Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/88E2F1961F0211E98C8F1239C4F9AE02.roa
File: 88E2F1961F0211E98C8F1239C4F9AE02.roa (raw, json)
Hash identifier: c+H2u7q1Tn5FXaAKrF9UkTMn+pVzutVYSWirGYivYNI=
Subject key identifier: 34:2C:B9:E2:4B:47:2A:11:BF:22:5C:C3:16:C7:38:A1:9D:B7:3A:EE
Certificate issuer: /CN=A91E57DC/serialNumber=22B1A7175E75FFD847391F2C2E9665E4EEE1B742
Certificate serial: 1014
Authority key identifier: 22:B1:A7:17:5E:75:FF:D8:47:39:1F:2C:2E:96:65:E4:EE:E1:B7:42
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IrGnF151_9hHOR8sLpZl5O7ht0I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/88E2F1961F0211E98C8F1239C4F9AE02.roa
Signing time: Tue 02 Apr 2024 18:26:17 +0000
ROA not before: Tue 02 Apr 2024 18:26:17 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 136406
IP address blocks: 103.86.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 08:39:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4116 (0x1014)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E57DC/serialNumber=22B1A7175E75FFD847391F2C2E9665E4EEE1B742
Validity
Not Before: Apr 2 18:26:17 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=660c4dc8-ba0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a5:ae:72:c0:8e:66:f1:3a:b3:22:52:62:bf:
44:3f:77:38:cb:bf:16:9d:a2:58:3a:17:91:39:ec:
76:dd:df:0d:0c:49:09:2b:e4:51:03:6e:b1:42:54:
19:41:aa:45:a6:0b:d5:97:18:97:01:e7:81:92:f9:
57:27:cf:c3:da:c8:2e:6c:36:ad:2e:2b:18:3a:71:
79:92:e4:aa:23:ed:03:0c:f2:d9:37:80:9b:03:93:
d1:9b:cf:f1:5e:cd:4d:e2:9e:5a:34:9a:d7:eb:39:
f0:ee:99:f0:11:75:d2:d3:da:72:fc:98:0c:36:00:
b7:8f:9a:6e:6a:6d:75:ff:17:ea:76:a8:47:1d:5f:
f2:ae:8c:be:19:5d:21:a7:49:68:b9:4f:42:ef:c4:
84:7a:4a:0d:4e:af:32:cd:61:b0:0b:ec:12:8c:3b:
0b:9f:da:08:c0:5f:18:35:5f:3c:d7:8f:10:ab:77:
b2:5f:dc:3d:0a:21:43:99:d2:d8:70:cb:ef:0d:a7:
99:9e:6c:90:35:a7:70:8c:cf:8c:57:2c:23:c6:0d:
1f:8a:83:98:cb:c5:ff:fe:14:50:66:e7:2e:da:96:
04:98:92:42:38:f3:a8:a8:ab:10:20:8f:76:93:ce:
16:bb:43:63:9e:25:6f:49:7a:6b:5e:4c:b4:7c:0e:
50:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:2C:B9:E2:4B:47:2A:11:BF:22:5C:C3:16:C7:38:A1:9D:B7:3A:EE
X509v3 Authority Key Identifier:
keyid:22:B1:A7:17:5E:75:FF:D8:47:39:1F:2C:2E:96:65:E4:EE:E1:B7:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IrGnF151_9hHOR8sLpZl5O7ht0I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/88E2F1961F0211E98C8F1239C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.86.192.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:d1:90:bd:95:0f:ce:1c:2a:f8:4f:c4:5e:70:ce:c9:db:40:
83:5e:40:88:cf:22:d7:c8:4f:65:b5:70:e0:af:41:6b:4d:62:
e6:87:c9:56:3a:b7:ef:ee:5b:99:ec:ea:12:f9:b5:a2:76:17:
69:46:3e:d0:4a:0b:b4:74:94:bc:a8:5f:d3:43:3b:81:7f:90:
69:ea:50:05:df:35:9b:32:73:50:24:56:6f:f9:cf:97:07:52:
af:32:77:64:a4:bd:e0:d9:cd:9a:e1:bf:1d:2d:35:ed:7d:62:
a5:2a:23:56:56:02:0c:4b:8e:0b:64:9b:2b:b4:45:4d:be:a0:
6d:9f:10:6f:c5:c9:9b:7f:75:2f:5a:e8:63:40:61:21:e2:08:
d3:9a:6a:57:0c:de:f3:90:ac:b7:79:a5:90:0a:35:11:95:a3:
6f:fa:7d:dc:e2:b7:54:83:f5:cb:d9:2e:88:ad:7f:42:44:85:
db:0a:cb:98:3f:57:83:29:bb:4e:80:f4:b7:48:bd:16:0e:17:
09:f8:93:21:34:f0:ce:4e:27:b1:7c:fe:55:ec:f8:8d:6e:4b:
59:47:19:6b:8b:af:e1:f9:c8:1c:1d:b6:e4:28:3d:d0:79:51:
99:df:f3:9c:19:f6:b2:80:03:83:68:98:d4:fd:53:63:d9:d2:
fc:28:6f:f2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICEBQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTU3REMxMTAvBgNVBAUTKDIyQjFBNzE3NUU3NUZGRDg0NzM5MUYyQzJFOTY2NUU0
RUVFMUI3NDIwHhcNMjQwNDAyMTgyNjE3WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBjNGRjOC1iYTBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuaWucsCOZvE6syJSYr9EP3c4y78WnaJYOheROex23d8NDEkJK+RRA26xQlQZ
QapFpgvVlxiXAeeBkvlXJ8/D2sgubDatLisYOnF5kuSqI+0DDPLZN4CbA5PRm8/x
Xs1N4p5aNJrX6znw7pnwEXXS09py/JgMNgC3j5puam11/xfqdqhHHV/yroy+GV0h
p0louU9C78SEekoNTq8yzWGwC+wSjDsLn9oIwF8YNV88148Qq3eyX9w9CiFDmdLY
cMvvDaeZnmyQNadwjM+MVywjxg0fioOYy8X//hRQZucu2pYEmJJCOPOoqKsQII92
k84Wu0NjniVvSXprXky0fA5QRwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDQsueJL
RyoRvyJcwxbHOKGdtzruMB8GA1UdIwQYMBaAFCKxpxdedf/YRzkfLC6WZeTu4bdC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTdEQy8zNUY3OTg2NjFG
MDExMUU5QjFBQTk0MzZDNEY5QUUwMi9JckduRjE1MV85aEhPUjhzTHBabDVPN2h0
MEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lyR25GMTUxXzloSE9SOHNMcFpsNU83aHQwSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTU3REMvMzVGNzk4NjYxRjAxMTFFOUIxQUE5NDM2QzRGOUFFMDIvODhFMkYxOTYx
RjAyMTFFOThDOEYxMjM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnVsAwDQYJKoZIhvcNAQELBQADggEBAGrRkL2VD84cKvhP
xF5wzsnbQINeQIjPItfIT2W1cOCvQWtNYuaHyVY6t+/uW5ns6hL5taJ2F2lGPtBK
C7R0lLyoX9NDO4F/kGnqUAXfNZsyc1AkVm/5z5cHUq8yd2SkveDZzZrhvx0tNe19
YqUqI1ZWAgxLjgtkmyu0RU2+oG2fEG/FyZt/dS9a6GNAYSHiCNOaalcM3vOQrLd5
pZAKNRGVo2/6fdzit1SD9cvZLoitf0JEhdsKy5g/V4Mpu06A9LdIvRYOFwn4kyE0
8M5OJ7F8/lXs+I1uS1lHGWuLr+H5yBwdtuQoPdB5UZnf85wZ9rKAA4NomNT9U2PZ
0vwob/I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:44 2024 by rpki-client on console-fra.rpki-client.org