Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/34A2CD68D39E11EDBA04A576C4F9AE02.roa
File: 34A2CD68D39E11EDBA04A576C4F9AE02.roa (raw, json)
Hash identifier: OXDfaL2ELuS3Rx50mXjOK+1gdTRRa0t+JuEVLXRub84=
Subject key identifier: 16:9D:F9:83:CF:17:14:07:DC:C7:7F:1D:74:C1:2A:7F:07:94:E5:17
Certificate issuer: /CN=A91F6BFA/serialNumber=AA62C79FE18439412C5B02CF4BEB54AB2EBBE188
Certificate serial: 08E6
Authority key identifier: AA:62:C7:9F:E1:84:39:41:2C:5B:02:CF:4B:EB:54:AB:2E:BB:E1:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qmLHn-GEOUEsWwLPS-tUqy674Yg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/34A2CD68D39E11EDBA04A576C4F9AE02.roa
Signing time: Tue 18 Apr 2023 21:58:34 +0000
ROA not before: Tue 18 Apr 2023 21:58:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136969
IP address blocks: 103.149.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 05:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2278 (0x8e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F6BFA/serialNumber=AA62C79FE18439412C5B02CF4BEB54AB2EBBE188
Validity
Not Before: Apr 18 21:58:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=643f128a-bf84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:24:da:d6:50:53:75:0d:d8:71:5b:9e:e6:67:
ff:b0:39:bb:0d:88:f4:7e:51:92:bb:82:26:12:7e:
f9:8b:ad:dc:2a:54:f8:46:ce:5d:e7:86:9f:bc:00:
04:89:19:b4:2d:4c:59:8e:47:5d:63:b2:f2:aa:53:
68:7e:34:dd:47:a1:4b:ef:91:bd:1f:b0:4d:72:ec:
4d:37:46:fa:1c:7a:c2:a5:30:3a:47:6f:4f:6d:af:
8a:14:20:5c:c2:b1:9d:eb:73:ba:0f:1e:36:60:0b:
be:1d:f7:ac:77:a1:d9:aa:3d:d5:23:1b:54:5e:6f:
7c:39:33:7d:6b:92:47:1c:4a:8f:33:09:0f:5d:9e:
90:df:ea:6d:09:b4:d2:5b:84:b4:fc:b6:fa:f3:21:
38:5a:00:ad:d5:55:40:8a:01:5c:bc:2a:c3:07:7f:
68:56:8d:3a:4f:0e:92:fc:ab:9f:25:83:cd:c2:b2:
30:01:3d:0b:98:98:39:a6:fe:c4:a7:a3:f9:b3:94:
54:d2:88:42:05:ad:5e:f8:9e:61:a4:12:e6:fd:93:
46:0a:53:a8:53:8a:52:b1:00:92:5a:54:99:01:70:
32:0f:a0:d2:87:af:07:ef:04:58:b6:10:2f:34:43:
bf:08:b3:40:8c:e7:9f:62:dd:b7:27:bd:2a:78:d3:
47:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:9D:F9:83:CF:17:14:07:DC:C7:7F:1D:74:C1:2A:7F:07:94:E5:17
X509v3 Authority Key Identifier:
keyid:AA:62:C7:9F:E1:84:39:41:2C:5B:02:CF:4B:EB:54:AB:2E:BB:E1:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/qmLHn-GEOUEsWwLPS-tUqy674Yg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qmLHn-GEOUEsWwLPS-tUqy674Yg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/34A2CD68D39E11EDBA04A576C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.33.0/24
Signature Algorithm: sha256WithRSAEncryption
76:74:c4:33:1d:16:93:a8:0d:e6:30:a0:07:26:b2:35:be:2d:
d5:a5:c3:1c:9f:bf:31:f0:91:f0:c2:1f:c9:c6:55:ce:b0:e6:
f1:ea:64:76:eb:c2:18:cc:be:51:84:d5:dc:2b:d0:79:f5:f3:
8a:b0:83:05:a0:af:f1:dc:9e:0f:df:94:55:5b:cd:d6:fa:72:
f4:51:ad:ee:b9:25:d7:91:71:e8:83:ef:e0:d6:f8:d2:e5:02:
9a:ac:aa:c7:47:35:10:dd:77:e2:8a:e5:51:a6:2e:97:20:a9:
90:f2:5e:54:33:54:1c:7e:ea:61:4a:f3:6f:4b:ef:20:17:c8:
10:89:74:c5:6f:02:96:55:80:3f:67:8b:96:dd:45:3d:79:d0:
8f:47:8a:ec:6d:a9:43:1e:33:bd:43:eb:79:00:bf:b8:3d:7a:
3f:f0:2f:03:a9:c1:90:0a:3e:da:a4:48:2c:cd:d3:d9:07:de:
73:4b:01:fe:22:e9:02:4e:c2:cd:41:45:54:16:7d:2f:4b:4d:
26:2f:a2:77:c4:21:fd:a0:80:a9:88:4b:0b:d0:a8:ed:16:0d:
f7:4d:e8:a5:a1:5d:8f:5b:f2:f3:04:d3:46:0a:b6:0a:5b:39:
12:28:fe:47:db:da:67:19:cd:9d:6a:79:2b:da:93:e1:d9:f5:
c4:6b:ee:78
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCOYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjZCRkExMTAvBgNVBAUTKEFBNjJDNzlGRTE4NDM5NDEyQzVCMDJDRjRCRUI1NEFC
MkVCQkUxODgwHhcNMjMwNDE4MjE1ODM0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDNmMTI4YS1iZjg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8yTa1lBTdQ3YcVue5mf/sDm7DYj0flGSu4ImEn75i63cKlT4Rs5d54afvAAE
iRm0LUxZjkddY7LyqlNofjTdR6FL75G9H7BNcuxNN0b6HHrCpTA6R29Pba+KFCBc
wrGd63O6Dx42YAu+Hfesd6HZqj3VIxtUXm98OTN9a5JHHEqPMwkPXZ6Q3+ptCbTS
W4S0/Lb68yE4WgCt1VVAigFcvCrDB39oVo06Tw6S/KufJYPNwrIwAT0LmJg5pv7E
p6P5s5RU0ohCBa1e+J5hpBLm/ZNGClOoU4pSsQCSWlSZAXAyD6DSh68H7wRYthAv
NEO/CLNAjOefYt23J70qeNNHlQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBad+YPP
FxQH3Md/HXTBKn8HlOUXMB8GA1UdIwQYMBaAFKpix5/hhDlBLFsCz0vrVKsuu+GI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNkJGQS80MEQ0QjdFQzY2
MDMxMUVBOTlBRDRGNDZDNEY5QUUwMi9xbUxIbi1HRU9VRXNXd0xQUy10VXF5Njc0
WWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FtTEhuLUdFT1VFc1d3TFBTLXRVcXk2NzRZZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjZCRkEvNDBENEI3RUM2NjAzMTFFQTk5QUQ0RjQ2QzRGOUFFMDIvMzRBMkNENjhE
MzlFMTFFREJBMDRBNTc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnlSEwDQYJKoZIhvcNAQELBQADggEBAHZ0xDMdFpOoDeYw
oAcmsjW+LdWlwxyfvzHwkfDCH8nGVc6w5vHqZHbrwhjMvlGE1dwr0Hn184qwgwWg
r/Hcng/flFVbzdb6cvRRre65JdeRceiD7+DW+NLlApqsqsdHNRDdd+KK5VGmLpcg
qZDyXlQzVBx+6mFK829L7yAXyBCJdMVvApZVgD9ni5bdRT150I9HiuxtqUMeM71D
63kAv7g9ej/wLwOpwZAKPtqkSCzN09kH3nNLAf4i6QJOws1BRVQWfS9LTSYvonfE
If2ggKmISwvQqO0WDfdN6KWhXY9b8vME00YKtgpbORIo/kfb2mcZzZ1qeSvak+HZ
9cRr7ng=
-----END CERTIFICATE-----
Generated at Thu Feb 1 10:43:25 2024 by rpki-client on console-fra.rpki-client.org