Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/5A761D9828F811ED8E18EF15C4F9AE02.roa
File: 5A761D9828F811ED8E18EF15C4F9AE02.roa (raw, json)
Hash identifier: p1dsoxik1EuGS2f7npp7naDndT+8ChWr/QkHH7k/7Hg=
Subject key identifier: A2:BD:EE:3A:8F:F0:73:E5:80:DF:61:E9:B2:FB:EE:47:A0:6A:2C:45
Certificate issuer: /CN=A91719F1/serialNumber=D9084CADC3BEC8C200C5A96B72EDAFD4A00EAEE8
Certificate serial: 0163
Authority key identifier: D9:08:4C:AD:C3:BE:C8:C2:00:C5:A9:6B:72:ED:AF:D4:A0:0E:AE:E8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhMrcO-yMIAxalrcu2v1KAOrug.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/5A761D9828F811ED8E18EF15C4F9AE02.roa
Signing time: Sun 03 Mar 2024 04:36:23 +0000
ROA not before: Sun 03 Mar 2024 04:36:23 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 133861
IP address blocks: 103.148.58.0/24 maxlen: 24
103.148.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Nov 2024 07:44:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 355 (0x163)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91719F1/serialNumber=D9084CADC3BEC8C200C5A96B72EDAFD4A00EAEE8
Validity
Not Before: Mar 3 04:36:23 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=65e3fe47-b9c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4e:77:47:05:24:23:e9:16:ba:27:89:71:19:
ad:bd:80:ca:45:a2:8c:72:66:95:36:c1:9a:46:3b:
22:dc:1f:41:fc:8e:14:82:7a:d9:3a:64:77:6f:8d:
15:41:52:98:50:33:54:d3:be:c9:e7:1c:fd:40:59:
cb:98:8b:ae:d0:90:c5:c0:c7:74:11:c2:15:0d:00:
17:42:50:f2:0e:99:a6:7a:9d:6c:59:c4:99:16:33:
c1:1e:9f:55:f6:02:d7:0f:ac:f8:7f:d7:f9:6d:27:
d1:d8:3c:5c:11:a9:b1:c9:e0:1d:62:c7:5c:19:42:
60:b7:01:5c:09:c1:2a:2d:07:2e:8a:fd:55:c4:32:
e8:c5:e8:23:41:1c:b9:d6:37:52:ef:44:66:6c:1d:
d6:bc:dc:f3:13:9e:46:c4:3d:19:05:0a:cc:3b:17:
ea:21:44:e7:e5:0a:de:41:40:8a:76:c2:86:97:3f:
3d:2d:09:e6:2d:fc:7c:16:2d:04:53:73:8f:70:9e:
6a:4f:01:97:d7:cf:6b:f5:46:11:1d:5f:61:0d:9f:
00:10:1d:2a:32:e3:d4:02:6a:b0:21:10:2a:42:46:
7a:80:18:35:a6:38:84:e1:f9:ca:15:69:64:59:02:
58:4c:25:11:9a:3b:9b:0c:e3:f3:e1:7d:5d:99:56:
65:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:BD:EE:3A:8F:F0:73:E5:80:DF:61:E9:B2:FB:EE:47:A0:6A:2C:45
X509v3 Authority Key Identifier:
keyid:D9:08:4C:AD:C3:BE:C8:C2:00:C5:A9:6B:72:ED:AF:D4:A0:0E:AE:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhMrcO-yMIAxalrcu2v1KAOrug.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/5A761D9828F811ED8E18EF15C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.58.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:2f:fd:17:0c:b5:8c:e5:75:cc:a2:26:d5:c5:a1:a9:8c:20:
da:d7:b8:ce:4d:f6:71:e7:76:32:65:df:b9:ef:91:39:b5:68:
f4:3f:34:f6:79:aa:f9:10:1e:bc:b7:b0:77:16:a8:16:02:61:
13:6f:ac:55:1b:c9:87:07:0e:52:dd:23:7d:ab:4c:ae:49:23:
9a:a5:80:29:50:5c:35:0d:eb:3b:52:51:04:a5:5f:7c:7d:35:
6c:de:d1:24:c5:00:a0:54:74:69:09:b6:17:09:4e:c3:6d:b2:
1a:2f:6c:1f:e4:0e:64:8e:02:26:19:f5:40:3f:ff:06:f1:da:
bd:13:bb:cd:8e:fd:59:ac:47:09:1c:67:3f:a9:ef:cf:d7:a5:
c6:98:86:80:ec:43:c2:0a:b5:10:72:44:43:a4:47:0e:f5:58:
37:20:2f:47:d1:34:93:91:a9:65:74:c9:ea:c4:3f:85:02:8a:
2f:40:ef:2d:16:af:6f:99:c6:4f:51:c0:3a:91:b0:6d:e5:0a:
f0:19:81:16:6b:69:ad:fe:2e:40:30:d1:b9:8b:7c:82:53:d8:
f7:ed:99:04:30:81:2e:ff:1a:1b:3a:da:ac:7b:92:32:95:8f:
15:a0:ae:bf:eb:95:ab:e7:f9:f9:5d:37:ca:2c:d0:b4:b2:b4:
05:32:d5:32
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAWMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzE5RjExMTAvBgNVBAUTKEQ5MDg0Q0FEQzNCRUM4QzIwMEM1QTk2QjcyRURBRkQ0
QTAwRUFFRTgwHhcNMjQwMzAzMDQzNjIzWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUzZmU0Ny1iOWM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnU53RwUkI+kWuieJcRmtvYDKRaKMcmaVNsGaRjsi3B9B/I4UgnrZOmR3b40V
QVKYUDNU077J5xz9QFnLmIuu0JDFwMd0EcIVDQAXQlDyDpmmep1sWcSZFjPBHp9V
9gLXD6z4f9f5bSfR2DxcEamxyeAdYsdcGUJgtwFcCcEqLQcuiv1VxDLoxegjQRy5
1jdS70RmbB3WvNzzE55GxD0ZBQrMOxfqIUTn5QreQUCKdsKGlz89LQnmLfx8Fi0E
U3OPcJ5qTwGX189r9UYRHV9hDZ8AEB0qMuPUAmqwIRAqQkZ6gBg1pjiE4fnKFWlk
WQJYTCURmjubDOPz4X1dmVZlbQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKK97jqP
8HPlgN9h6bL77kegaixFMB8GA1UdIwQYMBaAFNkITK3DvsjCAMWpa3Ltr9SgDq7o
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTlGMS82OTVGOTNGRTIx
RUUxMUVEQjRDOEJENkNDNEY5QUUwMi8yUWhNcmNPLXlNSUF4YWxyY3UydjFLQU9y
dWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJRaE1yY08teU1JQXhhbHJjdTJ2MUtBT3J1Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzE5RjEvNjk1RjkzRkUyMUVFMTFFREI0QzhCRDZDQzRGOUFFMDIvNUE3NjFEOTgy
OEY4MTFFRDhFMThFRjE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnlDowDQYJKoZIhvcNAQELBQADggEBAC0v/RcMtYzldcyi
JtXFoamMINrXuM5N9nHndjJl37nvkTm1aPQ/NPZ5qvkQHry3sHcWqBYCYRNvrFUb
yYcHDlLdI32rTK5JI5qlgClQXDUN6ztSUQSlX3x9NWze0STFAKBUdGkJthcJTsNt
shovbB/kDmSOAiYZ9UA//wbx2r0Tu82O/VmsRwkcZz+p78/XpcaYhoDsQ8IKtRBy
REOkRw71WDcgL0fRNJORqWV0yerEP4UCii9A7y0Wr2+Zxk9RwDqRsG3lCvAZgRZr
aa3+LkAw0bmLfIJT2PftmQQwgS7/Ghs62qx7kjKVjxWgrr/rlavn+fldN8os0LSy
tAUy1TI=
-----END CERTIFICATE-----
Generated at Sat Nov 2 08:39:23 2024 by rpki-client on console-fra.rpki-client.org