Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3B59/E0B4C3C6C07711EC95DB4268C4F9AE02/3329F47EC07C11EC8DC38579C4F9AE02.roa
File: 3329F47EC07C11EC8DC38579C4F9AE02.roa (raw, json)
Hash identifier: PGxiMvk3SJmGKyaiIShLtsYo/EesZdcqzypgfruurDs=
Subject key identifier: E0:8E:B0:1D:D7:36:C5:38:ED:48:57:0D:66:B8:7F:D9:F5:DA:30:D0
Certificate issuer: /CN=A91F3B59/serialNumber=27507DC7AADF8D091EF577BAF1F00D834788F750
Certificate serial: 021D
Authority key identifier: 27:50:7D:C7:AA:DF:8D:09:1E:F5:77:BA:F1:F0:0D:83:47:88:F7:50
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J1B9x6rfjQke9Xe68fANg0eI91A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F3B59/E0B4C3C6C07711EC95DB4268C4F9AE02/3329F47EC07C11EC8DC38579C4F9AE02.roa
Signing time: Wed 01 Nov 2023 03:54:26 +0000
ROA not before: Wed 01 Nov 2023 03:54:26 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 35916
IP address blocks: 103.101.28.0/24 maxlen: 24
103.101.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 06:59:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 541 (0x21d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F3B59/serialNumber=27507DC7AADF8D091EF577BAF1F00D834788F750
Validity
Not Before: Nov 1 03:54:26 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6541cbf1-9869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:38:88:56:16:51:8a:d2:8a:b8:2c:4f:59:15:
eb:9f:24:fb:ba:e3:bc:3d:ab:9f:77:9c:3b:3a:0c:
ea:39:44:d7:e2:5b:6d:3f:1c:4a:43:29:d1:2b:38:
d7:bb:a2:56:17:bd:23:96:77:5a:14:51:a9:fb:a1:
32:b1:7a:8a:cb:27:a2:2b:9c:b2:0b:ce:2d:4c:f5:
fe:eb:31:45:e0:a0:4b:2d:97:12:f1:6c:e8:4e:3e:
59:81:40:a6:0d:58:54:94:91:74:6a:ae:31:22:ac:
f3:02:8a:43:9c:77:75:c3:c6:08:2c:30:39:22:53:
23:c9:9c:63:65:e5:79:d2:16:e2:fa:e8:82:2e:4d:
1a:3b:c3:21:f4:fd:1b:67:7b:3d:0e:fc:75:64:f5:
e5:9d:45:f3:af:f2:4c:cd:4d:39:aa:fa:fa:c2:8a:
5e:e8:51:f6:c3:d2:b7:1a:f6:7a:f0:97:27:0c:56:
91:fc:9e:7f:67:f5:19:8d:ac:4a:d1:d6:21:6e:b2:
3c:a5:6a:03:30:ae:b5:43:ee:2c:d9:1e:23:fe:1f:
6d:6d:57:99:b9:08:67:b4:26:db:a0:0b:97:9e:26:
5b:e0:1d:6f:95:7e:a5:5c:28:2a:0d:03:d9:fd:9c:
18:7a:86:78:8d:fb:78:b7:41:b2:09:47:61:a7:ab:
92:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:8E:B0:1D:D7:36:C5:38:ED:48:57:0D:66:B8:7F:D9:F5:DA:30:D0
X509v3 Authority Key Identifier:
keyid:27:50:7D:C7:AA:DF:8D:09:1E:F5:77:BA:F1:F0:0D:83:47:88:F7:50
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F3B59/E0B4C3C6C07711EC95DB4268C4F9AE02/J1B9x6rfjQke9Xe68fANg0eI91A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J1B9x6rfjQke9Xe68fANg0eI91A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3B59/E0B4C3C6C07711EC95DB4268C4F9AE02/3329F47EC07C11EC8DC38579C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.101.28.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:03:43:36:46:b1:fb:0c:f4:ac:c6:86:43:82:eb:2a:91:32:
36:d7:8c:e8:4c:d8:3d:19:08:57:3c:da:20:da:1c:d5:b5:d3:
6d:48:78:e7:45:1c:fb:3f:fd:81:c0:8f:0b:76:bb:87:75:a8:
76:81:12:bf:9d:0e:b2:29:5d:d0:ef:dc:4a:f2:6e:88:3f:fa:
b9:31:15:3b:d4:c5:58:5a:ba:9c:43:c1:df:52:85:92:c0:ae:
41:35:1d:1d:ab:76:ab:fa:65:64:d1:1d:2f:b5:1b:c8:6a:b3:
58:54:60:f2:66:d5:62:b9:e2:9f:07:67:6b:4d:52:19:f9:aa:
65:2d:b4:5c:e8:57:b3:2e:77:80:f3:97:b1:dd:2a:98:f0:92:
79:ad:a1:20:66:8e:1d:26:bb:cf:2c:de:28:cb:1c:b4:da:ab:
88:b1:24:66:6a:3a:bc:79:a0:56:60:b0:7d:32:85:15:33:31:
54:bc:62:c6:4d:45:ae:28:c8:06:1a:74:9c:0b:80:73:9e:e2:
60:e2:ee:9c:ba:3e:3e:41:98:2e:2b:62:01:4e:d5:c5:88:07:
b9:b3:ff:9b:57:d0:7c:ba:c5:28:bf:b9:16:ca:45:25:15:a9:
a7:84:4e:c1:c4:9a:8b:d3:dc:5e:65:6c:3e:56:ba:24:8b:0d:
df:02:b6:d6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAh0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjNCNTkxMTAvBgNVBAUTKDI3NTA3REM3QUFERjhEMDkxRUY1NzdCQUYxRjAwRDgz
NDc4OEY3NTAwHhcNMjMxMTAxMDM1NDI2WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQxY2JmMS05ODY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4TiIVhZRitKKuCxPWRXrnyT7uuO8Paufd5w7OgzqOUTX4lttPxxKQynRKzjX
u6JWF70jlndaFFGp+6EysXqKyyeiK5yyC84tTPX+6zFF4KBLLZcS8WzoTj5ZgUCm
DVhUlJF0aq4xIqzzAopDnHd1w8YILDA5IlMjyZxjZeV50hbi+uiCLk0aO8Mh9P0b
Z3s9Dvx1ZPXlnUXzr/JMzU05qvr6wope6FH2w9K3GvZ68JcnDFaR/J5/Z/UZjaxK
0dYhbrI8pWoDMK61Q+4s2R4j/h9tbVeZuQhntCbboAuXniZb4B1vlX6lXCgqDQPZ
/ZwYeoZ4jft4t0GyCUdhp6uShQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOCOsB3X
NsU47UhXDWa4f9n12jDQMB8GA1UdIwQYMBaAFCdQfceq340JHvV3uvHwDYNHiPdQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0I1OS9FMEI0QzNDNkMw
NzcxMUVDOTVEQjQyNjhDNEY5QUUwMi9KMUI5eDZyZmpRa2U5WGU2OGZBTmcwZUk5
MUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0oxQjl4NnJmalFrZTlYZTY4ZkFOZzBlSTkxQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjNCNTkvRTBCNEMzQzZDMDc3MTFFQzk1REI0MjY4QzRGOUFFMDIvMzMyOUY0N0VD
MDdDMTFFQzhEQzM4NTc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnZRwwDQYJKoZIhvcNAQELBQADggEBAJ4DQzZGsfsM9KzG
hkOC6yqRMjbXjOhM2D0ZCFc82iDaHNW1021IeOdFHPs//YHAjwt2u4d1qHaBEr+d
DrIpXdDv3Erybog/+rkxFTvUxVhaupxDwd9ShZLArkE1HR2rdqv6ZWTRHS+1G8hq
s1hUYPJm1WK54p8HZ2tNUhn5qmUttFzoV7Mud4Dzl7HdKpjwknmtoSBmjh0mu88s
3ijLHLTaq4ixJGZqOrx5oFZgsH0yhRUzMVS8YsZNRa4oyAYadJwLgHOe4mDi7py6
Pj5BmC4rYgFO1cWIB7mz/5tX0Hy6xSi/uRbKRSUVqaeETsHEmovT3F5lbD5WuiSL
Dd8CttY=
-----END CERTIFICATE-----
Generated at Tue Mar 12 11:27:52 2024 by rpki-client on console-ams.rpki-client.org