Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9149B61/7616D4FC2ACD11EEB7222C3CC4F9AE02/0ABDED5C2ACE11EEA962CB54C4F9AE02.roa
File: 0ABDED5C2ACE11EEA962CB54C4F9AE02.roa (raw, json)
Hash identifier: ioA1XyHwQhLT0QQ60pP3gwgxlFzJULxOQATtXNZ2I0E=
Subject key identifier: 60:29:89:F1:6E:AC:4F:02:16:0D:5D:F4:97:2E:8A:B9:91:6D:11:9A
Certificate issuer: /CN=A9149B61/serialNumber=E3E100F804013A05F922EE11CB4E0ABEA6C22B98
Certificate serial: 02
Authority key identifier: E3:E1:00:F8:04:01:3A:05:F9:22:EE:11:CB:4E:0A:BE:A6:C2:2B:98
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4-EA-AQBOgX5Iu4Ry04KvqbCK5g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9149B61/7616D4FC2ACD11EEB7222C3CC4F9AE02/0ABDED5C2ACE11EEA962CB54C4F9AE02.roa
Signing time: Tue 25 Jul 2023 09:31:33 +0000
ROA not before: Tue 25 Jul 2023 09:31:33 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 149787
IP address blocks: 103.186.86.0/23 maxlen: 24
2001:df0:a5c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Jul 2023 07:20:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9149B61/serialNumber=E3E100F804013A05F922EE11CB4E0ABEA6C22B98
Validity
Not Before: Jul 25 09:31:33 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64bf9674-4933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:fd:38:74:a3:78:8c:15:81:e3:85:9c:66:10:
f5:62:64:2a:f4:0a:c1:aa:70:ad:3d:ca:e3:8f:84:
8f:73:f2:48:9a:1f:6a:32:f7:90:83:ef:91:58:5e:
2d:3a:d7:16:ec:f5:97:04:bb:5e:a2:9b:95:97:56:
97:3f:c2:8d:9c:69:fe:dc:a0:e1:82:2d:80:cc:0a:
24:9a:89:32:e8:1f:5d:15:0b:83:59:ec:16:2b:5a:
41:43:ef:90:f7:92:68:d4:e2:5d:18:16:02:35:58:
5d:2c:d5:cd:62:25:a3:cf:8b:05:ef:89:ef:4b:cb:
7b:35:fa:41:86:6b:01:59:78:95:98:09:66:3a:ee:
35:85:37:51:94:57:eb:41:9b:1d:65:f7:3c:ad:35:
00:4f:ca:d8:06:5e:8e:b3:ff:47:87:a2:4b:ff:66:
87:99:97:0e:73:20:8a:fd:96:c1:cb:3d:b9:2d:8e:
30:d2:46:fb:d8:e1:b9:68:bd:94:84:4d:77:ed:2f:
dc:c3:e1:f6:64:60:fc:ab:7b:ad:4e:53:f6:d5:52:
88:9f:54:5c:2d:25:0a:66:a5:bf:2f:7b:2e:c9:e6:
96:a9:36:e6:fa:29:87:81:4b:6f:3c:71:aa:56:83:
0e:0c:ba:ce:df:6c:c0:41:2d:8d:b8:4d:32:e0:0b:
80:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:29:89:F1:6E:AC:4F:02:16:0D:5D:F4:97:2E:8A:B9:91:6D:11:9A
X509v3 Authority Key Identifier:
keyid:E3:E1:00:F8:04:01:3A:05:F9:22:EE:11:CB:4E:0A:BE:A6:C2:2B:98
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9149B61/7616D4FC2ACD11EEB7222C3CC4F9AE02/4-EA-AQBOgX5Iu4Ry04KvqbCK5g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4-EA-AQBOgX5Iu4Ry04KvqbCK5g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149B61/7616D4FC2ACD11EEB7222C3CC4F9AE02/0ABDED5C2ACE11EEA962CB54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.186.86.0/23
IPv6:
2001:df0:a5c0::/48
Signature Algorithm: sha256WithRSAEncryption
27:4d:23:a1:4f:69:cd:87:ab:bb:4f:c4:13:dd:7a:02:43:b9:
62:26:c8:3c:33:26:84:da:7f:eb:71:19:eb:7a:10:69:4f:9d:
9a:2e:7d:f9:d9:a3:dc:0e:d3:5c:2a:2f:a0:df:19:be:cf:99:
b2:8e:17:83:5f:96:ce:2a:62:d6:d7:61:25:dc:d8:45:52:f6:
6f:c8:48:64:78:cd:02:5b:51:b9:2e:c2:78:34:30:b9:1a:f3:
e8:8d:1a:f8:54:57:a8:bf:19:d0:5b:a9:0d:33:e7:dc:93:07:
6f:1c:90:63:06:90:11:30:74:8f:41:d5:01:7c:14:fd:13:7e:
25:83:3e:d8:f6:cc:78:bb:5c:9c:38:31:49:c6:93:e0:cb:61:
63:dc:d8:cc:9f:62:18:2f:2c:b1:61:00:8d:90:05:44:49:5c:
1f:55:f5:1a:dd:7f:7b:80:dd:96:64:f8:85:61:a9:73:91:d9:
3a:9f:9e:7d:e6:b3:72:5d:c9:56:44:11:74:08:5a:91:09:3f:
09:ab:ba:c9:8a:d4:73:f3:95:e9:c3:dd:66:c4:ab:2e:d6:c2:
9f:bd:99:05:46:93:00:3b:2d:7c:45:b1:3f:43:04:9a:d0:dd:
8a:44:7f:27:95:ab:df:fb:ef:ed:5a:9e:d5:6b:9b:b0:45:b7:
0c:28:d0:9b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
OUI2MTExMC8GA1UEBRMoRTNFMTAwRjgwNDAxM0EwNUY5MjJFRTExQ0I0RTBBQkVB
NkMyMkI5ODAeFw0yMzA3MjUwOTMxMzNaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0YmY5Njc0LTQ5MzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDw/Th0o3iMFYHjhZxmEPViZCr0CsGqcK09yuOPhI9z8kiaH2oy95CD75FYXi06
1xbs9ZcEu16im5WXVpc/wo2caf7coOGCLYDMCiSaiTLoH10VC4NZ7BYrWkFD75D3
kmjU4l0YFgI1WF0s1c1iJaPPiwXvie9Ly3s1+kGGawFZeJWYCWY67jWFN1GUV+tB
mx1l9zytNQBPytgGXo6z/0eHokv/ZoeZlw5zIIr9lsHLPbktjjDSRvvY4blovZSE
TXftL9zD4fZkYPyre61OU/bVUoifVFwtJQpmpb8vey7J5papNub6KYeBS288capW
gw4Mus7fbMBBLY24TTLgC4DRAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUYCmJ8W6s
TwIWDV30ly6KuZFtEZowHwYDVR0jBBgwFoAU4+EA+AQBOgX5Iu4Ry04KvqbCK5gw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ5QjYxLzc2MTZENEZDMkFD
RDExRUVCNzIyMkMzQ0M0RjlBRTAyLzQtRUEtQVFCT2dYNUl1NFJ5MDRLdnFiQ0s1
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNC1FQS1BUUJPZ1g1SXU0UnkwNEt2cWJDSzVnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
OUI2MS83NjE2RDRGQzJBQ0QxMUVFQjcyMjJDM0NDNEY5QUUwMi8wQUJERUQ1QzJB
Q0UxMUVFQTk2MkNCNTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWe6VjAPBAIAAjAJAwcAIAEN8KXAMA0GCSqGSIb3DQEBCwUA
A4IBAQAnTSOhT2nNh6u7T8QT3XoCQ7liJsg8MyaE2n/rcRnrehBpT52aLn352aPc
DtNcKi+g3xm+z5myjheDX5bOKmLW12El3NhFUvZvyEhkeM0CW1G5LsJ4NDC5GvPo
jRr4VFeovxnQW6kNM+fckwdvHJBjBpARMHSPQdUBfBT9E34lgz7Y9sx4u1ycODFJ
xpPgy2Fj3NjMn2IYLyyxYQCNkAVESVwfVfUa3X97gN2WZPiFYalzkdk6n5595rNy
XclWRBF0CFqRCT8Jq7rJitRz85Xpw91mxKsu1sKfvZkFRpMAOy18RbE/QwSa0N2K
RH8nlavf++/tWp7Va5uwRbcMKNCb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-ams.rpki-client.org