Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF83F/89238ECCEF4F11E99DE47F0CC4F9AE02/56DC2EBA481A11EE88FB0051C4F9AE02.roa
File: 56DC2EBA481A11EE88FB0051C4F9AE02.roa (raw, json)
Hash identifier: 5j3n7RHq40n8A+oI3XufG8s37keSHrJ3YPNkcXOqMYA=
Subject key identifier: 48:C3:12:39:6D:99:F2:58:64:07:87:6B:02:72:14:30:C5:8C:0C:9F
Certificate issuer: /CN=A91CF83F/serialNumber=929889BB5D34E860ACBF70894337A462C1D6AC2E
Certificate serial: 0BD7
Authority key identifier: 92:98:89:BB:5D:34:E8:60:AC:BF:70:89:43:37:A4:62:C1:D6:AC:2E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kpiJu1006GCsv3CJQzekYsHWrC4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CF83F/89238ECCEF4F11E99DE47F0CC4F9AE02/56DC2EBA481A11EE88FB0051C4F9AE02.roa
Signing time: Sat 02 Mar 2024 18:57:19 +0000
ROA not before: Sat 02 Mar 2024 18:57:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135019
IP address blocks: 103.205.232.0/22 maxlen: 24
2400:b140::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 26 Mar 2024 18:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3031 (0xbd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CF83F/serialNumber=929889BB5D34E860ACBF70894337A462C1D6AC2E
Validity
Not Before: Mar 2 18:57:19 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65e3768e-af5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:04:52:36:1b:2a:bc:31:b6:f3:15:bb:2a:69:
88:0e:9a:89:0f:97:bb:aa:6b:fd:96:28:95:59:57:
2a:b2:9f:75:2d:51:8d:06:6a:05:d8:5c:d5:98:5b:
87:6a:92:09:d3:de:ec:98:d9:1f:5f:7f:29:79:00:
0d:51:17:fd:00:cd:e1:3e:ce:6a:54:1e:21:c3:be:
b9:66:a5:b9:66:e5:84:78:e3:4c:99:4b:d6:76:98:
c5:cc:c3:6e:8a:89:76:2d:ac:16:ba:66:a5:3a:85:
0b:c5:0d:b0:35:7d:39:db:f5:fb:8c:56:0a:2f:00:
09:6f:c1:23:f5:29:8c:59:47:05:e0:41:85:2d:f8:
40:ca:83:d7:b5:61:b4:41:97:2e:40:2e:c3:4c:e7:
b4:bb:04:f7:ba:d9:6a:f4:35:c9:8c:9a:f7:98:fc:
e5:49:6f:2c:68:66:e8:39:b3:e3:9a:8c:09:94:08:
65:2a:30:6d:11:fd:39:74:1b:20:d4:a6:f8:dd:01:
e4:21:4a:8c:ab:ab:5b:52:76:f3:9a:53:dc:bc:3c:
a4:0c:ed:ce:cc:b0:11:6d:04:65:99:5a:90:8c:da:
f2:b9:1f:cd:24:dc:8b:8f:f9:aa:b0:ab:ac:32:12:
aa:d0:b3:10:fe:2d:d7:73:0e:64:60:65:82:d0:50:
ed:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:C3:12:39:6D:99:F2:58:64:07:87:6B:02:72:14:30:C5:8C:0C:9F
X509v3 Authority Key Identifier:
keyid:92:98:89:BB:5D:34:E8:60:AC:BF:70:89:43:37:A4:62:C1:D6:AC:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CF83F/89238ECCEF4F11E99DE47F0CC4F9AE02/kpiJu1006GCsv3CJQzekYsHWrC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kpiJu1006GCsv3CJQzekYsHWrC4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF83F/89238ECCEF4F11E99DE47F0CC4F9AE02/56DC2EBA481A11EE88FB0051C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.205.232.0/22
IPv6:
2400:b140::/32
Signature Algorithm: sha256WithRSAEncryption
62:45:e9:0a:b7:7d:05:bf:8f:4b:65:ec:39:16:61:d6:6b:85:
25:7c:e3:55:1f:f7:35:eb:20:06:ff:ed:e0:cb:51:0c:1f:96:
c1:93:0f:0c:05:4d:a4:75:f8:e5:f3:24:ce:91:61:9e:f0:35:
59:f1:e9:33:77:76:1a:3e:6f:6f:bc:55:9b:cc:c0:b6:2a:cd:
71:44:98:f6:80:c9:d2:81:3b:3b:5e:ec:2c:6e:16:ee:bc:8b:
18:22:23:10:75:86:45:f2:78:33:ee:c3:5f:45:32:8a:cc:16:
8a:18:f0:d1:fe:d6:ed:e2:f6:57:fe:f0:ac:7b:a5:84:2d:87:
bc:62:f6:d3:b2:37:da:eb:2f:16:b6:77:21:07:86:b6:95:71:
9c:c1:95:57:d0:f3:d4:7f:ea:ac:6a:35:7e:f7:2d:63:40:6b:
70:7b:16:38:a6:fd:a1:aa:ac:81:a9:65:4c:8e:21:8e:a2:d7:
14:a4:43:86:40:de:b3:95:0c:41:fb:07:84:df:30:05:57:ea:
51:4c:66:2c:b6:9c:4a:1d:ad:5e:bc:f5:68:30:62:1a:e9:f0:
38:e5:f0:44:f6:f7:2d:0c:9d:14:d7:38:db:d2:c8:14:96:87:
45:eb:75:0b:a2:c1:c3:29:6b:73:f9:45:d1:89:ac:6e:97:1e:
29:ac:44:ea
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC9cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0Y4M0YxMTAvBgNVBAUTKDkyOTg4OUJCNUQzNEU4NjBBQ0JGNzA4OTQzMzdBNDYy
QzFENkFDMkUwHhcNMjQwMzAyMTg1NzE5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUzNzY4ZS1hZjVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxQRSNhsqvDG28xW7KmmIDpqJD5e7qmv9liiVWVcqsp91LVGNBmoF2FzVmFuH
apIJ097smNkfX38peQANURf9AM3hPs5qVB4hw765ZqW5ZuWEeONMmUvWdpjFzMNu
iol2LawWumalOoULxQ2wNX052/X7jFYKLwAJb8Ej9SmMWUcF4EGFLfhAyoPXtWG0
QZcuQC7DTOe0uwT3utlq9DXJjJr3mPzlSW8saGboObPjmowJlAhlKjBtEf05dBsg
1Kb43QHkIUqMq6tbUnbzmlPcvDykDO3OzLARbQRlmVqQjNryuR/NJNyLj/mqsKus
MhKq0LMQ/i3Xcw5kYGWC0FDtTwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFEjDEjlt
mfJYZAeHawJyFDDFjAyfMB8GA1UdIwQYMBaAFJKYibtdNOhgrL9wiUM3pGLB1qwu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjgzRi84OTIzOEVDQ0VG
NEYxMUU5OURFNDdGMENDNEY5QUUwMi9rcGlKdTEwMDZHQ3N2M0NKUXpla1lzSFdy
QzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2twaUp1MTAwNkdDc3YzQ0pRemVrWXNIV3JDNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0Y4M0YvODkyMzhFQ0NFRjRGMTFFOTlERTQ3RjBDQzRGOUFFMDIvNTZEQzJFQkE0
ODFBMTFFRTg4RkIwMDUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnzegwDQQCAAIwBwMFACQAsUAwDQYJKoZIhvcNAQELBQAD
ggEBAGJF6Qq3fQW/j0tl7DkWYdZrhSV841Uf9zXrIAb/7eDLUQwflsGTDwwFTaR1
+OXzJM6RYZ7wNVnx6TN3dho+b2+8VZvMwLYqzXFEmPaAydKBOzte7CxuFu68ixgi
IxB1hkXyeDPuw19FMorMFooY8NH+1u3i9lf+8Kx7pYQth7xi9tOyN9rrLxa2dyEH
hraVcZzBlVfQ89R/6qxqNX73LWNAa3B7Fjim/aGqrIGpZUyOIY6i1xSkQ4ZA3rOV
DEH7B4TfMAVX6lFMZiy2nEodrV689WgwYhrp8Djl8ET29y0MnRTXONvSyBSWh0Xr
dQuiwcMpa3P5RdGJrG6XHimsROo=
-----END CERTIFICATE-----
Generated at Tue Mar 26 23:06:39 2024 by rpki-client on console-fra.rpki-client.org