Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9165FAD/A4D7899E086611EB8A2D1535C4F9AE02/1262B402884811EEA718C857C4F9AE02.roa
File: 1262B402884811EEA718C857C4F9AE02.roa (raw, json)
Hash identifier: dl5/ZFgIK+sgcCyBynobiiUlz1D4c24mOtleod9WifA=
Subject key identifier: 70:13:35:1D:C3:A5:AE:16:57:3D:18:55:80:60:BE:98:D7:0C:EB:BB
Certificate issuer: /CN=A9165FAD/serialNumber=687BEB277A059DEFEA2BEDD67AFB1B82388E5EB1
Certificate serial: 069B
Authority key identifier: 68:7B:EB:27:7A:05:9D:EF:EA:2B:ED:D6:7A:FB:1B:82:38:8E:5E:B1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aHvrJ3oFne_qK-3WevsbgjiOXrE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9165FAD/A4D7899E086611EB8A2D1535C4F9AE02/1262B402884811EEA718C857C4F9AE02.roa
Signing time: Tue 21 Nov 2023 08:29:22 +0000
ROA not before: Tue 21 Nov 2023 08:29:22 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 141215
IP address blocks: 103.156.152.0/24 maxlen: 24
103.156.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Dec 2023 15:03:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1691 (0x69b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9165FAD/serialNumber=687BEB277A059DEFEA2BEDD67AFB1B82388E5EB1
Validity
Not Before: Nov 21 08:29:22 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=655c6a62-63db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:12:1b:8a:a0:a8:a3:31:29:9a:55:2e:aa:7a:
06:7b:eb:12:15:6a:54:ea:10:32:f7:88:9d:e3:65:
00:36:83:c9:80:8e:51:6b:97:15:d8:b6:d8:b3:dd:
0d:19:aa:65:09:04:46:66:6c:59:02:b2:21:52:2b:
e5:47:26:df:84:da:d3:62:e2:cb:dd:89:d1:55:ee:
e0:ad:d1:81:1d:45:35:65:46:b1:0c:7d:c9:0c:a7:
71:53:bd:f9:30:13:e2:ab:c0:bb:74:e8:95:45:18:
7b:8d:6d:de:df:04:8c:eb:80:2f:28:e7:ba:8d:18:
77:02:55:b5:3e:c5:93:7e:69:59:11:86:66:90:9a:
e5:fa:5c:e3:0e:57:ff:49:63:53:1c:2c:c9:c0:48:
48:34:b2:3f:b1:20:0c:fe:78:f9:4a:9d:22:51:d9:
26:b3:2a:a8:a9:08:61:95:bb:e9:ef:f5:22:45:21:
b7:a0:fc:83:7f:d9:36:4f:b9:57:4a:57:0a:ea:bd:
bc:c3:49:67:4e:9d:f4:3d:81:e7:2a:bd:2d:16:22:
17:0e:b7:7e:ee:44:1d:ca:8d:e4:96:be:66:15:2b:
ff:22:83:be:6b:06:80:26:34:fe:66:75:db:36:01:
af:11:a0:bb:4f:1b:90:cb:2f:fe:ec:61:09:10:8a:
23:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:13:35:1D:C3:A5:AE:16:57:3D:18:55:80:60:BE:98:D7:0C:EB:BB
X509v3 Authority Key Identifier:
keyid:68:7B:EB:27:7A:05:9D:EF:EA:2B:ED:D6:7A:FB:1B:82:38:8E:5E:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9165FAD/A4D7899E086611EB8A2D1535C4F9AE02/aHvrJ3oFne_qK-3WevsbgjiOXrE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aHvrJ3oFne_qK-3WevsbgjiOXrE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165FAD/A4D7899E086611EB8A2D1535C4F9AE02/1262B402884811EEA718C857C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.156.152.0/23
Signature Algorithm: sha256WithRSAEncryption
46:fa:00:08:68:69:aa:6f:3f:82:0d:99:2d:d0:f6:3a:35:8a:
44:3e:0a:9b:01:cf:a0:2d:7b:1d:c2:ac:bc:61:45:0e:d9:84:
36:05:c7:c8:03:42:49:a0:fb:14:c6:38:75:52:39:3c:a0:ae:
d2:35:65:b8:e9:0b:c9:50:f2:58:df:77:c3:50:cc:48:79:ff:
f6:65:15:df:21:ed:be:b5:ab:b8:4c:95:c0:5f:7f:4b:28:7c:
e3:a7:e4:63:db:e0:9d:5e:90:7c:73:91:d4:68:de:8d:dd:8f:
57:83:08:4a:82:7d:86:16:43:5e:0e:08:49:c9:5e:7d:23:db:
19:28:a0:7c:0f:03:5b:3b:84:8e:f7:10:64:4d:56:c7:39:dd:
16:ed:f9:14:9a:8b:16:34:11:8a:a3:02:a4:18:e8:ac:45:7b:
4f:e3:1a:30:ba:6a:1f:62:56:71:87:06:87:22:67:96:d0:a0:
77:10:39:24:14:53:ae:7e:cc:69:1e:b3:2b:2a:e9:d0:6b:33:
44:4a:de:8f:b4:94:b0:fb:1d:98:9f:a8:2f:b7:51:04:84:28:
b4:8c:df:2c:d2:d9:48:ef:f4:8b:c1:34:cd:43:91:34:4a:1a:
7a:7d:d0:b7:b4:b5:28:d4:aa:94:61:14:a4:72:cf:f2:2d:50:
fc:86:27:69
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBpswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjVGQUQxMTAvBgNVBAUTKDY4N0JFQjI3N0EwNTlERUZFQTJCRURENjdBRkIxQjgy
Mzg4RTVFQjEwHhcNMjMxMTIxMDgyOTIyWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVjNmE2Mi02M2RiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwhIbiqCoozEpmlUuqnoGe+sSFWpU6hAy94id42UANoPJgI5Ra5cV2LbYs90N
GaplCQRGZmxZArIhUivlRybfhNrTYuLL3YnRVe7grdGBHUU1ZUaxDH3JDKdxU735
MBPiq8C7dOiVRRh7jW3e3wSM64AvKOe6jRh3AlW1PsWTfmlZEYZmkJrl+lzjDlf/
SWNTHCzJwEhINLI/sSAM/nj5Sp0iUdkmsyqoqQhhlbvp7/UiRSG3oPyDf9k2T7lX
SlcK6r28w0lnTp30PYHnKr0tFiIXDrd+7kQdyo3klr5mFSv/IoO+awaAJjT+ZnXb
NgGvEaC7TxuQyy/+7GEJEIojYwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHATNR3D
pa4WVz0YVYBgvpjXDOu7MB8GA1UdIwQYMBaAFGh76yd6BZ3v6ivt1nr7G4I4jl6x
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NUZBRC9BNEQ3ODk5RTA4
NjYxMUVCOEEyRDE1MzVDNEY5QUUwMi9hSHZySjNvRm5lX3FLLTNXZXZzYmdqaU9Y
ckUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FIdnJKM29GbmVfcUstM1dldnNiZ2ppT1hyRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjVGQUQvQTRENzg5OUUwODY2MTFFQjhBMkQxNTM1QzRGOUFFMDIvMTI2MkI0MDI4
ODQ4MTFFRUE3MThDODU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnJgwDQYJKoZIhvcNAQELBQADggEBAEb6AAhoaapvP4IN
mS3Q9jo1ikQ+CpsBz6Atex3CrLxhRQ7ZhDYFx8gDQkmg+xTGOHVSOTygrtI1Zbjp
C8lQ8ljfd8NQzEh5//ZlFd8h7b61q7hMlcBff0sofOOn5GPb4J1ekHxzkdRo3o3d
j1eDCEqCfYYWQ14OCEnJXn0j2xkooHwPA1s7hI73EGRNVsc53Rbt+RSaixY0EYqj
AqQY6KxFe0/jGjC6ah9iVnGHBociZ5bQoHcQOSQUU65+zGkesysq6dBrM0RK3o+0
lLD7HZifqC+3UQSEKLSM3yzS2Ujv9IvBNM1DkTRKGnp90Le0tSjUqpRhFKRyz/It
UPyGJ2k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:19 2024 by rpki-client on console-ams.rpki-client.org