Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CBE2E/D8ABAFE8D0FB11ECA27AF22FC4F9AE02/5901357CDC3811EC8AA80713C4F9AE02.roa
File: 5901357CDC3811EC8AA80713C4F9AE02.roa (raw, json)
Hash identifier: UtcasHppGoiEmq3iXESSMCKWnD1s5U9Kov7lujP0n4U=
Subject key identifier: 20:FE:0E:E7:89:B4:3E:C5:04:7E:86:BF:CD:68:0C:9A:5B:9B:DD:BC
Certificate issuer: /CN=A91CBE2E/serialNumber=858A27CB5C04CADFAEFDB893BF06E1A7B7D9F1C1
Certificate serial: 36
Authority key identifier: 85:8A:27:CB:5C:04:CA:DF:AE:FD:B8:93:BF:06:E1:A7:B7:D9:F1:C1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hYony1wEyt-u_biTvwbhp7fZ8cE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CBE2E/D8ABAFE8D0FB11ECA27AF22FC4F9AE02/5901357CDC3811EC8AA80713C4F9AE02.roa
Signing time: Sat 04 Jun 2022 13:00:53 +0000
ROA not before: Sat 04 Jun 2022 13:00:53 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 149807
IP address blocks: 103.186.218.0/24 maxlen: 24
103.186.219.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54 (0x36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CBE2E/serialNumber=858A27CB5C04CADFAEFDB893BF06E1A7B7D9F1C1
Validity
Not Before: Jun 4 13:00:53 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=629b5785-2921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e9:8c:69:2d:e4:ef:7d:c5:7e:09:71:58:31:
0e:c0:4b:ab:ab:98:2b:bc:e7:f5:83:77:d6:3a:ec:
19:9e:a3:86:2e:fd:77:70:88:dc:c7:ae:00:3c:c8:
9f:5c:b1:d9:00:5e:68:bd:61:e5:76:d2:90:c7:0f:
e4:83:91:c0:29:62:91:8a:91:67:61:4c:07:4c:25:
c0:94:5e:eb:ff:56:41:a7:a1:b5:d0:7e:97:bb:38:
f9:ad:50:02:c8:a8:81:db:59:74:79:de:b7:ba:79:
27:a0:b7:35:29:f5:c1:79:a5:a2:8e:18:16:ae:3c:
72:a7:70:ca:7d:f6:26:0c:c9:ea:08:47:89:a1:62:
63:35:4b:d0:0c:20:c2:79:ce:ab:2f:98:2a:a2:a3:
b9:a7:d8:e0:b2:01:bb:19:21:01:ac:db:6b:28:23:
d7:a7:22:5a:d2:74:3b:c7:d7:1e:b8:45:7c:6e:13:
13:fc:d1:24:3c:ef:78:02:78:6e:69:3f:d4:65:32:
c2:72:9e:b5:0e:02:90:da:b1:6a:eb:68:fa:fb:29:
0e:bf:7c:35:32:1e:41:20:33:a3:18:07:0c:bb:f1:
10:86:33:1e:fc:3a:3c:b9:c9:ee:56:66:e1:06:13:
e5:36:1f:69:b2:4a:e0:c1:ca:ad:e2:46:14:35:53:
86:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:FE:0E:E7:89:B4:3E:C5:04:7E:86:BF:CD:68:0C:9A:5B:9B:DD:BC
X509v3 Authority Key Identifier:
keyid:85:8A:27:CB:5C:04:CA:DF:AE:FD:B8:93:BF:06:E1:A7:B7:D9:F1:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CBE2E/D8ABAFE8D0FB11ECA27AF22FC4F9AE02/hYony1wEyt-u_biTvwbhp7fZ8cE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hYony1wEyt-u_biTvwbhp7fZ8cE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CBE2E/D8ABAFE8D0FB11ECA27AF22FC4F9AE02/5901357CDC3811EC8AA80713C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.186.218.0/23
Signature Algorithm: sha256WithRSAEncryption
12:ae:e6:5d:a8:37:50:7d:dc:32:2b:28:73:b2:c1:1e:83:d3:
0c:c0:f7:d6:ca:75:30:d3:99:bb:41:cd:95:dc:65:dd:76:48:
ac:fe:5a:9a:a6:61:5f:da:92:92:87:d6:d4:66:12:df:b4:0f:
28:74:8a:7b:db:91:d1:73:ca:9e:aa:7a:99:20:21:63:fc:74:
af:c6:7f:c4:b7:94:84:fa:f2:a5:98:61:b6:36:5b:f1:b4:82:
8f:f6:89:8a:a4:a9:c9:bc:a3:ff:2c:82:f4:e4:e6:8b:77:46:
f0:5a:c9:f1:42:26:52:80:f7:98:04:4a:c0:6d:a1:34:37:cc:
19:60:81:68:c2:ed:f4:6a:4a:c5:26:ef:13:59:84:d7:0d:e1:
49:ad:f5:ce:bb:6b:83:85:6e:19:63:03:28:24:b2:95:c6:30:
cb:ab:83:a3:9c:eb:60:f4:b3:c8:c5:c6:04:5d:2c:8c:61:6c:
bb:9d:1e:b4:27:ec:31:80:2c:18:f5:6a:08:79:98:3a:67:4c:
67:ab:8d:ad:72:4b:19:d6:51:b3:6c:c4:2c:68:85:61:b6:32:
fe:70:0c:c3:df:a2:1b:e6:f8:cd:3e:b5:46:6a:4b:b1:65:99:
0f:3e:c4:24:00:c2:ba:ce:86:81:4e:a0:d3:9f:8b:4d:60:49:
d7:a8:73:95
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBNjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
QkUyRTExMC8GA1UEBRMoODU4QTI3Q0I1QzA0Q0FERkFFRkRCODkzQkYwNkUxQTdC
N0Q5RjFDMTAeFw0yMjA2MDQxMzAwNTNaFw0yMzA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyOWI1Nzg1LTI5MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDO6YxpLeTvfcV+CXFYMQ7AS6urmCu85/WDd9Y67Bmeo4Yu/XdwiNzHrgA8yJ9c
sdkAXmi9YeV20pDHD+SDkcApYpGKkWdhTAdMJcCUXuv/VkGnobXQfpe7OPmtUALI
qIHbWXR53re6eSegtzUp9cF5paKOGBauPHKncMp99iYMyeoIR4mhYmM1S9AMIMJ5
zqsvmCqio7mn2OCyAbsZIQGs22soI9enIlrSdDvH1x64RXxuExP80SQ873gCeG5p
P9RlMsJynrUOApDasWrraPr7KQ6/fDUyHkEgM6MYBwy78RCGMx78Ojy5ye5WZuEG
E+U2H2mySuDByq3iRhQ1U4ZNAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUIP4O54m0
PsUEfoa/zWgMmlub3bwwHwYDVR0jBBgwFoAUhYony1wEyt+u/biTvwbhp7fZ8cEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCRTJFL0Q4QUJBRkU4RDBG
QjExRUNBMjdBRjIyRkM0RjlBRTAyL2hZb255MXdFeXQtdV9iaVR2d2JocDdmWjhj
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaFlvbnkxd0V5dC11X2JpVHZ3YmhwN2ZaOGNFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
QkUyRS9EOEFCQUZFOEQwRkIxMUVDQTI3QUYyMkZDNEY5QUUwMi81OTAxMzU3Q0RD
MzgxMUVDOEFBODA3MTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe62jANBgkqhkiG9w0BAQsFAAOCAQEAEq7mXag3UH3cMiso
c7LBHoPTDMD31sp1MNOZu0HNldxl3XZIrP5amqZhX9qSkofW1GYS37QPKHSKe9uR
0XPKnqp6mSAhY/x0r8Z/xLeUhPrypZhhtjZb8bSCj/aJiqSpybyj/yyC9OTmi3dG
8FrJ8UImUoD3mARKwG2hNDfMGWCBaMLt9GpKxSbvE1mE1w3hSa31zrtrg4VuGWMD
KCSylcYwy6uDo5zrYPSzyMXGBF0sjGFsu50etCfsMYAsGPVqCHmYOmdMZ6uNrXJL
GdZRs2zELGiFYbYy/nAMw9+iG+b4zT61RmpLsWWZDz7EJADCus6GgU6g05+LTWBJ
16hzlQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:06 2023 by rpki-client on console-ams.rpki-client.org