Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/9C1309B4D6DF11EEAE02D032C4F9AE02.roa
File: 9C1309B4D6DF11EEAE02D032C4F9AE02.roa (raw, json)
Hash identifier: BE+P0Q8qboYZFHjgCY5IgCZjIfCcsyny4IFA+uV0YKI=
Subject key identifier: 0A:2E:C2:BB:C3:6B:D8:FE:CF:82:43:00:E1:CC:1B:BE:63:EA:91:40
Certificate issuer: /CN=A91EEE06/serialNumber=5073951E5C1582693A87072EE548C65485B05A2C
Certificate serial: 037F
Authority key identifier: 50:73:95:1E:5C:15:82:69:3A:87:07:2E:E5:48:C6:54:85:B0:5A:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UHOVHlwVgmk6hwcu5UjGVIWwWiw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/9C1309B4D6DF11EEAE02D032C4F9AE02.roa
Signing time: Thu 29 Feb 2024 08:50:38 +0000
ROA not before: Thu 29 Feb 2024 08:50:38 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 140732
IP address blocks: 103.152.116.0/23 maxlen: 23
103.152.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Mar 2024 16:25:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 895 (0x37f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EEE06/serialNumber=5073951E5C1582693A87072EE548C65485B05A2C
Validity
Not Before: Feb 29 08:50:38 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65e0455e-93b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1d:5d:a7:e0:3c:45:c0:04:6b:06:1d:8a:a0:
90:4d:9d:90:d3:ba:fa:f0:73:6d:30:f0:ae:0e:dc:
6c:bf:7d:be:b2:4f:ba:39:60:a5:28:f0:ef:ff:c0:
ee:69:60:54:6b:20:a0:fb:12:90:09:3b:ff:77:28:
00:72:d9:c6:32:c5:25:45:58:79:65:5d:01:d5:93:
9a:93:22:66:a8:3f:8f:05:17:1b:e8:72:c4:93:46:
f6:ba:ad:f4:0a:58:fe:68:bd:48:43:d1:39:9e:aa:
c0:e0:82:52:9c:87:c9:08:12:d1:8d:6d:30:cb:82:
40:76:ca:f7:47:db:c7:37:36:b3:58:5f:b3:77:b0:
0c:9c:47:d4:28:c8:d2:d6:28:92:b8:5d:39:f5:a0:
dd:94:26:7d:30:bf:58:f6:dc:d6:a5:c9:0e:fa:af:
5e:02:6d:53:dd:5c:38:3a:c0:02:ea:e4:b5:5e:73:
03:92:52:9a:b6:f6:46:9b:dd:75:68:91:38:85:d1:
93:43:dd:a4:61:b4:4e:a8:17:87:9c:27:76:24:bd:
7d:0e:f8:a3:7f:be:09:b8:6a:a7:5b:84:dd:89:42:
bf:9c:42:f8:60:53:03:c9:e1:0f:c4:a2:f5:6e:49:
7e:c3:3f:8a:4b:0e:73:53:3a:83:66:9f:a1:d9:04:
0f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:2E:C2:BB:C3:6B:D8:FE:CF:82:43:00:E1:CC:1B:BE:63:EA:91:40
X509v3 Authority Key Identifier:
keyid:50:73:95:1E:5C:15:82:69:3A:87:07:2E:E5:48:C6:54:85:B0:5A:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/UHOVHlwVgmk6hwcu5UjGVIWwWiw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UHOVHlwVgmk6hwcu5UjGVIWwWiw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/9C1309B4D6DF11EEAE02D032C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.116.0/23
Signature Algorithm: sha256WithRSAEncryption
49:7f:27:26:73:84:e9:12:44:e0:16:d2:d1:cc:48:bb:89:cb:
cd:65:2f:6f:98:d5:0f:41:2a:62:d8:92:f0:1a:c6:63:39:2d:
83:01:f3:73:63:0b:cb:43:51:94:89:4b:56:fb:96:97:cb:06:
f3:58:ff:cd:73:ab:93:0f:5b:61:2f:85:19:c0:e8:e8:e8:8d:
d8:fa:e6:20:08:63:86:b7:9c:2c:3d:0c:96:1a:8b:be:35:da:
6d:df:7f:10:50:16:6b:e5:72:f4:fa:1f:d4:52:07:65:79:e0:
13:47:96:4b:c2:df:1c:94:c2:7d:b7:42:57:f3:27:99:69:5b:
fc:a5:38:58:86:2b:23:0d:0a:97:4c:6c:1a:c9:38:2a:28:63:
16:84:2c:08:86:b0:b9:85:ce:44:64:e3:84:b0:07:34:94:fb:
0e:5d:d5:bf:a3:73:a0:52:17:dd:d3:72:77:ea:58:a3:c8:e0:
30:61:22:03:22:7c:b6:d9:9a:21:b7:16:1c:d6:e3:49:e9:25:
b9:18:fe:8e:a1:62:50:b9:87:03:bf:d5:ec:d6:4a:04:9e:7d:
fe:b5:ed:32:fe:31:50:06:24:28:66:f7:f3:c6:c2:43:be:d3:
5e:8c:76:36:c1:b2:13:c7:5c:df:2c:bd:cf:e5:12:a9:4e:3c:
c2:b8:4a:6b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA38wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUVFMDYxMTAvBgNVBAUTKDUwNzM5NTFFNUMxNTgyNjkzQTg3MDcyRUU1NDhDNjU0
ODVCMDVBMkMwHhcNMjQwMjI5MDg1MDM4WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUwNDU1ZS05M2IwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuR1dp+A8RcAEawYdiqCQTZ2Q07r68HNtMPCuDtxsv32+sk+6OWClKPDv/8Du
aWBUayCg+xKQCTv/dygActnGMsUlRVh5ZV0B1ZOakyJmqD+PBRcb6HLEk0b2uq30
Clj+aL1IQ9E5nqrA4IJSnIfJCBLRjW0wy4JAdsr3R9vHNzazWF+zd7AMnEfUKMjS
1iiSuF059aDdlCZ9ML9Y9tzWpckO+q9eAm1T3Vw4OsAC6uS1XnMDklKatvZGm911
aJE4hdGTQ92kYbROqBeHnCd2JL19Dvijf74JuGqnW4TdiUK/nEL4YFMDyeEPxKL1
bkl+wz+KSw5zUzqDZp+h2QQPzwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAouwrvD
a9j+z4JDAOHMG75j6pFAMB8GA1UdIwQYMBaAFFBzlR5cFYJpOocHLuVIxlSFsFos
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUUwNi8wNTU5RUVBRTVD
QkUxMUVDQjI3M0RDN0NDNEY5QUUwMi9VSE9WSGx3VmdtazZod2N1NVVqR1ZJV3dX
aXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VIT1ZIbHdWZ21rNmh3Y3U1VWpHVklXd1dpdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUVFMDYvMDU1OUVFQUU1Q0JFMTFFQ0IyNzNEQzdDQzRGOUFFMDIvOUMxMzA5QjRE
NkRGMTFFRUFFMDJEMDMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmHQwDQYJKoZIhvcNAQELBQADggEBAEl/JyZzhOkSROAW
0tHMSLuJy81lL2+Y1Q9BKmLYkvAaxmM5LYMB83NjC8tDUZSJS1b7lpfLBvNY/81z
q5MPW2EvhRnA6Ojojdj65iAIY4a3nCw9DJYai7412m3ffxBQFmvlcvT6H9RSB2V5
4BNHlkvC3xyUwn23QlfzJ5lpW/ylOFiGKyMNCpdMbBrJOCooYxaELAiGsLmFzkRk
44SwBzSU+w5d1b+jc6BSF93TcnfqWKPI4DBhIgMifLbZmiG3FhzW40npJbkY/o6h
YlC5hwO/1ezWSgSeff617TL+MVAGJChm9/PGwkO+016MdjbBshPHXN8svc/lEqlO
PMK4Sms=
-----END CERTIFICATE-----
Generated at Tue Mar 5 20:21:26 2024 by rpki-client on console-ams.rpki-client.org