Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/B7425DBC76F911EDB2784932C4F9AE02.roa
File: B7425DBC76F911EDB2784932C4F9AE02.roa (raw, json)
Hash identifier: yVVuzNt6K3zfFe7fR6UFB7hK8BrDMS9Jp2trl5+aAvk=
Subject key identifier: F7:2B:6C:22:FE:CD:65:D6:07:BA:6D:71:0A:9C:AD:22:00:58:6E:2F
Certificate issuer: /CN=A912E99B/serialNumber=246F6A4BE15B00CFEC0DC399A5E8439F939C9174
Certificate serial: 0599
Authority key identifier: 24:6F:6A:4B:E1:5B:00:CF:EC:0D:C3:99:A5:E8:43:9F:93:9C:91:74
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JG9qS-FbAM_sDcOZpehDn5OckXQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/B7425DBC76F911EDB2784932C4F9AE02.roa
Signing time: Sat 26 Aug 2023 23:00:13 +0000
ROA not before: Sat 26 Aug 2023 23:00:13 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 142150
IP address blocks: 103.152.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Sep 2023 12:23:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1433 (0x599)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912E99B/serialNumber=246F6A4BE15B00CFEC0DC399A5E8439F939C9174
Validity
Not Before: Aug 26 23:00:13 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64ea83fd-a147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:39:e8:6f:0b:c3:1f:10:8f:43:0b:d1:8d:81:
09:ec:a9:be:ed:73:8b:c5:dc:27:a2:0b:ae:42:44:
4c:47:c7:85:eb:ea:23:e4:7a:57:1b:25:36:9a:e9:
f1:5d:af:53:62:5d:63:de:1f:e1:7c:e8:fd:45:28:
e0:b0:c0:21:76:38:b8:a2:6c:c9:84:62:45:f3:a9:
87:28:ab:84:b7:6d:3f:ef:ab:cf:5d:35:4e:92:f5:
45:d3:1b:4b:f4:69:f8:49:94:88:ac:57:bc:68:ab:
eb:1f:51:dd:57:93:36:94:87:09:81:9a:e5:b8:f8:
cd:41:ac:aa:af:a8:a3:af:59:e5:2c:54:1f:b3:b6:
99:1e:d6:45:4f:64:1b:09:b7:1e:a9:38:f2:5a:4c:
b4:ff:c2:d6:8a:c3:f4:4f:23:33:fd:06:50:9c:9a:
fc:a9:e5:9d:dc:ef:16:9e:89:e0:70:fd:aa:ef:9b:
db:b2:77:a8:f9:0f:9f:9a:f9:63:50:3e:c1:e5:be:
0f:d9:5f:40:15:53:75:07:a6:2f:ba:e7:5c:57:54:
0a:f4:29:fc:78:84:a0:99:e1:2a:29:e5:b6:6d:5b:
14:df:47:e3:8b:48:22:cd:39:fa:c0:bb:54:85:bd:
68:4f:8a:c4:ec:1b:00:7d:ee:49:95:53:b2:da:16:
29:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:2B:6C:22:FE:CD:65:D6:07:BA:6D:71:0A:9C:AD:22:00:58:6E:2F
X509v3 Authority Key Identifier:
keyid:24:6F:6A:4B:E1:5B:00:CF:EC:0D:C3:99:A5:E8:43:9F:93:9C:91:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/JG9qS-FbAM_sDcOZpehDn5OckXQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JG9qS-FbAM_sDcOZpehDn5OckXQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/B7425DBC76F911EDB2784932C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.101.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:f8:3f:19:0c:ef:34:ab:61:c1:29:1e:dc:c4:07:39:94:b1:
64:12:75:52:63:fc:3c:97:ae:28:08:5b:cc:75:6f:e3:40:63:
50:79:94:fa:37:b9:f8:b1:f0:20:29:d8:81:5f:7c:03:97:41:
da:ad:30:36:25:8a:13:d8:69:f0:b0:e6:f5:70:ce:4a:a0:28:
9c:14:d2:c3:e5:f6:f8:8e:77:52:27:74:e9:db:84:9c:9d:f7:
f7:c1:19:b0:a2:5b:3c:4b:96:1f:52:07:04:64:e8:71:8c:b9:
9e:90:e3:ac:24:03:8c:61:c4:2f:a7:85:0e:90:fa:0a:96:25:
09:dd:ef:7c:6d:d3:79:ac:9f:92:0a:08:7a:5c:12:f6:2f:14:
77:63:e8:43:8f:75:ba:06:2b:8f:59:90:4e:d4:3e:39:d9:0d:
8f:e3:50:ac:e4:2b:87:1c:be:88:d1:66:2e:45:35:c6:2c:f7:
1f:8a:3e:8a:09:95:12:a7:50:f4:43:4d:d5:60:dd:35:c9:9b:
05:25:60:20:5e:26:ff:e8:fd:b0:00:60:17:1c:ec:50:c7:72:
3b:ad:a3:b0:c4:24:62:79:0e:62:9a:6a:71:2b:6e:41:52:33:
30:4e:23:20:3c:a6:00:8c:00:1b:bd:96:25:3b:47:15:04:8c:
a7:38:15:15
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBZkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkU5OUIxMTAvBgNVBAUTKDI0NkY2QTRCRTE1QjAwQ0ZFQzBEQzM5OUE1RTg0MzlG
OTM5QzkxNzQwHhcNMjMwODI2MjMwMDEzWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVhODNmZC1hMTQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArjnobwvDHxCPQwvRjYEJ7Km+7XOLxdwnoguuQkRMR8eF6+oj5HpXGyU2munx
Xa9TYl1j3h/hfOj9RSjgsMAhdji4omzJhGJF86mHKKuEt20/76vPXTVOkvVF0xtL
9Gn4SZSIrFe8aKvrH1HdV5M2lIcJgZrluPjNQayqr6ijr1nlLFQfs7aZHtZFT2Qb
CbceqTjyWky0/8LWisP0TyMz/QZQnJr8qeWd3O8WnongcP2q75vbsneo+Q+fmvlj
UD7B5b4P2V9AFVN1B6YvuudcV1QK9Cn8eISgmeEqKeW2bVsU30fji0gizTn6wLtU
hb1oT4rE7BsAfe5JlVOy2hYpQQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPcrbCL+
zWXWB7ptcQqcrSIAWG4vMB8GA1UdIwQYMBaAFCRvakvhWwDP7A3DmaXoQ5+TnJF0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRTk5Qi83MzNEQTRFODVC
MzMxMUVCODAwQ0I4MENDNEY5QUUwMi9KRzlxUy1GYkFNX3NEY09acGVoRG41T2Nr
WFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pHOXFTLUZiQU1fc0RjT1pwZWhEbjVPY2tYUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkU5OUIvNzMzREE0RTg1QjMzMTFFQjgwMENCODBDQzRGOUFFMDIvQjc0MjVEQkM3
NkY5MTFFREIyNzg0OTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnmGUwDQYJKoZIhvcNAQELBQADggEBAIz4PxkM7zSrYcEp
HtzEBzmUsWQSdVJj/DyXrigIW8x1b+NAY1B5lPo3ufix8CAp2IFffAOXQdqtMDYl
ihPYafCw5vVwzkqgKJwU0sPl9viOd1IndOnbhJyd9/fBGbCiWzxLlh9SBwRk6HGM
uZ6Q46wkA4xhxC+nhQ6Q+gqWJQnd73xt03msn5IKCHpcEvYvFHdj6EOPdboGK49Z
kE7UPjnZDY/jUKzkK4ccvojRZi5FNcYs9x+KPooJlRKnUPRDTdVg3TXJmwUlYCBe
Jv/o/bAAYBcc7FDHcjuto7DEJGJ5DmKaanErbkFSMzBOIyA8pgCMABu9liU7RxUE
jKc4FRU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org