Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D7C1D/A8070AF28AF011EAA9528309C4F9AE02/33FB1B84DD5D11EA9D6FE136C4F9AE02.roa
File: 33FB1B84DD5D11EA9D6FE136C4F9AE02.roa (raw, json)
Hash identifier: 4C4EimxQxgCely6Gl5cfIRtGUFjxHO5qztgZM23ujCA=
Subject key identifier: 3E:15:1A:0B:39:1D:47:8B:CD:75:00:75:41:64:E8:28:97:42:65:ED
Certificate issuer: /CN=A91D7C1D/serialNumber=A8AEA9B2930A614D5CA31AB9F7E84379361A2F43
Certificate serial: 0825
Authority key identifier: A8:AE:A9:B2:93:0A:61:4D:5C:A3:1A:B9:F7:E8:43:79:36:1A:2F:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qK6pspMKYU1coxq59-hDeTYaL0M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D7C1D/A8070AF28AF011EAA9528309C4F9AE02/33FB1B84DD5D11EA9D6FE136C4F9AE02.roa
Signing time: Fri 02 Jun 2023 22:34:45 +0000
ROA not before: Fri 02 Jun 2023 22:34:45 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 140607
IP address blocks: 103.150.242.0/24 maxlen: 24
103.150.243.0/24 maxlen: 24
2400:d860::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2085 (0x825)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D7C1D/serialNumber=A8AEA9B2930A614D5CA31AB9F7E84379361A2F43
Validity
Not Before: Jun 2 22:34:45 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=647a6e85-7e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:35:6d:32:af:e4:9a:9c:6a:58:38:33:4d:2d:
7e:39:0f:a8:50:1f:6c:1b:74:b8:6a:32:12:52:1a:
d7:a0:85:d4:f6:b9:bd:21:6f:f9:85:8c:1f:14:66:
f7:9a:ae:f5:2d:2d:68:16:72:fd:46:75:d6:05:35:
4b:5d:49:1d:cb:f6:4c:8d:1d:a1:fd:47:9d:a0:0d:
04:8d:e5:7b:31:35:d5:52:2a:4e:d8:92:bd:58:de:
a3:af:64:77:91:83:84:83:6a:7b:a0:bf:9a:34:5d:
f6:df:e4:c9:7c:fb:12:c1:26:54:26:a0:50:b7:76:
36:b3:bb:57:ec:ff:7f:71:c1:be:2e:b4:26:94:f5:
8c:13:d7:76:0b:c9:ec:dc:dd:bb:ba:22:ca:44:b9:
c4:68:a2:91:aa:85:06:e1:1b:50:c1:5f:f5:6d:4d:
33:0f:e5:cd:1a:02:84:55:70:ab:1b:d4:c2:a0:e8:
33:ff:ce:44:9b:aa:29:96:f6:77:02:2d:41:d2:33:
3f:17:d9:5c:5a:0d:2e:aa:76:20:4d:54:03:eb:be:
b0:5f:22:6e:97:16:df:00:4f:8f:41:cf:fc:ea:94:
fa:a4:c6:7c:64:bf:ea:37:27:d7:61:e3:f3:bb:14:
a4:23:20:c2:5b:7e:78:19:3a:1c:05:74:25:97:5c:
e7:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:15:1A:0B:39:1D:47:8B:CD:75:00:75:41:64:E8:28:97:42:65:ED
X509v3 Authority Key Identifier:
keyid:A8:AE:A9:B2:93:0A:61:4D:5C:A3:1A:B9:F7:E8:43:79:36:1A:2F:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D7C1D/A8070AF28AF011EAA9528309C4F9AE02/qK6pspMKYU1coxq59-hDeTYaL0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qK6pspMKYU1coxq59-hDeTYaL0M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D7C1D/A8070AF28AF011EAA9528309C4F9AE02/33FB1B84DD5D11EA9D6FE136C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.150.242.0/23
IPv6:
2400:d860::/32
Signature Algorithm: sha256WithRSAEncryption
3f:90:90:38:e1:4c:0f:8a:b9:38:df:c5:85:2e:df:7c:64:c1:
d1:d5:69:82:a5:e1:02:26:20:d9:f8:d7:58:7c:ba:b0:c0:93:
a6:69:3c:a3:20:15:41:7d:5e:16:b0:05:23:65:09:dc:2f:c7:
7f:0d:62:31:3d:84:7c:57:4a:0b:27:4c:81:f1:c4:02:3d:ab:
40:88:cc:6f:2d:7d:fc:87:d6:ae:71:6d:b3:f3:0e:6c:87:22:
24:9e:94:e1:23:47:fd:4d:8f:a4:a1:55:b2:62:be:d9:ab:a6:
46:7f:33:70:b5:8a:12:17:63:8e:88:41:b9:0f:cf:41:20:63:
5c:ff:35:80:0a:39:e1:41:b6:f0:7f:a3:32:68:94:3f:e4:f2:
9a:d1:87:97:99:82:cd:38:d3:c0:2a:21:cd:75:6f:65:62:f5:
10:8f:5b:ae:df:16:e8:cf:5c:5a:a7:b7:61:e5:91:80:ed:55:
26:14:52:fa:5c:6d:63:fc:f8:dc:49:ca:4a:0a:2a:ef:d6:c3:
53:c8:ca:8d:6f:aa:34:33:d9:06:0e:92:8f:42:84:5d:66:d7:
97:83:f4:68:fa:7a:af:98:85:36:89:cd:2f:1e:1c:61:3f:7a:
25:23:ce:1d:6d:0b:e8:e9:72:fc:f8:ad:73:4e:22:cb:e3:cc:
3d:94:12:c9
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCCUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDdDMUQxMTAvBgNVBAUTKEE4QUVBOUIyOTMwQTYxNEQ1Q0EzMUFCOUY3RTg0Mzc5
MzYxQTJGNDMwHhcNMjMwNjAyMjIzNDQ1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdhNmU4NS03ZTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArjVtMq/kmpxqWDgzTS1+OQ+oUB9sG3S4ajISUhrXoIXU9rm9IW/5hYwfFGb3
mq71LS1oFnL9RnXWBTVLXUkdy/ZMjR2h/UedoA0EjeV7MTXVUipO2JK9WN6jr2R3
kYOEg2p7oL+aNF323+TJfPsSwSZUJqBQt3Y2s7tX7P9/ccG+LrQmlPWME9d2C8ns
3N27uiLKRLnEaKKRqoUG4RtQwV/1bU0zD+XNGgKEVXCrG9TCoOgz/85Em6oplvZ3
Ai1B0jM/F9lcWg0uqnYgTVQD676wXyJulxbfAE+PQc/86pT6pMZ8ZL/qNyfXYePz
uxSkIyDCW354GTocBXQll1zn5QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFD4VGgs5
HUeLzXUAdUFk6CiXQmXtMB8GA1UdIwQYMBaAFKiuqbKTCmFNXKMauffoQ3k2Gi9D
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEN0MxRC9BODA3MEFGMjhB
RjAxMUVBQTk1MjgzMDlDNEY5QUUwMi9xSzZwc3BNS1lVMWNveHE1OS1oRGVUWWFM
ME0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FLNnBzcE1LWVUxY294cTU5LWhEZVRZYUwwTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDdDMUQvQTgwNzBBRjI4QUYwMTFFQUE5NTI4MzA5QzRGOUFFMDIvMzNGQjFCODRE
RDVEMTFFQTlENkZFMTM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnlvIwDQQCAAIwBwMFACQA2GAwDQYJKoZIhvcNAQELBQAD
ggEBAD+QkDjhTA+KuTjfxYUu33xkwdHVaYKl4QImINn411h8urDAk6ZpPKMgFUF9
XhawBSNlCdwvx38NYjE9hHxXSgsnTIHxxAI9q0CIzG8tffyH1q5xbbPzDmyHIiSe
lOEjR/1Nj6ShVbJivtmrpkZ/M3C1ihIXY46IQbkPz0EgY1z/NYAKOeFBtvB/ozJo
lD/k8prRh5eZgs0408AqIc11b2Vi9RCPW67fFujPXFqnt2HlkYDtVSYUUvpcbWP8
+NxJykoKKu/Ww1PIyo1vqjQz2QYOko9ChF1m15eD9Gj6eq+YhTaJzS8eHGE/eiUj
zh1tC+jpcvz4rXNOIsvjzD2UEsk=
-----END CERTIFICATE-----
Generated at Sun Dec 10 10:06:08 2023 by rpki-client on console-fra.rpki-client.org