Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9165FAD/A4D7899E086611EB8A2D1535C4F9AE02/ADADD9C869E911EEB33BF568C4F9AE02.roa
File: ADADD9C869E911EEB33BF568C4F9AE02.roa (raw, json)
Hash identifier: 4TjGg7V2jYb2yesfITc707vB99qyqgYySgPuQSlJ5Fw=
Subject key identifier: 3F:DC:76:1F:5B:65:60:58:AA:6C:18:58:7F:EC:9A:98:FD:CE:4B:A5
Certificate issuer: /CN=A9165FAD/serialNumber=687BEB277A059DEFEA2BEDD67AFB1B82388E5EB1
Certificate serial: 0693
Authority key identifier: 68:7B:EB:27:7A:05:9D:EF:EA:2B:ED:D6:7A:FB:1B:82:38:8E:5E:B1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aHvrJ3oFne_qK-3WevsbgjiOXrE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9165FAD/A4D7899E086611EB8A2D1535C4F9AE02/ADADD9C869E911EEB33BF568C4F9AE02.roa
Signing time: Sat 18 Nov 2023 22:40:45 +0000
ROA not before: Sat 18 Nov 2023 22:40:45 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 23750
IP address blocks: 103.156.152.0/24 maxlen: 24
103.156.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Nov 2023 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1683 (0x693)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9165FAD/serialNumber=687BEB277A059DEFEA2BEDD67AFB1B82388E5EB1
Validity
Not Before: Nov 18 22:40:45 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65593d6c-2c0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:70:f4:b9:b0:04:34:a6:16:2e:b9:63:aa:07:
2d:c6:f4:7b:bf:05:4c:23:f6:1a:0d:9a:5c:60:e7:
2b:a5:d1:7e:d3:99:ce:a1:97:41:67:6e:a4:d4:c8:
be:d6:a0:d0:58:c9:d1:81:83:77:16:de:64:0c:69:
9c:7c:c5:bc:6f:c2:b5:e4:c1:1f:0b:46:6b:a1:f4:
fd:e5:47:56:92:46:21:97:86:66:26:96:3b:47:f4:
db:1f:1e:68:df:c8:af:da:d5:c0:61:9e:b2:15:e8:
59:38:f4:bb:e1:56:ec:e5:2c:1b:d1:0a:45:10:ed:
df:02:5f:6b:e1:81:a5:8a:30:07:1f:8e:fd:dc:e8:
9d:42:38:4f:2e:4b:09:57:c7:50:7d:94:57:da:1c:
f0:59:5c:4c:50:7b:e6:34:03:17:ff:23:fc:94:b7:
db:d8:6b:09:d4:98:b5:a8:1a:ae:25:ae:ce:e1:ae:
b9:5c:6d:b4:16:d4:ba:13:9a:85:09:15:35:c1:0b:
fc:5c:6a:30:d8:b2:73:f0:2c:f9:08:7a:34:cb:3f:
e2:a8:6d:8c:13:85:5d:20:f3:c3:8b:b1:be:2a:f5:
23:3c:69:d6:b8:97:69:69:f8:1f:dc:08:7a:94:f7:
49:36:ec:52:ea:39:5a:d5:07:cf:dc:93:4a:85:f2:
fa:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:DC:76:1F:5B:65:60:58:AA:6C:18:58:7F:EC:9A:98:FD:CE:4B:A5
X509v3 Authority Key Identifier:
keyid:68:7B:EB:27:7A:05:9D:EF:EA:2B:ED:D6:7A:FB:1B:82:38:8E:5E:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9165FAD/A4D7899E086611EB8A2D1535C4F9AE02/aHvrJ3oFne_qK-3WevsbgjiOXrE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aHvrJ3oFne_qK-3WevsbgjiOXrE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165FAD/A4D7899E086611EB8A2D1535C4F9AE02/ADADD9C869E911EEB33BF568C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.156.152.0/23
Signature Algorithm: sha256WithRSAEncryption
18:66:8e:01:a8:5c:da:07:85:46:b3:66:fa:0b:16:20:5f:55:
6a:80:15:30:fa:03:9b:5d:3f:c9:63:f9:14:78:2e:25:2e:4a:
e0:b8:42:e8:f5:91:7b:20:d0:c5:41:28:24:bb:ad:59:84:73:
b3:3b:6c:20:1d:f3:d3:d0:08:3a:41:84:b4:99:4f:53:1f:b3:
93:ee:3d:05:c2:15:7e:7c:9b:0c:3c:44:e5:5e:3c:07:a9:46:
be:e2:cd:37:7a:2a:dd:cf:ef:66:ae:08:cf:d5:18:64:ac:9f:
e2:22:8f:64:3a:7c:38:c4:a7:c7:b7:85:37:19:3a:44:04:40:
4a:ac:c0:b0:56:5d:9a:03:2c:47:04:38:97:33:50:be:7c:cc:
fd:a2:e5:19:30:79:71:4f:12:85:07:5b:05:99:f8:16:36:2f:
9e:b0:e8:ac:54:37:ec:f0:1b:a5:90:7e:55:78:4c:f8:c0:5b:
b8:b1:2b:ed:ac:55:14:03:45:26:2e:d6:ce:c4:7e:8b:7d:08:
71:0a:3e:f9:ae:7a:da:05:a2:55:38:8d:4a:47:ab:b6:7f:f4:
b2:ef:77:36:5e:90:72:40:89:38:a1:3c:d5:be:fe:ca:84:92:
5f:81:69:06:c7:8f:94:7c:d9:9b:a9:69:c1:4b:6f:82:77:60:
4c:c3:8e:01
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBpMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjVGQUQxMTAvBgNVBAUTKDY4N0JFQjI3N0EwNTlERUZFQTJCRURENjdBRkIxQjgy
Mzg4RTVFQjEwHhcNMjMxMTE4MjI0MDQ1WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTU5M2Q2Yy0yYzBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwXD0ubAENKYWLrljqgctxvR7vwVMI/YaDZpcYOcrpdF+05nOoZdBZ26k1Mi+
1qDQWMnRgYN3Ft5kDGmcfMW8b8K15MEfC0ZrofT95UdWkkYhl4ZmJpY7R/TbHx5o
38iv2tXAYZ6yFehZOPS74Vbs5Swb0QpFEO3fAl9r4YGlijAHH4793OidQjhPLksJ
V8dQfZRX2hzwWVxMUHvmNAMX/yP8lLfb2GsJ1Ji1qBquJa7O4a65XG20FtS6E5qF
CRU1wQv8XGow2LJz8Cz5CHo0yz/iqG2ME4VdIPPDi7G+KvUjPGnWuJdpafgf3Ah6
lPdJNuxS6jla1QfP3JNKhfL6rwIDAQABo4IClTCCApEwHQYDVR0OBBYEFD/cdh9b
ZWBYqmwYWH/smpj9zkulMB8GA1UdIwQYMBaAFGh76yd6BZ3v6ivt1nr7G4I4jl6x
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NUZBRC9BNEQ3ODk5RTA4
NjYxMUVCOEEyRDE1MzVDNEY5QUUwMi9hSHZySjNvRm5lX3FLLTNXZXZzYmdqaU9Y
ckUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FIdnJKM29GbmVfcUstM1dldnNiZ2ppT1hyRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjVGQUQvQTRENzg5OUUwODY2MTFFQjhBMkQxNTM1QzRGOUFFMDIvQURBREQ5Qzg2
OUU5MTFFRUIzM0JGNTY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnJgwDQYJKoZIhvcNAQELBQADggEBABhmjgGoXNoHhUaz
ZvoLFiBfVWqAFTD6A5tdP8lj+RR4LiUuSuC4Quj1kXsg0MVBKCS7rVmEc7M7bCAd
89PQCDpBhLSZT1Mfs5PuPQXCFX58mww8ROVePAepRr7izTd6Kt3P72auCM/VGGSs
n+Iij2Q6fDjEp8e3hTcZOkQEQEqswLBWXZoDLEcEOJczUL58zP2i5RkweXFPEoUH
WwWZ+BY2L56w6KxUN+zwG6WQflV4TPjAW7ixK+2sVRQDRSYu1s7Efot9CHEKPvmu
etoFolU4jUpHq7Z/9LLvdzZekHJAiTihPNW+/sqEkl+BaQbHj5R82ZupacFLb4J3
YEzDjgE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:19 2024 by rpki-client on console-ams.rpki-client.org