Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5E8B/DEC3BD7C5AD311EEA92F9320C4F9AE02/8870B28C5B7211EEBAB86930C4F9AE02.roa
File: 8870B28C5B7211EEBAB86930C4F9AE02.roa (raw, json)
Hash identifier: V7DX1zcCCatOs9SzkOAoWUJXxihqhp4n2DivKQwRYfk=
Subject key identifier: 88:00:CC:02:87:B7:66:95:45:A2:73:1E:8F:F0:1F:5A:F8:09:2A:5B
Certificate issuer: /CN=A91E5E8B/serialNumber=BD9D66877D866E7C904156BE08CB4371AAE001BD
Certificate serial: 06
Authority key identifier: BD:9D:66:87:7D:86:6E:7C:90:41:56:BE:08:CB:43:71:AA:E0:01:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vZ1mh32GbnyQQVa-CMtDcargAb0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E5E8B/DEC3BD7C5AD311EEA92F9320C4F9AE02/8870B28C5B7211EEBAB86930C4F9AE02.roa
Signing time: Mon 25 Sep 2023 07:09:57 +0000
ROA not before: Mon 25 Sep 2023 07:09:57 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 140632
IP address blocks: 103.203.236.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 28 Sep 2023 18:54:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5E8B/serialNumber=BD9D66877D866E7C904156BE08CB4371AAE001BD
Validity
Not Before: Sep 25 07:09:57 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65113245-1162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:10:ae:3e:57:0c:e6:4a:fd:f9:eb:3c:75:87:
db:8e:34:41:2d:47:8e:6d:2d:cd:9a:1a:ad:cc:65:
1f:27:89:ea:a8:81:6b:44:2a:4c:c9:6f:1d:b6:00:
8a:b1:6a:ad:85:3d:b9:57:91:66:7e:64:08:32:c3:
28:82:b5:dc:54:37:52:e0:d4:18:13:34:60:c9:26:
56:db:83:a4:af:c6:42:b1:7b:03:16:30:e2:10:f8:
2d:3d:81:67:85:3d:1d:df:e3:8f:fa:58:54:e2:51:
06:2b:1d:24:04:31:f8:9e:80:54:39:a7:0f:a9:05:
7f:d8:51:fe:20:01:fd:8c:ae:9b:62:d8:1c:91:d8:
e4:a3:57:b4:01:94:18:fb:60:84:87:e0:47:6e:e3:
1f:fc:c8:09:6f:24:0e:61:e2:80:2e:53:c4:54:79:
63:f3:fd:64:9c:73:d8:d9:76:f4:99:f3:89:f9:c1:
68:d2:83:aa:d7:81:db:bb:7e:1e:a5:a7:c6:02:6d:
f0:b9:f0:84:92:7f:b8:2a:0b:34:17:44:bb:9b:5b:
7a:4c:d5:57:f4:bb:30:e3:98:44:7c:c2:55:a8:6b:
31:00:c7:62:58:51:3b:6c:bd:99:cf:ec:78:23:80:
e0:d7:7b:d4:c6:73:44:7a:22:98:6c:40:3f:4e:dc:
3b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:00:CC:02:87:B7:66:95:45:A2:73:1E:8F:F0:1F:5A:F8:09:2A:5B
X509v3 Authority Key Identifier:
keyid:BD:9D:66:87:7D:86:6E:7C:90:41:56:BE:08:CB:43:71:AA:E0:01:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E5E8B/DEC3BD7C5AD311EEA92F9320C4F9AE02/vZ1mh32GbnyQQVa-CMtDcargAb0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vZ1mh32GbnyQQVa-CMtDcargAb0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5E8B/DEC3BD7C5AD311EEA92F9320C4F9AE02/8870B28C5B7211EEBAB86930C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.203.236.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:7a:aa:2f:dd:85:f4:27:e4:81:3e:fa:b1:99:82:95:db:76:
71:82:1d:82:b6:ee:07:e4:99:8d:55:a1:1d:41:8a:f9:fa:a4:
33:12:c9:2e:f1:a2:f1:a2:3a:16:04:3e:c5:00:62:22:97:38:
ac:3c:ba:74:57:07:36:42:50:70:dd:22:c9:af:4c:54:1d:61:
01:b8:88:cc:55:76:7b:13:1b:9f:93:26:4e:86:50:04:49:e1:
13:f1:c0:45:c9:1b:c9:dc:05:36:37:cb:88:77:fa:c3:17:26:
4f:09:08:9a:14:bd:23:a7:b6:5d:5e:22:3d:74:1f:42:24:09:
1a:22:0c:fa:51:19:2d:58:f4:08:ab:fe:10:cc:60:f9:72:52:
d5:62:f1:f7:ce:e4:41:57:da:8f:7a:d2:cb:ee:3b:fe:03:17:
5f:0f:1b:ac:fc:72:af:f5:73:53:6a:64:3a:21:98:43:42:d9:
8b:ae:82:74:ac:68:e2:19:d6:55:d2:73:e3:b8:63:53:79:74:
e2:50:78:49:09:fd:33:f6:3e:51:26:2d:01:ce:0f:a7:ed:7b:
ea:23:da:f5:cf:12:c4:0f:b0:7c:6b:ef:f8:83:31:4b:5f:51:
7d:d5:01:ce:4c:47:67:c2:b6:71:8a:a2:c7:30:59:ce:2a:6a:
b5:1d:c0:b4
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
NUU4QjExMC8GA1UEBRMoQkQ5RDY2ODc3RDg2NkU3QzkwNDE1NkJFMDhDQjQzNzFB
QUUwMDFCRDAeFw0yMzA5MjUwNzA5NTdaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MTEzMjQ1LTExNjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC9EK4+VwzmSv356zx1h9uONEEtR45tLc2aGq3MZR8nieqogWtEKkzJbx22AIqx
aq2FPblXkWZ+ZAgywyiCtdxUN1Lg1BgTNGDJJlbbg6SvxkKxewMWMOIQ+C09gWeF
PR3f44/6WFTiUQYrHSQEMfiegFQ5pw+pBX/YUf4gAf2Mrpti2ByR2OSjV7QBlBj7
YISH4Edu4x/8yAlvJA5h4oAuU8RUeWPz/WScc9jZdvSZ84n5wWjSg6rXgdu7fh6l
p8YCbfC58ISSf7gqCzQXRLubW3pM1Vf0uzDjmER8wlWoazEAx2JYUTtsvZnP7Hgj
gODXe9TGc0R6IphsQD9O3DuVAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUiADMAoe3
ZpVFonMej/AfWvgJKlswHwYDVR0jBBgwFoAUvZ1mh32GbnyQQVa+CMtDcargAb0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU1RThCL0RFQzNCRDdDNUFE
MzExRUVBOTJGOTMyMEM0RjlBRTAyL3ZaMW1oMzJHYm55UVFWYS1DTXREY2FyZ0Fi
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdloxbWgzMkdibnlRUVZhLUNNdERjYXJnQWIwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NUU4Qi9ERUMzQkQ3QzVBRDMxMUVFQTkyRjkzMjBDNEY5QUUwMi84ODcwQjI4QzVC
NzIxMUVFQkFCODY5MzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWfL7DANBgkqhkiG9w0BAQsFAAOCAQEApnqqL92F9CfkgT76
sZmCldt2cYIdgrbuB+SZjVWhHUGK+fqkMxLJLvGi8aI6FgQ+xQBiIpc4rDy6dFcH
NkJQcN0iya9MVB1hAbiIzFV2exMbn5MmToZQBEnhE/HARckbydwFNjfLiHf6wxcm
TwkImhS9I6e2XV4iPXQfQiQJGiIM+lEZLVj0CKv+EMxg+XJS1WLx987kQVfaj3rS
y+47/gMXXw8brPxyr/VzU2pkOiGYQ0LZi66CdKxo4hnWVdJz47hjU3l04lB4SQn9
M/Y+USYtAc4Pp+176iPa9c8SxA+wfGvv+IMxS19RfdUBzkxHZ8K2cYqixzBZzipq
tR3AtA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:44 2024 by rpki-client on console-fra.rpki-client.org