Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9A6E/F51FF8869AF911EEA16DBC55C4F9AE02/86FC2A949AFB11EEB71C7C76C4F9AE02.roa
File: 86FC2A949AFB11EEB71C7C76C4F9AE02.roa (raw, json)
Hash identifier: pcgIJlvZ/gkMCMBbt+d4dRrGLV0cWvM0f/Xjio554Ew=
Subject key identifier: A4:B1:F5:33:52:2C:13:A2:53:64:5C:97:41:E5:9F:BD:69:D7:54:59
Certificate issuer: /CN=A91D9A6E/serialNumber=4CAD272BAD1D8709B16E9975006E12255205C8F6
Certificate serial: 09
Authority key identifier: 4C:AD:27:2B:AD:1D:87:09:B1:6E:99:75:00:6E:12:25:52:05:C8:F6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK0nK60dhwmxbpl1AG4SJVIFyPY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D9A6E/F51FF8869AF911EEA16DBC55C4F9AE02/86FC2A949AFB11EEB71C7C76C4F9AE02.roa
Signing time: Fri 15 Dec 2023 03:39:19 +0000
ROA not before: Fri 15 Dec 2023 03:39:19 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 137443
IP address blocks: 103.79.120.0/22 maxlen: 22
103.79.120.0/24 maxlen: 24
103.79.122.0/24 maxlen: 24
202.91.36.0/24 maxlen: 24
202.91.38.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D9A6E/serialNumber=4CAD272BAD1D8709B16E9975006E12255205C8F6
Validity
Not Before: Dec 15 03:39:19 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=657bca66-6e4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1d:d7:e1:63:9d:b9:3b:a3:ab:b5:28:bf:0f:
ac:aa:86:44:18:84:d0:0b:3d:37:11:3b:e1:a7:d5:
29:91:ed:0d:ec:ab:98:d1:d4:da:f8:4f:94:ad:3f:
28:6b:9a:4d:40:de:23:a0:af:b4:7c:08:a1:91:da:
e8:1f:d6:cf:93:5b:3d:4d:2e:59:bf:f6:c9:23:05:
c1:d8:e5:25:ce:6b:3c:d1:ee:3b:44:b4:f2:42:e7:
ba:39:04:d6:b4:3d:1c:0e:6e:04:3c:16:20:bc:d0:
1c:f8:7a:0b:a3:6a:cf:45:e7:76:dd:54:d4:49:94:
ee:3d:7e:90:9e:f6:72:08:a4:5e:23:5c:b0:c6:61:
b7:9a:56:59:57:a2:82:36:13:c1:d7:bb:cc:91:0f:
5a:e3:76:1b:bd:8d:6d:5a:9b:86:af:70:75:34:71:
5e:c5:0f:d9:f9:98:4e:6d:5c:03:4d:99:43:1c:8d:
a9:c9:06:e0:14:ed:e0:c6:ea:7a:5a:e3:ae:94:db:
49:e3:de:87:5c:9a:3d:a7:2b:10:15:9c:76:5b:43:
c4:3f:ef:d9:f5:8a:16:b8:1f:47:85:cd:55:c0:a6:
52:78:a0:5f:50:42:5f:2d:a0:70:b4:53:5c:58:11:
bb:dc:89:12:40:be:33:2f:a5:49:8b:42:09:b2:74:
c5:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:B1:F5:33:52:2C:13:A2:53:64:5C:97:41:E5:9F:BD:69:D7:54:59
X509v3 Authority Key Identifier:
keyid:4C:AD:27:2B:AD:1D:87:09:B1:6E:99:75:00:6E:12:25:52:05:C8:F6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D9A6E/F51FF8869AF911EEA16DBC55C4F9AE02/TK0nK60dhwmxbpl1AG4SJVIFyPY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK0nK60dhwmxbpl1AG4SJVIFyPY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9A6E/F51FF8869AF911EEA16DBC55C4F9AE02/86FC2A949AFB11EEB71C7C76C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.79.120.0/22
202.91.36.0/24
202.91.38.0/24
Signature Algorithm: sha256WithRSAEncryption
e6:27:4e:41:be:2e:49:e2:0f:30:77:89:5c:32:32:19:72:26:
ea:70:09:03:cf:30:a7:7a:e5:c2:67:33:9d:d0:21:88:0b:4c:
67:37:65:bd:ea:0f:ec:0d:d3:84:29:3d:a9:c7:d3:f8:1a:e2:
f3:00:69:83:50:52:21:de:b3:ee:a1:c5:32:c1:7c:02:95:f9:
9c:1e:81:b7:83:72:bb:05:2a:0e:0f:4d:ad:15:d8:e2:98:44:
f2:21:a3:53:e3:95:3b:95:a7:a0:7d:8a:e2:bf:bc:f6:db:e3:
c6:eb:83:0c:01:07:e8:ad:1d:f0:b6:f3:39:2c:a0:2c:1c:a3:
fa:46:a6:34:92:64:a8:8a:e4:c0:12:90:81:8c:e0:c6:ba:35:
03:19:c4:bd:89:fb:0e:ee:ee:26:22:c9:91:38:83:ca:58:09:
81:83:12:d8:42:2a:49:e7:fc:a1:c5:f7:02:ad:6d:1d:dd:fc:
b6:76:f0:7c:81:40:a5:75:7c:59:bf:bb:6d:4c:74:10:cb:06:
70:c5:f1:bd:02:e5:a4:c0:7f:e7:e2:c7:49:f8:ca:0f:7c:f0:
32:f2:7e:14:88:f1:73:ac:3d:92:4e:51:f0:2f:32:65:78:4d:
fc:58:0a:e8:eb:b6:4a:72:09:98:aa:4a:d8:d4:38:02:3f:c4:
1c:90:ec:f5
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
OUE2RTExMC8GA1UEBRMoNENBRDI3MkJBRDFEODcwOUIxNkU5OTc1MDA2RTEyMjU1
MjA1QzhGNjAeFw0yMzEyMTUwMzM5MTlaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1N2JjYTY2LTZlNGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCuHdfhY525O6OrtSi/D6yqhkQYhNALPTcRO+Gn1SmR7Q3sq5jR1Nr4T5StPyhr
mk1A3iOgr7R8CKGR2ugf1s+TWz1NLlm/9skjBcHY5SXOazzR7jtEtPJC57o5BNa0
PRwObgQ8FiC80Bz4egujas9F53bdVNRJlO49fpCe9nIIpF4jXLDGYbeaVllXooI2
E8HXu8yRD1rjdhu9jW1am4avcHU0cV7FD9n5mE5tXANNmUMcjanJBuAU7eDG6npa
466U20nj3odcmj2nKxAVnHZbQ8Q/79n1iha4H0eFzVXAplJ4oF9QQl8toHC0U1xY
EbvciRJAvjMvpUmLQgmydMXfAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUpLH1M1Is
E6JTZFyXQeWfvWnXVFkwHwYDVR0jBBgwFoAUTK0nK60dhwmxbpl1AG4SJVIFyPYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5QTZFL0Y1MUZGODg2OUFG
OTExRUVBMTZEQkM1NUM0RjlBRTAyL1RLMG5LNjBkaHdteGJwbDFBRzRTSlZJRnlQ
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVEswbks2MGRod214YnBsMUFHNFNKVklGeVBZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
OUE2RS9GNTFGRjg4NjlBRjkxMUVFQTE2REJDNTVDNEY5QUUwMi84NkZDMkE5NDlB
RkIxMUVFQjcxQzdDNzZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEAmdPeAMEAMpbJAMEAMpbJjANBgkqhkiG9w0BAQsFAAOCAQEA
5idOQb4uSeIPMHeJXDIyGXIm6nAJA88wp3rlwmczndAhiAtMZzdlveoP7A3ThCk9
qcfT+Bri8wBpg1BSId6z7qHFMsF8ApX5nB6Bt4NyuwUqDg9NrRXY4phE8iGjU+OV
O5WnoH2K4r+89tvjxuuDDAEH6K0d8LbzOSygLByj+kamNJJkqIrkwBKQgYzgxro1
AxnEvYn7Du7uJiLJkTiDylgJgYMS2EIqSef8ocX3Aq1tHd38tnbwfIFApXV8Wb+7
bUx0EMsGcMXxvQLlpMB/5+LHSfjKD3zwMvJ+FIjxc6w9kk5R8C8yZXhN/FgK6Ou2
SnIJmKpK2NQ4Aj/EHJDs9Q==
Generated at Fri Dec 15 06:25:39 2023 by rpki-client on console-ams.rpki-client.org