Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/08435F54221C11EEA0164D2FC4F9AE02.roa
File: 08435F54221C11EEA0164D2FC4F9AE02.roa (raw, json)
Hash identifier: ylq3oVUnYIBZdiDHJVpWf4tR8bdGGHN/7BniIPFzrKY=
Subject key identifier: E6:5C:71:B2:AA:0B:BC:69:BA:A8:A3:3F:46:90:50:E6:06:3C:03:4C
Certificate issuer: /CN=A91D3F8E/serialNumber=D40051BC8DDA60C932EE07769AB867BEFA8D42F6
Certificate serial: 03
Authority key identifier: D4:00:51:BC:8D:DA:60:C9:32:EE:07:76:9A:B8:67:BE:FA:8D:42:F6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ABRvI3aYMky7gd2mrhnvvqNQvY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/08435F54221C11EEA0164D2FC4F9AE02.roa
Signing time: Fri 14 Jul 2023 07:57:09 +0000
ROA not before: Fri 14 Jul 2023 07:57:09 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 134505
IP address blocks: 103.238.114.0/24 maxlen: 24
103.238.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 12:16:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D3F8E/serialNumber=D40051BC8DDA60C932EE07769AB867BEFA8D42F6
Validity
Not Before: Jul 14 07:57:09 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64b0ffd5-b9b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:1d:ef:bc:cc:fd:00:26:1b:b8:da:cc:ab:97:
ef:be:b0:21:b0:40:35:4d:45:29:df:16:e3:92:b2:
52:0b:36:66:81:ea:59:dc:77:65:50:6e:fb:6d:4d:
05:72:77:df:14:88:78:e0:97:ea:2b:78:dc:1d:81:
fe:6a:e2:bf:31:96:d7:6c:e9:fe:ff:c2:24:5f:80:
5e:fb:ce:5d:b1:98:b5:25:d9:21:fa:e4:6a:95:d4:
12:0f:4e:fc:00:8c:2d:a1:b8:05:d0:52:1d:ad:fc:
f3:ca:6f:55:aa:3f:18:17:02:04:c7:87:86:36:6d:
34:7e:33:14:a7:09:8d:c8:98:cc:20:43:11:f6:f8:
35:2e:70:82:64:44:3c:36:61:27:9f:8a:64:94:aa:
ec:d5:72:e3:d4:6a:f8:03:a6:87:b1:5f:03:2f:94:
d6:45:f1:93:d2:46:0a:66:e6:18:85:b7:dc:6d:15:
7f:93:c4:ef:be:50:2a:37:61:55:1e:60:35:1d:5e:
dc:27:c6:86:6b:91:31:5e:a9:be:54:45:7d:31:47:
96:ec:b7:75:86:27:ea:ea:02:e2:ee:b6:88:a9:69:
dd:20:09:01:e1:c6:85:83:68:31:8a:bf:d7:63:14:
ed:4f:11:49:19:e6:57:0f:8a:42:0d:fe:85:f4:19:
07:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:5C:71:B2:AA:0B:BC:69:BA:A8:A3:3F:46:90:50:E6:06:3C:03:4C
X509v3 Authority Key Identifier:
keyid:D4:00:51:BC:8D:DA:60:C9:32:EE:07:76:9A:B8:67:BE:FA:8D:42:F6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/1ABRvI3aYMky7gd2mrhnvvqNQvY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ABRvI3aYMky7gd2mrhnvvqNQvY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3F8E/6C4089BA216C11EEB28BF24CC4F9AE02/08435F54221C11EEA0164D2FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.238.114.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:9e:4e:31:9e:05:c6:a2:65:c2:82:4e:86:7d:02:a5:72:d6:
6e:dd:2f:48:2d:0d:fc:3f:3d:16:d6:bc:24:2e:9c:fc:17:0e:
d2:a6:6a:2a:f6:24:c7:30:86:c4:3d:c1:fa:0d:67:8b:86:91:
dd:14:fc:2b:f1:0e:63:cc:b6:6d:6b:7e:59:a7:74:2e:a1:d5:
99:c5:19:79:6a:19:26:ba:b5:23:dd:8b:94:7d:ed:60:63:2d:
10:f6:1e:1d:6d:47:75:a0:26:d6:b2:16:4b:37:57:82:e4:4b:
99:55:b2:25:cd:d0:68:3c:d6:6b:48:02:31:37:c8:21:6c:80:
a5:51:54:e7:a4:97:42:3e:b2:60:1b:ce:de:67:48:d4:6d:9c:
eb:0c:bc:47:50:ad:97:73:b5:7a:0c:1f:ba:4f:2b:04:1e:85:
c1:72:09:a2:08:d1:78:3e:bf:09:df:4d:7f:70:e6:e7:7e:b1:
f4:bd:d3:9f:d5:6e:a1:4a:a2:83:53:50:ca:c4:e8:59:ce:a2:
3b:68:33:23:f2:8b:e7:10:91:22:b0:c4:f1:d7:3b:91:74:e9:
7c:3a:43:0e:ea:0f:19:36:96:76:1a:f8:26:8b:67:1f:d6:b9:
33:f9:e5:94:d2:ce:9a:b9:71:f3:8c:3d:2e:74:7e:62:ee:8d:
50:5f:cd:00
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
M0Y4RTExMC8GA1UEBRMoRDQwMDUxQkM4RERBNjBDOTMyRUUwNzc2OUFCODY3QkVG
QThENDJGNjAeFw0yMzA3MTQwNzU3MDlaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0YjBmZmQ1LWI5YjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDSHe+8zP0AJhu42syrl+++sCGwQDVNRSnfFuOSslILNmaB6lncd2VQbvttTQVy
d98UiHjgl+oreNwdgf5q4r8xltds6f7/wiRfgF77zl2xmLUl2SH65GqV1BIPTvwA
jC2huAXQUh2t/PPKb1WqPxgXAgTHh4Y2bTR+MxSnCY3ImMwgQxH2+DUucIJkRDw2
YSefimSUquzVcuPUavgDpoexXwMvlNZF8ZPSRgpm5hiFt9xtFX+TxO++UCo3YVUe
YDUdXtwnxoZrkTFeqb5URX0xR5bst3WGJ+rqAuLutoipad0gCQHhxoWDaDGKv9dj
FO1PEUkZ5lcPikIN/oX0GQcZAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU5lxxsqoL
vGm6qKM/RpBQ5gY8A0wwHwYDVR0jBBgwFoAU1ABRvI3aYMky7gd2mrhnvvqNQvYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQzRjhFLzZDNDA4OUJBMjE2
QzExRUVCMjhCRjI0Q0M0RjlBRTAyLzFBQlJ2STNhWU1reTdnZDJtcmhudnZxTlF2
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMUFCUnZJM2FZTWt5N2dkMm1yaG52dnFOUXZZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
M0Y4RS82QzQwODlCQTIxNkMxMUVFQjI4QkYyNENDNEY5QUUwMi8wODQzNUY1NDIy
MUMxMUVFQTAxNjREMkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWfucjANBgkqhkiG9w0BAQsFAAOCAQEAHp5OMZ4FxqJlwoJO
hn0CpXLWbt0vSC0N/D89Fta8JC6c/BcO0qZqKvYkxzCGxD3B+g1ni4aR3RT8K/EO
Y8y2bWt+Wad0LqHVmcUZeWoZJrq1I92LlH3tYGMtEPYeHW1HdaAm1rIWSzdXguRL
mVWyJc3QaDzWa0gCMTfIIWyApVFU56SXQj6yYBvO3mdI1G2c6wy8R1Ctl3O1egwf
uk8rBB6FwXIJogjReD6/Cd9Nf3Dm536x9L3Tn9VuoUqig1NQysToWc6iO2gzI/KL
5xCRIrDE8dc7kXTpfDpDDuoPGTaWdhr4JotnH9a5M/nllNLOmrlx84w9LnR+Yu6N
UF/NAA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org