Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916ED3C/306EE2600A7111EC9A163C1FC4F9AE02/084D9A1E16B311EF90EBB40EC4F9AE02.roa
File: 084D9A1E16B311EF90EBB40EC4F9AE02.roa (raw, json)
Hash identifier: jOPpFtv5qabsRmm3FEa40Yh+CtsQWNrgO/dI9jqC95U=
Subject key identifier: 98:CF:0C:73:F2:4F:03:E4:5A:4D:09:AF:2E:89:C7:25:3F:D4:2D:91
Certificate issuer: /CN=A916ED3C/serialNumber=B5F87AC892C5E7E924EA1850ADCE4FF01D0DBA2A
Certificate serial: 0451
Authority key identifier: B5:F8:7A:C8:92:C5:E7:E9:24:EA:18:50:AD:CE:4F:F0:1D:0D:BA:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tfh6yJLF5-kk6hhQrc5P8B0Nuio.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916ED3C/306EE2600A7111EC9A163C1FC4F9AE02/084D9A1E16B311EF90EBB40EC4F9AE02.roa
Signing time: Mon 20 May 2024 14:12:47 +0000
ROA not before: Mon 20 May 2024 14:12:47 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 136014
IP address blocks: 103.172.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Aug 2024 10:25:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1105 (0x451)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916ED3C/serialNumber=B5F87AC892C5E7E924EA1850ADCE4FF01D0DBA2A
Validity
Not Before: May 20 14:12:47 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=664b5a5e-cbe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b6:43:44:98:83:2d:2d:bd:38:6a:87:49:6e:
8f:06:82:f8:47:2d:2f:5c:33:a6:04:64:1d:2e:f0:
64:e5:71:b7:d8:d3:28:cf:c2:2d:2b:6a:5e:b4:96:
2d:03:47:a0:b1:eb:e2:45:35:11:7e:60:d8:bf:5a:
a9:a2:99:e4:66:91:25:c7:02:2d:dc:24:2e:83:40:
fa:7d:a6:ef:66:aa:bc:77:65:e2:ed:db:eb:bd:34:
95:92:84:3a:ef:50:af:ea:e9:dc:7c:57:9d:e3:fc:
28:02:7b:e1:d8:34:2f:75:15:c8:31:f4:5d:39:93:
b0:2f:82:49:7e:93:6b:71:03:2f:3b:0c:f5:e4:13:
eb:5c:fa:5d:b4:eb:a2:8c:3b:13:72:5b:e9:40:ce:
9a:7b:39:ce:18:03:ea:fd:31:44:69:5d:0b:03:3c:
20:45:49:77:24:28:36:6d:84:a4:09:69:33:65:0d:
0f:7f:93:4e:57:83:50:42:7a:6e:13:61:56:9f:40:
13:2f:11:d6:ca:07:16:a2:4b:82:0b:2d:59:04:43:
bf:97:b2:43:be:5a:ef:43:5d:0d:19:c8:d2:06:79:
e3:e4:10:c5:0d:52:fb:ae:be:5b:58:c9:49:b5:5a:
1d:98:fe:bb:04:e8:f3:8b:10:e3:da:24:0f:d8:85:
0f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:CF:0C:73:F2:4F:03:E4:5A:4D:09:AF:2E:89:C7:25:3F:D4:2D:91
X509v3 Authority Key Identifier:
keyid:B5:F8:7A:C8:92:C5:E7:E9:24:EA:18:50:AD:CE:4F:F0:1D:0D:BA:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916ED3C/306EE2600A7111EC9A163C1FC4F9AE02/tfh6yJLF5-kk6hhQrc5P8B0Nuio.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tfh6yJLF5-kk6hhQrc5P8B0Nuio.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916ED3C/306EE2600A7111EC9A163C1FC4F9AE02/084D9A1E16B311EF90EBB40EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.115.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:f9:c2:25:b7:9a:ff:73:01:dd:7e:8a:33:f7:d3:7c:72:56:
8d:0d:d7:46:6a:17:f9:1b:df:0e:28:ba:9f:9b:98:9e:b4:39:
93:30:fa:cb:55:92:1c:11:b6:03:2c:03:66:23:fd:1f:5e:2d:
4a:50:ab:d3:2f:3d:c2:62:82:ef:ae:4b:91:ce:8f:b9:81:d2:
e9:8c:c2:15:d4:5c:b9:c3:7f:6e:09:53:ac:35:39:b4:20:72:
18:f1:f3:e0:8e:99:f2:fe:35:c4:6c:bf:6f:51:38:62:9f:4f:
ad:af:2b:52:b3:ba:69:5f:f6:73:b3:7b:fe:4d:81:b9:c8:be:
66:6c:d6:c4:fb:5b:3f:94:9d:38:87:49:6d:32:5b:11:58:ca:
53:6e:78:68:64:e1:86:90:5a:da:4b:29:f3:f9:c6:67:83:27:
89:0a:70:6b:7e:6c:de:0a:74:ff:b2:c1:de:68:1c:41:52:b3:
fb:c5:8b:3b:a2:0b:f1:93:b7:bd:45:db:84:63:dc:f6:aa:c2:
30:04:fc:f5:3e:1f:43:a5:c5:23:47:56:2e:23:54:de:13:3a:
88:92:38:1f:38:43:73:04:8f:9f:5d:34:45:46:7c:1a:a1:91:
8e:5b:4f:14:3e:36:ba:ef:5e:5e:4a:6f:ae:ad:52:9d:6d:b3:
cb:d6:dc:d4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBFEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkVEM0MxMTAvBgNVBAUTKEI1Rjg3QUM4OTJDNUU3RTkyNEVBMTg1MEFEQ0U0RkYw
MUQwREJBMkEwHhcNMjQwNTIwMTQxMjQ3WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjRiNWE1ZS1jYmUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo7ZDRJiDLS29OGqHSW6PBoL4Ry0vXDOmBGQdLvBk5XG32NMoz8ItK2petJYt
A0egseviRTURfmDYv1qpopnkZpElxwIt3CQug0D6fabvZqq8d2Xi7dvrvTSVkoQ6
71Cv6uncfFed4/woAnvh2DQvdRXIMfRdOZOwL4JJfpNrcQMvOwz15BPrXPpdtOui
jDsTclvpQM6aeznOGAPq/TFEaV0LAzwgRUl3JCg2bYSkCWkzZQ0Pf5NOV4NQQnpu
E2FWn0ATLxHWygcWokuCCy1ZBEO/l7JDvlrvQ10NGcjSBnnj5BDFDVL7rr5bWMlJ
tVodmP67BOjzixDj2iQP2IUPLQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJjPDHPy
TwPkWk0Jry6JxyU/1C2RMB8GA1UdIwQYMBaAFLX4esiSxefpJOoYUK3OT/AdDboq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RUQzQy8zMDZFRTI2MDBB
NzExMUVDOUExNjNDMUZDNEY5QUUwMi90Zmg2eUpMRjUta2s2aGhRcmM1UDhCME51
aW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RmaDZ5SkxGNS1razZoaFFyYzVQOEIwTnVpby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkVEM0MvMzA2RUUyNjAwQTcxMTFFQzlBMTYzQzFGQzRGOUFFMDIvMDg0RDlBMUUx
NkIzMTFFRjkwRUJCNDBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnrHMwDQYJKoZIhvcNAQELBQADggEBAEz5wiW3mv9zAd1+
ijP303xyVo0N10ZqF/kb3w4oup+bmJ60OZMw+stVkhwRtgMsA2Yj/R9eLUpQq9Mv
PcJigu+uS5HOj7mB0umMwhXUXLnDf24JU6w1ObQgchjx8+COmfL+NcRsv29ROGKf
T62vK1Kzumlf9nOze/5NgbnIvmZs1sT7Wz+UnTiHSW0yWxFYylNueGhk4YaQWtpL
KfP5xmeDJ4kKcGt+bN4KdP+ywd5oHEFSs/vFizuiC/GTt71F24Rj3PaqwjAE/PU+
H0OlxSNHVi4jVN4TOoiSOB84Q3MEj59dNEVGfBqhkY5bTxQ+NrrvXl5Kb66tUp1t
s8vW3NQ=
-----END CERTIFICATE-----
Generated at Wed Aug 21 13:13:12 2024 by rpki-client on console-fra.rpki-client.org