Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912BBC9/83FF9FECAA8111EAB42A0433C4F9AE02/D3CEE17A36F311EEA68D8E37C4F9AE02.roa
File: D3CEE17A36F311EEA68D8E37C4F9AE02.roa (raw, json)
Hash identifier: sSqSz3Cyn3X4Ei8GXChrZLOp0/sTXd+WKg6QuD8PtCs=
Subject key identifier: 71:7C:B6:0A:1A:39:BD:38:7F:BD:33:7E:16:6A:78:F8:59:CC:A2:83
Certificate issuer: /CN=A912BBC9/serialNumber=D3B7215E1660A19EFD2E772F9BA7A7BDC6EE0D28
Certificate serial: 07D7
Authority key identifier: D3:B7:21:5E:16:60:A1:9E:FD:2E:77:2F:9B:A7:A7:BD:C6:EE:0D:28
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/07chXhZgoZ79Lncvm6envcbuDSg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912BBC9/83FF9FECAA8111EAB42A0433C4F9AE02/D3CEE17A36F311EEA68D8E37C4F9AE02.roa
Signing time: Mon 04 Sep 2023 21:28:41 +0000
ROA not before: Mon 04 Sep 2023 21:28:41 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 150683
IP address blocks: 103.141.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Oct 2023 17:34:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2007 (0x7d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912BBC9/serialNumber=D3B7215E1660A19EFD2E772F9BA7A7BDC6EE0D28
Validity
Not Before: Sep 4 21:28:41 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64f64c09-1c57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:eb:fa:7f:0f:f6:7e:04:24:e5:c1:4f:1b:cc:
53:05:72:31:3e:4e:11:9a:93:6b:21:62:c2:f3:f7:
29:c7:ad:c0:17:7a:12:bb:d9:31:5a:51:92:f9:6b:
85:7a:e9:8d:46:11:3a:be:cc:81:bc:c7:ec:eb:17:
cb:75:fd:e7:99:a4:ca:10:cd:7f:ce:8d:4e:e7:24:
b2:b0:9e:cc:6d:41:d3:7c:0b:4b:c3:30:11:5a:a0:
14:a8:21:97:fa:7c:ca:76:65:f1:0d:1f:31:cb:ed:
27:08:cc:54:51:11:91:5e:dc:fd:fa:08:a0:b4:36:
ad:9d:2a:61:76:2b:8a:0b:fd:a3:0f:92:22:e3:9f:
a4:bf:d7:dd:19:55:2a:16:d6:0b:23:4e:be:b7:8d:
33:af:4b:0b:75:8a:67:e8:36:0c:8c:0e:1c:39:9b:
a3:d4:31:64:08:2b:1b:2c:31:2c:07:27:50:dd:fa:
7c:72:94:a3:c7:9f:c0:4d:dd:e1:f4:8a:7f:86:29:
b5:00:28:d3:17:58:21:60:c6:bc:22:02:17:bc:d8:
8c:98:2c:a6:f0:f7:16:60:87:da:3a:69:17:92:fe:
f2:15:19:fd:7b:27:fe:08:26:21:91:fa:ba:25:ee:
e9:03:9c:83:03:44:d4:53:7c:ae:f6:ae:82:62:f0:
a1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:7C:B6:0A:1A:39:BD:38:7F:BD:33:7E:16:6A:78:F8:59:CC:A2:83
X509v3 Authority Key Identifier:
keyid:D3:B7:21:5E:16:60:A1:9E:FD:2E:77:2F:9B:A7:A7:BD:C6:EE:0D:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912BBC9/83FF9FECAA8111EAB42A0433C4F9AE02/07chXhZgoZ79Lncvm6envcbuDSg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/07chXhZgoZ79Lncvm6envcbuDSg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BBC9/83FF9FECAA8111EAB42A0433C4F9AE02/D3CEE17A36F311EEA68D8E37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.141.158.0/24
Signature Algorithm: sha256WithRSAEncryption
69:5c:be:2a:6d:b4:36:1d:ee:de:6f:0d:44:77:69:6b:fe:6a:
5b:3a:13:d6:cc:fd:b3:c3:0f:21:d0:81:6e:b5:9b:04:e0:75:
04:c3:8e:a1:27:8f:5c:f3:f9:95:d8:b5:55:17:be:07:b8:a4:
6a:e4:38:af:8c:d0:d2:16:2f:e9:26:1f:8d:08:d3:be:38:27:
b9:5c:b6:65:f3:97:11:d9:78:5b:ba:1b:59:ea:58:2d:66:1f:
a1:75:b8:24:57:4c:36:31:b7:63:a2:80:78:89:5e:30:b6:23:
81:3d:c1:4e:bb:16:cf:4d:be:50:0f:a3:58:1e:69:ed:f1:af:
5e:00:0f:9a:f8:88:f2:e4:3b:99:dd:86:b6:82:e6:15:8e:96:
d3:e6:ad:16:33:f8:c5:a2:e9:85:aa:52:44:ad:83:3d:2c:6c:
8d:6a:bd:65:32:71:0c:cd:f0:a4:db:fd:f0:f4:99:9f:7c:16:
eb:5d:57:ba:43:38:46:b7:e5:1b:ae:50:8d:e7:bc:a8:be:f5:
65:52:18:e9:9a:d3:6c:8d:ff:9b:97:90:ea:4d:28:71:5f:53:
17:bb:b5:47:6a:48:ab:79:a1:21:c4:ef:bf:4b:df:2c:0f:72:
b0:4f:34:92:0b:a1:27:10:e9:00:c3:5e:0d:f3:b3:4b:d7:c6:
4d:4e:f6:26
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB9cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkJCQzkxMTAvBgNVBAUTKEQzQjcyMTVFMTY2MEExOUVGRDJFNzcyRjlCQTdBN0JE
QzZFRTBEMjgwHhcNMjMwOTA0MjEyODQxWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY2NGMwOS0xYzU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4ev6fw/2fgQk5cFPG8xTBXIxPk4RmpNrIWLC8/cpx63AF3oSu9kxWlGS+WuF
eumNRhE6vsyBvMfs6xfLdf3nmaTKEM1/zo1O5ySysJ7MbUHTfAtLwzARWqAUqCGX
+nzKdmXxDR8xy+0nCMxUURGRXtz9+gigtDatnSphdiuKC/2jD5Ii45+kv9fdGVUq
FtYLI06+t40zr0sLdYpn6DYMjA4cOZuj1DFkCCsbLDEsBydQ3fp8cpSjx5/ATd3h
9Ip/him1ACjTF1ghYMa8IgIXvNiMmCym8PcWYIfaOmkXkv7yFRn9eyf+CCYhkfq6
Je7pA5yDA0TUU3yu9q6CYvChCwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHF8tgoa
Ob04f70zfhZqePhZzKKDMB8GA1UdIwQYMBaAFNO3IV4WYKGe/S53L5unp73G7g0o
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkJDOS84M0ZGOUZFQ0FB
ODExMUVBQjQyQTA0MzNDNEY5QUUwMi8wN2NoWGhaZ29aNzlMbmN2bTZlbnZjYnVE
U2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzA3Y2hYaFpnb1o3OUxuY3ZtNmVudmNidURTZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkJCQzkvODNGRjlGRUNBQTgxMTFFQUI0MkEwNDMzQzRGOUFFMDIvRDNDRUUxN0Ez
NkYzMTFFRUE2OEQ4RTM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnjZ4wDQYJKoZIhvcNAQELBQADggEBAGlcvipttDYd7t5v
DUR3aWv+als6E9bM/bPDDyHQgW61mwTgdQTDjqEnj1zz+ZXYtVUXvge4pGrkOK+M
0NIWL+kmH40I0744J7lctmXzlxHZeFu6G1nqWC1mH6F1uCRXTDYxt2OigHiJXjC2
I4E9wU67Fs9NvlAPo1geae3xr14AD5r4iPLkO5ndhraC5hWOltPmrRYz+MWi6YWq
UkStgz0sbI1qvWUycQzN8KTb/fD0mZ98FutdV7pDOEa35RuuUI3nvKi+9WVSGOma
02yN/5uXkOpNKHFfUxe7tUdqSKt5oSHE779L3ywPcrBPNJILoScQ6QDDXg3zs0vX
xk1O9iY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org