Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/9B35F01AD6DF11EEAE02D032C4F9AE02.roa
File: 9B35F01AD6DF11EEAE02D032C4F9AE02.roa (raw, json)
Hash identifier: oTUFcj8qVIF/lu7Uzq1mFYcbBRaryYYLh7JS7WsWC4o=
Subject key identifier: 9A:09:B5:EC:E0:6F:C0:D2:20:B5:C9:D4:67:24:43:D7:94:D0:4E:79
Certificate issuer: /CN=A91EEE06/serialNumber=5073951E5C1582693A87072EE548C65485B05A2C
Certificate serial: 037E
Authority key identifier: 50:73:95:1E:5C:15:82:69:3A:87:07:2E:E5:48:C6:54:85:B0:5A:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UHOVHlwVgmk6hwcu5UjGVIWwWiw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/9B35F01AD6DF11EEAE02D032C4F9AE02.roa
Signing time: Thu 29 Feb 2024 08:50:36 +0000
ROA not before: Thu 29 Feb 2024 08:50:36 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 136969
IP address blocks: 103.152.116.0/23 maxlen: 23
103.152.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Mar 2024 16:25:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 894 (0x37e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EEE06/serialNumber=5073951E5C1582693A87072EE548C65485B05A2C
Validity
Not Before: Feb 29 08:50:36 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65e0455c-d7f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:f7:37:0b:dc:6f:a4:c3:58:28:fa:82:5c:2b:
92:e0:28:59:d0:78:d4:d8:ee:95:61:b0:b2:a3:77:
90:1a:6f:0e:9c:56:45:6c:69:fa:10:98:a6:49:5a:
99:8f:e3:f9:10:a1:62:4d:fb:6e:a6:1c:39:8e:88:
38:29:6c:3f:b2:5b:a0:05:d0:63:98:13:34:21:81:
28:85:51:9d:6b:49:a8:a9:34:4e:57:a7:ce:b8:db:
72:a5:59:59:02:71:90:cc:58:7f:27:48:07:bd:59:
0c:ae:88:a8:c6:fd:cc:de:61:42:57:14:f0:c7:9b:
49:77:1b:1b:aa:c3:2e:a0:0a:ca:ec:a6:a9:97:ab:
fd:48:6a:1f:34:c7:7a:2b:56:20:60:9c:55:53:e6:
4a:6f:bd:72:98:bd:70:2b:c6:26:c9:4b:82:50:08:
c5:37:8f:e9:cb:f8:0a:31:bf:0a:c6:f2:8a:22:73:
c5:f5:65:aa:a1:32:d5:95:9c:3c:1f:12:d3:98:6e:
9e:ff:59:cb:3e:e3:00:a6:70:02:20:be:89:61:d6:
8a:c9:de:fa:1e:83:c6:09:a4:d1:df:41:05:c4:9e:
f2:9f:9d:52:b9:73:a4:09:5d:06:d6:38:16:7e:74:
8a:41:81:f6:a0:f7:ac:c9:ea:23:92:a8:63:0e:ba:
17:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:09:B5:EC:E0:6F:C0:D2:20:B5:C9:D4:67:24:43:D7:94:D0:4E:79
X509v3 Authority Key Identifier:
keyid:50:73:95:1E:5C:15:82:69:3A:87:07:2E:E5:48:C6:54:85:B0:5A:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/UHOVHlwVgmk6hwcu5UjGVIWwWiw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UHOVHlwVgmk6hwcu5UjGVIWwWiw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/9B35F01AD6DF11EEAE02D032C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.116.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:0a:66:20:d9:54:03:8f:6f:2c:41:eb:e3:4f:80:f8:c1:29:
61:92:a5:d2:bc:53:aa:64:be:cc:4b:8e:72:66:32:84:cb:59:
06:6e:d2:6a:0b:76:70:cd:e3:66:79:c9:e8:ae:03:af:39:55:
48:55:fd:2e:12:ff:c7:50:49:c4:81:01:3d:88:cb:e6:33:52:
c8:8f:92:bc:8d:23:08:57:07:e7:35:1b:6f:7b:94:6f:bc:51:
f7:35:e6:37:62:05:68:52:06:e3:dc:4f:a8:ed:33:11:b0:66:
14:26:32:50:37:82:48:fa:77:17:7b:35:ea:06:67:36:80:f8:
ed:c2:ed:8f:3f:c5:1c:dc:4f:e9:76:bb:f2:cc:85:28:fb:7f:
b2:ed:7e:d1:4c:34:f8:ae:0f:44:ee:fc:79:59:1a:2e:e8:28:
6c:2d:c1:55:eb:4e:a9:3b:2e:55:b2:48:1d:8f:7d:95:02:66:
75:90:6b:7e:64:af:54:4f:39:64:d1:a2:70:9c:c4:e1:15:fb:
e0:b5:6e:c8:ca:20:cf:78:c2:85:2b:73:91:86:0e:59:5c:5f:
29:4d:39:46:5f:78:e9:a3:03:a7:be:bf:cc:f0:a2:e8:20:74:
30:99:ff:14:e6:3e:3b:35:08:c6:13:10:52:4f:64:dc:2f:e7:
5f:f4:8b:77
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA34wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUVFMDYxMTAvBgNVBAUTKDUwNzM5NTFFNUMxNTgyNjkzQTg3MDcyRUU1NDhDNjU0
ODVCMDVBMkMwHhcNMjQwMjI5MDg1MDM2WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUwNDU1Yy1kN2Y0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9Pc3C9xvpMNYKPqCXCuS4ChZ0HjU2O6VYbCyo3eQGm8OnFZFbGn6EJimSVqZ
j+P5EKFiTftuphw5jog4KWw/slugBdBjmBM0IYEohVGda0moqTROV6fOuNtypVlZ
AnGQzFh/J0gHvVkMroioxv3M3mFCVxTwx5tJdxsbqsMuoArK7Kapl6v9SGofNMd6
K1YgYJxVU+ZKb71ymL1wK8YmyUuCUAjFN4/py/gKMb8KxvKKInPF9WWqoTLVlZw8
HxLTmG6e/1nLPuMApnACIL6JYdaKyd76HoPGCaTR30EFxJ7yn51SuXOkCV0G1jgW
fnSKQYH2oPesyeojkqhjDroXXQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJoJtezg
b8DSILXJ1GckQ9eU0E55MB8GA1UdIwQYMBaAFFBzlR5cFYJpOocHLuVIxlSFsFos
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUUwNi8wNTU5RUVBRTVD
QkUxMUVDQjI3M0RDN0NDNEY5QUUwMi9VSE9WSGx3VmdtazZod2N1NVVqR1ZJV3dX
aXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VIT1ZIbHdWZ21rNmh3Y3U1VWpHVklXd1dpdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUVFMDYvMDU1OUVFQUU1Q0JFMTFFQ0IyNzNEQzdDQzRGOUFFMDIvOUIzNUYwMUFE
NkRGMTFFRUFFMDJEMDMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmHQwDQYJKoZIhvcNAQELBQADggEBAI4KZiDZVAOPbyxB
6+NPgPjBKWGSpdK8U6pkvsxLjnJmMoTLWQZu0moLdnDN42Z5yeiuA685VUhV/S4S
/8dQScSBAT2Iy+YzUsiPkryNIwhXB+c1G297lG+8Ufc15jdiBWhSBuPcT6jtMxGw
ZhQmMlA3gkj6dxd7NeoGZzaA+O3C7Y8/xRzcT+l2u/LMhSj7f7LtftFMNPiuD0Tu
/HlZGi7oKGwtwVXrTqk7LlWySB2PfZUCZnWQa35kr1RPOWTRonCcxOEV++C1bsjK
IM94woUrc5GGDllcXylNOUZfeOmjA6e+v8zwouggdDCZ/xTmPjs1CMYTEFJPZNwv
51/0i3c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org