Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FD90A/17E2CF50B5C511EBB54E0146C4F9AE02/35EAC8C0B5C711EB8F9EEB48C4F9AE02.roa
File: 35EAC8C0B5C711EB8F9EEB48C4F9AE02.roa (raw, json)
Hash identifier: QivblpZxCBCvZmiHcB1ga8X4+4QNEBLh8DX2RgmRkek=
Subject key identifier: E1:32:09:13:AC:FC:18:99:B4:9B:97:14:48:1C:6B:10:27:02:B4:73
Certificate issuer: /CN=A91FD90A/serialNumber=4B9A63881A8556021054E94BDC32274EC7B7DDF2
Certificate serial: 042D
Authority key identifier: 4B:9A:63:88:1A:85:56:02:10:54:E9:4B:DC:32:27:4E:C7:B7:DD:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S5pjiBqFVgIQVOlL3DInTse33fI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FD90A/17E2CF50B5C511EBB54E0146C4F9AE02/35EAC8C0B5C711EB8F9EEB48C4F9AE02.roa
Signing time: Sun 29 Jan 2023 02:11:48 +0000
ROA not before: Sun 29 Jan 2023 02:11:48 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 132480
IP address blocks: 103.145.184.0/24 maxlen: 24
103.145.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 04 Feb 2024 07:16:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1069 (0x42d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FD90A/serialNumber=4B9A63881A8556021054E94BDC32274EC7B7DDF2
Validity
Not Before: Jan 29 02:11:48 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63d5d5e4-8139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8f:bb:54:ab:b6:a5:6c:14:ca:6c:42:3d:18:
69:f2:7d:b4:7d:c0:c7:5b:90:15:41:2a:53:fa:49:
d0:63:a8:b5:e5:84:d3:6b:a2:b9:b9:4b:dd:37:ed:
0d:b8:fd:b9:4f:13:21:60:65:f8:51:47:68:30:7c:
9b:28:bd:95:75:6e:30:3d:63:b9:0a:e8:f4:3e:0c:
c2:43:3f:65:6e:e5:78:ac:ff:24:c2:b0:4d:42:59:
a5:a9:3e:f1:17:10:92:bc:32:e0:eb:a5:04:f2:22:
e8:3d:05:b6:5d:5b:20:67:63:fb:ab:43:b9:f0:e2:
dc:4a:7c:70:96:3e:c3:b7:1e:7b:45:4c:8a:7d:c1:
50:20:51:21:9d:a1:e9:46:42:61:24:8a:4b:f4:09:
9e:19:6f:42:a0:c5:9e:e4:04:36:f2:01:75:61:9e:
2b:06:b3:e4:8f:c0:f0:fd:54:86:e3:39:a6:9c:e6:
c9:04:89:04:c3:0a:45:bd:ec:44:76:1a:7b:12:09:
ca:03:a2:b9:a0:c4:fb:c8:1f:0d:b8:4d:62:cb:e4:
45:f5:2a:39:e1:86:27:54:b7:20:c6:6d:84:2a:79:
a5:3d:c9:d7:07:2d:12:69:f2:4e:33:71:4e:3b:56:
21:23:13:4b:5f:ce:eb:2d:af:c0:01:3b:10:3f:0e:
fe:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:32:09:13:AC:FC:18:99:B4:9B:97:14:48:1C:6B:10:27:02:B4:73
X509v3 Authority Key Identifier:
keyid:4B:9A:63:88:1A:85:56:02:10:54:E9:4B:DC:32:27:4E:C7:B7:DD:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FD90A/17E2CF50B5C511EBB54E0146C4F9AE02/S5pjiBqFVgIQVOlL3DInTse33fI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S5pjiBqFVgIQVOlL3DInTse33fI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FD90A/17E2CF50B5C511EBB54E0146C4F9AE02/35EAC8C0B5C711EB8F9EEB48C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.145.184.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:33:e8:52:24:ff:8d:48:1f:1f:21:09:f9:45:af:ba:06:a6:
4a:79:ee:6d:3a:36:f5:9a:84:78:c5:f0:9f:e0:51:59:01:c7:
d0:7c:ed:2a:99:e9:cc:78:8a:a5:36:68:a9:e8:e0:5f:c2:1c:
32:43:c6:1b:3a:ae:52:05:88:64:b0:81:b3:03:5b:2f:16:c4:
78:a2:ca:c3:43:0d:99:e4:07:c8:eb:23:8b:9b:6e:fc:86:10:
22:b8:79:ec:8b:83:fd:ea:cf:95:99:f0:bb:cf:da:3d:76:d7:
ad:e4:7c:82:b9:29:a1:7f:fc:b9:4b:9e:b7:9f:99:1c:ea:68:
0e:95:dc:f6:cf:d0:19:95:da:1f:83:83:f8:4d:96:8e:be:8d:
1b:25:f3:bf:47:34:1e:50:7f:17:16:a1:98:90:fd:cc:46:e2:
14:48:d9:29:91:21:d9:b5:29:e9:af:48:7a:e5:a7:9f:ee:44:
e7:17:1f:74:ba:41:55:90:51:c2:80:ff:3a:be:a4:0c:4a:87:
6a:a3:a2:4c:a3:81:7e:c5:ac:94:e9:5f:db:af:66:30:c3:58:
a3:ea:20:64:16:ed:48:aa:88:26:49:5c:6e:59:d8:8f:cb:f3:
e9:ce:e3:c0:e5:3e:4d:47:0c:bf:2b:8b:cd:a6:02:32:1c:29:
9b:49:59:37
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBC0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkQ5MEExMTAvBgNVBAUTKDRCOUE2Mzg4MUE4NTU2MDIxMDU0RTk0QkRDMzIyNzRF
QzdCN0RERjIwHhcNMjMwMTI5MDIxMTQ4WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Q1ZDVlNC04MTM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyI+7VKu2pWwUymxCPRhp8n20fcDHW5AVQSpT+knQY6i15YTTa6K5uUvdN+0N
uP25TxMhYGX4UUdoMHybKL2VdW4wPWO5Cuj0PgzCQz9lbuV4rP8kwrBNQlmlqT7x
FxCSvDLg66UE8iLoPQW2XVsgZ2P7q0O58OLcSnxwlj7Dtx57RUyKfcFQIFEhnaHp
RkJhJIpL9AmeGW9CoMWe5AQ28gF1YZ4rBrPkj8Dw/VSG4zmmnObJBIkEwwpFvexE
dhp7EgnKA6K5oMT7yB8NuE1iy+RF9So54YYnVLcgxm2EKnmlPcnXBy0SafJOM3FO
O1YhIxNLX87rLa/AATsQPw7+3wIDAQABo4IClTCCApEwHQYDVR0OBBYEFOEyCROs
/BiZtJuXFEgcaxAnArRzMB8GA1UdIwQYMBaAFEuaY4gahVYCEFTpS9wyJ07Ht93y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRDkwQS8xN0UyQ0Y1MEI1
QzUxMUVCQjU0RTAxNDZDNEY5QUUwMi9TNXBqaUJxRlZnSVFWT2xMM0RJblRzZTMz
ZkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1M1cGppQnFGVmdJUVZPbEwzREluVHNlMzNmSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkQ5MEEvMTdFMkNGNTBCNUM1MTFFQkI1NEUwMTQ2QzRGOUFFMDIvMzVFQUM4QzBC
NUM3MTFFQjhGOUVFQjQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnkbgwDQYJKoZIhvcNAQELBQADggEBADwz6FIk/41IHx8h
CflFr7oGpkp57m06NvWahHjF8J/gUVkBx9B87SqZ6cx4iqU2aKno4F/CHDJDxhs6
rlIFiGSwgbMDWy8WxHiiysNDDZnkB8jrI4ubbvyGECK4eeyLg/3qz5WZ8LvP2j12
163kfIK5KaF//LlLnrefmRzqaA6V3PbP0BmV2h+Dg/hNlo6+jRsl879HNB5QfxcW
oZiQ/cxG4hRI2SmRIdm1KemvSHrlp5/uROcXH3S6QVWQUcKA/zq+pAxKh2qjokyj
gX7FrJTpX9uvZjDDWKPqIGQW7UiqiCZJXG5Z2I/L8+nO48DlPk1HDL8ri82mAjIc
KZtJWTc=
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:58:04 2024 by rpki-client on console.sobornost.net