Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBA0C/41531B0CAECD11EE86F1B249C4F9AE02/47C1436EAECE11EEA7EFA751C4F9AE02.roa
File: 47C1436EAECE11EEA7EFA751C4F9AE02.roa (raw, json)
Hash identifier: veOjCQL/GGsbR1Az+t+AW6cNKI/WCdf6AtznhEgX9DI=
Subject key identifier: 4F:30:15:79:4E:37:ED:5D:9B:D3:45:65:17:F3:C3:40:0A:DD:CE:A3
Certificate issuer: /CN=A91FBA0C/serialNumber=CD5CD590913E4F89AF3D1CA6E29FAB3C067D214E
Certificate serial: 02
Authority key identifier: CD:5C:D5:90:91:3E:4F:89:AF:3D:1C:A6:E2:9F:AB:3C:06:7D:21:4E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zVzVkJE-T4mvPRym4p-rPAZ9IU4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FBA0C/41531B0CAECD11EE86F1B249C4F9AE02/47C1436EAECE11EEA7EFA751C4F9AE02.roa
Signing time: Tue 09 Jan 2024 09:05:49 +0000
ROA not before: Tue 09 Jan 2024 09:05:49 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 151806
IP address blocks: 103.218.138.0/24 maxlen: 24
103.218.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 03:44:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FBA0C/serialNumber=CD5CD590913E4F89AF3D1CA6E29FAB3C067D214E
Validity
Not Before: Jan 9 09:05:49 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=659d0c6c-903f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b3:c2:4a:53:7b:2a:81:92:aa:1a:a7:88:68:
5a:5a:f8:a3:e1:a2:71:50:83:a8:67:c1:e6:16:da:
b1:97:fc:d7:53:65:b5:3d:f5:7e:27:d8:0c:62:aa:
e2:2e:89:f9:eb:ca:e2:32:aa:1d:ad:9a:7d:d8:f6:
6a:05:2a:1b:f9:b9:94:cd:34:a9:6e:ea:42:04:61:
6e:d7:41:3f:ae:74:5d:93:a4:99:fd:13:28:a4:bc:
84:6a:d7:f1:16:33:e3:ea:c9:08:04:d8:1f:0d:ef:
11:63:d2:98:ea:23:d7:a5:bd:0b:79:1a:46:c8:1c:
d1:a9:c0:a4:c3:75:e0:8d:bc:33:89:24:41:84:8b:
f4:45:93:e6:37:48:27:fe:32:72:1e:03:a5:24:a2:
37:3e:99:e0:cf:2b:fd:7b:06:a4:8a:04:2f:1b:25:
ae:0e:35:ce:d2:de:cb:d5:de:33:0d:41:b6:17:f7:
2e:35:76:6b:25:0c:7d:03:8e:f3:5e:fa:9b:38:c0:
3f:dc:c8:44:6a:6c:bc:7c:fb:0c:33:6c:de:c6:8a:
e4:63:55:2b:b3:ef:e1:eb:5f:06:69:10:3b:e2:b4:
d2:ec:46:f1:bc:f1:d5:d0:2f:f5:de:30:bd:95:bb:
4a:5e:ea:34:87:7b:6d:b7:af:79:cd:14:fa:6c:98:
87:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:30:15:79:4E:37:ED:5D:9B:D3:45:65:17:F3:C3:40:0A:DD:CE:A3
X509v3 Authority Key Identifier:
keyid:CD:5C:D5:90:91:3E:4F:89:AF:3D:1C:A6:E2:9F:AB:3C:06:7D:21:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FBA0C/41531B0CAECD11EE86F1B249C4F9AE02/zVzVkJE-T4mvPRym4p-rPAZ9IU4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zVzVkJE-T4mvPRym4p-rPAZ9IU4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBA0C/41531B0CAECD11EE86F1B249C4F9AE02/47C1436EAECE11EEA7EFA751C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.218.138.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:f2:71:2d:f3:c3:52:b1:f2:f6:a1:51:16:50:58:cf:38:89:
68:15:0d:ad:33:db:9e:71:81:b4:ac:bb:6d:bb:22:15:c5:9f:
05:a0:f2:c8:5e:e6:15:33:7f:68:cb:56:e7:98:a5:99:d2:a4:
8b:4b:d9:39:be:dc:40:34:4a:37:c7:d5:28:76:09:ee:eb:4c:
28:14:8f:02:ea:39:56:e3:f4:be:3c:9d:ba:e0:eb:da:8c:d8:
d2:b7:91:bb:28:8a:62:7c:a3:eb:d4:01:df:f8:8f:5b:21:dc:
59:57:9c:e8:58:1b:c7:ed:31:b8:c2:99:bf:2b:7c:a3:a1:39:
ae:f3:55:79:cf:db:29:90:d8:ca:d5:72:a6:47:60:56:7e:4b:
9f:ce:2d:d2:3b:9f:9b:9a:d9:4e:5b:cf:a4:30:eb:ec:30:5c:
22:81:9d:77:ed:12:de:d7:09:0f:11:26:56:88:9c:69:ed:23:
83:9c:4b:57:09:b1:a3:33:af:1b:fa:95:70:7e:f2:5d:d2:9b:
99:f6:94:af:1a:da:c7:0a:6d:56:4d:85:f5:48:65:30:a1:fb:
62:5d:7d:24:6c:8f:aa:b3:31:85:b9:97:77:74:55:54:ae:9b:
02:3b:17:4a:06:e8:ec:a8:4d:c4:18:e4:f1:7f:cd:3f:4c:ac:
db:29:13:fe
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
QkEwQzExMC8GA1UEBRMoQ0Q1Q0Q1OTA5MTNFNEY4OUFGM0QxQ0E2RTI5RkFCM0Mw
NjdEMjE0RTAeFw0yNDAxMDkwOTA1NDlaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1OWQwYzZjLTkwM2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCqs8JKU3sqgZKqGqeIaFpa+KPhonFQg6hnweYW2rGX/NdTZbU99X4n2AxiquIu
ifnryuIyqh2tmn3Y9moFKhv5uZTNNKlu6kIEYW7XQT+udF2TpJn9EyikvIRq1/EW
M+PqyQgE2B8N7xFj0pjqI9elvQt5GkbIHNGpwKTDdeCNvDOJJEGEi/RFk+Y3SCf+
MnIeA6Ukojc+meDPK/17BqSKBC8bJa4ONc7S3svV3jMNQbYX9y41dmslDH0DjvNe
+ps4wD/cyERqbLx8+wwzbN7GiuRjVSuz7+HrXwZpEDvitNLsRvG88dXQL/XeML2V
u0pe6jSHe223r3nNFPpsmIfhAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUTzAVeU43
7V2b00VlF/PDQArdzqMwHwYDVR0jBBgwFoAUzVzVkJE+T4mvPRym4p+rPAZ9IU4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZCQTBDLzQxNTMxQjBDQUVD
RDExRUU4NkYxQjI0OUM0RjlBRTAyL3pWelZrSkUtVDRtdlBSeW00cC1yUEFaOUlV
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvelZ6VmtKRS1UNG12UFJ5bTRwLXJQQVo5SVU0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
QkEwQy80MTUzMUIwQ0FFQ0QxMUVFODZGMUIyNDlDNEY5QUUwMi80N0MxNDM2RUFF
Q0UxMUVFQTdFRkE3NTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWfaijANBgkqhkiG9w0BAQsFAAOCAQEApvJxLfPDUrHy9qFR
FlBYzziJaBUNrTPbnnGBtKy7bbsiFcWfBaDyyF7mFTN/aMtW55ilmdKki0vZOb7c
QDRKN8fVKHYJ7utMKBSPAuo5VuP0vjyduuDr2ozY0reRuyiKYnyj69QB3/iPWyHc
WVec6Fgbx+0xuMKZvyt8o6E5rvNVec/bKZDYytVypkdgVn5Ln84t0jufm5rZTlvP
pDDr7DBcIoGdd+0S3tcJDxEmVoicae0jg5xLVwmxozOvG/qVcH7yXdKbmfaUrxra
xwptVk2F9UhlMKH7Yl19JGyPqrMxhbmXd3RVVK6bAjsXSgbo7KhNxBjk8X/NP0ys
2ykT/g==
-----END CERTIFICATE-----
Generated at Wed Jan 10 05:01:46 2024 by rpki-client on console-ams.rpki-client.org