUwi5RqSSS3SK0HflIoAPiuVRGDuIF
DPdUEffm0IfSFQbUoTRYLpNNCW8aEWnU7OPe6VcJIX/oEJ7J+LxbUKhjZL+zoNA2
WE9R/pgLUY0G9BnfuQ9xXJxNXl3d6IFqYZ6EGm1bOEWsNByVD0Xru/MgOVovPUJt
LcRv1AABTRoMaHjzwXMpqG7lAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUnbKR/sDg
38rboMdM2d7qIFuBcmcwHwYDVR0jBBgwFoAU2hN/AdcLsdPnUS4d6UFzAiXTlXAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3REZCL0M4RTUwODRDRUU2
RjExRUQ4RDE4QkQ1MkM0RjlBRTAyLzJoTl9BZGNMc2RQblVTNGQ2VUZ6QWlYVGxY
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMmhOX0FkY0xzZFBuVVM0ZDZVRnpBaVhUbFhBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
N0RGQi9DOEU1MDg0Q0VFNkYxMUVEOEQxOEJENTJDNEY5QUUwMi9BNTE0NkQ5QTFB
N0ExMUVFOTMwNjI2NTZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWeGIDANBgkqhkiG9w0BAQsFAAOCAQEAK2AzSUPCDsZGVvoq
gzfwQp3H3qdaMNUfu0f4vAjwf84BvgbRn/YSF2IgBEPPuMhtO6zEu5FMdLEjh3Xu
Oz2wZvdABJ6eFW3/jJ7sNem34rijCGFNyiKDVzta2qZ4JqtCaf+ih1zfk2OmwK6O
MyIF6ap41nbC43ks0KxfKFYZts3YW4lE4IXKovzOJJ50MGqmmdjMVuwlh9eTXCDp
/hbTd/PvVZSROdzVpL/bfi1SnMwIiObuq8yE75QaKj0Um0tHlQKMwTTxv63ErHFZ
7L7KCzIh7Oglcz8IyJKuOQdtpVY8yHVPllnlnsn0KSEBZn4CkL7TvyjGTGD9M26P
11ZWMA==
-----END CERTIFICATE-----
Generated at Wed Jan 3 21:19:22 2024 by rpki-client on console-ams.rpki-client.org