Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9173DB5/0C999EC08FA111EBA220661EC4F9AE02/BF2B3DBAC0DF11EEACF1217BC4F9AE02.roa
File: BF2B3DBAC0DF11EEACF1217BC4F9AE02.roa (raw, json)
Hash identifier: L51HjoFbOVqoknQgJAgab1ThE3reviNPXhCBjOj5QPU=
Subject key identifier: 2D:3D:24:0F:2B:E9:B0:09:AB:7D:FF:F9:F0:46:A1:83:07:96:F3:AC
Certificate issuer: /CN=A9173DB5/serialNumber=47EC53BFDD351320E89B2C541BACDD4D8D52A0B3
Certificate serial: 05A5
Authority key identifier: 47:EC:53:BF:DD:35:13:20:E8:9B:2C:54:1B:AC:DD:4D:8D:52:A0:B3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R-xTv901EyDomyxUG6zdTY1SoLM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9173DB5/0C999EC08FA111EBA220661EC4F9AE02/BF2B3DBAC0DF11EEACF1217BC4F9AE02.roa
Signing time: Fri 31 May 2024 01:44:53 +0000
ROA not before: Fri 31 May 2024 01:44:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138640
IP address blocks: 103.164.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Nov 2024 07:12:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1445 (0x5a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9173DB5/serialNumber=47EC53BFDD351320E89B2C541BACDD4D8D52A0B3
Validity
Not Before: May 31 01:44:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66592b95-f7d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8a:68:8a:7c:c0:86:47:41:f2:12:76:d2:2f:
c0:7a:3c:85:7d:35:bd:77:66:ab:a7:5b:c3:da:38:
28:fc:90:75:3b:fb:0c:1c:ee:6d:3b:e4:c3:56:a2:
3d:76:ff:d2:b7:99:1f:6c:e2:99:3b:c9:91:22:32:
8d:ae:9a:f5:e9:96:c4:9b:48:55:ef:86:fa:5e:58:
77:ec:53:9d:3e:29:8c:63:f1:f9:32:43:ad:5e:db:
9c:05:80:ec:10:86:3a:9f:80:b2:62:91:44:55:66:
74:71:47:29:ee:08:65:79:dd:f0:6c:51:fb:be:a7:
a2:31:9d:01:f4:a3:b5:df:67:90:c6:5f:2f:01:2b:
4e:36:cd:e5:9b:41:67:9d:f1:a7:f7:0f:2a:0a:5d:
34:59:61:d5:b9:71:b0:42:58:4e:16:e7:48:ef:60:
48:f4:5a:70:a6:2c:55:ee:2e:18:7e:ad:db:49:bb:
d7:7d:47:e9:aa:a8:e4:49:02:06:69:bd:ac:df:c3:
4b:79:d9:47:a7:4f:1d:3f:76:1f:79:77:ba:2d:0c:
3e:69:73:b0:09:b9:c2:98:c4:34:b8:21:65:b2:28:
03:d5:98:45:70:32:fa:0c:a5:54:72:00:1e:a1:12:
24:79:ea:f8:04:f3:06:b9:06:30:db:1f:4f:24:1b:
b9:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:3D:24:0F:2B:E9:B0:09:AB:7D:FF:F9:F0:46:A1:83:07:96:F3:AC
X509v3 Authority Key Identifier:
keyid:47:EC:53:BF:DD:35:13:20:E8:9B:2C:54:1B:AC:DD:4D:8D:52:A0:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9173DB5/0C999EC08FA111EBA220661EC4F9AE02/R-xTv901EyDomyxUG6zdTY1SoLM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R-xTv901EyDomyxUG6zdTY1SoLM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173DB5/0C999EC08FA111EBA220661EC4F9AE02/BF2B3DBAC0DF11EEACF1217BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.164.255.0/24
Signature Algorithm: sha256WithRSAEncryption
52:57:ed:00:d2:26:ae:80:03:54:80:ae:b3:f0:27:6e:7a:e1:
d8:f9:2a:6a:94:63:55:63:d8:ad:d7:9d:e0:a3:a0:0e:b9:4f:
df:cc:f7:71:e2:88:24:6b:86:89:7b:77:2b:6d:ed:ff:f2:97:
5e:2a:11:cb:b8:eb:e8:97:2e:f9:01:a9:95:7a:86:9f:a1:fb:
df:3b:aa:7a:01:08:0b:5d:ff:5d:6f:96:bb:46:a5:56:f4:09:
ed:0f:63:86:87:f5:15:14:40:f3:b1:64:25:df:89:1d:0a:0b:
5f:05:4a:9a:15:59:7a:99:b7:46:ab:ae:66:29:44:16:dc:67:
14:4f:db:29:00:e4:ab:65:f5:6b:cb:c3:66:be:ec:17:5a:32:
00:d8:93:9b:1f:11:e7:d6:83:95:4d:94:28:b1:0e:24:80:24:
af:ed:97:8f:85:32:e5:84:7f:c5:d6:ad:14:75:ec:9e:ab:77:
99:c9:d7:8e:4c:18:e3:4f:4a:b9:5e:f5:4d:a3:25:84:e2:a8:
a4:f7:02:ac:42:3f:65:c1:16:9d:32:7a:10:71:8d:3d:41:5d:
b3:f9:a7:54:ab:f7:35:9a:58:23:8d:b7:13:c0:9b:a9:cb:b1:
60:fe:2f:10:c1:9e:a4:80:94:44:09:b4:c7:85:5b:9e:6a:f5:
d6:69:72:64
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBaUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzNEQjUxMTAvBgNVBAUTKDQ3RUM1M0JGREQzNTEzMjBFODlCMkM1NDFCQUNERDRE
OEQ1MkEwQjMwHhcNMjQwNTMxMDE0NDUzWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU5MmI5NS1mN2Q0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvYpoinzAhkdB8hJ20i/AejyFfTW9d2arp1vD2jgo/JB1O/sMHO5tO+TDVqI9
dv/St5kfbOKZO8mRIjKNrpr16ZbEm0hV74b6Xlh37FOdPimMY/H5MkOtXtucBYDs
EIY6n4CyYpFEVWZ0cUcp7ghled3wbFH7vqeiMZ0B9KO132eQxl8vAStONs3lm0Fn
nfGn9w8qCl00WWHVuXGwQlhOFudI72BI9FpwpixV7i4Yfq3bSbvXfUfpqqjkSQIG
ab2s38NLedlHp08dP3YfeXe6LQw+aXOwCbnCmMQ0uCFlsigD1ZhFcDL6DKVUcgAe
oRIkeer4BPMGuQYw2x9PJBu5WwIDAQABo4IClTCCApEwHQYDVR0OBBYEFC09JA8r
6bAJq33/+fBGoYMHlvOsMB8GA1UdIwQYMBaAFEfsU7/dNRMg6JssVBus3U2NUqCz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3M0RCNS8wQzk5OUVDMDhG
QTExMUVCQTIyMDY2MUVDNEY5QUUwMi9SLXhUdjkwMUV5RG9teXhVRzZ6ZFRZMVNv
TE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1IteFR2OTAxRXlEb215eFVHNnpkVFkxU29MTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzNEQjUvMEM5OTlFQzA4RkExMTFFQkEyMjA2NjFFQzRGOUFFMDIvQkYyQjNEQkFD
MERGMTFFRUFDRjEyMTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnpP8wDQYJKoZIhvcNAQELBQADggEBAFJX7QDSJq6AA1SA
rrPwJ2564dj5KmqUY1Vj2K3XneCjoA65T9/M93HiiCRrhol7dytt7f/yl14qEcu4
6+iXLvkBqZV6hp+h+987qnoBCAtd/11vlrtGpVb0Ce0PY4aH9RUUQPOxZCXfiR0K
C18FSpoVWXqZt0arrmYpRBbcZxRP2ykA5Ktl9WvLw2a+7BdaMgDYk5sfEefWg5VN
lCixDiSAJK/tl4+FMuWEf8XWrRR17J6rd5nJ145MGONPSrle9U2jJYTiqKT3AqxC
P2XBFp0yehBxjT1BXbP5p1Sr9zWaWCONtxPAm6nLsWD+LxDBnqSAlEQJtMeFW55q
9dZpcmQ=
-----END CERTIFICATE-----
Generated at Sat Nov 2 09:06:31 2024 by rpki-client on console-ams.rpki-client.org