Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FD90A/17E2CF50B5C511EBB54E0146C4F9AE02/35EAC8C0B5C711EB8F9EEB48C4F9AE02.roa
File: 35EAC8C0B5C711EB8F9EEB48C4F9AE02.roa (raw, json)
Hash identifier: UzmIwAJrmj36WkmIPOgr1lKX2LBIzBJr38Lz3OY/OgM=
Subject key identifier: 3A:34:5D:C8:2F:AA:B3:17:DE:54:B0:6B:F5:F2:A3:F5:0F:C2:23:FE
Certificate issuer: /CN=A91FD90A/serialNumber=4B9A63881A8556021054E94BDC32274EC7B7DDF2
Certificate serial: 04E5
Authority key identifier: 4B:9A:63:88:1A:85:56:02:10:54:E9:4B:DC:32:27:4E:C7:B7:DD:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S5pjiBqFVgIQVOlL3DInTse33fI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FD90A/17E2CF50B5C511EBB54E0146C4F9AE02/35EAC8C0B5C711EB8F9EEB48C4F9AE02.roa
Signing time: Sun 21 Jan 2024 00:33:07 +0000
ROA not before: Sun 21 Jan 2024 00:33:07 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 132480
IP address blocks: 103.145.184.0/24 maxlen: 24
103.145.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 04 Feb 2024 07:14:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1253 (0x4e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FD90A/serialNumber=4B9A63881A8556021054E94BDC32274EC7B7DDF2
Validity
Not Before: Jan 21 00:33:07 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65ac6643-7f5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:68:d7:df:d2:9f:ac:9a:ec:56:b1:54:f4:a3:
4e:ea:35:e2:7b:5a:13:8a:87:cf:1e:84:04:c7:9f:
56:cb:11:49:62:9b:6f:aa:64:35:1f:34:b9:d1:99:
21:cf:44:31:3e:8f:16:34:3a:60:7b:99:83:26:00:
21:aa:fb:d1:49:d1:38:8d:c3:d9:0b:17:64:a3:2e:
22:01:32:9f:8e:04:8a:41:a3:5e:a5:cc:62:32:ae:
13:4e:c6:a1:8b:52:df:6d:22:fc:b8:82:d6:ee:27:
4a:b0:be:37:9a:2f:ba:34:b2:f8:a2:75:59:7b:7a:
15:a8:b4:c0:98:4d:3c:e0:09:95:e9:33:7d:6b:d8:
1c:38:f3:3f:6e:72:75:43:92:fc:80:6a:04:90:66:
80:3f:1b:01:8a:36:73:7f:bb:a7:5f:ab:5d:55:ec:
fa:83:1c:d4:f6:29:3a:1c:56:a4:ce:20:b2:9b:4a:
cd:ac:0c:36:b9:6c:c5:33:ae:f7:75:0f:b4:37:b9:
30:55:f4:53:eb:d7:81:d4:58:e3:77:7b:46:5b:dd:
3b:6d:e5:49:5f:fa:3d:23:ef:1d:a7:81:3a:a4:12:
c7:ed:cd:2a:67:b6:ac:01:f5:f0:35:0e:26:e7:a2:
2f:ea:29:09:0e:54:8d:17:60:86:f9:89:25:81:98:
dd:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:34:5D:C8:2F:AA:B3:17:DE:54:B0:6B:F5:F2:A3:F5:0F:C2:23:FE
X509v3 Authority Key Identifier:
keyid:4B:9A:63:88:1A:85:56:02:10:54:E9:4B:DC:32:27:4E:C7:B7:DD:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FD90A/17E2CF50B5C511EBB54E0146C4F9AE02/S5pjiBqFVgIQVOlL3DInTse33fI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S5pjiBqFVgIQVOlL3DInTse33fI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FD90A/17E2CF50B5C511EBB54E0146C4F9AE02/35EAC8C0B5C711EB8F9EEB48C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.145.184.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:79:83:e2:69:aa:22:d0:e2:fb:c8:5f:86:fa:09:f3:5f:43:
9b:af:e6:f1:83:b0:95:92:37:22:8d:5c:69:94:d7:6a:0b:8c:
e2:3f:44:e9:4d:0e:2c:4c:69:09:b1:4c:9c:ed:a8:db:85:c0:
9e:e7:5e:ef:31:2d:bc:bf:89:06:dc:49:77:89:5e:5f:cf:a8:
7c:73:89:50:59:df:3a:d5:e4:34:a0:c7:55:d9:a0:c5:13:22:
21:18:54:a1:77:ff:60:b8:37:d3:68:92:b3:fd:dd:81:c7:ca:
ad:2a:c9:13:b2:af:98:74:d6:42:af:6c:3c:59:26:18:d7:3d:
b1:e1:56:f6:4c:70:e6:59:be:63:1e:9e:9e:b7:c5:8c:50:dd:
90:80:2e:e6:ab:13:e0:13:5a:78:03:0b:06:ea:ec:df:49:82:
44:fa:99:cf:a7:cd:99:97:26:6c:f6:98:38:b4:de:f6:09:73:
0c:19:aa:13:b0:39:20:87:dc:07:45:96:df:ef:55:7b:ac:38:
42:ba:b9:86:83:25:d1:3c:64:f4:f9:5e:b3:fc:95:f9:a0:96:
2a:40:6b:ad:b6:16:53:f7:fd:8e:ff:ef:94:8f:dd:f9:c2:bc:
76:5c:d7:8c:a6:d1:ad:de:35:00:e1:46:53:37:73:bc:0c:8a:
dd:41:59:c8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBOUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkQ5MEExMTAvBgNVBAUTKDRCOUE2Mzg4MUE4NTU2MDIxMDU0RTk0QkRDMzIyNzRF
QzdCN0RERjIwHhcNMjQwMTIxMDAzMzA3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWFjNjY0My03ZjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyGjX39KfrJrsVrFU9KNO6jXie1oTiofPHoQEx59WyxFJYptvqmQ1HzS50Zkh
z0QxPo8WNDpge5mDJgAhqvvRSdE4jcPZCxdkoy4iATKfjgSKQaNepcxiMq4TTsah
i1LfbSL8uILW7idKsL43mi+6NLL4onVZe3oVqLTAmE084AmV6TN9a9gcOPM/bnJ1
Q5L8gGoEkGaAPxsBijZzf7unX6tdVez6gxzU9ik6HFakziCym0rNrAw2uWzFM673
dQ+0N7kwVfRT69eB1Fjjd3tGW907beVJX/o9I+8dp4E6pBLH7c0qZ7asAfXwNQ4m
56Iv6ikJDlSNF2CG+YklgZjd8QIDAQABo4IClTCCApEwHQYDVR0OBBYEFDo0Xcgv
qrMX3lSwa/Xyo/UPwiP+MB8GA1UdIwQYMBaAFEuaY4gahVYCEFTpS9wyJ07Ht93y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRDkwQS8xN0UyQ0Y1MEI1
QzUxMUVCQjU0RTAxNDZDNEY5QUUwMi9TNXBqaUJxRlZnSVFWT2xMM0RJblRzZTMz
ZkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1M1cGppQnFGVmdJUVZPbEwzREluVHNlMzNmSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkQ5MEEvMTdFMkNGNTBCNUM1MTFFQkI1NEUwMTQ2QzRGOUFFMDIvMzVFQUM4QzBC
NUM3MTFFQjhGOUVFQjQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnkbgwDQYJKoZIhvcNAQELBQADggEBAC95g+JpqiLQ4vvI
X4b6CfNfQ5uv5vGDsJWSNyKNXGmU12oLjOI/ROlNDixMaQmxTJztqNuFwJ7nXu8x
Lby/iQbcSXeJXl/PqHxziVBZ3zrV5DSgx1XZoMUTIiEYVKF3/2C4N9NokrP93YHH
yq0qyROyr5h01kKvbDxZJhjXPbHhVvZMcOZZvmMenp63xYxQ3ZCALuarE+ATWngD
Cwbq7N9JgkT6mc+nzZmXJmz2mDi03vYJcwwZqhOwOSCH3AdFlt/vVXusOEK6uYaD
JdE8ZPT5XrP8lfmglipAa622FlP3/Y7/75SP3fnCvHZc14ym0a3eNQDhRlM3c7wM
it1BWcg=
-----END CERTIFICATE-----
Generated at Sun Feb 4 09:48:43 2024 by rpki-client on console-ams.rpki-client.org