Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915465A/8894A70A1C5511EBAB88C182C4F9AE02/B6BBB40487DA11EE89D30931C4F9AE02.roa
File: B6BBB40487DA11EE89D30931C4F9AE02.roa (raw, json)
Hash identifier: 2kuH8SUOPeSx3db7oe5PLbAIaaQ4nRwFk5NzdOPd6fY=
Subject key identifier: 7C:F5:91:7B:50:3B:F1:53:52:DA:03:91:93:23:73:6B:15:A6:6C:89
Certificate issuer: /CN=A915465A/serialNumber=785E0BFF07B9037C60334B2DF3369281A4DC3F5A
Certificate serial: 0668
Authority key identifier: 78:5E:0B:FF:07:B9:03:7C:60:33:4B:2D:F3:36:92:81:A4:DC:3F:5A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eF4L_we5A3xgM0st8zaSgaTcP1o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915465A/8894A70A1C5511EBAB88C182C4F9AE02/B6BBB40487DA11EE89D30931C4F9AE02.roa
Signing time: Mon 20 Nov 2023 19:26:33 +0000
ROA not before: Mon 20 Nov 2023 19:26:33 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 134520
IP address blocks: 103.42.212.0/24 maxlen: 24
103.42.213.0/24 maxlen: 24
103.42.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Nov 2023 13:37:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1640 (0x668)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915465A/serialNumber=785E0BFF07B9037C60334B2DF3369281A4DC3F5A
Validity
Not Before: Nov 20 19:26:33 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=655bb2e9-f049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d7:cf:ca:ad:a3:91:79:11:92:25:fa:f3:e2:
d6:49:1a:55:1e:2f:79:b7:f1:f7:60:f7:82:28:da:
cc:12:80:6a:be:0d:09:9a:be:2a:b6:69:2a:b6:b6:
01:74:75:7d:9c:a3:af:db:a8:e3:a2:c4:a6:88:b4:
48:7d:c1:0a:1c:ea:d0:c0:8d:1a:58:c1:a8:d5:9f:
0a:d0:c1:df:b7:7f:fd:3e:5a:61:ee:55:0d:6f:e6:
2c:8e:40:ef:95:ab:6b:38:ff:0f:58:00:f8:99:9c:
b8:44:5d:7a:00:df:36:27:c2:d1:b1:b9:8b:a2:0f:
81:31:8d:fc:b1:f8:62:1a:64:b4:1f:ff:27:04:25:
19:49:0a:e0:c8:26:bb:8c:58:b9:b5:ff:78:57:47:
36:00:bb:62:f5:e3:2f:f9:45:18:fb:11:bb:b2:22:
31:cf:b4:c5:7d:23:eb:1d:cc:24:c7:dc:3b:3d:e3:
b1:e5:3d:d6:c2:52:38:94:70:b7:3d:d0:ca:f9:b3:
97:db:63:8e:6b:a8:b4:18:8b:61:18:ad:1a:70:0f:
e0:de:07:c9:70:54:1d:26:68:1a:cc:dd:c4:6e:35:
31:d2:ea:44:eb:4e:ce:23:22:91:78:cb:73:c5:c0:
d5:73:ff:b2:77:fb:c0:f5:14:5a:16:11:4b:f8:29:
da:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:F5:91:7B:50:3B:F1:53:52:DA:03:91:93:23:73:6B:15:A6:6C:89
X509v3 Authority Key Identifier:
keyid:78:5E:0B:FF:07:B9:03:7C:60:33:4B:2D:F3:36:92:81:A4:DC:3F:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915465A/8894A70A1C5511EBAB88C182C4F9AE02/eF4L_we5A3xgM0st8zaSgaTcP1o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eF4L_we5A3xgM0st8zaSgaTcP1o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915465A/8894A70A1C5511EBAB88C182C4F9AE02/B6BBB40487DA11EE89D30931C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.42.212.0/23
103.42.215.0/24
Signature Algorithm: sha256WithRSAEncryption
e5:83:07:56:42:59:a9:47:5d:50:0b:df:13:7b:dc:2a:c1:f0:
66:c7:ac:e4:21:34:88:a6:d9:e0:14:94:fd:3b:a9:ba:d3:77:
96:6e:ae:18:78:98:f6:25:42:4e:d4:62:dd:87:64:fb:ce:17:
16:8a:58:50:d1:75:e3:90:d1:98:24:17:f7:95:0e:6a:9a:61:
14:ea:21:37:85:ee:9b:cd:89:a1:e8:29:5e:f9:0e:30:83:a3:
aa:99:a2:cb:3b:3f:11:5d:36:12:59:db:55:af:ba:98:d3:0b:
ee:3b:03:1d:2d:72:af:0f:ac:60:ec:e0:c9:89:01:27:7b:72:
9a:42:98:7f:74:ba:74:ec:e8:c4:5d:6b:fa:be:e1:28:10:58:
bb:d6:ad:fe:ba:78:eb:75:90:71:98:0c:de:07:e2:e4:9f:d9:
34:5b:02:6a:8d:aa:28:a9:d7:c3:4f:33:d8:c1:8c:18:9e:c6:
39:a4:d4:75:2d:4f:65:9a:67:67:62:1b:8f:ad:f3:0d:55:3d:
80:ae:0f:83:e3:43:f5:da:b9:43:b6:09:5f:21:d1:b6:45:d7:
a6:8c:d4:41:60:20:8a:bd:41:1b:29:b9:fb:43:78:54:8a:e7:
7d:ce:09:a7:49:ae:42:5e:eb:5b:ca:10:54:41:8e:b6:bb:0a:
be:a3:4c:8d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBmgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTQ2NUExMTAvBgNVBAUTKDc4NUUwQkZGMDdCOTAzN0M2MDMzNEIyREYzMzY5Mjgx
QTREQzNGNUEwHhcNMjMxMTIwMTkyNjMzWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTViYjJlOS1mMDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuNfPyq2jkXkRkiX68+LWSRpVHi95t/H3YPeCKNrMEoBqvg0Jmr4qtmkqtrYB
dHV9nKOv26jjosSmiLRIfcEKHOrQwI0aWMGo1Z8K0MHft3/9Plph7lUNb+YsjkDv
latrOP8PWAD4mZy4RF16AN82J8LRsbmLog+BMY38sfhiGmS0H/8nBCUZSQrgyCa7
jFi5tf94V0c2ALti9eMv+UUY+xG7siIxz7TFfSPrHcwkx9w7PeOx5T3WwlI4lHC3
PdDK+bOX22OOa6i0GIthGK0acA/g3gfJcFQdJmgazN3EbjUx0upE607OIyKReMtz
xcDVc/+yd/vA9RRaFhFL+CnaBwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHz1kXtQ
O/FTUtoDkZMjc2sVpmyJMB8GA1UdIwQYMBaAFHheC/8HuQN8YDNLLfM2koGk3D9a
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NDY1QS84ODk0QTcwQTFD
NTUxMUVCQUI4OEMxODJDNEY5QUUwMi9lRjRMX3dlNUEzeGdNMHN0OHphU2dhVGNQ
MW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VGNExfd2U1QTN4Z00wc3Q4emFTZ2FUY1Axby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTQ2NUEvODg5NEE3MEExQzU1MTFFQkFCODhDMTgyQzRGOUFFMDIvQjZCQkI0MDQ4
N0RBMTFFRTg5RDMwOTMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnKtQDBABnKtcwDQYJKoZIhvcNAQELBQADggEBAOWDB1ZC
WalHXVAL3xN73CrB8GbHrOQhNIim2eAUlP07qbrTd5Zurhh4mPYlQk7UYt2HZPvO
FxaKWFDRdeOQ0ZgkF/eVDmqaYRTqITeF7pvNiaHoKV75DjCDo6qZoss7PxFdNhJZ
21WvupjTC+47Ax0tcq8PrGDs4MmJASd7cppCmH90unTs6MRda/q+4SgQWLvWrf66
eOt1kHGYDN4H4uSf2TRbAmqNqiip18NPM9jBjBiexjmk1HUtT2WaZ2diG4+t8w1V
PYCuD4PjQ/XauUO2CV8h0bZF16aM1EFgIIq9QRspuftDeFSK533OCadJrkJe61vK
EFRBjra7Cr6jTI0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org