Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/DEBA0696C12C11EEB6FEFB23C4F9AE02.roa
File: DEBA0696C12C11EEB6FEFB23C4F9AE02.roa (raw, json)
Hash identifier: GVpypGXyQ7kBr/6SfKOTfh1lIt3ZzFWGaH0+LRJhSk0=
Subject key identifier: 6E:28:A6:58:AB:13:F3:98:5C:B0:64:15:1A:C5:D8:D7:21:7B:61:D3
Certificate issuer: /CN=A912438F/serialNumber=C888D1EEE04BEF3E815F09DDFA19193D699B4F47
Certificate serial: 066D
Authority key identifier: C8:88:D1:EE:E0:4B:EF:3E:81:5F:09:DD:FA:19:19:3D:69:9B:4F:47
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yIjR7uBL7z6BXwnd-hkZPWmbT0c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/DEBA0696C12C11EEB6FEFB23C4F9AE02.roa
Signing time: Thu 01 Feb 2024 18:08:16 +0000
ROA not before: Thu 01 Feb 2024 18:08:16 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 138640
IP address blocks: 103.158.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Aug 2024 14:51:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1645 (0x66d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912438F/serialNumber=C888D1EEE04BEF3E815F09DDFA19193D699B4F47
Validity
Not Before: Feb 1 18:08:16 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65bbde0f-f32a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5e:b4:23:e6:e1:f6:66:d4:fc:79:bb:d6:f6:
6f:21:a2:a7:10:d9:cb:10:6a:98:4c:2e:0b:62:67:
42:6c:65:f4:40:36:55:78:90:7c:fe:58:26:30:e7:
f1:4f:42:eb:f6:70:24:e1:be:04:e0:d8:da:fc:d9:
b0:fd:cb:50:0e:36:49:ae:80:ca:cc:a0:cf:6d:92:
cf:46:64:4d:0d:87:ab:42:3e:07:4b:26:f2:f9:90:
cb:ed:88:37:d2:ce:34:b4:bb:81:9a:fa:4b:e2:d4:
40:8f:06:bd:18:6c:37:12:a8:4a:f7:f2:78:65:7e:
37:86:b9:5c:4b:fa:7d:5c:98:0b:d4:3a:11:2b:a4:
65:07:cc:d6:03:8b:54:05:7c:60:bc:ae:bf:a3:8d:
d6:2c:5f:ae:bf:8b:ec:90:f1:8a:8d:e7:93:bd:4f:
05:05:80:3c:5b:f3:8e:88:0d:26:b5:68:9f:4a:6d:
38:4c:f9:1d:e1:c6:c6:9c:c9:2a:cb:c6:25:72:ec:
ad:bf:04:49:7c:c6:54:9b:8a:8f:ca:fe:f8:b2:e0:
05:08:bf:0b:9c:8b:db:90:fd:77:ba:4b:eb:c0:ba:
a8:ee:ac:44:1d:e2:66:c2:7b:0f:d2:9b:0f:3c:6d:
63:16:0a:28:b8:6c:df:8c:15:45:d1:55:62:07:a6:
50:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:28:A6:58:AB:13:F3:98:5C:B0:64:15:1A:C5:D8:D7:21:7B:61:D3
X509v3 Authority Key Identifier:
keyid:C8:88:D1:EE:E0:4B:EF:3E:81:5F:09:DD:FA:19:19:3D:69:9B:4F:47
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/yIjR7uBL7z6BXwnd-hkZPWmbT0c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yIjR7uBL7z6BXwnd-hkZPWmbT0c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/DEBA0696C12C11EEB6FEFB23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.158.159.0/24
Signature Algorithm: sha256WithRSAEncryption
66:eb:03:98:fb:96:3b:c9:bb:bb:98:39:e2:a4:16:f5:5f:8b:
b9:1d:d0:54:ca:f2:e7:2d:bd:4f:2e:cc:e3:d7:db:89:a5:b9:
3e:e5:16:fc:2c:05:68:09:ff:e3:05:53:63:3c:77:4c:b7:89:
d0:9b:c9:22:7f:8e:21:51:a8:d7:6a:39:e7:96:0a:92:d1:c1:
5f:8f:d6:37:18:41:40:c3:0e:99:43:d8:f2:e1:c3:35:77:fa:
3f:9e:75:93:75:e1:25:09:3a:ff:d9:0b:e4:a6:6c:c2:cf:5a:
ec:75:1e:09:7f:9c:54:ff:3d:35:75:8b:60:ba:c2:e0:25:7d:
ba:bf:2e:e9:05:1c:3c:b4:76:eb:5b:19:e8:cf:02:d0:87:32:
3c:9c:85:89:a9:cb:96:07:49:af:ab:ad:09:2b:24:5c:38:fd:
07:0e:c5:43:3d:cd:f1:e3:b5:d2:9f:54:56:34:b8:e8:9e:60:
58:27:1e:2f:65:c9:81:ad:bc:cb:9e:61:bc:68:99:79:c9:ef:
41:40:9c:59:78:3a:d3:24:e9:64:ce:0b:31:ef:c4:55:8a:84:
93:63:21:7d:2e:9e:60:d0:64:c7:5b:e4:77:17:cd:3f:b4:60:
66:9f:7a:c7:1e:eb:3f:40:bc:b1:a3:f7:8d:94:5a:7d:09:98:
5a:f8:7f:df
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBm0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQzOEYxMTAvBgNVBAUTKEM4ODhEMUVFRTA0QkVGM0U4MTVGMDlEREZBMTkxOTNE
Njk5QjRGNDcwHhcNMjQwMjAxMTgwODE2WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWJiZGUwZi1mMzJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtV60I+bh9mbU/Hm71vZvIaKnENnLEGqYTC4LYmdCbGX0QDZVeJB8/lgmMOfx
T0Lr9nAk4b4E4Nja/Nmw/ctQDjZJroDKzKDPbZLPRmRNDYerQj4HSyby+ZDL7Yg3
0s40tLuBmvpL4tRAjwa9GGw3EqhK9/J4ZX43hrlcS/p9XJgL1DoRK6RlB8zWA4tU
BXxgvK6/o43WLF+uv4vskPGKjeeTvU8FBYA8W/OOiA0mtWifSm04TPkd4cbGnMkq
y8YlcuytvwRJfMZUm4qPyv74suAFCL8LnIvbkP13ukvrwLqo7qxEHeJmwnsP0psP
PG1jFgoouGzfjBVF0VViB6ZQnQIDAQABo4IClTCCApEwHQYDVR0OBBYEFG4oplir
E/OYXLBkFRrF2Nche2HTMB8GA1UdIwQYMBaAFMiI0e7gS+8+gV8J3foZGT1pm09H
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDM4Ri9DNzU5MEJENjI1
QUUxMUVCOEVFQzIyMEFDNEY5QUUwMi95SWpSN3VCTDd6NkJYd25kLWhrWlBXbWJU
MGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lJalI3dUJMN3o2Qlh3bmQtaGtaUFdtYlQwYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQzOEYvQzc1OTBCRDYyNUFFMTFFQjhFRUMyMjBBQzRGOUFFMDIvREVCQTA2OTZD
MTJDMTFFRUI2RkVGQjIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnnp8wDQYJKoZIhvcNAQELBQADggEBAGbrA5j7ljvJu7uY
OeKkFvVfi7kd0FTK8uctvU8uzOPX24mluT7lFvwsBWgJ/+MFU2M8d0y3idCbySJ/
jiFRqNdqOeeWCpLRwV+P1jcYQUDDDplD2PLhwzV3+j+edZN14SUJOv/ZC+SmbMLP
Wux1Hgl/nFT/PTV1i2C6wuAlfbq/LukFHDy0dutbGejPAtCHMjychYmpy5YHSa+r
rQkrJFw4/QcOxUM9zfHjtdKfVFY0uOieYFgnHi9lyYGtvMueYbxomXnJ70FAnFl4
OtMk6WTOCzHvxFWKhJNjIX0unmDQZMdb5HcXzT+0YGafesce6z9AvLGj942UWn0J
mFr4f98=
-----END CERTIFICATE-----
Generated at Tue Aug 20 19:03:38 2024 by rpki-client on console-ams.rpki-client.org