Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/F10C2ACA01C211EDA14D295CC4F9AE02.roa
File: F10C2ACA01C211EDA14D295CC4F9AE02.roa (raw, json)
Hash identifier: Wv2IXCnZf/XCOoliTljFe2/SOFFru32/MWVILh9scGI=
Subject key identifier: CE:8E:42:9E:25:98:85:43:94:49:82:26:F0:34:EB:F1:96:CA:97:EE
Certificate issuer: /CN=A91E4E32/serialNumber=A185C0C574829C5FCD71445449E534CDAEF41396
Certificate serial: 0131
Authority key identifier: A1:85:C0:C5:74:82:9C:5F:CD:71:44:54:49:E5:34:CD:AE:F4:13:96
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oYXAxXSCnF_NcURUSeU0za70E5Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/F10C2ACA01C211EDA14D295CC4F9AE02.roa
Signing time: Sat 01 Jul 2023 03:12:37 +0000
ROA not before: Sat 01 Jul 2023 03:12:37 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 135602
IP address blocks: 103.26.8.0/24 maxlen: 24
103.26.9.0/24 maxlen: 24
103.26.10.0/24 maxlen: 24
103.26.11.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 305 (0x131)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4E32/serialNumber=A185C0C574829C5FCD71445449E534CDAEF41396
Validity
Not Before: Jul 1 03:12:37 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=649f99a4-1ad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:9a:c5:02:d4:d2:58:84:de:c5:0e:12:84:bb:
aa:33:29:9d:81:56:eb:18:3a:81:41:22:a0:68:83:
ee:4a:f1:11:86:0c:2e:b0:3f:a8:94:92:22:3c:de:
63:8d:2f:1e:ce:ec:bf:cc:a6:fe:77:c7:e4:f4:1a:
d6:82:73:f1:e6:a6:62:78:f3:b5:34:9c:d7:21:db:
80:ff:d7:28:e7:f3:e9:26:31:0e:14:bc:ff:31:7f:
81:4f:2a:71:4b:01:f4:b1:dc:61:c2:f8:e0:5d:b4:
01:16:c1:04:a4:30:7f:58:cc:c6:27:c2:2b:78:4a:
8c:fc:9c:69:81:b2:12:ff:56:38:33:47:48:cc:1d:
a9:9e:85:1b:e2:5b:58:8d:de:37:5a:42:b6:ed:b6:
9f:8e:86:f5:53:b0:c2:0c:d7:d9:78:20:9f:d7:a4:
e2:d6:d6:42:23:d3:72:55:4a:a4:4e:52:8e:26:f2:
ad:4e:ec:1c:af:6f:29:8f:c2:8c:1c:64:32:ad:8d:
ee:df:09:d1:77:7b:67:78:3f:db:21:4b:91:62:58:
49:fe:0c:34:8d:67:83:e3:b0:ad:f8:d0:71:5a:8d:
36:df:d5:6d:a3:f5:12:18:2c:8e:8c:d8:93:44:22:
60:fe:c9:9d:ac:04:09:7e:e0:0e:ab:e0:82:d2:59:
01:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:8E:42:9E:25:98:85:43:94:49:82:26:F0:34:EB:F1:96:CA:97:EE
X509v3 Authority Key Identifier:
keyid:A1:85:C0:C5:74:82:9C:5F:CD:71:44:54:49:E5:34:CD:AE:F4:13:96
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/oYXAxXSCnF_NcURUSeU0za70E5Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oYXAxXSCnF_NcURUSeU0za70E5Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/F10C2ACA01C211EDA14D295CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.26.8.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:e2:ca:89:fa:7a:ac:a4:eb:ab:26:73:af:b2:eb:b7:fd:a4:
84:ba:83:42:9c:c4:80:f7:f0:f9:42:78:59:f1:40:03:be:31:
ed:36:4d:18:1f:1b:89:c2:4c:8c:8e:ec:c1:b3:e9:9b:b8:4c:
fa:b9:1b:2d:53:d2:22:7e:b0:6b:8e:ad:02:5c:51:4d:eb:1f:
12:c5:b3:93:97:7b:97:6a:6b:28:e2:8e:ff:6b:79:8e:9b:02:
d8:fe:13:c4:f5:a6:f3:91:51:ba:db:dd:65:df:80:22:21:8c:
12:6e:3e:ab:63:7d:79:55:c9:22:59:23:f8:4e:38:af:3a:72:
cd:23:0d:0b:69:f4:34:85:fb:c5:e5:9b:bb:ec:f5:39:8e:73:
90:0b:7d:6c:a7:ef:ac:f2:b8:6f:2c:57:e7:e7:12:a8:93:2c:
dc:81:49:ce:ae:04:4e:cc:8c:5f:d8:60:69:3a:2c:c9:2e:ac:
1f:c5:12:d4:b0:6d:ed:f9:60:63:80:1b:a1:e2:c3:a4:43:2f:
19:75:5a:f8:4f:c6:4c:bf:5e:01:a3:de:37:50:fa:bc:61:7f:
4a:73:b7:6b:3b:12:51:91:f7:e5:5e:e9:88:91:4c:9b:0c:4c:
ad:ff:30:e9:ac:d6:e0:59:de:a0:ff:54:e5:04:af:53:81:2d:
9a:d3:0d:e7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICATEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRFMzIxMTAvBgNVBAUTKEExODVDMEM1NzQ4MjlDNUZDRDcxNDQ1NDQ5RTUzNENE
QUVGNDEzOTYwHhcNMjMwNzAxMDMxMjM3WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDlmOTlhNC0xYWQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxJrFAtTSWITexQ4ShLuqMymdgVbrGDqBQSKgaIPuSvERhgwusD+olJIiPN5j
jS8ezuy/zKb+d8fk9BrWgnPx5qZiePO1NJzXIduA/9co5/PpJjEOFLz/MX+BTypx
SwH0sdxhwvjgXbQBFsEEpDB/WMzGJ8IreEqM/JxpgbIS/1Y4M0dIzB2pnoUb4ltY
jd43WkK27bafjob1U7DCDNfZeCCf16Ti1tZCI9NyVUqkTlKOJvKtTuwcr28pj8KM
HGQyrY3u3wnRd3tneD/bIUuRYlhJ/gw0jWeD47Ct+NBxWo0239Vto/USGCyOjNiT
RCJg/smdrAQJfuAOq+CC0lkB7wIDAQABo4IClTCCApEwHQYDVR0OBBYEFM6OQp4l
mIVDlEmCJvA06/GWypfuMB8GA1UdIwQYMBaAFKGFwMV0gpxfzXFEVEnlNM2u9BOW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEUzMi83MjA5NTlGQzAx
QzAxMUVEQkQ3QzZGNThDNEY5QUUwMi9vWVhBeFhTQ25GX05jVVJVU2VVMHphNzBF
NVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29ZWEF4WFNDbkZfTmNVUlVTZVUwemE3MEU1WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRFMzIvNzIwOTU5RkMwMUMwMTFFREJEN0M2RjU4QzRGOUFFMDIvRjEwQzJBQ0Ew
MUMyMTFFREExNEQyOTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnGggwDQYJKoZIhvcNAQELBQADggEBAI3iyon6eqyk66sm
c6+y67f9pIS6g0KcxID38PlCeFnxQAO+Me02TRgfG4nCTIyO7MGz6Zu4TPq5Gy1T
0iJ+sGuOrQJcUU3rHxLFs5OXe5dqayjijv9reY6bAtj+E8T1pvORUbrb3WXfgCIh
jBJuPqtjfXlVySJZI/hOOK86cs0jDQtp9DSF+8Xlm7vs9TmOc5ALfWyn76zyuG8s
V+fnEqiTLNyBSc6uBE7MjF/YYGk6LMkurB/FEtSwbe35YGOAG6Hiw6RDLxl1WvhP
xky/XgGj3jdQ+rxhf0pzt2s7ElGR9+Ve6YiRTJsMTK3/MOms1uBZ3qD/VOUEr1OB
LZrTDec=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:11 2023 by rpki-client on console-fra.rpki-client.org