Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/D11F7644C2F711ED95226623C4F9AE02.roa
File: D11F7644C2F711ED95226623C4F9AE02.roa (raw, json)
Hash identifier: MNS+EOjvju9DtYHeoxGfthtGlBWvWV7godJ+IURxOo0=
Subject key identifier: D6:BA:D3:8C:07:07:DA:DB:A4:91:B1:1D:53:B2:B5:55:F0:E5:04:96
Certificate issuer: /CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2
Certificate serial: 0CA4
Authority key identifier: 28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/D11F7644C2F711ED95226623C4F9AE02.roa
Signing time: Wed 15 Mar 2023 06:08:35 +0000
ROA not before: Wed 15 Mar 2023 06:08:35 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 138970
IP address blocks: 103.5.0.0/22 maxlen: 22
103.5.0.0/23 maxlen: 23
103.5.0.0/24 maxlen: 24
103.5.1.0/24 maxlen: 24
103.5.2.0/23 maxlen: 23
103.5.2.0/24 maxlen: 24
103.5.3.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3236 (0xca4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2
Validity
Not Before: Mar 15 06:08:35 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=641160e2-95f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:56:dc:a8:f8:78:e2:b6:26:0b:4d:70:3c:fb:
0c:e1:90:d4:75:56:2e:9a:ff:51:05:73:ed:c1:79:
65:12:2a:21:5c:a9:01:16:ba:66:99:9b:bf:18:4d:
36:c4:38:b2:c7:ad:2a:ce:30:57:f8:9f:6b:7d:45:
e1:bc:b7:61:cf:92:96:d5:a9:60:d0:25:96:13:24:
23:94:fb:72:b6:e5:91:5d:f6:22:06:c9:24:9f:98:
43:96:69:bc:d3:be:e4:44:e8:6c:56:72:fd:80:ce:
b7:38:57:07:da:43:85:9b:e3:bb:5d:86:6e:53:96:
cf:82:e7:a7:00:17:46:c5:4f:e9:e0:41:c8:77:d0:
a2:81:76:3e:a8:6f:c5:5c:44:03:0f:7f:ce:31:df:
be:78:c0:01:81:f2:12:40:0a:b3:69:d8:53:d1:ca:
fe:1c:dd:69:26:d0:0b:43:71:bd:a8:c1:c6:75:51:
66:c2:d3:9b:06:a9:9b:30:86:80:e6:aa:03:86:61:
01:b0:8f:2a:49:da:da:df:92:70:b0:41:d3:a3:ac:
5e:62:7a:6c:90:29:32:69:52:ba:9e:02:a5:a2:77:
0a:4d:78:e2:28:21:cb:7f:f7:49:6f:6a:51:e7:b9:
5b:7a:f6:98:12:ea:d3:b3:d4:74:71:16:e0:9f:51:
ce:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:BA:D3:8C:07:07:DA:DB:A4:91:B1:1D:53:B2:B5:55:F0:E5:04:96
X509v3 Authority Key Identifier:
keyid:28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/D11F7644C2F711ED95226623C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.5.0.0/22
Signature Algorithm: sha256WithRSAEncryption
31:1a:75:a2:9c:0d:09:16:2a:d7:fe:f4:b6:4a:4d:49:eb:29:
e4:99:0b:29:07:23:8a:25:e5:47:8d:cb:71:47:26:c8:4d:48:
7c:78:58:ca:bd:24:20:af:6c:c2:50:e8:46:e6:f3:19:fa:14:
67:ae:6b:cc:51:7a:c7:ce:ba:2c:f2:4d:a9:3e:68:76:f5:c2:
22:fe:f5:d6:21:eb:e2:c1:df:35:7b:82:11:0d:b3:26:b9:3f:
be:46:40:77:6a:a9:86:5a:7e:e2:8c:b0:f8:26:a2:3e:77:e9:
8e:05:4e:fc:d7:f7:85:4f:8a:50:cf:1d:1d:0d:e0:24:e0:8c:
cc:87:58:8e:1f:cc:63:e3:0a:fa:16:8c:0e:ff:b9:cc:25:a3:
df:00:12:75:a6:2d:7e:fd:db:89:32:e9:27:f5:8d:01:f4:ca:
f6:a1:13:52:78:da:2c:83:1d:cc:12:99:aa:e6:81:74:b0:b6:
75:97:db:c3:a3:a9:3c:d5:76:a5:84:e6:88:fd:5f:d5:9e:69:
8f:77:dc:df:83:9d:aa:32:6d:43:1c:71:b1:33:b7:60:6a:8a:
1a:19:ab:a6:75:fb:5f:dd:ae:15:c9:f0:47:77:5a:ef:9c:06:
5a:91:a7:0d:6f:37:03:0e:99:42:92:eb:dd:60:33:a1:1a:0c:
2a:b1:cf:8c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDKQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTg2OEMxMTAvBgNVBAUTKDI4RTY3MEMyRTM3MDEyRjA1QzYzQkI1NjZFMjAzQzUx
REM0NUUyQjIwHhcNMjMwMzE1MDYwODM1WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDExNjBlMi05NWY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtlbcqPh44rYmC01wPPsM4ZDUdVYumv9RBXPtwXllEiohXKkBFrpmmZu/GE02
xDiyx60qzjBX+J9rfUXhvLdhz5KW1alg0CWWEyQjlPtytuWRXfYiBskkn5hDlmm8
077kROhsVnL9gM63OFcH2kOFm+O7XYZuU5bPguenABdGxU/p4EHId9CigXY+qG/F
XEQDD3/OMd++eMABgfISQAqzadhT0cr+HN1pJtALQ3G9qMHGdVFmwtObBqmbMIaA
5qoDhmEBsI8qSdra35JwsEHTo6xeYnpskCkyaVK6ngKloncKTXjiKCHLf/dJb2pR
57lbevaYEurTs9R0cRbgn1HOAQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNa604wH
B9rbpJGxHVOytVXw5QSWMB8GA1UdIwQYMBaAFCjmcMLjcBLwXGO7Vm4gPFHcReKy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODY4Qy8zRkI5MzM2OEE5
REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2QmNZN3RXYmlBOFVkeEY0
ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tPWnd3dU53RXZCY1k3dFdiaUE4VWR4RjRySS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTg2OEMvM0ZCOTMzNjhBOURCMTFFOTg0Mjg1Mjg2QzRGOUFFMDIvRDExRjc2NDRD
MkY3MTFFRDk1MjI2NjIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnBQAwDQYJKoZIhvcNAQELBQADggEBADEadaKcDQkWKtf+
9LZKTUnrKeSZCykHI4ol5UeNy3FHJshNSHx4WMq9JCCvbMJQ6Ebm8xn6FGeua8xR
esfOuizyTak+aHb1wiL+9dYh6+LB3zV7ghENsya5P75GQHdqqYZafuKMsPgmoj53
6Y4FTvzX94VPilDPHR0N4CTgjMyHWI4fzGPjCvoWjA7/ucwlo98AEnWmLX7924ky
6Sf1jQH0yvahE1J42iyDHcwSmarmgXSwtnWX28OjqTzVdqWE5oj9X9WeaY933N+D
naoybUMccbEzt2BqihoZq6Z1+1/drhXJ8Ed3Wu+cBlqRpw1vNwMOmUKS691gM6Ea
DCqxz4w=
-----END CERTIFICATE-----
Generated at Fri Aug 18 05:14:41 2023 by rpki-client on console-ams.rpki-client.org