Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/05EA938068DC11ECA2ACE530C4F9AE02.roa
File: 05EA938068DC11ECA2ACE530C4F9AE02.roa (raw, json)
Hash identifier: JGrUrHPfRq6f8paA/wXEJlAkphMpvqaR5m446LSLz8U=
Subject key identifier: 2F:84:96:28:6B:52:FA:08:CC:D8:7F:D3:BA:A3:31:25:0C:AE:F8:09
Certificate issuer: /CN=A91ED8E0/serialNumber=CC5419C8A78BCD53AD171C5B74A4071D95395049
Certificate serial: 07A4
Authority key identifier: CC:54:19:C8:A7:8B:CD:53:AD:17:1C:5B:74:A4:07:1D:95:39:50:49
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFQZyKeLzVOtFxxbdKQHHZU5UEk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/05EA938068DC11ECA2ACE530C4F9AE02.roa
Signing time: Tue 19 Dec 2023 12:17:02 +0000
ROA not before: Tue 19 Dec 2023 12:17:02 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 140616
IP address blocks: 103.151.10.0/24 maxlen: 24
103.151.11.0/24 maxlen: 24
2406:1140::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 29 Feb 2024 09:40:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1956 (0x7a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ED8E0/serialNumber=CC5419C8A78BCD53AD171C5B74A4071D95395049
Validity
Not Before: Dec 19 12:17:02 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=658189be-3fac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:91:c1:65:f9:f2:7c:86:f5:a3:7f:e7:dd:bd:
9f:55:52:ca:6a:dc:02:77:cc:18:e7:a4:e4:41:27:
55:4c:3b:b3:1e:40:20:ec:70:cb:05:ea:96:35:80:
cf:5c:1f:89:d0:51:47:c3:b0:e3:aa:3c:88:f5:61:
8e:01:1c:e2:c6:d1:67:1a:c8:8c:30:ba:d9:e5:c0:
4d:6b:65:58:3e:b7:83:b1:45:50:e5:df:94:a2:59:
27:4e:c0:64:f3:52:6e:a5:9c:00:55:cb:32:e1:06:
92:bd:a6:bf:a9:60:12:4c:c4:15:da:cb:0a:e5:0b:
a2:e8:49:77:0d:76:a7:a5:f2:06:ed:88:67:8e:6f:
be:ee:82:36:fa:20:8c:ab:7f:04:14:27:e1:5a:8c:
3d:61:ab:36:d1:76:52:28:2a:7b:74:53:60:e5:8f:
85:91:0b:83:63:33:4e:fe:0b:20:11:b3:98:eb:b3:
8a:92:fe:78:4e:51:e0:7b:f1:5c:52:0c:65:18:83:
a8:47:7d:fd:e1:9d:16:32:58:bd:5e:91:a2:80:37:
61:7a:49:54:a5:f2:15:7c:75:05:12:36:c5:0a:54:
38:90:79:6e:0b:9f:ab:73:69:78:44:cf:c8:47:8f:
ad:b4:42:46:1e:d3:1e:71:1d:b3:34:a2:33:d8:d5:
95:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:84:96:28:6B:52:FA:08:CC:D8:7F:D3:BA:A3:31:25:0C:AE:F8:09
X509v3 Authority Key Identifier:
keyid:CC:54:19:C8:A7:8B:CD:53:AD:17:1C:5B:74:A4:07:1D:95:39:50:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/zFQZyKeLzVOtFxxbdKQHHZU5UEk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFQZyKeLzVOtFxxbdKQHHZU5UEk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/05EA938068DC11ECA2ACE530C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.10.0/23
IPv6:
2406:1140::/32
Signature Algorithm: sha256WithRSAEncryption
8e:b1:a4:87:9f:0e:a7:8f:04:7b:c6:61:1e:ce:cf:b0:bf:6c:
44:f3:3d:7d:74:5b:ec:af:08:8e:26:4b:b8:20:59:95:ad:5a:
15:34:94:7f:15:38:53:ee:cf:a5:66:db:97:30:a4:d4:0d:48:
ad:99:4d:30:84:20:ec:91:8f:58:27:66:41:26:eb:c9:db:7f:
7a:1d:22:61:e9:5b:3f:e3:f5:4d:bf:b3:0a:05:d2:c9:92:e5:
2f:3c:50:82:50:c5:67:2b:c9:36:a8:c8:e4:e0:65:0b:99:ec:
53:b2:cb:a4:1a:c5:89:0d:9c:f3:77:39:21:2b:3f:3c:9e:aa:
bd:0c:0e:b6:8e:fe:11:0e:f7:59:80:2b:d6:d8:ca:62:27:a1:
7c:16:4a:1c:82:e7:b7:3f:0c:1a:1d:b6:fc:fd:8e:9a:f2:90:
2b:80:81:1d:36:b0:3b:9b:0f:7a:86:10:a3:26:de:c6:cc:f5:
88:f2:e5:b8:30:90:4d:d0:e4:61:34:2c:24:bf:19:8c:90:80:
63:ad:27:7e:0d:29:70:67:15:65:22:08:40:2f:e7:14:ba:fe:
40:5b:8b:5b:8a:47:eb:bd:5b:5e:97:f6:2f:66:3a:b4:13:dc:
d5:6d:4b:47:38:f6:b8:f6:63:df:f4:2f:24:a0:22:86:ce:6d:
ba:36:85:18
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICB6QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUQ4RTAxMTAvBgNVBAUTKENDNTQxOUM4QTc4QkNENTNBRDE3MUM1Qjc0QTQwNzFE
OTUzOTUwNDkwHhcNMjMxMjE5MTIxNzAyWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTgxODliZS0zZmFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApJHBZfnyfIb1o3/n3b2fVVLKatwCd8wY56TkQSdVTDuzHkAg7HDLBeqWNYDP
XB+J0FFHw7DjqjyI9WGOARzixtFnGsiMMLrZ5cBNa2VYPreDsUVQ5d+UolknTsBk
81JupZwAVcsy4QaSvaa/qWASTMQV2ssK5Qui6El3DXanpfIG7Yhnjm++7oI2+iCM
q38EFCfhWow9Yas20XZSKCp7dFNg5Y+FkQuDYzNO/gsgEbOY67OKkv54TlHge/Fc
UgxlGIOoR3394Z0WMli9XpGigDdheklUpfIVfHUFEjbFClQ4kHluC5+rc2l4RM/I
R4+ttEJGHtMecR2zNKIz2NWVowIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFC+Elihr
UvoIzNh/07qjMSUMrvgJMB8GA1UdIwQYMBaAFMxUGcini81TrRccW3SkBx2VOVBJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRDhFMC9FRTJENTMyNkI5
NDcxMUVBOEE2NDlFNzZDNEY5QUUwMi96RlFaeUtlTHpWT3RGeHhiZEtRSEhaVTVV
RWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pGUVp5S2VMelZPdEZ4eGJkS1FISFpVNVVFay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUQ4RTAvRUUyRDUzMjZCOTQ3MTFFQThBNjQ5RTc2QzRGOUFFMDIvMDVFQTkzODA2
OERDMTFFQ0EyQUNFNTMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnlwowDQQCAAIwBwMFACQGEUAwDQYJKoZIhvcNAQELBQAD
ggEBAI6xpIefDqePBHvGYR7Oz7C/bETzPX10W+yvCI4mS7ggWZWtWhU0lH8VOFPu
z6Vm25cwpNQNSK2ZTTCEIOyRj1gnZkEm68nbf3odImHpWz/j9U2/swoF0smS5S88
UIJQxWcryTaoyOTgZQuZ7FOyy6QaxYkNnPN3OSErPzyeqr0MDraO/hEO91mAK9bY
ymInoXwWShyC57c/DBodtvz9jprykCuAgR02sDubD3qGEKMm3sbM9Yjy5bgwkE3Q
5GE0LCS/GYyQgGOtJ34NKXBnFWUiCEAv5xS6/kBbi1uKR+u9W16X9i9mOrQT3NVt
S0c49rj2Y9/0LySgIobObbo2hRg=
-----END CERTIFICATE-----
Generated at Thu Feb 29 14:02:43 2024 by rpki-client on console-ams.rpki-client.org