Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911486F/22CF3448866C11EDAFA5A471C4F9AE02/9D7B5300D09B11EE9E2BE160C4F9AE02.roa
File: 9D7B5300D09B11EE9E2BE160C4F9AE02.roa (raw, json)
Hash identifier: wrWxiExfhCQQDuRqTgZrjn/eYEN2SzxmKcXbFTMdBCQ=
Subject key identifier: 43:40:1C:37:AB:71:19:C6:4C:E8:48:29:E4:17:64:E7:FA:B7:19:D8
Certificate issuer: /CN=A911486F/serialNumber=E632D38C5A32C217C6EE71D52DEF9F38CA166C51
Certificate serial: E2
Authority key identifier: E6:32:D3:8C:5A:32:C2:17:C6:EE:71:D5:2D:EF:9F:38:CA:16:6C:51
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5jLTjFoywhfG7nHVLe-fOMoWbFE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911486F/22CF3448866C11EDAFA5A471C4F9AE02/9D7B5300D09B11EE9E2BE160C4F9AE02.roa
Signing time: Wed 21 Feb 2024 09:28:47 +0000
ROA not before: Wed 21 Feb 2024 09:28:47 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 141731
IP address blocks: 103.60.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 15:02:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 226 (0xe2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911486F/serialNumber=E632D38C5A32C217C6EE71D52DEF9F38CA166C51
Validity
Not Before: Feb 21 09:28:47 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65d5c24f-e46b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:69:79:9b:61:25:3c:9b:ae:39:4b:b6:c7:0e:
ea:5a:b1:89:58:3d:99:59:a2:00:38:35:ff:40:02:
dc:12:cb:5f:6a:02:a1:26:63:cb:b8:b8:0d:71:14:
07:cd:26:b7:05:15:4a:5c:27:f4:86:5f:1b:eb:d7:
a9:30:d0:63:41:a6:cd:89:96:f1:f2:e8:81:37:79:
23:49:f8:32:d2:b5:83:f5:47:a7:6f:24:f8:1a:80:
0d:4c:03:cd:a3:5c:fd:fe:84:5c:22:e4:d1:17:2c:
35:fd:55:ec:5f:87:1f:c2:29:eb:d1:8e:9d:2e:fb:
ce:e8:7c:4a:00:38:c9:ea:9e:e4:78:de:24:27:21:
60:59:8c:73:08:10:57:e5:8d:11:aa:d6:96:1d:d3:
eb:10:b3:4b:b1:97:14:bd:8a:ea:72:72:83:77:08:
f4:4f:a4:96:0f:b5:8f:d5:ba:de:1c:63:02:3b:93:
8e:45:19:39:10:e8:2f:61:fe:a7:cc:21:c7:1c:88:
1f:e9:9b:f5:37:d0:2e:a5:da:9f:f1:f8:e2:6f:2d:
6d:ed:ae:70:98:d7:51:b6:21:f7:d1:42:80:6d:1e:
87:e8:93:82:92:37:5e:98:36:5f:46:e4:c4:74:7e:
cc:96:de:08:0f:58:7f:ff:65:84:25:28:35:9c:c4:
cd:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:40:1C:37:AB:71:19:C6:4C:E8:48:29:E4:17:64:E7:FA:B7:19:D8
X509v3 Authority Key Identifier:
keyid:E6:32:D3:8C:5A:32:C2:17:C6:EE:71:D5:2D:EF:9F:38:CA:16:6C:51
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911486F/22CF3448866C11EDAFA5A471C4F9AE02/5jLTjFoywhfG7nHVLe-fOMoWbFE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5jLTjFoywhfG7nHVLe-fOMoWbFE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911486F/22CF3448866C11EDAFA5A471C4F9AE02/9D7B5300D09B11EE9E2BE160C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.60.205.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:eb:bb:b3:4f:0e:74:f2:f2:55:60:68:05:e9:99:12:15:ce:
79:16:36:21:81:d7:91:62:41:a8:be:d9:75:95:67:58:19:2f:
2c:c5:ff:e8:ba:5a:fc:30:88:1d:0a:6b:c5:40:a3:05:ec:56:
1a:7e:c3:79:e0:2d:38:32:22:4b:e7:6e:6e:f7:4e:4b:c9:40:
64:e2:9e:24:f4:bd:f4:2c:06:8d:4a:81:12:ee:9b:86:a3:f3:
1f:e7:95:f9:e0:aa:e0:e5:e4:5b:a2:c4:a1:99:42:a2:dc:1d:
1a:8c:89:2a:7d:10:44:bc:af:35:3e:5d:05:cf:77:02:e6:2f:
31:78:ed:07:d6:e0:5c:9f:13:6f:6a:fa:5c:3e:8f:53:ac:3c:
40:f6:81:52:f7:57:b2:70:aa:ed:08:b7:a9:60:3a:02:cf:46:
73:dc:62:2c:2c:26:37:98:54:e8:af:29:9e:40:41:56:1b:28:
a4:2c:5d:05:60:2f:5c:45:58:a2:2f:4b:c2:44:b8:68:0d:80:
ec:69:f9:f8:83:ab:6c:3e:03:1a:84:20:10:e4:b2:d2:30:b6:
3a:81:da:99:da:15:f0:2e:21:13:08:e2:cd:98:87:14:df:ef:
d8:e3:4d:e9:d6:bb:63:ac:b0:36:06:14:ba:ae:b9:84:d1:70:
8a:03:46:e3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAOIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTQ4NkYxMTAvBgNVBAUTKEU2MzJEMzhDNUEzMkMyMTdDNkVFNzFENTJERUY5RjM4
Q0ExNjZDNTEwHhcNMjQwMjIxMDkyODQ3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQ1YzI0Zi1lNDZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Wl5m2ElPJuuOUu2xw7qWrGJWD2ZWaIAODX/QALcEstfagKhJmPLuLgNcRQH
zSa3BRVKXCf0hl8b69epMNBjQabNiZbx8uiBN3kjSfgy0rWD9UenbyT4GoANTAPN
o1z9/oRcIuTRFyw1/VXsX4cfwinr0Y6dLvvO6HxKADjJ6p7keN4kJyFgWYxzCBBX
5Y0RqtaWHdPrELNLsZcUvYrqcnKDdwj0T6SWD7WP1breHGMCO5OORRk5EOgvYf6n
zCHHHIgf6Zv1N9Aupdqf8fjiby1t7a5wmNdRtiH30UKAbR6H6JOCkjdemDZfRuTE
dH7Mlt4ID1h//2WEJSg1nMTNPwIDAQABo4IClTCCApEwHQYDVR0OBBYEFENAHDer
cRnGTOhIKeQXZOf6txnYMB8GA1UdIwQYMBaAFOYy04xaMsIXxu5x1S3vnzjKFmxR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNDg2Ri8yMkNGMzQ0ODg2
NkMxMUVEQUZBNUE0NzFDNEY5QUUwMi81akxUakZveXdoZkc3bkhWTGUtZk9Nb1di
RkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVqTFRqRm95d2hmRzduSFZMZS1mT01vV2JGRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTQ4NkYvMjJDRjM0NDg4NjZDMTFFREFGQTVBNDcxQzRGOUFFMDIvOUQ3QjUzMDBE
MDlCMTFFRTlFMkJFMTYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnPM0wDQYJKoZIhvcNAQELBQADggEBAH7ru7NPDnTy8lVg
aAXpmRIVznkWNiGB15FiQai+2XWVZ1gZLyzF/+i6WvwwiB0Ka8VAowXsVhp+w3ng
LTgyIkvnbm73TkvJQGTiniT0vfQsBo1KgRLum4aj8x/nlfngquDl5FuixKGZQqLc
HRqMiSp9EES8rzU+XQXPdwLmLzF47QfW4FyfE29q+lw+j1OsPED2gVL3V7Jwqu0I
t6lgOgLPRnPcYiwsJjeYVOivKZ5AQVYbKKQsXQVgL1xFWKIvS8JEuGgNgOxp+fiD
q2w+AxqEIBDkstIwtjqB2pnaFfAuIRMI4s2YhxTf79jjTenWu2OssDYGFLquuYTR
cIoDRuM=
-----END CERTIFICATE-----
Generated at Wed Feb 21 19:06:50 2024 by rpki-client on console-ams.rpki-client.org