Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/04DC623468DC11ECA2ACE530C4F9AE02.roa
File: 04DC623468DC11ECA2ACE530C4F9AE02.roa (raw, json)
Hash identifier: 7C2AjCWZgO7m1nWMVhwzING/Jvxvp6+cH6tNAzNTnGI=
Subject key identifier: 77:8F:DF:52:40:AF:2C:1E:EC:2A:FD:4A:DA:3A:8A:71:13:26:DB:84
Certificate issuer: /CN=A91ED8E0/serialNumber=CC5419C8A78BCD53AD171C5B74A4071D95395049
Certificate serial: 0749
Authority key identifier: CC:54:19:C8:A7:8B:CD:53:AD:17:1C:5B:74:A4:07:1D:95:39:50:49
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFQZyKeLzVOtFxxbdKQHHZU5UEk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/04DC623468DC11ECA2ACE530C4F9AE02.roa
Signing time: Wed 28 Jun 2023 21:12:15 +0000
ROA not before: Wed 28 Jun 2023 21:12:15 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 59239
IP address blocks: 103.151.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 09:40:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1865 (0x749)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ED8E0/serialNumber=CC5419C8A78BCD53AD171C5B74A4071D95395049
Validity
Not Before: Jun 28 21:12:15 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=649ca22e-c772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:cc:0a:a9:aa:df:17:07:99:46:29:1c:95:9a:
92:51:3a:f6:3c:94:93:52:5f:ec:2a:2f:34:b8:32:
29:1d:3e:9b:f7:23:30:87:a4:50:1d:c4:e7:14:6b:
ee:48:65:2a:dd:19:15:54:f1:4d:66:51:2a:72:56:
12:7d:68:a3:58:03:62:6a:4d:e0:11:9a:df:23:b4:
de:ae:48:68:bc:28:25:26:08:f9:c2:f9:c7:c4:ed:
f9:47:08:8e:76:24:80:4a:42:73:5f:6b:70:6d:7e:
3b:d7:02:84:92:b7:c8:02:91:47:dc:93:76:ff:2a:
be:19:74:10:cb:2d:7d:4a:a8:ae:42:16:dc:76:73:
1e:4f:ed:e2:bd:1f:90:6e:53:e8:2b:15:d0:d3:d8:
d0:98:b1:fd:c5:1b:38:a6:c9:73:88:5f:33:bd:e1:
33:0f:44:61:e4:4e:da:7c:9a:57:28:67:a9:59:08:
da:80:af:01:70:2d:16:b2:13:fd:63:ff:fc:a3:82:
94:fe:7c:40:54:65:a6:3b:94:07:3c:95:8d:60:39:
8c:c7:32:6f:00:25:0a:5c:7a:da:68:2b:d4:b8:cf:
b4:ee:6b:45:c6:6e:d3:f8:da:47:1b:12:9a:94:50:
1a:99:f7:63:86:4f:2f:10:b4:9e:5d:5e:7b:86:1b:
d5:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:8F:DF:52:40:AF:2C:1E:EC:2A:FD:4A:DA:3A:8A:71:13:26:DB:84
X509v3 Authority Key Identifier:
keyid:CC:54:19:C8:A7:8B:CD:53:AD:17:1C:5B:74:A4:07:1D:95:39:50:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/zFQZyKeLzVOtFxxbdKQHHZU5UEk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFQZyKeLzVOtFxxbdKQHHZU5UEk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/04DC623468DC11ECA2ACE530C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.10.0/24
Signature Algorithm: sha256WithRSAEncryption
77:21:9f:2f:2e:98:6b:fc:0a:18:07:da:7b:14:42:c2:df:d1:
5b:68:93:50:8c:a0:b7:4d:d6:24:37:1a:ad:16:34:df:cc:ac:
f7:22:46:60:78:06:6b:40:a2:5a:f3:b7:e5:35:9e:9c:0d:1d:
94:1a:f5:42:2f:45:d9:1a:96:a2:f0:49:f9:f4:16:8c:19:4d:
1d:96:20:ab:23:c2:06:9c:ec:b6:e5:11:e0:27:ba:02:66:b7:
55:ea:25:50:3c:8e:c5:ee:58:c8:b9:d8:6d:99:58:41:98:c3:
33:bf:47:13:53:52:91:91:55:5e:88:9b:4d:8c:53:23:91:5b:
b9:59:94:c3:7b:54:bc:8a:18:f1:26:9c:85:b1:c0:be:26:9f:
9b:73:f0:15:84:f2:3c:81:f9:ee:ec:2d:27:99:72:b6:9b:78:
b8:32:a3:5a:4c:7b:95:2a:de:52:f4:7c:65:ab:47:fb:f2:38:
dc:e0:f3:3d:f6:7c:1f:9f:7f:f9:c7:11:dd:ac:99:bb:9e:4d:
fa:ed:34:0a:56:a7:f6:a4:cd:91:42:2a:8e:92:28:cd:38:88:
95:61:04:18:d0:8c:4d:94:55:eb:6b:c7:44:44:c6:1f:3f:f6:
db:6a:30:76:ca:83:ef:97:a2:95:88:79:37:fe:26:89:c8:f9:
e6:cf:2f:b4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB0kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUQ4RTAxMTAvBgNVBAUTKENDNTQxOUM4QTc4QkNENTNBRDE3MUM1Qjc0QTQwNzFE
OTUzOTUwNDkwHhcNMjMwNjI4MjExMjE1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDljYTIyZS1jNzcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy8wKqarfFweZRikclZqSUTr2PJSTUl/sKi80uDIpHT6b9yMwh6RQHcTnFGvu
SGUq3RkVVPFNZlEqclYSfWijWANiak3gEZrfI7TerkhovCglJgj5wvnHxO35RwiO
diSASkJzX2twbX471wKEkrfIApFH3JN2/yq+GXQQyy19SqiuQhbcdnMeT+3ivR+Q
blPoKxXQ09jQmLH9xRs4pslziF8zveEzD0Rh5E7afJpXKGepWQjagK8BcC0WshP9
Y//8o4KU/nxAVGWmO5QHPJWNYDmMxzJvACUKXHraaCvUuM+07mtFxm7T+NpHGxKa
lFAamfdjhk8vELSeXV57hhvVowIDAQABo4IClTCCApEwHQYDVR0OBBYEFHeP31JA
rywe7Cr9Sto6inETJtuEMB8GA1UdIwQYMBaAFMxUGcini81TrRccW3SkBx2VOVBJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRDhFMC9FRTJENTMyNkI5
NDcxMUVBOEE2NDlFNzZDNEY5QUUwMi96RlFaeUtlTHpWT3RGeHhiZEtRSEhaVTVV
RWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pGUVp5S2VMelZPdEZ4eGJkS1FISFpVNVVFay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUQ4RTAvRUUyRDUzMjZCOTQ3MTFFQThBNjQ5RTc2QzRGOUFFMDIvMDREQzYyMzQ2
OERDMTFFQ0EyQUNFNTMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnlwowDQYJKoZIhvcNAQELBQADggEBAHchny8umGv8ChgH
2nsUQsLf0Vtok1CMoLdN1iQ3Gq0WNN/MrPciRmB4BmtAolrzt+U1npwNHZQa9UIv
RdkalqLwSfn0FowZTR2WIKsjwgac7LblEeAnugJmt1XqJVA8jsXuWMi52G2ZWEGY
wzO/RxNTUpGRVV6Im02MUyORW7lZlMN7VLyKGPEmnIWxwL4mn5tz8BWE8jyB+e7s
LSeZcrabeLgyo1pMe5Uq3lL0fGWrR/vyONzg8z32fB+ff/nHEd2smbueTfrtNApW
p/akzZFCKo6SKM04iJVhBBjQjE2UVetrx0RExh8/9ttqMHbKg++XopWIeTf+JonI
+ebPL7Q=
-----END CERTIFICATE-----
Generated at Thu Feb 29 14:06:36 2024 by rpki-client on console-fra.rpki-client.org