Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7DFB/C8E5084CEE6F11ED8D18BD52C4F9AE02/EF7925A8EE7211ED8379F653C4F9AE02.roa
File: EF7925A8EE7211ED8379F653C4F9AE02.roa (raw, json)
Hash identifier: YDLjRzaUuKZmVNnD7Rmp8RfLWtD2EvnOLFjMivar7ik=
Subject key identifier: 9B:BC:9E:33:2F:80:42:6F:B2:2E:02:6E:2F:41:61:8A:30:E2:7B:06
Certificate issuer: /CN=A91C7DFB/serialNumber=DA137F01D70BB1D3E7512E1DE941730225D39570
Certificate serial: 02
Authority key identifier: DA:13:7F:01:D7:0B:B1:D3:E7:51:2E:1D:E9:41:73:02:25:D3:95:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2hN_AdcLsdPnUS4d6UFzAiXTlXA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7DFB/C8E5084CEE6F11ED8D18BD52C4F9AE02/EF7925A8EE7211ED8379F653C4F9AE02.roa
Signing time: Tue 09 May 2023 14:08:13 +0000
ROA not before: Tue 09 May 2023 14:08:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 151209
IP address blocks: 103.134.32.0/24 maxlen: 24
103.134.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jul 2023 14:54:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7DFB/serialNumber=DA137F01D70BB1D3E7512E1DE941730225D39570
Validity
Not Before: May 9 14:08:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645a53cd-d356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ca:1f:c7:13:fc:9c:d4:e8:b0:f5:1c:97:ab:
7f:d9:4d:ae:b4:af:62:c4:2a:5b:29:a2:bb:b8:7b:
04:ad:18:d1:0a:50:a7:63:51:80:d1:7a:84:4e:72:
3c:82:77:21:a1:18:6f:eb:5b:03:3d:89:05:5d:f7:
21:84:87:87:99:ab:84:24:c5:d0:e5:79:54:17:2a:
87:36:67:6e:5b:72:fa:f1:35:52:f8:87:3c:2e:f3:
45:64:01:3c:6f:69:39:30:c1:3c:d9:a2:a3:12:37:
0f:24:cf:f4:a0:6c:1f:5b:56:37:05:d7:fa:24:a5:
bf:92:d1:9b:64:e0:91:2f:47:5b:f0:45:4d:c6:5e:
5f:4e:e3:79:54:ae:6a:6f:75:ff:43:42:27:c5:2d:
ca:4c:15:ae:d2:60:35:e9:ad:9e:63:8d:ef:30:23:
a6:0a:cf:f5:14:16:76:1a:5e:b2:d3:72:33:cd:6c:
55:37:40:9f:45:d7:9c:25:4d:ee:6d:f5:07:29:11:
54:e5:cd:f0:c9:10:31:42:e5:b9:da:9b:f4:99:9f:
1b:e5:02:95:89:06:3e:cd:68:27:b6:82:cc:ca:14:
07:42:02:3d:09:b3:64:63:1e:56:20:84:06:e2:53:
5d:f0:5a:a7:95:17:31:91:88:31:d6:2a:9a:cd:92:
b0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:BC:9E:33:2F:80:42:6F:B2:2E:02:6E:2F:41:61:8A:30:E2:7B:06
X509v3 Authority Key Identifier:
keyid:DA:13:7F:01:D7:0B:B1:D3:E7:51:2E:1D:E9:41:73:02:25:D3:95:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7DFB/C8E5084CEE6F11ED8D18BD52C4F9AE02/2hN_AdcLsdPnUS4d6UFzAiXTlXA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2hN_AdcLsdPnUS4d6UFzAiXTlXA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7DFB/C8E5084CEE6F11ED8D18BD52C4F9AE02/EF7925A8EE7211ED8379F653C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.32.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:37:dc:4f:02:e9:8c:64:c6:1b:e9:db:74:b3:ca:88:13:97:
8e:39:40:7f:fd:b3:be:a8:3a:9a:2b:69:60:9a:81:ba:41:fa:
d0:34:c0:73:85:ec:60:d3:7c:46:15:95:da:a2:d2:e1:b8:1b:
06:a7:c0:db:e1:b1:8e:62:da:da:dd:fa:6b:46:08:38:0d:cf:
3f:09:06:d3:15:bc:d1:5a:be:29:aa:a0:bc:76:9a:bb:63:64:
24:62:e4:2c:55:9d:d7:74:71:f8:a7:42:0b:72:a1:8c:dc:88:
e9:8b:2a:34:3f:db:c4:b3:e2:78:1a:a8:51:b4:b3:34:79:58:
21:18:92:44:81:86:aa:9c:44:36:b9:48:c3:92:e8:69:3e:8c:
7b:09:ef:dd:09:f7:26:02:14:ca:43:57:79:0a:e3:71:d1:2b:
f2:74:de:51:45:51:a9:d8:64:1d:19:4c:69:9e:f7:66:4b:e2:
69:80:ca:bc:37:58:33:47:f9:6a:58:3b:13:5f:9d:f4:ef:26:
93:69:8e:39:20:90:14:3c:71:51:26:75:c8:b9:43:19:72:7c:
2c:f9:a0:4c:62:5a:95:12:67:bc:84:07:72:d0:f4:c0:17:c7:
c8:db:95:59:7d:72:91:3c:57:ab:cc:43:2c:17:d8:b4:59:35:
ac:24:21:40
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
N0RGQjExMC8GA1UEBRMoREExMzdGMDFENzBCQjFEM0U3NTEyRTFERTk0MTczMDIy
NUQzOTU3MDAeFw0yMzA1MDkxNDA4MTNaFw0yNDA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NWE1M2NkLWQzNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDSyh/HE/yc1Oiw9RyXq3/ZTa60r2LEKlsporu4ewStGNEKUKdjUYDReoROcjyC
dyGhGG/rWwM9iQVd9yGEh4eZq4QkxdDleVQXKoc2Z25bcvrxNVL4hzwu80VkATxv
aTkwwTzZoqMSNw8kz/SgbB9bVjcF1/okpb+S0Ztk4JEvR1vwRU3GXl9O43lUrmpv
df9DQifFLcpMFa7SYDXprZ5jje8wI6YKz/UUFnYaXrLTcjPNbFU3QJ9F15wlTe5t
9QcpEVTlzfDJEDFC5bnam/SZnxvlApWJBj7NaCe2gszKFAdCAj0Js2RjHlYghAbi
U13wWqeVFzGRiDHWKprNkrARAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUm7yeMy+A
Qm+yLgJuL0FhijDiewYwHwYDVR0jBBgwFoAU2hN/AdcLsdPnUS4d6UFzAiXTlXAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3REZCL0M4RTUwODRDRUU2
RjExRUQ4RDE4QkQ1MkM0RjlBRTAyLzJoTl9BZGNMc2RQblVTNGQ2VUZ6QWlYVGxY
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMmhOX0FkY0xzZFBuVVM0ZDZVRnpBaVhUbFhBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
N0RGQi9DOEU1MDg0Q0VFNkYxMUVEOEQxOEJENTJDNEY5QUUwMi9FRjc5MjVBOEVF
NzIxMUVEODM3OUY2NTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWeGIDANBgkqhkiG9w0BAQsFAAOCAQEAvTfcTwLpjGTGG+nb
dLPKiBOXjjlAf/2zvqg6mitpYJqBukH60DTAc4XsYNN8RhWV2qLS4bgbBqfA2+Gx
jmLa2t36a0YIOA3PPwkG0xW80Vq+KaqgvHaau2NkJGLkLFWd13Rx+KdCC3KhjNyI
6YsqND/bxLPieBqoUbSzNHlYIRiSRIGGqpxENrlIw5LoaT6Mewnv3Qn3JgIUykNX
eQrjcdEr8nTeUUVRqdhkHRlMaZ73ZkviaYDKvDdYM0f5alg7E1+d9O8mk2mOOSCQ
FDxxUSZ1yLlDGXJ8LPmgTGJalRJnvIQHctD0wBfHyNuVWX1ykTxXq8xDLBfYtFk1
rCQhQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:25 2024 by rpki-client on console-ams.rpki-client.org