Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9122DC4/5BEDD054B31611EEA8BCC624C4F9AE02/ACDD0CE6B31611EE8F488E25C4F9AE02.roa
File: ACDD0CE6B31611EE8F488E25C4F9AE02.roa (raw, json)
Hash identifier: v+C13Xf1z/o4i4rX2ywp+dwiAJDPmMkwn84u5bzqhGc=
Subject key identifier: 16:17:07:9C:48:58:A1:C7:C1:FF:88:98:17:49:05:C9:34:E0:76:8E
Certificate issuer: /CN=A9122DC4/serialNumber=5B4300FE49AEE0E415CC61976C02B5B9C0204AAD
Certificate serial: 0A
Authority key identifier: 5B:43:00:FE:49:AE:E0:E4:15:CC:61:97:6C:02:B5:B9:C0:20:4A:AD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/W0MA_kmu4OQVzGGXbAK1ucAgSq0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9122DC4/5BEDD054B31611EEA8BCC624C4F9AE02/ACDD0CE6B31611EE8F488E25C4F9AE02.roa
Signing time: Sun 14 Jan 2024 20:31:18 +0000
ROA not before: Sun 14 Jan 2024 20:31:18 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 58715
IP address blocks: 103.188.136.0/24 maxlen: 24
103.188.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 16 Mar 2024 19:10:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9122DC4/serialNumber=5B4300FE49AEE0E415CC61976C02B5B9C0204AAD
Validity
Not Before: Jan 14 20:31:18 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65a44496-f7e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:35:dd:02:2c:6c:7f:86:23:6e:78:55:f4:25:
fe:01:74:be:cb:4d:f6:47:35:ad:7f:bd:3e:51:e0:
a1:2a:70:c6:3a:df:97:5b:ed:34:b4:18:4d:0a:60:
4f:65:85:be:30:12:f1:ef:ec:7c:b1:a0:6f:bd:60:
48:0e:75:98:92:f3:1a:38:bd:1b:41:1d:7b:cf:df:
5d:69:0a:3d:8b:d6:ee:ff:28:38:d2:d7:a7:c8:f6:
21:0c:f1:55:a9:12:ad:05:01:79:00:67:f1:24:01:
fe:30:48:60:7a:0c:e5:8b:e9:7c:c9:69:7d:ff:ae:
0d:f1:b1:59:2f:bc:36:ee:f2:08:ed:da:32:1b:e2:
ab:45:75:3e:0e:0b:1c:5c:71:9c:1a:94:50:2a:c6:
dd:82:9b:50:2d:41:6b:9e:13:a9:36:1d:fb:60:c6:
40:06:92:9c:fe:56:b5:ba:28:91:f3:48:48:6f:f5:
84:ed:92:85:87:18:0c:2e:7b:5a:cb:35:7e:85:0e:
ed:49:fd:d9:c5:c1:34:1e:4f:fb:19:06:d4:5f:f5:
df:69:a2:ed:13:98:92:02:2b:04:4c:87:2a:7f:8b:
5e:40:6a:7c:25:fc:90:25:2e:12:9c:ce:b8:ef:7c:
d8:1b:ca:52:23:f7:4d:fd:a2:9c:0c:bf:c6:57:86:
93:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:17:07:9C:48:58:A1:C7:C1:FF:88:98:17:49:05:C9:34:E0:76:8E
X509v3 Authority Key Identifier:
keyid:5B:43:00:FE:49:AE:E0:E4:15:CC:61:97:6C:02:B5:B9:C0:20:4A:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9122DC4/5BEDD054B31611EEA8BCC624C4F9AE02/W0MA_kmu4OQVzGGXbAK1ucAgSq0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/W0MA_kmu4OQVzGGXbAK1ucAgSq0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122DC4/5BEDD054B31611EEA8BCC624C4F9AE02/ACDD0CE6B31611EE8F488E25C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.188.136.0/23
Signature Algorithm: sha256WithRSAEncryption
39:bc:37:dd:9f:02:2d:45:f2:b2:38:b6:8d:ff:f8:92:47:5a:
81:4d:e2:83:6a:c6:cf:13:d3:22:17:9e:d4:10:9e:09:94:df:
71:52:68:66:9a:4f:d5:ee:b6:48:85:a5:71:ae:b8:91:6a:ed:
51:3d:60:c7:bf:3a:ce:92:19:a0:44:f6:ba:cd:31:01:04:e6:
03:27:39:aa:ec:7b:a6:d3:5f:f7:18:6b:1d:3d:87:95:d5:72:
40:e7:06:e9:40:7b:d7:a6:09:21:52:48:6c:31:e3:2e:9d:51:
80:7d:7e:35:6e:04:88:49:cb:1b:8b:e6:63:96:54:c2:bc:bb:
3e:9d:22:d3:d6:bc:02:84:41:e1:e7:27:99:fa:d6:ad:cb:70:
1a:75:76:38:60:7b:43:40:93:6e:34:8b:8b:e9:ca:d2:c0:1b:
1c:03:d6:da:b7:4b:5c:72:9c:6a:41:71:32:34:59:fa:39:83:
46:b1:09:7d:4e:fb:78:78:cc:d6:36:82:70:c1:c4:8d:d7:ff:
5d:48:f3:81:ae:ba:df:95:10:cd:f9:86:41:98:ce:fc:b8:52:
ed:d9:04:73:fc:30:bd:37:9b:84:bf:d1:c0:cb:b3:1a:b9:8c:
26:e0:7a:55:fe:99:73:38:ad:be:6e:be:01:19:82:2b:23:28:
ac:d4:a6:b7
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
MkRDNDExMC8GA1UEBRMoNUI0MzAwRkU0OUFFRTBFNDE1Q0M2MTk3NkMwMkI1QjlD
MDIwNEFBRDAeFw0yNDAxMTQyMDMxMThaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YTQ0NDk2LWY3ZTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCqNd0CLGx/hiNueFX0Jf4BdL7LTfZHNa1/vT5R4KEqcMY635db7TS0GE0KYE9l
hb4wEvHv7HyxoG+9YEgOdZiS8xo4vRtBHXvP311pCj2L1u7/KDjS16fI9iEM8VWp
Eq0FAXkAZ/EkAf4wSGB6DOWL6XzJaX3/rg3xsVkvvDbu8gjt2jIb4qtFdT4OCxxc
cZwalFAqxt2Cm1AtQWueE6k2HftgxkAGkpz+VrW6KJHzSEhv9YTtkoWHGAwue1rL
NX6FDu1J/dnFwTQeT/sZBtRf9d9pou0TmJICKwRMhyp/i15Aanwl/JAlLhKczrjv
fNgbylIj9039opwMv8ZXhpPPAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUFhcHnEhY
ocfB/4iYF0kFyTTgdo4wHwYDVR0jBBgwFoAUW0MA/kmu4OQVzGGXbAK1ucAgSq0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIyREM0LzVCRUREMDU0QjMx
NjExRUVBOEJDQzYyNEM0RjlBRTAyL1cwTUFfa211NE9RVnpHR1hiQUsxdWNBZ1Nx
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVzBNQV9rbXU0T1FWekdHWGJBSzF1Y0FnU3EwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
MkRDNC81QkVERDA1NEIzMTYxMUVFQThCQ0M2MjRDNEY5QUUwMi9BQ0REMENFNkIz
MTYxMUVFOEY0ODhFMjVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe8iDANBgkqhkiG9w0BAQsFAAOCAQEAObw33Z8CLUXysji2
jf/4kkdagU3ig2rGzxPTIhee1BCeCZTfcVJoZppP1e62SIWlca64kWrtUT1gx786
zpIZoET2us0xAQTmAyc5qux7ptNf9xhrHT2HldVyQOcG6UB716YJIVJIbDHjLp1R
gH1+NW4EiEnLG4vmY5ZUwry7Pp0i09a8AoRB4ecnmfrWrctwGnV2OGB7Q0CTbjSL
i+nK0sAbHAPW2rdLXHKcakFxMjRZ+jmDRrEJfU77eHjM1jaCcMHEjdf/XUjzga66
35UQzfmGQZjO/LhS7dkEc/wwvTebhL/RwMuzGrmMJuB6Vf6Zczitvm6+ARmCKyMo
rNSmtw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org