Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/BF3727C68C5411ED82F36356C4F9AE02.roa
File: BF3727C68C5411ED82F36356C4F9AE02.roa (raw, json)
Hash identifier: HUtxk0kuzl4aPuwXanbyYsDQywS3p1PtXHboWxfIOHc=
Subject key identifier: 7D:53:48:B0:20:0C:43:BB:CD:F9:CD:52:A3:6A:35:EE:6A:42:95:99
Certificate issuer: /CN=A91A0848/serialNumber=024229C81AC3535A21D60E2DC32A9B88BD6AD81F
Certificate serial: 17
Authority key identifier: 02:42:29:C8:1A:C3:53:5A:21:D6:0E:2D:C3:2A:9B:88:BD:6A:D8:1F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AkIpyBrDU1oh1g4twyqbiL1q2B8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/BF3727C68C5411ED82F36356C4F9AE02.roa
Signing time: Wed 04 Jan 2023 17:25:13 +0000
ROA not before: Wed 04 Jan 2023 17:25:13 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 38264
IP address blocks: 103.52.34.0/24 maxlen: 24
103.52.35.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23 (0x17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0848/serialNumber=024229C81AC3535A21D60E2DC32A9B88BD6AD81F
Validity
Not Before: Jan 4 17:25:13 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63b5b679-3085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4b:d6:f5:51:b6:61:ba:3a:41:28:1a:df:36:
48:a0:66:51:20:9d:da:dd:32:b5:b5:b0:d4:50:aa:
03:8b:5d:b0:95:5d:34:62:b6:2d:eb:d4:ef:c4:4a:
82:2f:cc:68:32:c7:25:af:81:bc:a3:71:bc:2c:d6:
8c:c0:57:b0:70:a6:ec:fa:76:a8:52:ef:72:d0:28:
1f:41:33:d8:48:db:e4:34:ad:62:07:de:66:d2:1f:
4f:30:17:23:92:58:89:c0:cb:23:7b:c8:0e:03:cc:
f9:53:69:33:30:88:b7:4a:20:33:b1:cd:4c:46:6d:
80:32:18:7b:d7:82:1a:01:7e:53:78:cf:8d:b3:14:
92:61:40:d0:cf:83:cc:ff:ba:14:8f:61:6d:19:14:
8b:88:ef:03:98:2b:5a:80:b0:aa:98:5a:27:7a:30:
91:da:81:c0:9e:8b:df:74:91:fa:53:28:b9:31:0d:
b4:87:25:43:fa:aa:c8:7a:c5:4a:a5:25:f6:4d:19:
1e:23:bd:cc:28:b9:49:7a:b0:97:1f:4d:f7:6e:6f:
e4:43:14:9a:f9:a5:f7:62:e5:b7:d1:cd:76:df:ab:
ed:d3:b2:f5:05:64:be:f5:96:8c:31:01:d2:ec:5f:
cd:28:4f:ee:c4:c2:a8:1d:1a:43:0d:ea:b1:5f:68:
ef:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:53:48:B0:20:0C:43:BB:CD:F9:CD:52:A3:6A:35:EE:6A:42:95:99
X509v3 Authority Key Identifier:
keyid:02:42:29:C8:1A:C3:53:5A:21:D6:0E:2D:C3:2A:9B:88:BD:6A:D8:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/AkIpyBrDU1oh1g4twyqbiL1q2B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AkIpyBrDU1oh1g4twyqbiL1q2B8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/BF3727C68C5411ED82F36356C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.52.34.0/23
Signature Algorithm: sha256WithRSAEncryption
d2:19:d6:9b:af:2e:a5:03:5e:cc:30:11:b4:50:dd:b6:9f:f4:
45:29:70:c6:51:48:3e:94:d7:7d:e5:12:34:a3:6c:9b:53:d3:
8c:d4:fe:eb:54:48:51:b6:8f:48:6a:a9:57:20:6a:47:84:30:
bf:9d:9b:54:2e:40:cd:03:6a:50:9c:19:13:ad:fc:d1:a3:26:
d4:97:b5:f7:89:58:25:d0:7c:c2:20:89:eb:ed:37:9d:1b:a2:
4a:55:d8:f1:8c:14:67:32:27:12:5e:fe:eb:fc:d5:d6:69:d2:
f3:62:45:b9:2f:41:c1:48:2e:c9:7b:12:a5:a2:e1:6e:71:d4:
4e:71:db:7e:3d:a2:c7:7b:ff:77:91:95:bd:c3:56:37:ed:9a:
cb:d8:45:71:dc:f5:72:3a:84:42:42:13:8e:f1:6f:50:4d:76:
11:a8:d4:70:a5:54:ee:f1:89:8b:5c:3c:ad:9c:72:2b:9f:9a:
71:15:99:db:68:fc:dc:26:fc:a6:31:5c:2b:a1:71:7a:59:77:
83:f8:5b:23:61:ea:24:f4:00:c1:a1:bc:0c:e7:84:89:c7:3f:
0f:70:0e:a3:e5:7c:19:93:05:e2:a1:16:16:8f:fe:34:29:0a:
5e:c3:4a:68:bd:e7:de:02:82:34:66:0c:78:ce:f4:aa:dd:a1:
29:f6:02:0b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBFzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MDg0ODExMC8GA1UEBRMoMDI0MjI5QzgxQUMzNTM1QTIxRDYwRTJEQzMyQTlCODhC
RDZBRDgxRjAeFw0yMzAxMDQxNzI1MTNaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYjViNjc5LTMwODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCeS9b1UbZhujpBKBrfNkigZlEgndrdMrW1sNRQqgOLXbCVXTRiti3r1O/ESoIv
zGgyxyWvgbyjcbws1ozAV7Bwpuz6dqhS73LQKB9BM9hI2+Q0rWIH3mbSH08wFyOS
WInAyyN7yA4DzPlTaTMwiLdKIDOxzUxGbYAyGHvXghoBflN4z42zFJJhQNDPg8z/
uhSPYW0ZFIuI7wOYK1qAsKqYWid6MJHagcCei990kfpTKLkxDbSHJUP6qsh6xUql
JfZNGR4jvcwouUl6sJcfTfdub+RDFJr5pfdi5bfRzXbfq+3TsvUFZL71lowxAdLs
X80oT+7EwqgdGkMN6rFfaO8RAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUfVNIsCAM
Q7vN+c1So2o17mpClZkwHwYDVR0jBBgwFoAUAkIpyBrDU1oh1g4twyqbiL1q2B8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEwODQ4LzY0RDhCMURFNzdF
NDExRUQ5N0Y1OTM0REM0RjlBRTAyL0FrSXB5QnJEVTFvaDFnNHR3eXFiaUwxcTJC
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQWtJcHlCckRVMW9oMWc0dHd5cWJpTDFxMkI4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MDg0OC82NEQ4QjFERTc3RTQxMUVEOTdGNTkzNERDNEY5QUUwMi9CRjM3MjdDNjhD
NTQxMUVEODJGMzYzNTZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWc0IjANBgkqhkiG9w0BAQsFAAOCAQEA0hnWm68upQNezDAR
tFDdtp/0RSlwxlFIPpTXfeUSNKNsm1PTjNT+61RIUbaPSGqpVyBqR4Qwv52bVC5A
zQNqUJwZE6380aMm1Je194lYJdB8wiCJ6+03nRuiSlXY8YwUZzInEl7+6/zV1mnS
82JFuS9BwUguyXsSpaLhbnHUTnHbfj2ix3v/d5GVvcNWN+2ay9hFcdz1cjqEQkIT
jvFvUE12EajUcKVU7vGJi1w8rZxyK5+acRWZ22j83Cb8pjFcK6Fxell3g/hbI2Hq
JPQAwaG8DOeEicc/D3AOo+V8GZMF4qEWFo/+NCkKXsNKaL3n3gKCNGYMeM70qt2h
KfYCCw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:35:55 2023 by rpki-client on console.sobornost.net