Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/136F98CEBA3411EEBFF58C26C4F9AE02.roa
File: 136F98CEBA3411EEBFF58C26C4F9AE02.roa (raw, json)
Hash identifier: qB3Kg9ZutUDmdb7+9Hxok5VArSJH5csHzdVMrTESI0I=
Subject key identifier: A4:61:B5:B1:4B:F1:52:B2:80:09:65:BE:AB:03:5E:C1:1B:83:74:C9
Certificate issuer: /CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E
Certificate serial: 065A
Authority key identifier: 83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/136F98CEBA3411EEBFF58C26C4F9AE02.roa
Signing time: Mon 01 Jul 2024 00:22:11 +0000
ROA not before: Mon 01 Jul 2024 00:22:11 +0000
ROA not after: Wed 30 Oct 2024 00:00:00 +0000
asID: 58717
IP address blocks: 103.165.159.0/24 maxlen: 24
202.94.164.0/24 maxlen: 24
202.94.165.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 04 Aug 2024 06:20:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1626 (0x65a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E
Validity
Not Before: Jul 1 00:22:11 2024 GMT
Not After : Oct 30 00:00:00 2024 GMT
Subject: CN=6681f6b3-f5d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:12:0c:26:ca:eb:76:fc:35:d0:46:64:ee:8a:
62:7e:1c:06:38:bb:0a:62:b9:20:64:2a:69:4c:96:
38:99:02:c8:42:13:67:b8:99:53:55:8f:22:a0:af:
17:3a:87:42:3f:9a:f6:a2:83:74:d7:1d:2f:de:4e:
68:ad:31:66:c6:24:1a:2c:3a:ca:dd:46:36:fe:ad:
49:d0:6c:f9:a6:f3:a9:6b:8f:d5:13:26:46:48:45:
3c:7f:e6:5b:3e:10:20:e8:1d:4d:77:95:74:6f:ad:
8b:67:c6:96:1c:c2:f8:ee:15:09:3b:75:04:49:53:
d4:a8:ef:07:cf:ae:4a:02:79:80:14:ec:2d:c3:ce:
39:d0:54:ca:50:5c:33:33:63:c9:09:df:61:86:35:
b1:cd:b9:07:a1:16:19:c9:89:54:55:15:f0:ee:f6:
31:88:41:5d:9c:cd:e1:0c:38:ee:0e:c3:5a:4a:49:
ad:2e:14:ad:52:ff:fc:21:7e:6b:75:33:67:2b:dc:
58:df:38:ad:4a:be:c8:1a:f3:34:3c:9d:19:8e:6c:
36:bf:91:dc:72:23:77:08:6e:c2:da:98:3a:c2:80:
21:15:e8:0b:82:cc:94:94:9c:a4:fe:b0:96:f6:32:
00:f4:ce:46:d2:58:d4:f2:95:5a:6d:2d:f8:5a:8d:
df:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:61:B5:B1:4B:F1:52:B2:80:09:65:BE:AB:03:5E:C1:1B:83:74:C9
X509v3 Authority Key Identifier:
keyid:83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/g9lvHepyqZ0jS0RW1vZnXcfmBh4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/136F98CEBA3411EEBFF58C26C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.165.159.0/24
202.94.164.0/23
Signature Algorithm: sha256WithRSAEncryption
98:bb:17:af:10:2d:ae:92:61:a2:c5:0c:97:1f:0d:f1:10:6d:
2b:b3:01:0f:e7:6e:d8:2d:d3:0c:07:1b:b6:35:51:31:c6:f6:
78:f1:a9:ed:c3:f4:56:0e:ad:ce:45:1c:6c:39:8f:5a:43:98:
e5:fe:3a:81:cc:df:70:c9:55:2f:88:8d:f7:27:e6:64:22:37:
1a:cc:0e:31:d7:34:88:65:45:09:1e:9d:9b:c7:90:aa:18:75:
e7:b0:04:f9:42:5d:da:6f:f7:22:e8:c4:7b:f9:10:7b:5a:03:
3a:b4:d6:21:f6:61:d6:cb:1e:96:a5:85:50:cf:57:bc:30:9d:
23:53:44:d3:7a:8d:e1:0e:38:80:b9:f3:22:61:68:01:61:bd:
e6:c0:2d:7a:07:20:8f:60:f5:58:9f:3e:12:20:5a:05:e3:18:
e8:a0:57:66:74:00:86:2f:e7:b4:80:14:16:de:a9:8b:82:5c:
6c:2a:af:ba:24:97:e0:8d:ce:31:6f:33:0e:23:aa:e3:36:00:
09:25:7f:97:96:ed:08:93:b2:62:b1:fa:ea:b1:6a:09:77:ce:
8c:08:61:23:01:38:2d:d5:87:55:40:28:4c:b8:53:84:f7:2c:
68:49:81:84:30:53:bc:cb:a7:87:e3:15:4c:60:d1:91:41:e7:
5d:77:1f:32
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBlowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU2QjcxMTAvBgNVBAUTKDgzRDk2RjFERUE3MkE5OUQyMzRCNDQ1NkQ2RjY2NzVE
QzdFNjA2MUUwHhcNMjQwNzAxMDAyMjExWhcNMjQxMDMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjgxZjZiMy1mNWQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1hIMJsrrdvw10EZk7opifhwGOLsKYrkgZCppTJY4mQLIQhNnuJlTVY8ioK8X
OodCP5r2ooN01x0v3k5orTFmxiQaLDrK3UY2/q1J0Gz5pvOpa4/VEyZGSEU8f+Zb
PhAg6B1Nd5V0b62LZ8aWHML47hUJO3UESVPUqO8Hz65KAnmAFOwtw8450FTKUFwz
M2PJCd9hhjWxzbkHoRYZyYlUVRXw7vYxiEFdnM3hDDjuDsNaSkmtLhStUv/8IX5r
dTNnK9xY3zitSr7IGvM0PJ0Zjmw2v5HcciN3CG7C2pg6woAhFegLgsyUlJyk/rCW
9jIA9M5G0ljU8pVabS34Wo3fiwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKRhtbFL
8VKygAllvqsDXsEbg3TJMB8GA1UdIwQYMBaAFIPZbx3qcqmdI0tEVtb2Z13H5gYe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTZCNy85NUVGN0RCQTk2
N0QxMUVCQURENTBEMkNDNEY5QUUwMi9nOWx2SGVweXFaMGpTMFJXMXZablhjZm1C
aDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2c5bHZIZXB5cVowalMwUlcxdlpuWGNmbUJoNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU2QjcvOTVFRjdEQkE5NjdEMTFFQkFERDUwRDJDQzRGOUFFMDIvMTM2Rjk4Q0VC
QTM0MTFFRUJGRjU4QzI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnpZ8DBAHKXqQwDQYJKoZIhvcNAQELBQADggEBAJi7F68Q
La6SYaLFDJcfDfEQbSuzAQ/nbtgt0wwHG7Y1UTHG9njxqe3D9FYOrc5FHGw5j1pD
mOX+OoHM33DJVS+Ijfcn5mQiNxrMDjHXNIhlRQkenZvHkKoYdeewBPlCXdpv9yLo
xHv5EHtaAzq01iH2YdbLHpalhVDPV7wwnSNTRNN6jeEOOIC58yJhaAFhvebALXoH
II9g9VifPhIgWgXjGOigV2Z0AIYv57SAFBbeqYuCXGwqr7okl+CNzjFvMw4jquM2
AAklf5eW7QiTsmKx+uqxagl3zowIYSMBOC3Vh1VAKEy4U4T3LGhJgYQwU7zLp4fj
FUxg0ZFB5113HzI=
-----END CERTIFICATE-----
Generated at Sun Aug 4 08:14:02 2024 by rpki-client on console-ams.rpki-client.org