Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9174589/5FC627C461C411EEBB151C4BC4F9AE02/5C6564069AB711EE86E1D058C4F9AE02.roa
File: 5C6564069AB711EE86E1D058C4F9AE02.roa (raw, json)
Hash identifier: 21Iu899OjIXDMnF2mOZmT7s4HOtmGdhU4uGuf3dXsQQ=
Subject key identifier: 84:E5:BA:AB:35:95:3E:4B:DE:66:E3:1E:4D:D1:CA:96:46:29:8D:F6
Certificate issuer: /CN=A9174589/serialNumber=458CDDCA3E8FB64C9D1A23492528BA777FCDD234
Certificate serial: 2C
Authority key identifier: 45:8C:DD:CA:3E:8F:B6:4C:9D:1A:23:49:25:28:BA:77:7F:CD:D2:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RYzdyj6PtkydGiNJJSi6d3_N0jQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9174589/5FC627C461C411EEBB151C4BC4F9AE02/5C6564069AB711EE86E1D058C4F9AE02.roa
Signing time: Thu 14 Dec 2023 19:31:22 +0000
ROA not before: Thu 14 Dec 2023 19:31:22 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 137871
IP address blocks: 103.240.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Dec 2023 13:34:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44 (0x2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9174589/serialNumber=458CDDCA3E8FB64C9D1A23492528BA777FCDD234
Validity
Not Before: Dec 14 19:31:22 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=657b5809-0339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:08:90:62:9c:4b:aa:79:8e:b6:d0:ce:a0:45:
e2:1e:7d:cb:b1:77:ac:2c:3b:08:db:2e:d4:28:dd:
1e:5d:b1:6f:39:16:d1:73:16:08:7e:67:77:31:f7:
94:99:5f:13:6b:8d:ad:ae:cc:29:94:93:0f:81:fe:
32:d5:7f:28:33:8b:c2:da:76:65:92:03:6d:d7:fc:
56:86:1c:2c:4f:92:36:6f:3e:dd:47:16:70:43:74:
2b:65:6a:5a:17:04:c5:80:c4:34:de:e1:49:85:af:
b5:53:c2:71:4a:b6:7c:cf:51:20:fb:0b:af:7d:4a:
8f:80:1e:53:b5:c4:e5:d2:57:20:63:62:c6:90:16:
0c:6d:39:97:10:43:77:3a:b6:db:66:00:a5:1e:ed:
a8:ab:67:60:17:b8:ff:cd:d9:65:61:21:44:a7:55:
00:62:42:97:d5:20:ae:ae:bd:5a:fd:e0:85:05:24:
9a:b4:a0:4f:4c:55:40:7f:e2:79:75:f6:ad:33:46:
b1:c5:76:a2:50:88:d1:fa:c4:b4:12:50:57:34:69:
b7:e0:78:a4:83:a5:42:3c:52:cb:a9:20:e1:e4:94:
c9:e1:dd:25:00:53:3c:a8:48:bb:a5:dc:5c:cf:ee:
4a:2c:6b:96:7a:7c:a5:2b:3a:56:ec:5e:e6:e2:8f:
ea:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:E5:BA:AB:35:95:3E:4B:DE:66:E3:1E:4D:D1:CA:96:46:29:8D:F6
X509v3 Authority Key Identifier:
keyid:45:8C:DD:CA:3E:8F:B6:4C:9D:1A:23:49:25:28:BA:77:7F:CD:D2:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9174589/5FC627C461C411EEBB151C4BC4F9AE02/RYzdyj6PtkydGiNJJSi6d3_N0jQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RYzdyj6PtkydGiNJJSi6d3_N0jQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174589/5FC627C461C411EEBB151C4BC4F9AE02/5C6564069AB711EE86E1D058C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.240.3.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:d7:00:d6:bb:7c:fe:60:6e:b6:84:bf:bc:37:31:22:23:7d:
eb:9e:1d:1b:d9:2f:20:38:5f:50:3d:d4:0f:7f:f6:0c:6f:94:
5f:43:37:a4:e9:18:24:bb:6f:5c:7c:ab:c6:9f:b1:1a:40:de:
90:80:1b:77:0d:90:55:18:2a:13:94:16:52:45:e5:2d:02:2c:
9c:6e:62:0a:91:f7:3e:50:43:b4:4e:80:c8:77:3d:f4:e9:14:
97:0b:d9:06:0c:47:11:c6:e0:d4:38:f9:55:59:0a:7d:16:ce:
0f:59:99:d3:02:b4:7f:61:bb:66:2d:3e:0f:2d:46:5b:db:5b:
22:6e:83:07:e3:85:fc:b6:23:1a:26:3f:08:bf:a1:df:eb:a5:
fc:97:5f:77:3a:10:4a:51:ec:4a:74:ba:a5:21:bb:09:f9:98:
a1:82:98:1d:4a:01:09:ab:b7:6b:8e:5e:95:20:4b:4d:44:42:
89:3e:52:96:09:41:10:62:2d:78:c2:87:2d:37:ba:27:3d:d9:
f5:08:dd:0d:82:5d:e4:2b:0d:6c:62:6a:1b:3d:12:a3:9c:c8:
68:3e:f0:87:6c:d8:22:45:0d:7c:7e:b6:7b:cf:5d:68:b3:c5:
52:31:f7:61:cb:c1:bc:1b:77:4e:c8:c3:18:08:7b:18:54:98:
10:77:d1:c6
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBLDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
NDU4OTExMC8GA1UEBRMoNDU4Q0REQ0EzRThGQjY0QzlEMUEyMzQ5MjUyOEJBNzc3
RkNERDIzNDAeFw0yMzEyMTQxOTMxMjJaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1N2I1ODA5LTAzMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDdCJBinEuqeY620M6gReIefcuxd6wsOwjbLtQo3R5dsW85FtFzFgh+Z3cx95SZ
XxNrja2uzCmUkw+B/jLVfygzi8LadmWSA23X/FaGHCxPkjZvPt1HFnBDdCtlaloX
BMWAxDTe4UmFr7VTwnFKtnzPUSD7C699So+AHlO1xOXSVyBjYsaQFgxtOZcQQ3c6
tttmAKUe7airZ2AXuP/N2WVhIUSnVQBiQpfVIK6uvVr94IUFJJq0oE9MVUB/4nl1
9q0zRrHFdqJQiNH6xLQSUFc0abfgeKSDpUI8UsupIOHklMnh3SUAUzyoSLul3FzP
7kosa5Z6fKUrOlbsXubij+phAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUhOW6qzWV
PkveZuMeTdHKlkYpjfYwHwYDVR0jBBgwFoAURYzdyj6PtkydGiNJJSi6d3/N0jQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc0NTg5LzVGQzYyN0M0NjFD
NDExRUVCQjE1MUM0QkM0RjlBRTAyL1JZemR5ajZQdGt5ZEdpTkpKU2k2ZDNfTjBq
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUll6ZHlqNlB0a3lkR2lOSkpTaTZkM19OMGpRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NDU4OS81RkM2MjdDNDYxQzQxMUVFQkIxNTFDNEJDNEY5QUUwMi81QzY1NjQwNjlB
QjcxMUVFODZFMUQwNThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGfwAzANBgkqhkiG9w0BAQsFAAOCAQEAudcA1rt8/mButoS/
vDcxIiN9654dG9kvIDhfUD3UD3/2DG+UX0M3pOkYJLtvXHyrxp+xGkDekIAbdw2Q
VRgqE5QWUkXlLQIsnG5iCpH3PlBDtE6AyHc99OkUlwvZBgxHEcbg1Dj5VVkKfRbO
D1mZ0wK0f2G7Zi0+Dy1GW9tbIm6DB+OF/LYjGiY/CL+h3+ul/JdfdzoQSlHsSnS6
pSG7CfmYoYKYHUoBCau3a45elSBLTURCiT5SlglBEGIteMKHLTe6Jz3Z9QjdDYJd
5CsNbGJqGz0So5zIaD7wh2zYIkUNfH62e89daLPFUjH3YcvBvBt3TsjDGAh7GFSY
EHfRxg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org