Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9165FAD/A4D7899E086611EB8A2D1535C4F9AE02/C5FF20FEAAF811EE8EB52720C4F9AE02.roa
File: C5FF20FEAAF811EE8EB52720C4F9AE02.roa (raw, json)
Hash identifier: GBBpflvHIVnAHOOkA9TOcC1cKzHi/uXGyHo5jERdJbI=
Subject key identifier: 27:34:DF:50:F6:A8:6B:77:49:B7:86:06:60:A3:96:B2:FB:EE:11:36
Certificate issuer: /CN=A9165FAD/serialNumber=687BEB277A059DEFEA2BEDD67AFB1B82388E5EB1
Certificate serial: 06B8
Authority key identifier: 68:7B:EB:27:7A:05:9D:EF:EA:2B:ED:D6:7A:FB:1B:82:38:8E:5E:B1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aHvrJ3oFne_qK-3WevsbgjiOXrE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9165FAD/A4D7899E086611EB8A2D1535C4F9AE02/C5FF20FEAAF811EE8EB52720C4F9AE02.roa
Signing time: Thu 04 Jan 2024 11:59:55 +0000
ROA not before: Thu 04 Jan 2024 11:59:55 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 141432
IP address blocks: 103.156.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 25 Feb 2024 10:11:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1720 (0x6b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9165FAD/serialNumber=687BEB277A059DEFEA2BEDD67AFB1B82388E5EB1
Validity
Not Before: Jan 4 11:59:55 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65969dba-19c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f0:ae:38:53:cf:b5:ba:eb:87:3f:85:ac:d0:
7f:f2:82:e9:e5:e1:75:2f:c9:01:1d:5d:e6:d5:ec:
10:61:93:ce:69:4f:32:6e:2d:ff:41:c6:84:95:4c:
04:07:22:27:a0:6c:46:4f:80:b6:fa:af:ad:e8:75:
05:8f:45:d5:11:cf:a1:63:4e:8d:c1:0b:54:64:8a:
fb:86:98:71:a0:3f:41:be:2e:a1:22:32:3a:ce:51:
f7:51:03:46:b0:b9:96:a9:9d:a9:da:75:e7:5b:d9:
6b:97:12:c5:39:97:df:12:07:3d:8c:49:84:2d:cd:
ec:9c:7d:d8:9d:a8:6c:70:00:10:9c:46:6d:8b:63:
6b:c4:90:49:ca:c8:f4:47:63:43:f0:0a:9c:cd:80:
06:5f:d6:71:84:ad:83:62:20:46:4a:31:33:0d:b0:
83:c8:cc:18:80:35:32:34:05:5b:8a:5f:39:07:a8:
ff:80:86:41:50:c6:8d:33:43:fc:78:63:64:a5:b9:
e4:ab:94:8f:ab:6b:0a:8a:3b:5b:e7:6f:da:18:65:
c7:c6:34:47:fe:13:98:49:cc:43:29:de:fd:fb:e1:
57:b0:b2:92:7b:89:06:61:94:22:63:58:05:5c:e8:
88:ca:f0:29:1f:47:bd:e9:0c:03:14:ab:e3:9c:89:
79:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:34:DF:50:F6:A8:6B:77:49:B7:86:06:60:A3:96:B2:FB:EE:11:36
X509v3 Authority Key Identifier:
keyid:68:7B:EB:27:7A:05:9D:EF:EA:2B:ED:D6:7A:FB:1B:82:38:8E:5E:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9165FAD/A4D7899E086611EB8A2D1535C4F9AE02/aHvrJ3oFne_qK-3WevsbgjiOXrE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aHvrJ3oFne_qK-3WevsbgjiOXrE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165FAD/A4D7899E086611EB8A2D1535C4F9AE02/C5FF20FEAAF811EE8EB52720C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.156.153.0/24
Signature Algorithm: sha256WithRSAEncryption
29:90:bf:5b:dd:46:4c:43:55:41:e6:9e:b6:91:fd:40:5e:41:
fe:67:a3:e6:bf:98:a2:ae:c8:3b:15:c7:dd:76:f8:7b:a4:c0:
1a:c1:2b:65:74:8c:d0:e1:1f:b6:a2:44:20:4a:5c:d4:7a:e4:
83:8b:2a:f5:19:d2:fa:3b:05:5e:2e:4d:2e:ca:d0:55:85:e8:
a9:60:64:90:1b:12:b9:54:89:73:20:2d:6d:4e:3e:10:c8:49:
d1:76:f3:f5:7e:f9:11:3d:1c:60:ff:a5:2a:c0:e9:34:96:47:
c0:77:c4:17:45:4d:5c:db:cb:bf:67:d9:84:e3:e9:73:da:ea:
43:c8:87:c4:de:17:4e:44:5c:54:ff:db:00:e2:ad:66:80:c2:
9d:bc:14:6c:25:55:95:2b:0c:8e:84:bd:20:ae:78:2d:32:9b:
38:b6:01:ac:0d:0d:ac:3b:c9:f1:dc:ad:62:f6:0d:ae:28:a8:
f1:53:c6:81:16:8d:58:3f:48:d9:c9:12:34:cd:72:b4:58:7e:
09:c0:6a:95:3c:24:6c:31:22:df:ad:3a:87:0a:a1:b4:ef:93:
62:04:af:9e:9d:6d:38:d0:b3:00:18:6e:5c:4c:81:66:cc:0d:
50:c7:42:44:26:7d:c5:f7:8d:84:4b:ce:92:00:62:d9:a8:9f:
5b:a7:34:85
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBrgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjVGQUQxMTAvBgNVBAUTKDY4N0JFQjI3N0EwNTlERUZFQTJCRURENjdBRkIxQjgy
Mzg4RTVFQjEwHhcNMjQwMTA0MTE1OTU1WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk2OWRiYS0xOWMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx/CuOFPPtbrrhz+FrNB/8oLp5eF1L8kBHV3m1ewQYZPOaU8ybi3/QcaElUwE
ByInoGxGT4C2+q+t6HUFj0XVEc+hY06NwQtUZIr7hphxoD9Bvi6hIjI6zlH3UQNG
sLmWqZ2p2nXnW9lrlxLFOZffEgc9jEmELc3snH3YnahscAAQnEZti2NrxJBJysj0
R2ND8AqczYAGX9ZxhK2DYiBGSjEzDbCDyMwYgDUyNAVbil85B6j/gIZBUMaNM0P8
eGNkpbnkq5SPq2sKijtb52/aGGXHxjRH/hOYScxDKd79++FXsLKSe4kGYZQiY1gF
XOiIyvApH0e96QwDFKvjnIl5YQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCc031D2
qGt3SbeGBmCjlrL77hE2MB8GA1UdIwQYMBaAFGh76yd6BZ3v6ivt1nr7G4I4jl6x
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NUZBRC9BNEQ3ODk5RTA4
NjYxMUVCOEEyRDE1MzVDNEY5QUUwMi9hSHZySjNvRm5lX3FLLTNXZXZzYmdqaU9Y
ckUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FIdnJKM29GbmVfcUstM1dldnNiZ2ppT1hyRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjVGQUQvQTRENzg5OUUwODY2MTFFQjhBMkQxNTM1QzRGOUFFMDIvQzVGRjIwRkVB
QUY4MTFFRThFQjUyNzIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnnJkwDQYJKoZIhvcNAQELBQADggEBACmQv1vdRkxDVUHm
nraR/UBeQf5no+a/mKKuyDsVx912+HukwBrBK2V0jNDhH7aiRCBKXNR65IOLKvUZ
0vo7BV4uTS7K0FWF6KlgZJAbErlUiXMgLW1OPhDISdF28/V++RE9HGD/pSrA6TSW
R8B3xBdFTVzby79n2YTj6XPa6kPIh8TeF05EXFT/2wDirWaAwp28FGwlVZUrDI6E
vSCueC0ymzi2AawNDaw7yfHcrWL2Da4oqPFTxoEWjVg/SNnJEjTNcrRYfgnAapU8
JGwxIt+tOocKobTvk2IEr56dbTjQswAYblxMgWbMDVDHQkQmfcX3jYRLzpIAYtmo
n1unNIU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:10 2024 by rpki-client on console-fra.rpki-client.org