Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3731/55B223EAC02211EC9265DA5DC4F9AE02/B87F878AC02511EC93BB8865C4F9AE02.roa
File: B87F878AC02511EC93BB8865C4F9AE02.roa (raw, json)
Hash identifier: x7gwvNhxc1GWUb2uV5BVimeKLMLa3ydAhcsnvTol+Fc=
Subject key identifier: D6:B7:87:DD:C2:42:1F:4F:3C:4D:C4:1B:61:48:CB:8A:68:9A:55:2C
Certificate issuer: /CN=A91E3731/serialNumber=BC3A8BB0CDD08B6E3721B2C1D21A81714C3B2142
Certificate serial: 0224
Authority key identifier: BC:3A:8B:B0:CD:D0:8B:6E:37:21:B2:C1:D2:1A:81:71:4C:3B:21:42
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vDqLsM3Qi243IbLB0hqBcUw7IUI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E3731/55B223EAC02211EC9265DA5DC4F9AE02/B87F878AC02511EC93BB8865C4F9AE02.roa
Signing time: Mon 06 Nov 2023 12:51:22 +0000
ROA not before: Mon 06 Nov 2023 12:51:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140045
IP address blocks: 103.184.92.0/24 maxlen: 24
103.184.93.0/24 maxlen: 24
2400:a560::/34 maxlen: 34
2400:a560:4000::/34 maxlen: 34
2400:a560:8000::/34 maxlen: 34
2400:a560:c000::/34 maxlen: 34
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 548 (0x224)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E3731/serialNumber=BC3A8BB0CDD08B6E3721B2C1D21A81714C3B2142
Validity
Not Before: Nov 6 12:51:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6548e149-c5cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7a:5b:d0:ef:d8:1e:f1:71:a1:b2:4e:d5:83:
33:4d:b3:e8:85:b3:23:ff:28:57:4a:30:6e:ce:77:
8b:12:00:2e:ee:8d:b6:9b:39:91:6f:65:ec:07:78:
21:aa:13:d7:0a:ac:48:3f:49:e1:80:de:80:44:90:
6f:19:9d:2b:13:70:dd:86:64:45:1e:3a:9d:2b:a6:
d9:5d:96:0a:ed:a9:5c:f2:94:c2:d8:99:3d:7a:e3:
ff:d1:7d:a8:63:97:df:79:93:af:67:da:cc:13:95:
98:87:26:55:30:a2:f6:c5:d5:a2:2d:a0:94:67:ff:
2d:79:9d:ae:5f:69:1a:d7:bf:a8:69:20:8b:46:d5:
c3:bb:e6:ea:c3:51:c2:13:5f:48:25:aa:81:00:b6:
de:d1:a8:2f:74:ea:05:f9:8b:47:00:d6:56:6e:43:
f0:03:62:06:b9:0d:29:53:81:47:a8:1c:f8:e4:72:
98:28:1f:ba:aa:7c:fe:31:1e:0b:89:26:e0:19:33:
f3:0a:9b:e0:d2:62:af:f6:7e:4d:8a:c5:1f:af:2a:
7d:c9:a5:4d:ba:4f:b7:a8:02:e5:24:13:4b:e4:3f:
d3:be:55:21:67:66:f2:48:9a:6a:e9:ec:16:95:0c:
d4:b5:b3:88:65:22:b1:cf:ae:e3:e2:c5:0f:75:b4:
01:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B7:87:DD:C2:42:1F:4F:3C:4D:C4:1B:61:48:CB:8A:68:9A:55:2C
X509v3 Authority Key Identifier:
keyid:BC:3A:8B:B0:CD:D0:8B:6E:37:21:B2:C1:D2:1A:81:71:4C:3B:21:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E3731/55B223EAC02211EC9265DA5DC4F9AE02/vDqLsM3Qi243IbLB0hqBcUw7IUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vDqLsM3Qi243IbLB0hqBcUw7IUI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3731/55B223EAC02211EC9265DA5DC4F9AE02/B87F878AC02511EC93BB8865C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.184.92.0/23
IPv6:
2400:a560::/32
Signature Algorithm: sha256WithRSAEncryption
4f:82:22:37:b8:2d:da:21:3c:7e:99:59:36:88:6c:39:d8:de:
26:18:f9:4e:7a:b9:5d:5d:98:b5:56:7f:0a:a3:40:53:ad:a9:
4c:3e:cf:92:6e:e0:9b:95:33:d8:f6:7d:2f:75:2c:a9:90:75:
47:11:9e:ed:c8:72:d5:a5:e5:a3:db:e6:7a:bc:1d:97:cf:6b:
3e:7d:3a:46:76:1c:94:a4:6f:dc:41:f2:42:fc:78:31:26:ab:
24:fb:4d:d6:7d:b9:29:fa:e1:8a:ea:8b:f3:2b:01:ae:dc:ab:
35:1d:41:24:84:5b:6f:1b:79:f8:6c:12:9e:5f:fc:59:64:59:
ff:73:64:a8:a8:a2:14:50:b6:c5:23:31:ad:07:b6:46:12:41:
f0:0b:31:33:22:1f:29:e9:93:e6:36:82:27:2f:2a:4c:f1:bb:
32:30:66:c3:fe:61:c4:71:b8:33:bb:28:4c:f6:c3:8b:d3:22:
57:f4:4e:2f:89:7c:cf:e8:41:ea:2d:ba:61:9f:42:19:f1:8f:
7f:78:96:0f:21:9d:f1:e2:10:b3:0d:ed:c5:d4:4c:38:8b:c9:
eb:21:f6:54:19:4a:e2:9c:8c:70:20:5b:c3:14:e3:a8:ac:67:
8f:24:47:26:aa:69:06:ce:b6:9e:7a:e8:4a:a7:34:da:ff:f7:
58:ea:50:8e
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAiQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTM3MzExMTAvBgNVBAUTKEJDM0E4QkIwQ0REMDhCNkUzNzIxQjJDMUQyMUE4MTcx
NEMzQjIxNDIwHhcNMjMxMTA2MTI1MTIxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ4ZTE0OS1jNWNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAynpb0O/YHvFxobJO1YMzTbPohbMj/yhXSjBuzneLEgAu7o22mzmRb2XsB3gh
qhPXCqxIP0nhgN6ARJBvGZ0rE3DdhmRFHjqdK6bZXZYK7alc8pTC2Jk9euP/0X2o
Y5ffeZOvZ9rME5WYhyZVMKL2xdWiLaCUZ/8teZ2uX2ka17+oaSCLRtXDu+bqw1HC
E19IJaqBALbe0agvdOoF+YtHANZWbkPwA2IGuQ0pU4FHqBz45HKYKB+6qnz+MR4L
iSbgGTPzCpvg0mKv9n5NisUfryp9yaVNuk+3qALlJBNL5D/TvlUhZ2bySJpq6ewW
lQzUtbOIZSKxz67j4sUPdbQBSwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFNa3h93C
Qh9PPE3EG2FIy4pomlUsMB8GA1UdIwQYMBaAFLw6i7DN0ItuNyGywdIagXFMOyFC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMzczMS81NUIyMjNFQUMw
MjIxMUVDOTI2NURBNURDNEY5QUUwMi92RHFMc00zUWkyNDNJYkxCMGhxQmNVdzdJ
VUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZEcUxzTTNRaTI0M0liTEIwaHFCY1V3N0lVSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTM3MzEvNTVCMjIzRUFDMDIyMTFFQzkyNjVEQTVEQzRGOUFFMDIvQjg3Rjg3OEFD
MDI1MTFFQzkzQkI4ODY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnuFwwDQQCAAIwBwMFACQApWAwDQYJKoZIhvcNAQELBQAD
ggEBAE+CIje4LdohPH6ZWTaIbDnY3iYY+U56uV1dmLVWfwqjQFOtqUw+z5Ju4JuV
M9j2fS91LKmQdUcRnu3IctWl5aPb5nq8HZfPaz59OkZ2HJSkb9xB8kL8eDEmqyT7
TdZ9uSn64Yrqi/MrAa7cqzUdQSSEW28befhsEp5f/FlkWf9zZKioohRQtsUjMa0H
tkYSQfALMTMiHynpk+Y2gicvKkzxuzIwZsP+YcRxuDO7KEz2w4vTIlf0Ti+JfM/o
QeotumGfQhnxj394lg8hnfHiELMN7cXUTDiLyesh9lQZSuKcjHAgW8MU46isZ48k
RyaqaQbOtp566EqnNNr/91jqUI4=
-----END CERTIFICATE-----
Generated at Wed Dec 13 11:14:15 2023 by rpki-client on console-fra.rpki-client.org