Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D7C1D/A8070AF28AF011EAA9528309C4F9AE02/82E3B8A8973D11EEB5A88975C4F9AE02.roa
File: 82E3B8A8973D11EEB5A88975C4F9AE02.roa (raw, json)
Hash identifier: DCZIq0YkC2HTX5weU70yu3qvVGDXCFo92EkmmF3thHc=
Subject key identifier: 86:89:C7:1B:7E:15:9E:55:FF:65:49:73:8E:8F:8A:D7:A0:BB:BE:65
Certificate issuer: /CN=A91D7C1D/serialNumber=A8AEA9B2930A614D5CA31AB9F7E84379361A2F43
Certificate serial: 088A
Authority key identifier: A8:AE:A9:B2:93:0A:61:4D:5C:A3:1A:B9:F7:E8:43:79:36:1A:2F:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qK6pspMKYU1coxq59-hDeTYaL0M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D7C1D/A8070AF28AF011EAA9528309C4F9AE02/82E3B8A8973D11EEB5A88975C4F9AE02.roa
Signing time: Sun 10 Dec 2023 09:22:28 +0000
ROA not before: Sun 10 Dec 2023 09:22:28 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 140607
IP address blocks: 103.150.242.0/24 maxlen: 24
103.150.243.0/24 maxlen: 24
2400:d860::/32 maxlen: 32
2400:d860::/43 maxlen: 43
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2186 (0x88a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D7C1D/serialNumber=A8AEA9B2930A614D5CA31AB9F7E84379361A2F43
Validity
Not Before: Dec 10 09:22:28 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65758353-d197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:62:53:9f:9b:c7:0c:a5:07:8a:fc:0a:55:d8:
f7:10:74:6f:f8:e0:49:db:d8:9a:c8:2d:25:65:d4:
a5:77:a7:be:72:29:94:91:ae:35:6b:04:b2:ab:1c:
79:d4:07:5b:38:c3:17:df:fa:e1:72:24:3e:ed:b5:
08:91:64:e5:77:51:e9:50:13:cb:d0:ec:8d:94:7c:
40:b6:e8:55:28:95:fa:9f:30:e1:81:75:68:da:e3:
d2:db:a4:fa:1e:f7:25:2d:86:2a:03:2a:a7:23:47:
53:e9:36:f4:5d:26:eb:bf:ac:7b:ee:99:7f:10:92:
00:53:92:69:56:c4:33:02:da:83:78:5b:27:23:dc:
2b:b1:a3:3d:49:25:62:a3:64:1f:6b:b1:1c:fc:2f:
ed:23:dd:c2:f9:af:58:63:ae:eb:5e:77:e5:d4:49:
60:cf:e6:5b:52:d8:e9:c5:a2:1a:f0:3d:8d:3a:c5:
6c:8d:7e:3a:6f:3b:65:0e:dd:b3:b8:21:f6:2a:1d:
9a:d4:21:93:f7:30:4e:8e:48:98:32:4a:4b:6e:41:
1c:f8:c5:ae:70:43:ea:bb:7e:96:e9:67:91:7b:74:
3b:63:cb:4a:4d:21:fc:98:e9:eb:64:a0:ca:e5:e1:
f1:b4:bc:bc:10:f3:84:28:92:64:eb:54:7c:08:ad:
8b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:89:C7:1B:7E:15:9E:55:FF:65:49:73:8E:8F:8A:D7:A0:BB:BE:65
X509v3 Authority Key Identifier:
keyid:A8:AE:A9:B2:93:0A:61:4D:5C:A3:1A:B9:F7:E8:43:79:36:1A:2F:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D7C1D/A8070AF28AF011EAA9528309C4F9AE02/qK6pspMKYU1coxq59-hDeTYaL0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qK6pspMKYU1coxq59-hDeTYaL0M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D7C1D/A8070AF28AF011EAA9528309C4F9AE02/82E3B8A8973D11EEB5A88975C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.150.242.0/23
IPv6:
2400:d860::/32
Signature Algorithm: sha256WithRSAEncryption
2b:37:61:1e:a7:4c:38:02:e8:3a:6f:05:18:90:c9:0e:7e:c6:
55:3b:d5:26:eb:fc:bc:4b:54:d5:fa:68:4e:bc:c0:00:b8:d6:
71:e5:e7:4b:89:76:9f:f0:71:e8:9b:ec:3f:fc:66:1c:ab:70:
50:19:6d:69:c7:ad:c8:cb:5b:ff:a2:51:f6:09:62:1d:5b:91:
8e:43:36:29:3f:f0:de:16:6c:8b:84:bc:20:e1:5c:e5:4b:83:
c5:05:69:d4:5a:2a:9d:ce:66:a5:3f:ca:0a:34:8d:7e:4d:4b:
ff:a7:05:2d:7c:10:e0:22:b9:13:0a:0d:04:69:41:3e:d4:cd:
db:cc:35:dc:34:88:4c:94:06:1f:c5:1f:e6:36:6b:4f:d1:84:
c3:8c:48:f8:07:e7:39:fc:3c:c1:1c:63:aa:43:15:70:ec:d9:
f5:b1:7a:48:7c:af:ef:36:5d:4d:35:19:62:50:03:b2:61:8f:
7b:4a:21:79:18:34:43:93:87:d7:c2:53:8b:4f:f1:f6:d4:3a:
0f:3d:89:41:5e:fd:6d:86:de:c0:3f:4d:bb:d8:33:eb:82:df:
cc:d8:2a:08:87:b1:7c:03:1c:4d:2a:6d:b4:01:62:35:e6:86:
e3:22:4a:70:1b:ca:9b:e9:d5:5b:6a:54:93:53:3e:04:eb:71:
f8:ae:88:cc
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCIowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDdDMUQxMTAvBgNVBAUTKEE4QUVBOUIyOTMwQTYxNEQ1Q0EzMUFCOUY3RTg0Mzc5
MzYxQTJGNDMwHhcNMjMxMjEwMDkyMjI4WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTc1ODM1My1kMTk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1WJTn5vHDKUHivwKVdj3EHRv+OBJ29iayC0lZdSld6e+cimUka41awSyqxx5
1AdbOMMX3/rhciQ+7bUIkWTld1HpUBPL0OyNlHxAtuhVKJX6nzDhgXVo2uPS26T6
HvclLYYqAyqnI0dT6Tb0XSbrv6x77pl/EJIAU5JpVsQzAtqDeFsnI9wrsaM9SSVi
o2Qfa7Ec/C/tI93C+a9YY67rXnfl1Elgz+ZbUtjpxaIa8D2NOsVsjX46bztlDt2z
uCH2Kh2a1CGT9zBOjkiYMkpLbkEc+MWucEPqu36W6WeRe3Q7Y8tKTSH8mOnrZKDK
5eHxtLy8EPOEKJJk61R8CK2LbwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFIaJxxt+
FZ5V/2VJc46Pitegu75lMB8GA1UdIwQYMBaAFKiuqbKTCmFNXKMauffoQ3k2Gi9D
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEN0MxRC9BODA3MEFGMjhB
RjAxMUVBQTk1MjgzMDlDNEY5QUUwMi9xSzZwc3BNS1lVMWNveHE1OS1oRGVUWWFM
ME0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FLNnBzcE1LWVUxY294cTU5LWhEZVRZYUwwTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDdDMUQvQTgwNzBBRjI4QUYwMTFFQUE5NTI4MzA5QzRGOUFFMDIvODJFM0I4QTg5
NzNEMTFFRUI1QTg4OTc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnlvIwDQQCAAIwBwMFACQA2GAwDQYJKoZIhvcNAQELBQAD
ggEBACs3YR6nTDgC6DpvBRiQyQ5+xlU71Sbr/LxLVNX6aE68wAC41nHl50uJdp/w
ceib7D/8ZhyrcFAZbWnHrcjLW/+iUfYJYh1bkY5DNik/8N4WbIuEvCDhXOVLg8UF
adRaKp3OZqU/ygo0jX5NS/+nBS18EOAiuRMKDQRpQT7UzdvMNdw0iEyUBh/FH+Y2
a0/RhMOMSPgH5zn8PMEcY6pDFXDs2fWxekh8r+82XU01GWJQA7Jhj3tKIXkYNEOT
h9fCU4tP8fbUOg89iUFe/W2G3sA/TbvYM+uC38zYKgiHsXwDHE0qbbQBYjXmhuMi
SnAbypvp1VtqVJNTPgTrcfiuiMw=
-----END CERTIFICATE-----
Generated at Tue Dec 19 18:52:31 2023 by rpki-client on console-fra.rpki-client.org