Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/09797E9C40E711ED819E7369C4F9AE02.roa
File: 09797E9C40E711ED819E7369C4F9AE02.roa (raw, json)
Hash identifier: weR4cIXLIIi/LBdXRyKg6AsUgmfOG9ABURrlFs9IezQ=
Subject key identifier: 0B:B5:CA:5D:5C:55:EC:5C:BB:D6:22:13:EF:81:6D:07:C7:E7:9A:83
Certificate issuer: /CN=A912E99B/serialNumber=246F6A4BE15B00CFEC0DC399A5E8439F939C9174
Certificate serial: 0597
Authority key identifier: 24:6F:6A:4B:E1:5B:00:CF:EC:0D:C3:99:A5:E8:43:9F:93:9C:91:74
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JG9qS-FbAM_sDcOZpehDn5OckXQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/09797E9C40E711ED819E7369C4F9AE02.roa
Signing time: Sat 26 Aug 2023 23:00:11 +0000
ROA not before: Sat 26 Aug 2023 23:00:11 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 136969
IP address blocks: 103.152.100.0/24 maxlen: 24
103.152.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Aug 2023 11:05:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1431 (0x597)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912E99B/serialNumber=246F6A4BE15B00CFEC0DC399A5E8439F939C9174
Validity
Not Before: Aug 26 23:00:11 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64ea83fb-be0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f9:9d:c5:ab:25:c3:7f:a4:b0:e5:02:dd:c0:
b2:23:fa:23:83:a9:8a:14:8a:fd:d0:20:5c:4e:a4:
3b:f9:3c:f6:24:7e:68:80:bb:4c:1d:31:fe:c2:c6:
08:c7:55:13:fb:26:c8:18:72:13:5e:c4:c7:d8:cf:
dd:a1:19:81:c9:01:a1:39:3d:5b:34:ab:7b:5a:fa:
d6:44:83:34:2d:b0:58:86:19:d9:74:a3:db:9f:33:
b5:0c:2e:f4:79:79:54:af:94:3a:25:72:cc:9c:b8:
8f:c1:33:99:f4:3e:e1:ed:9d:24:5f:02:78:3a:c0:
f9:1a:27:e1:e9:16:8c:3f:ed:77:f1:c5:58:9f:3f:
10:af:fe:6f:f6:85:40:d5:b6:e1:b9:b5:43:73:d5:
e3:a9:1c:99:d7:c9:1c:28:a1:f1:ba:00:60:3e:69:
e9:d7:1c:41:ef:69:b6:27:15:33:a6:e0:d9:42:78:
04:a6:19:94:ec:e5:22:9d:c6:3b:fd:26:15:75:ff:
04:7d:ee:57:5c:7b:74:12:5f:b4:64:69:c3:13:fa:
ec:d4:2e:e3:df:dd:82:99:2a:cc:84:e7:66:d1:cd:
bb:b2:2b:88:bf:bf:5e:32:98:65:63:33:a7:33:90:
d9:68:f7:71:c8:4c:27:5e:25:3e:a9:03:9c:c4:66:
d9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:B5:CA:5D:5C:55:EC:5C:BB:D6:22:13:EF:81:6D:07:C7:E7:9A:83
X509v3 Authority Key Identifier:
keyid:24:6F:6A:4B:E1:5B:00:CF:EC:0D:C3:99:A5:E8:43:9F:93:9C:91:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/JG9qS-FbAM_sDcOZpehDn5OckXQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JG9qS-FbAM_sDcOZpehDn5OckXQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/09797E9C40E711ED819E7369C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.100.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:df:3d:61:5a:35:c6:3d:7d:06:4e:38:09:a9:5b:ae:9e:51:
98:fa:98:2d:77:ec:86:ca:39:44:9a:50:b2:dd:ba:74:db:71:
6e:8b:e6:6c:94:d8:95:79:ab:9d:73:de:73:28:18:5a:80:93:
1c:f0:0b:75:8e:5e:cb:a7:40:8a:79:4f:17:47:47:4a:4b:78:
47:2e:49:e4:5c:e4:52:e1:e9:a6:4c:c3:d6:34:3b:44:f0:da:
68:7a:3a:24:21:da:7d:87:e5:fa:86:51:2c:80:7a:d2:76:17:
68:f0:df:d0:6f:f5:4a:f6:fa:e8:f0:73:01:6a:81:18:3e:0f:
44:e3:ab:1e:49:07:fa:3b:56:8a:b1:53:21:70:52:13:37:b8:
ee:a7:3c:99:21:07:6e:ea:64:aa:b4:87:f4:8c:05:14:07:eb:
7c:18:57:0c:6d:dc:20:65:d0:dd:9b:77:2b:0f:29:2b:90:d5:
b5:19:07:a2:9a:e3:61:39:06:68:9e:85:49:7a:07:66:3e:ba:
55:58:9c:03:d8:0f:96:18:ab:ec:b5:a5:74:06:7a:d5:4f:bc:
4d:39:e4:c6:91:e9:0d:b4:0a:e7:02:74:40:11:c1:3e:9c:df:
a0:0e:83:9b:75:d6:7f:f1:7a:a2:12:9a:76:b4:34:3a:3a:86:
34:b9:9c:1f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkU5OUIxMTAvBgNVBAUTKDI0NkY2QTRCRTE1QjAwQ0ZFQzBEQzM5OUE1RTg0MzlG
OTM5QzkxNzQwHhcNMjMwODI2MjMwMDExWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVhODNmYi1iZTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwfmdxaslw3+ksOUC3cCyI/ojg6mKFIr90CBcTqQ7+Tz2JH5ogLtMHTH+wsYI
x1UT+ybIGHITXsTH2M/doRmByQGhOT1bNKt7WvrWRIM0LbBYhhnZdKPbnzO1DC70
eXlUr5Q6JXLMnLiPwTOZ9D7h7Z0kXwJ4OsD5Gifh6RaMP+138cVYnz8Qr/5v9oVA
1bbhubVDc9XjqRyZ18kcKKHxugBgPmnp1xxB72m2JxUzpuDZQngEphmU7OUincY7
/SYVdf8Efe5XXHt0El+0ZGnDE/rs1C7j392CmSrMhOdm0c27siuIv79eMphlYzOn
M5DZaPdxyEwnXiU+qQOcxGbZXwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAu1yl1c
Vexcu9YiE++BbQfH55qDMB8GA1UdIwQYMBaAFCRvakvhWwDP7A3DmaXoQ5+TnJF0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRTk5Qi83MzNEQTRFODVC
MzMxMUVCODAwQ0I4MENDNEY5QUUwMi9KRzlxUy1GYkFNX3NEY09acGVoRG41T2Nr
WFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pHOXFTLUZiQU1fc0RjT1pwZWhEbjVPY2tYUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkU5OUIvNzMzREE0RTg1QjMzMTFFQjgwMENCODBDQzRGOUFFMDIvMDk3OTdFOUM0
MEU3MTFFRDgxOUU3MzY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmGQwDQYJKoZIhvcNAQELBQADggEBAIvfPWFaNcY9fQZO
OAmpW66eUZj6mC137IbKOUSaULLdunTbcW6L5myU2JV5q51z3nMoGFqAkxzwC3WO
XsunQIp5TxdHR0pLeEcuSeRc5FLh6aZMw9Y0O0Tw2mh6OiQh2n2H5fqGUSyAetJ2
F2jw39Bv9Ur2+ujwcwFqgRg+D0Tjqx5JB/o7VoqxUyFwUhM3uO6nPJkhB27qZKq0
h/SMBRQH63wYVwxt3CBl0N2bdysPKSuQ1bUZB6Ka42E5BmiehUl6B2Y+ulVYnAPY
D5YYq+y1pXQGetVPvE055MaR6Q20CucCdEARwT6c36AOg5t11n/xeqISmna0NDo6
hjS5nB8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org