Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2E92/1885A6D206CF11EE9C97127BC4F9AE02/9427E66006D411EE8A1CC42EC4F9AE02.roa
File: 9427E66006D411EE8A1CC42EC4F9AE02.roa (raw, json)
Hash identifier: W/Gmoj6INX2bNWe8zv+S19Yyom9aBL1DULo++FDxj/0=
Subject key identifier: 55:1E:99:FF:A1:63:AE:A0:38:09:AD:45:BC:DF:B4:61:C3:37:58:F6
Certificate issuer: /CN=A91E2E92/serialNumber=97F3EC1014558E08470A03A9478C84F23E45003A
Certificate serial: 04
Authority key identifier: 97:F3:EC:10:14:55:8E:08:47:0A:03:A9:47:8C:84:F2:3E:45:00:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l_PsEBRVjghHCgOpR4yE8j5FADo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E2E92/1885A6D206CF11EE9C97127BC4F9AE02/9427E66006D411EE8A1CC42EC4F9AE02.roa
Signing time: Fri 09 Jun 2023 15:16:57 +0000
ROA not before: Fri 09 Jun 2023 15:16:57 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 151399
IP address blocks: 103.215.228.0/23 maxlen: 24
2401:920::/32 maxlen: 32
2401:920:1::/48 maxlen: 48
2401:920:2::/48 maxlen: 48
2401:920:3::/48 maxlen: 48
2401:920:4::/48 maxlen: 48
2401:920:5::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 27 Aug 2023 15:23:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E2E92/serialNumber=97F3EC1014558E08470A03A9478C84F23E45003A
Validity
Not Before: Jun 9 15:16:57 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64834269-3c95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:f9:d6:b7:cd:1f:27:0c:91:6a:61:45:b7:12:
c3:e9:81:97:ba:c9:79:bf:ca:76:91:74:eb:9f:f4:
f8:7b:5a:5b:7f:42:b3:76:32:29:2f:6b:57:e7:7b:
18:fb:e5:fe:c1:11:cd:68:d4:a6:e4:af:87:6b:17:
c3:ba:f6:f8:55:da:5d:6c:ad:01:32:58:45:4c:93:
a3:d0:99:9c:e3:a1:6c:3b:c3:37:7d:ce:af:39:a4:
c1:85:a1:93:87:d6:7d:45:2b:e7:30:a1:27:46:52:
cb:c6:ad:24:ef:64:d7:ed:36:4a:8f:52:df:45:14:
c9:76:f8:d2:68:6a:e1:25:75:6e:b5:3f:22:5f:5f:
d8:2f:6a:17:d0:bd:81:97:85:90:be:8d:05:7b:30:
0f:c3:e1:0b:05:af:01:91:af:fb:b5:3c:a6:b9:3c:
b1:fc:3a:61:ff:3a:c4:1a:ef:53:24:83:39:00:52:
3c:8f:11:fe:01:cc:52:bb:02:a6:dd:48:f2:82:d1:
b2:57:73:46:8a:51:a7:2c:28:5c:6a:24:23:b7:a0:
9e:57:22:bd:a3:a4:cc:42:15:f9:34:80:13:75:77:
bd:bc:70:8f:b6:2f:ec:2b:df:15:41:c6:c2:69:cd:
d8:d8:f9:f0:c3:5b:c1:7d:87:4e:50:7d:dc:ea:a5:
90:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:1E:99:FF:A1:63:AE:A0:38:09:AD:45:BC:DF:B4:61:C3:37:58:F6
X509v3 Authority Key Identifier:
keyid:97:F3:EC:10:14:55:8E:08:47:0A:03:A9:47:8C:84:F2:3E:45:00:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E2E92/1885A6D206CF11EE9C97127BC4F9AE02/l_PsEBRVjghHCgOpR4yE8j5FADo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l_PsEBRVjghHCgOpR4yE8j5FADo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2E92/1885A6D206CF11EE9C97127BC4F9AE02/9427E66006D411EE8A1CC42EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.215.228.0/23
IPv6:
2401:920::/32
Signature Algorithm: sha256WithRSAEncryption
3c:9a:be:cb:64:34:6f:1a:b6:f9:22:71:6d:c7:a8:37:7e:38:
db:c1:d7:45:03:f9:f0:b0:ba:ee:b0:db:87:c9:0a:82:e8:f5:
4c:52:d8:4a:8e:0a:05:0f:cb:a1:f6:c6:7d:8b:97:f6:b6:79:
72:3f:d4:a8:60:80:6c:53:5a:18:ac:9a:96:3c:d6:b6:a7:0f:
fa:f9:22:f0:59:92:78:42:6a:ec:96:1f:a2:51:3a:07:af:ea:
c1:8b:3d:84:84:d5:ba:3a:22:e9:6f:44:19:17:b3:96:b5:a2:
83:0d:1a:a3:1d:23:fb:e6:9a:9d:1f:2a:9c:fc:9f:87:6c:7b:
ca:8f:1b:ae:0a:3b:ff:b9:15:90:3e:92:29:83:2d:32:ee:95:
eb:bb:21:c7:13:e7:3c:5b:38:05:83:c5:04:39:d8:4a:2e:aa:
c5:76:55:82:19:57:0f:38:3b:66:90:62:a0:ca:f7:8f:c9:76:
10:e1:d2:43:6d:f7:4b:95:a3:d1:e5:c6:d6:8e:0a:71:11:13:
1e:19:7d:5e:49:6c:07:53:9e:ed:29:16:b5:3e:2b:60:51:f5:
11:d5:c3:dd:4e:a6:49:f2:fa:35:a5:84:a2:c7:a5:d3:a9:3b:
31:ba:bd:4f:68:5b:cb:95:d9:88:70:90:be:58:9b:3d:c8:44:
42:8e:05:4e
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
MkU5MjExMC8GA1UEBRMoOTdGM0VDMTAxNDU1OEUwODQ3MEEwM0E5NDc4Qzg0RjIz
RTQ1MDAzQTAeFw0yMzA2MDkxNTE2NTdaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ODM0MjY5LTNjOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDt+da3zR8nDJFqYUW3EsPpgZe6yXm/ynaRdOuf9Ph7Wlt/QrN2Mikva1fnexj7
5f7BEc1o1Kbkr4drF8O69vhV2l1srQEyWEVMk6PQmZzjoWw7wzd9zq85pMGFoZOH
1n1FK+cwoSdGUsvGrSTvZNftNkqPUt9FFMl2+NJoauEldW61PyJfX9gvahfQvYGX
hZC+jQV7MA/D4QsFrwGRr/u1PKa5PLH8OmH/OsQa71MkgzkAUjyPEf4BzFK7Aqbd
SPKC0bJXc0aKUacsKFxqJCO3oJ5XIr2jpMxCFfk0gBN1d728cI+2L+wr3xVBxsJp
zdjY+fDDW8F9h05QfdzqpZB1AgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUVR6Z/6Fj
rqA4Ca1FvN+0YcM3WPYwHwYDVR0jBBgwFoAUl/PsEBRVjghHCgOpR4yE8j5FADow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUyRTkyLzE4ODVBNkQyMDZD
RjExRUU5Qzk3MTI3QkM0RjlBRTAyL2xfUHNFQlJWamdoSENnT3BSNHlFOGo1RkFE
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbF9Qc0VCUlZqZ2hIQ2dPcFI0eUU4ajVGQURvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
MkU5Mi8xODg1QTZEMjA2Q0YxMUVFOUM5NzEyN0JDNEY5QUUwMi85NDI3RTY2MDA2
RDQxMUVFOEExQ0M0MkVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAWfX5DANBAIAAjAHAwUAJAEJIDANBgkqhkiG9w0BAQsFAAOC
AQEAPJq+y2Q0bxq2+SJxbceoN34428HXRQP58LC67rDbh8kKguj1TFLYSo4KBQ/L
ofbGfYuX9rZ5cj/UqGCAbFNaGKyaljzWtqcP+vki8FmSeEJq7JYfolE6B6/qwYs9
hITVujoi6W9EGRezlrWigw0aox0j++aanR8qnPyfh2x7yo8brgo7/7kVkD6SKYMt
Mu6V67shxxPnPFs4BYPFBDnYSi6qxXZVghlXDzg7ZpBioMr3j8l2EOHSQ233S5Wj
0eXG1o4KcRETHhl9XklsB1Oe7SkWtT4rYFH1EdXD3U6mSfL6NaWEosel06k7Mbq9
T2hby5XZiHCQvlibPchEQo4FTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:32 2024 by rpki-client on console-ams.rpki-client.org