Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/4047B2EE55C811EE992C6B13C4F9AE02.roa
File: 4047B2EE55C811EE992C6B13C4F9AE02.roa (raw, json)
Hash identifier: LWuV2vO2j7OaPVg2SlCJnogECeR6NbV+GiQefO4DLiM=
Subject key identifier: B5:7B:DE:8C:11:82:A5:2B:C9:9F:EA:4F:C5:5A:13:48:98:E2:FE:B7
Certificate issuer: /CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Certificate serial: 3433
Authority key identifier: 58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/4047B2EE55C811EE992C6B13C4F9AE02.roa
Signing time: Thu 19 Oct 2023 00:20:37 +0000
ROA not before: Thu 19 Oct 2023 00:20:37 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.68.120.0/24 maxlen: 24
182.54.238.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13363 (0x3433)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Validity
Not Before: Oct 19 00:20:37 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65307655-1dd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:18:20:b3:6c:a2:29:cf:c3:bd:0b:50:41:66:
1e:6c:12:38:99:19:1b:e4:90:ac:2c:5f:12:4e:56:
da:9b:17:be:08:2e:01:5c:2a:8e:ca:1a:88:f0:3f:
d8:50:64:13:99:c3:9b:63:d6:48:71:b5:1a:ae:45:
44:93:34:d3:ff:ee:65:60:00:35:15:ea:46:f7:1e:
41:ca:5b:cb:d3:65:6e:2e:ac:af:fc:07:54:01:11:
6f:07:6c:3e:6a:18:14:7f:f5:59:71:73:8a:5a:88:
40:f7:27:00:39:8c:97:d9:22:5b:d3:5e:39:d7:83:
fd:99:77:fd:8a:84:b0:d8:dc:1e:dc:9b:fa:0e:06:
9d:d1:36:a9:7b:b2:03:d0:de:41:1d:dc:13:1b:1f:
85:0a:d3:95:92:7d:45:18:76:fe:65:32:25:47:95:
4d:54:6c:21:8e:3c:00:4d:e8:1a:84:ed:06:2b:13:
ea:4d:21:29:51:b7:7b:0f:79:43:5d:19:c2:e1:f2:
bd:78:d0:1c:f3:e8:06:84:f4:28:45:bd:8d:9d:67:
aa:f5:07:66:07:86:f5:54:a6:ad:40:1d:5c:11:22:
bc:e4:7f:e5:b9:62:78:7a:40:06:15:7a:3f:ab:6c:
4c:23:e2:2e:18:3f:da:b5:90:06:ec:7f:f4:53:26:
f0:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:7B:DE:8C:11:82:A5:2B:C9:9F:EA:4F:C5:5A:13:48:98:E2:FE:B7
X509v3 Authority Key Identifier:
keyid:58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/4047B2EE55C811EE992C6B13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.68.120.0/24
182.54.238.0/24
Signature Algorithm: sha256WithRSAEncryption
79:7d:5d:8d:b3:f6:a9:de:5d:2c:ce:20:60:f5:8e:51:61:28:
b6:84:32:33:1a:06:aa:44:35:08:39:6e:3d:3c:60:5e:c7:8e:
6f:0f:4e:b8:a0:a4:c3:7d:db:91:59:49:96:e7:a8:60:8f:a8:
65:88:3a:c9:51:fc:12:db:67:eb:d9:3e:0f:f4:25:58:eb:5b:
12:03:84:c9:99:a9:16:96:ef:c9:f0:ce:87:23:60:31:eb:94:
b9:7f:97:06:7b:27:26:45:20:91:3f:ca:90:3a:d8:53:80:f8:
17:ec:0e:8c:46:cb:13:65:35:f5:ad:61:e1:7a:b5:da:ff:54:
88:1d:17:18:d5:71:fa:7d:d8:f3:a4:67:5b:6c:df:54:6a:cb:
db:dc:ca:43:f9:e1:92:66:23:75:ed:19:c0:29:5d:2c:72:9b:
72:fe:b5:6e:00:27:b9:32:f9:cc:12:ea:e9:74:29:64:ce:91:
a5:90:8c:a3:5e:20:77:06:b4:4d:4f:09:31:2b:8d:79:d8:c2:
4b:bc:b7:01:57:0a:35:6c:c1:d2:dc:b8:d3:b9:03:a7:94:83:
a1:ca:45:aa:ba:f7:cc:38:b6:72:3a:08:55:04:26:18:59:b7:
b9:6a:96:85:e4:91:07:66:05:96:b8:08:29:7c:31:13:b6:19:
a5:e6:97:7d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNDMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThDOTAxMTAvBgNVBAUTKDU4QTE5NkE3QkYwNkYyRTE2RTkwOUQyNzcxNDFCQTQ0
OTExRjFGNEYwHhcNMjMxMDE5MDAyMDM3WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTMwNzY1NS0xZGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwRggs2yiKc/DvQtQQWYebBI4mRkb5JCsLF8STlbamxe+CC4BXCqOyhqI8D/Y
UGQTmcObY9ZIcbUarkVEkzTT/+5lYAA1FepG9x5BylvL02VuLqyv/AdUARFvB2w+
ahgUf/VZcXOKWohA9ycAOYyX2SJb014514P9mXf9ioSw2Nwe3Jv6Dgad0Tape7ID
0N5BHdwTGx+FCtOVkn1FGHb+ZTIlR5VNVGwhjjwATegahO0GKxPqTSEpUbd7D3lD
XRnC4fK9eNAc8+gGhPQoRb2NnWeq9QdmB4b1VKatQB1cESK85H/luWJ4ekAGFXo/
q2xMI+IuGD/atZAG7H/0UybwWQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLV73owR
gqUryZ/qT8VaE0iY4v63MB8GA1UdIwQYMBaAFFihlqe/BvLhbpCdJ3FBukSRHx9P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM5MC8yRDFCRUJFNDFE
OTUxMUUyODhFNkIzRkEwOEIwMkNEMi9XS0dXcDc4Rzh1RnVrSjBuY1VHNlJKRWZI
MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dLR1dwNzhHOHVGdWtKMG5jVUc2UkpFZkgwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThDOTAvMkQxQkVCRTQxRDk1MTFFMjg4RTZCM0ZBMDhCMDJDRDIvNDA0N0IyRUU1
NUM4MTFFRTk5MkM2QjEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnRHgDBAC2Nu4wDQYJKoZIhvcNAQELBQADggEBAHl9XY2z
9qneXSzOIGD1jlFhKLaEMjMaBqpENQg5bj08YF7Hjm8PTrigpMN925FZSZbnqGCP
qGWIOslR/BLbZ+vZPg/0JVjrWxIDhMmZqRaW78nwzocjYDHrlLl/lwZ7JyZFIJE/
ypA62FOA+BfsDoxGyxNlNfWtYeF6tdr/VIgdFxjVcfp92POkZ1ts31Rqy9vcykP5
4ZJmI3XtGcApXSxym3L+tW4AJ7ky+cwS6ul0KWTOkaWQjKNeIHcGtE1PCTErjXnY
wku8twFXCjVswdLcuNO5A6eUg6HKRaq698w4tnI6CFUEJhhZt7lqloXkkQdmBZa4
CCl8MRO2GaXml30=
-----END CERTIFICATE-----
Generated at Mon Nov 6 10:19:40 2023 by rpki-client on console-ams.rpki-client.org