Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9116B5E/F58C5694A6E011EBAC1DEB57C4F9AE02/CF6FCFD4748C11ECA9BF0D3CC4F9AE02.roa
File: CF6FCFD4748C11ECA9BF0D3CC4F9AE02.roa (raw, json)
Hash identifier: jQpi+M2znnNEvBSvROGcuriBv9KVtlR8SVtu7Ube3Yk=
Subject key identifier: 86:A3:99:2F:54:D5:8D:BC:7E:C4:8E:1A:85:9F:CE:BB:EE:05:B7:A9
Certificate issuer: /CN=A9116B5E/serialNumber=FA356029FC772A5B43269C316AD685C4BB5A656D
Certificate serial: 056A
Authority key identifier: FA:35:60:29:FC:77:2A:5B:43:26:9C:31:6A:D6:85:C4:BB:5A:65:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-jVgKfx3KltDJpwxataFxLtaZW0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9116B5E/F58C5694A6E011EBAC1DEB57C4F9AE02/CF6FCFD4748C11ECA9BF0D3CC4F9AE02.roa
Signing time: Mon 24 Jun 2024 16:20:24 +0000
ROA not before: Mon 24 Jun 2024 16:20:24 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 141434
IP address blocks: 103.159.4.0/24 maxlen: 24
103.159.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 15:28:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1386 (0x56a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9116B5E/serialNumber=FA356029FC772A5B43269C316AD685C4BB5A656D
Validity
Not Before: Jun 24 16:20:24 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66799cc8-1364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:35:1e:d5:3f:f6:74:59:c2:51:80:70:5e:40:
75:12:71:2d:f8:01:66:96:7b:c0:ba:07:ba:1c:ee:
a7:7e:bc:be:ee:19:10:ed:24:98:ac:87:70:f0:e3:
ab:eb:de:4c:a3:cb:19:57:9a:00:f6:42:a6:65:88:
03:1a:c4:c1:08:b7:c9:e7:c5:44:d9:04:ae:8b:82:
91:fb:61:06:37:66:92:0e:a6:39:1c:e9:f8:7e:1e:
48:4d:68:3c:93:49:48:12:12:fd:6e:6c:6f:f0:b6:
bc:2e:e1:cc:c5:ce:ce:56:02:9c:08:be:4c:b0:a2:
80:e1:c6:8b:1a:e6:4b:d0:96:a3:6c:d4:42:cd:09:
b8:f7:84:91:fd:94:b5:e6:11:84:ad:27:99:7f:78:
5c:0e:af:c4:b9:b2:30:c2:68:22:4a:1e:85:a6:84:
b1:16:a7:b0:b4:51:19:0d:2d:9d:d3:45:d9:a1:82:
50:fb:16:de:82:a2:43:e0:8e:4a:a3:16:45:b3:09:
b7:58:65:cd:8f:a4:2a:19:85:b4:81:8b:eb:ba:72:
f8:c3:e0:93:62:96:30:fc:dd:5b:fb:0d:90:08:ba:
3d:0a:4d:c7:28:40:68:e8:87:03:dc:c8:2d:62:c6:
40:68:f3:6c:55:0e:cc:1e:0a:8c:c4:fc:f7:d2:10:
56:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A3:99:2F:54:D5:8D:BC:7E:C4:8E:1A:85:9F:CE:BB:EE:05:B7:A9
X509v3 Authority Key Identifier:
keyid:FA:35:60:29:FC:77:2A:5B:43:26:9C:31:6A:D6:85:C4:BB:5A:65:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9116B5E/F58C5694A6E011EBAC1DEB57C4F9AE02/-jVgKfx3KltDJpwxataFxLtaZW0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-jVgKfx3KltDJpwxataFxLtaZW0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9116B5E/F58C5694A6E011EBAC1DEB57C4F9AE02/CF6FCFD4748C11ECA9BF0D3CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.4.0/23
Signature Algorithm: sha256WithRSAEncryption
38:91:03:4d:f6:e8:7f:c0:cd:f7:fe:64:28:41:d2:f7:9e:33:
bd:04:f5:ff:bf:58:a6:12:54:80:21:1f:7a:3b:3c:ef:7a:c2:
66:6b:1a:0d:ee:38:43:c6:ff:d7:05:4d:64:4d:3f:ce:e7:49:
2a:ba:64:85:05:79:63:99:7e:4c:d9:bb:8c:84:ab:ed:d1:68:
64:c5:45:aa:9c:18:31:54:90:f4:b2:9a:fe:25:6f:7c:4f:90:
66:95:a4:52:a9:7d:5a:d7:20:47:d8:ce:19:07:6b:d0:c7:3f:
97:49:9f:e3:a4:49:55:e9:0e:d4:d5:81:6f:e7:be:3a:d7:db:
a2:18:10:7e:5b:be:15:7a:1f:0f:b8:84:4d:ad:35:71:c9:9b:
3c:60:ac:08:78:2b:3e:93:93:c4:88:e4:b7:d7:de:1e:e8:bc:
b6:28:d4:2c:99:09:a2:2a:d7:95:0c:42:8b:ce:5a:bb:a5:b4:
69:e7:74:f3:cb:33:45:b9:dd:44:6e:0b:b5:ba:62:50:28:34:
ee:da:3e:52:be:a4:1a:2c:38:4d:d4:53:db:c2:df:27:dc:ae:
d1:2b:89:56:f0:c4:3f:cd:87:1e:6f:32:b4:4c:e2:c2:11:e8:
90:58:8d:61:d3:3c:47:9d:a7:23:c9:e7:3a:ee:5f:5a:e7:c3:
ff:9b:a0:c6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBWowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTZCNUUxMTAvBgNVBAUTKEZBMzU2MDI5RkM3NzJBNUI0MzI2OUMzMTZBRDY4NUM0
QkI1QTY1NkQwHhcNMjQwNjI0MTYyMDI0WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njc5OWNjOC0xMzY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxTUe1T/2dFnCUYBwXkB1EnEt+AFmlnvAuge6HO6nfry+7hkQ7SSYrIdw8OOr
695Mo8sZV5oA9kKmZYgDGsTBCLfJ58VE2QSui4KR+2EGN2aSDqY5HOn4fh5ITWg8
k0lIEhL9bmxv8La8LuHMxc7OVgKcCL5MsKKA4caLGuZL0JajbNRCzQm494SR/ZS1
5hGErSeZf3hcDq/EubIwwmgiSh6FpoSxFqewtFEZDS2d00XZoYJQ+xbegqJD4I5K
oxZFswm3WGXNj6QqGYW0gYvrunL4w+CTYpYw/N1b+w2QCLo9Ck3HKEBo6IcD3Mgt
YsZAaPNsVQ7MHgqMxPz30hBW+wIDAQABo4IClTCCApEwHQYDVR0OBBYEFIajmS9U
1Y28fsSOGoWfzrvuBbepMB8GA1UdIwQYMBaAFPo1YCn8dypbQyacMWrWhcS7WmVt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNkI1RS9GNThDNTY5NEE2
RTAxMUVCQUMxREVCNTdDNEY5QUUwMi8talZnS2Z4M0tsdERKcHd4YXRhRnhMdGFa
VzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1qVmdLZngzS2x0REpwd3hhdGFGeEx0YVpXMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTZCNUUvRjU4QzU2OTRBNkUwMTFFQkFDMURFQjU3QzRGOUFFMDIvQ0Y2RkNGRDQ3
NDhDMTFFQ0E5QkYwRDNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnwQwDQYJKoZIhvcNAQELBQADggEBADiRA0326H/Azff+
ZChB0veeM70E9f+/WKYSVIAhH3o7PO96wmZrGg3uOEPG/9cFTWRNP87nSSq6ZIUF
eWOZfkzZu4yEq+3RaGTFRaqcGDFUkPSymv4lb3xPkGaVpFKpfVrXIEfYzhkHa9DH
P5dJn+OkSVXpDtTVgW/nvjrX26IYEH5bvhV6Hw+4hE2tNXHJmzxgrAh4Kz6Tk8SI
5LfX3h7ovLYo1CyZCaIq15UMQovOWrultGnndPPLM0W53URuC7W6YlAoNO7aPlK+
pBosOE3UU9vC3yfcrtEriVbwxD/Nhx5vMrRM4sIR6JBYjWHTPEedpyPJ5zruX1rn
w/+boMY=
-----END CERTIFICATE-----
Generated at Mon Oct 21 18:01:04 2024 by rpki-client on console-fra.rpki-client.org