Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E647A/7948EA1C1DA911E2BA1484A408B02CD2/092C19FCA34C11EBB95A1B7BC4F9AE02.roa
File: 092C19FCA34C11EBB95A1B7BC4F9AE02.roa (raw, json)
Hash identifier: TFCa0bfZDCyDs3CblDobvJNITP42wpla6pPSQpoenGU=
Subject key identifier: 36:5F:89:CB:51:1E:1B:52:7B:F7:DD:91:6C:D8:77:57:D2:99:DB:B0
Certificate issuer: /CN=A91E647A/serialNumber=8F59C8FD5A0B5A99AB040064423ABF4DB0B4E086
Certificate serial: 3381
Authority key identifier: 8F:59:C8:FD:5A:0B:5A:99:AB:04:00:64:42:3A:BF:4D:B0:B4:E0:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/j1nI_VoLWpmrBABkQjq_TbC04IY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E647A/7948EA1C1DA911E2BA1484A408B02CD2/092C19FCA34C11EBB95A1B7BC4F9AE02.roa
Signing time: Sun 08 Oct 2023 15:31:03 +0000
ROA not before: Sun 08 Oct 2023 15:31:02 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 58445
IP address blocks: 103.11.136.0/22 maxlen: 23
116.206.132.0/22 maxlen: 24
2001:df0:29f::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 30 May 2024 05:32:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13185 (0x3381)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E647A/serialNumber=8F59C8FD5A0B5A99AB040064423ABF4DB0B4E086
Validity
Not Before: Oct 8 15:31:02 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6522cb36-d52f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:06:d6:1e:26:87:84:b3:c3:53:fb:0e:dc:69:
94:c5:78:b2:90:40:1a:c3:fb:27:31:43:d4:de:19:
7d:94:4e:78:6a:b7:13:ff:67:b9:68:81:2f:e5:65:
c1:fc:ea:6b:09:20:0f:7d:f6:ac:49:70:0d:79:9d:
88:47:ef:7a:09:b7:7a:f4:01:a3:b1:88:44:38:88:
bf:c7:8c:47:5f:d8:e0:c5:94:b0:3a:3e:be:94:e1:
31:1d:70:98:06:8a:ea:16:f1:4c:d3:c2:63:15:2b:
95:4e:b8:b9:d6:43:06:f3:e4:5f:e1:60:76:bf:0c:
26:d4:8b:8d:55:ed:d3:c3:5a:5b:37:a4:8b:c4:9d:
9d:e0:81:aa:62:9a:46:40:44:9d:48:be:f9:f5:35:
f0:5b:2b:9c:87:f6:05:ad:ef:18:5c:22:c2:1c:34:
f3:07:53:42:6b:d0:3c:52:ee:db:97:61:f7:fc:a8:
1c:b6:ad:de:ed:1c:98:25:1e:f2:6d:bc:ef:04:88:
6f:02:23:f8:f6:c7:2e:bb:e4:94:77:23:0b:9a:f4:
b5:3e:b0:13:33:9b:aa:de:72:1f:9f:06:c4:62:ba:
24:1b:95:9e:79:34:e0:80:44:3b:f7:dc:ff:45:8e:
03:e1:4a:a6:84:03:3b:b8:82:09:7f:af:bb:bd:08:
6c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:5F:89:CB:51:1E:1B:52:7B:F7:DD:91:6C:D8:77:57:D2:99:DB:B0
X509v3 Authority Key Identifier:
keyid:8F:59:C8:FD:5A:0B:5A:99:AB:04:00:64:42:3A:BF:4D:B0:B4:E0:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E647A/7948EA1C1DA911E2BA1484A408B02CD2/j1nI_VoLWpmrBABkQjq_TbC04IY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/j1nI_VoLWpmrBABkQjq_TbC04IY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E647A/7948EA1C1DA911E2BA1484A408B02CD2/092C19FCA34C11EBB95A1B7BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.136.0/22
116.206.132.0/22
IPv6:
2001:df0:29f::/48
Signature Algorithm: sha256WithRSAEncryption
14:fa:b9:e5:c5:f1:5f:08:57:a5:e3:dd:b2:0b:88:ba:fc:b0:
80:e6:2b:ea:c3:df:c2:d6:ff:03:a2:78:70:0c:dc:24:2e:e7:
e7:b4:cb:a6:62:65:a7:26:21:29:25:02:0b:1f:31:30:e6:b5:
df:2e:4e:1c:1d:f7:18:48:0f:5e:0b:c6:9d:40:39:77:6d:7a:
90:f8:60:1a:29:2d:51:11:ea:13:3f:a6:66:f0:34:ac:2c:78:
a9:48:43:12:ec:1a:63:6e:15:da:80:e1:20:b6:1c:54:4b:c1:
79:f8:19:d0:5d:e1:c6:27:ab:c9:42:d1:b7:f6:fb:8e:bd:38:
e1:58:2b:fd:ad:82:9e:5f:c6:16:61:c6:b1:e9:fa:df:37:7d:
3b:6f:d3:24:c1:34:64:ae:31:7d:3b:d5:22:5a:4f:10:87:1b:
82:21:eb:0b:0a:7b:b9:b0:f0:e9:e8:4e:cc:31:a8:ca:92:62:
5f:41:71:a3:41:0c:b9:2c:5f:58:52:2c:75:b4:0e:f3:b9:3b:
c5:f7:3e:a5:e9:b0:3f:32:86:82:12:3c:ea:ac:e5:1b:d2:e3:
e9:e2:90:9e:14:27:e3:fa:8e:32:ad:42:09:02:8d:6c:0c:42:
78:67:34:9b:f7:bf:50:af:b8:3c:fe:2a:5d:7a:91:43:b9:8a:
c4:f3:31:9e
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICM4EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTY0N0ExMTAvBgNVBAUTKDhGNTlDOEZENUEwQjVBOTlBQjA0MDA2NDQyM0FCRjRE
QjBCNEUwODYwHhcNMjMxMDA4MTUzMTAyWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTIyY2IzNi1kNTJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsQbWHiaHhLPDU/sO3GmUxXiykEAaw/snMUPU3hl9lE54arcT/2e5aIEv5WXB
/OprCSAPffasSXANeZ2IR+96Cbd69AGjsYhEOIi/x4xHX9jgxZSwOj6+lOExHXCY
BorqFvFM08JjFSuVTri51kMG8+Rf4WB2vwwm1IuNVe3Tw1pbN6SLxJ2d4IGqYppG
QESdSL759TXwWyuch/YFre8YXCLCHDTzB1NCa9A8Uu7bl2H3/Kgctq3e7RyYJR7y
bbzvBIhvAiP49scuu+SUdyMLmvS1PrATM5uq3nIfnwbEYrokG5WeeTTggEQ799z/
RY4D4UqmhAM7uIIJf6+7vQhseQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFDZfictR
HhtSe/fdkWzYd1fSmduwMB8GA1UdIwQYMBaAFI9ZyP1aC1qZqwQAZEI6v02wtOCG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjQ3QS83OTQ4RUExQzFE
QTkxMUUyQkExNDg0QTQwOEIwMkNEMi9qMW5JX1ZvTFdwbXJCQUJrUWpxX1RiQzA0
SVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2oxbklfVm9MV3BtckJBQmtRanFfVGJDMDRJWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTY0N0EvNzk0OEVBMUMxREE5MTFFMkJBMTQ4NEE0MDhCMDJDRDIvMDkyQzE5RkNB
MzRDMTFFQkI5NUExQjdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAJnC4gDBAJ0zoQwDwQCAAIwCQMHACABDfACnzANBgkqhkiG
9w0BAQsFAAOCAQEAFPq55cXxXwhXpePdsguIuvywgOYr6sPfwtb/A6J4cAzcJC7n
57TLpmJlpyYhKSUCCx8xMOa13y5OHB33GEgPXgvGnUA5d216kPhgGiktURHqEz+m
ZvA0rCx4qUhDEuwaY24V2oDhILYcVEvBefgZ0F3hxieryULRt/b7jr044Vgr/a2C
nl/GFmHGsen63zd9O2/TJME0ZK4xfTvVIlpPEIcbgiHrCwp7ubDw6ehOzDGoypJi
X0Fxo0EMuSxfWFIsdbQO87k7xfc+pemwPzKGghI86qzlG9Lj6eKQnhQn4/qOMq1C
CQKNbAxCeGc0m/e/UK+4PP4qXXqRQ7mKxPMxng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org