Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/F1ABAF3201C211EDA14D295CC4F9AE02.roa
File: F1ABAF3201C211EDA14D295CC4F9AE02.roa (raw, json)
Hash identifier: zXnHFB+1nGi+dLXu4x0AcJJ+TyJQp/JnWf2U8Z016Pw=
Subject key identifier: 53:54:52:A7:53:6D:94:56:B8:34:AF:C9:89:50:A1:13:D8:30:F6:66
Certificate issuer: /CN=A91E4E32/serialNumber=A185C0C574829C5FCD71445449E534CDAEF41396
Certificate serial: 0132
Authority key identifier: A1:85:C0:C5:74:82:9C:5F:CD:71:44:54:49:E5:34:CD:AE:F4:13:96
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oYXAxXSCnF_NcURUSeU0za70E5Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/F1ABAF3201C211EDA14D295CC4F9AE02.roa
Signing time: Sat 01 Jul 2023 03:12:37 +0000
ROA not before: Sat 01 Jul 2023 03:12:37 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 58954
IP address blocks: 103.26.8.0/24 maxlen: 24
103.26.9.0/24 maxlen: 24
103.26.10.0/24 maxlen: 24
103.26.11.0/24 maxlen: 24
2407:2900::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 306 (0x132)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4E32/serialNumber=A185C0C574829C5FCD71445449E534CDAEF41396
Validity
Not Before: Jul 1 03:12:37 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=649f99a5-c394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c5:56:f6:61:91:58:47:61:80:ee:21:8d:67:
fa:62:95:5d:48:1d:7a:66:f2:15:22:c9:da:e9:32:
8b:aa:20:e7:07:f0:ed:30:7d:85:3f:d9:78:11:21:
a8:37:81:d9:17:49:ed:09:c7:49:0b:d7:3f:e4:5e:
ea:de:4a:e0:96:de:a4:dd:72:86:66:5c:5d:e5:40:
d4:38:dc:7e:d9:31:fe:7d:ca:71:1a:8d:ec:35:ee:
1f:3d:a6:f9:0c:08:11:33:6e:a6:a3:08:69:ea:49:
34:fc:bd:0a:94:75:01:15:2b:4a:f1:c0:0a:19:b9:
b3:8e:dc:7e:68:27:0d:50:67:0b:cd:92:fe:d0:65:
f9:a4:38:ed:cc:70:03:26:a1:67:a4:14:ee:1c:a4:
fc:b8:90:37:e4:3a:63:d1:82:13:87:bc:0d:52:0d:
ca:57:b8:b4:5d:ff:da:73:cb:a8:30:da:13:4f:40:
53:5b:89:08:89:84:73:13:88:d7:92:fd:9e:92:14:
81:70:3a:64:31:7a:62:4e:ed:3c:23:71:ad:d7:0d:
8b:af:21:d6:4c:c5:a1:d4:5c:91:ae:f6:f4:69:4e:
d7:1c:f9:98:06:14:73:f6:80:6b:87:e2:75:dd:e9:
ba:fd:c6:eb:15:fe:63:96:95:1e:f0:eb:44:82:1f:
f2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:54:52:A7:53:6D:94:56:B8:34:AF:C9:89:50:A1:13:D8:30:F6:66
X509v3 Authority Key Identifier:
keyid:A1:85:C0:C5:74:82:9C:5F:CD:71:44:54:49:E5:34:CD:AE:F4:13:96
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/oYXAxXSCnF_NcURUSeU0za70E5Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oYXAxXSCnF_NcURUSeU0za70E5Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/F1ABAF3201C211EDA14D295CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.26.8.0/22
IPv6:
2407:2900::/32
Signature Algorithm: sha256WithRSAEncryption
19:50:71:d0:9c:99:9b:22:33:cf:31:6b:20:b7:b2:6c:7f:07:
69:8b:90:60:f0:18:c3:e8:83:33:e5:8f:57:ae:f8:89:fe:36:
b1:41:eb:4f:a8:a2:19:16:e7:84:ba:63:1c:6a:be:3a:3d:9c:
d3:36:c2:ae:03:36:f0:32:e0:bb:5e:37:eb:07:83:ec:29:ab:
26:47:eb:cb:7e:a0:4e:e6:89:f8:52:17:24:38:dd:75:4b:cb:
08:2b:56:93:04:78:0e:b6:cb:4d:43:51:61:9e:8f:53:e2:42:
f9:29:54:7e:c7:78:d6:9d:3e:28:6e:3f:2f:99:7d:52:d0:92:
d6:b9:b5:c1:7e:e1:6b:b0:b8:cc:f9:99:91:9b:97:2e:7b:cb:
e9:82:3e:78:3f:6a:be:f1:23:91:52:49:d1:d7:68:98:1f:fa:
5b:0b:12:9c:43:99:8d:9a:14:63:1c:74:4e:69:c0:fc:09:3d:
61:9a:34:59:12:ca:73:64:ea:5f:9a:6b:fb:a5:51:df:d0:2b:
ce:69:4f:80:4f:ae:4f:93:18:4e:c9:b6:c6:ab:c1:f9:09:ce:
eb:94:f5:bd:0a:b1:02:93:52:26:5d:16:a0:e5:2f:80:24:f8:
6f:04:96:82:20:af:bc:68:9c:d6:59:9a:95:35:19:8b:ed:08:
7e:2f:64:fd
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICATIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRFMzIxMTAvBgNVBAUTKEExODVDMEM1NzQ4MjlDNUZDRDcxNDQ1NDQ5RTUzNENE
QUVGNDEzOTYwHhcNMjMwNzAxMDMxMjM3WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDlmOTlhNS1jMzk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAscVW9mGRWEdhgO4hjWf6YpVdSB16ZvIVIsna6TKLqiDnB/DtMH2FP9l4ESGo
N4HZF0ntCcdJC9c/5F7q3krglt6k3XKGZlxd5UDUONx+2TH+fcpxGo3sNe4fPab5
DAgRM26mowhp6kk0/L0KlHUBFStK8cAKGbmzjtx+aCcNUGcLzZL+0GX5pDjtzHAD
JqFnpBTuHKT8uJA35Dpj0YITh7wNUg3KV7i0Xf/ac8uoMNoTT0BTW4kIiYRzE4jX
kv2ekhSBcDpkMXpiTu08I3Gt1w2LryHWTMWh1FyRrvb0aU7XHPmYBhRz9oBrh+J1
3em6/cbrFf5jlpUe8OtEgh/yoQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFFNUUqdT
bZRWuDSvyYlQoRPYMPZmMB8GA1UdIwQYMBaAFKGFwMV0gpxfzXFEVEnlNM2u9BOW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEUzMi83MjA5NTlGQzAx
QzAxMUVEQkQ3QzZGNThDNEY5QUUwMi9vWVhBeFhTQ25GX05jVVJVU2VVMHphNzBF
NVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29ZWEF4WFNDbkZfTmNVUlVTZVUwemE3MEU1WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRFMzIvNzIwOTU5RkMwMUMwMTFFREJEN0M2RjU4QzRGOUFFMDIvRjFBQkFGMzIw
MUMyMTFFREExNEQyOTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnGggwDQQCAAIwBwMFACQHKQAwDQYJKoZIhvcNAQELBQAD
ggEBABlQcdCcmZsiM88xayC3smx/B2mLkGDwGMPogzPlj1eu+In+NrFB60+oohkW
54S6Yxxqvjo9nNM2wq4DNvAy4LteN+sHg+wpqyZH68t+oE7mifhSFyQ43XVLywgr
VpMEeA62y01DUWGej1PiQvkpVH7HeNadPihuPy+ZfVLQkta5tcF+4WuwuMz5mZGb
ly57y+mCPng/ar7xI5FSSdHXaJgf+lsLEpxDmY2aFGMcdE5pwPwJPWGaNFkSynNk
6l+aa/ulUd/QK85pT4BPrk+TGE7JtsarwfkJzuuU9b0KsQKTUiZdFqDlL4Ak+G8E
loIgr7xonNZZmpU1GYvtCH4vZP0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:08 2023 by rpki-client on console-ams.rpki-client.org