Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/AFF15F20F92E11EC949E0987C4F9AE02.roa
File: AFF15F20F92E11EC949E0987C4F9AE02.roa (raw, json)
Hash identifier: +ye+oq1zaW2+nrCMJnawmMJeM9hdF5ZuW/Tb+KkWhaw=
Subject key identifier: 12:CB:35:5B:DE:78:B0:7D:FE:EF:47:46:E8:9F:EF:74:DA:B8:72:1B
Certificate issuer: /CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E
Certificate serial: 0675
Authority key identifier: 83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/AFF15F20F92E11EC949E0987C4F9AE02.roa
Signing time: Sun 04 Aug 2024 23:41:36 +0000
ROA not before: Sun 04 Aug 2024 23:41:36 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 146956
IP address blocks: 103.165.158.0/24 maxlen: 24
2407:4ac0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 13 Sep 2024 18:08:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1653 (0x675)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E
Validity
Not Before: Aug 4 23:41:36 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66b011b0-1e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0c:2c:20:9c:b0:f9:a8:00:60:23:e1:6d:6d:
f7:7d:1b:e4:76:62:94:73:43:c0:3e:90:ad:89:ce:
c7:88:bf:71:bc:8e:ca:6b:26:80:7b:ad:2b:b7:40:
57:7e:e4:a6:b8:56:23:64:9c:d3:d6:1b:46:0f:ed:
14:dc:15:e2:32:13:44:b2:20:b8:77:69:b8:96:48:
7b:a6:33:00:f1:a3:05:9b:35:f2:27:fb:4e:cc:d6:
87:96:06:6d:3a:86:cb:0a:30:a1:30:89:e9:80:5c:
80:f2:8c:e0:f6:f6:53:ed:9f:7e:4a:0b:7f:bf:7b:
61:e5:32:3c:1e:24:2a:9a:7a:a2:3c:05:f0:b7:f9:
13:8e:24:10:27:e5:64:12:ce:e1:75:14:ba:56:62:
70:05:94:82:87:b8:64:1c:30:51:d4:45:eb:81:bc:
e2:79:3d:1f:dd:79:57:d3:7c:c3:5f:e4:12:07:b2:
0a:46:48:8e:02:54:e5:bd:3f:43:3b:f6:c3:5e:1f:
8e:e3:bf:a2:18:fb:d6:2e:e1:dc:a5:fb:22:53:f6:
34:44:a0:e5:10:88:be:68:ae:c9:39:99:ef:a9:b2:
94:fa:52:5f:a6:90:02:28:db:c5:9b:2f:ac:5a:f0:
d9:d8:ff:82:d7:f5:a7:f9:6f:25:f3:bc:68:b7:ad:
c0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:CB:35:5B:DE:78:B0:7D:FE:EF:47:46:E8:9F:EF:74:DA:B8:72:1B
X509v3 Authority Key Identifier:
keyid:83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/g9lvHepyqZ0jS0RW1vZnXcfmBh4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/AFF15F20F92E11EC949E0987C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.165.158.0/24
IPv6:
2407:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
b6:72:fb:8f:47:16:87:7a:ea:12:22:f8:ce:a7:e8:4e:2a:1a:
da:c0:54:a3:81:03:cb:6a:6d:63:a7:61:b1:0b:21:16:1e:d0:
b1:29:81:04:0d:13:a1:65:1e:4d:13:2e:ef:5c:ac:55:5b:1e:
60:ac:30:0c:4d:2b:3b:5a:d9:ba:f0:65:fe:22:60:73:e3:ea:
4b:58:6b:d1:9f:4e:bb:33:a8:93:ec:15:2c:6e:97:28:e4:47:
64:3d:22:b0:90:af:e9:56:a9:0a:a4:10:98:b4:76:48:43:68:
ad:6f:4f:47:ce:5f:ac:1a:a7:35:1f:7b:63:6a:56:3a:fa:3f:
b9:e0:9c:92:fb:77:a7:2a:85:c0:77:26:bc:3c:64:75:76:b4:
86:10:bd:e8:f3:92:ca:8b:c3:dc:66:f2:a5:07:68:54:d9:ad:
da:f7:ba:7c:08:0a:3f:0b:b3:2b:ff:bd:fe:dc:aa:83:7e:3d:
7a:9a:0e:88:75:de:28:54:38:85:ac:74:f6:96:68:c1:4e:fa:
74:95:c1:ca:48:5d:8e:62:56:5c:21:21:ff:9f:97:29:76:89:
bb:ae:6d:ee:56:1e:4e:ee:e7:31:30:42:8d:a4:20:a2:d6:38:
e4:cf:88:d4:61:78:79:d3:81:57:b4:1b:5d:73:67:52:c6:a3:
94:3f:4b:33
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBnUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU2QjcxMTAvBgNVBAUTKDgzRDk2RjFERUE3MkE5OUQyMzRCNDQ1NkQ2RjY2NzVE
QzdFNjA2MUUwHhcNMjQwODA0MjM0MTM2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmIwMTFiMC0xZTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqwwsIJyw+agAYCPhbW33fRvkdmKUc0PAPpCtic7HiL9xvI7KayaAe60rt0BX
fuSmuFYjZJzT1htGD+0U3BXiMhNEsiC4d2m4lkh7pjMA8aMFmzXyJ/tOzNaHlgZt
OobLCjChMInpgFyA8ozg9vZT7Z9+Sgt/v3th5TI8HiQqmnqiPAXwt/kTjiQQJ+Vk
Es7hdRS6VmJwBZSCh7hkHDBR1EXrgbzieT0f3XlX03zDX+QSB7IKRkiOAlTlvT9D
O/bDXh+O47+iGPvWLuHcpfsiU/Y0RKDlEIi+aK7JOZnvqbKU+lJfppACKNvFmy+s
WvDZ2P+C1/Wn+W8l87xot63AQwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFBLLNVve
eLB9/u9HRuif73TauHIbMB8GA1UdIwQYMBaAFIPZbx3qcqmdI0tEVtb2Z13H5gYe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTZCNy85NUVGN0RCQTk2
N0QxMUVCQURENTBEMkNDNEY5QUUwMi9nOWx2SGVweXFaMGpTMFJXMXZablhjZm1C
aDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2c5bHZIZXB5cVowalMwUlcxdlpuWGNmbUJoNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU2QjcvOTVFRjdEQkE5NjdEMTFFQkFERDUwRDJDQzRGOUFFMDIvQUZGMTVGMjBG
OTJFMTFFQzk0OUUwOTg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABnpZ4wDQQCAAIwBwMFACQHSsAwDQYJKoZIhvcNAQELBQAD
ggEBALZy+49HFod66hIi+M6n6E4qGtrAVKOBA8tqbWOnYbELIRYe0LEpgQQNE6Fl
Hk0TLu9crFVbHmCsMAxNKzta2brwZf4iYHPj6ktYa9GfTrszqJPsFSxulyjkR2Q9
IrCQr+lWqQqkEJi0dkhDaK1vT0fOX6wapzUfe2NqVjr6P7ngnJL7d6cqhcB3Jrw8
ZHV2tIYQvejzksqLw9xm8qUHaFTZrdr3unwICj8Lsyv/vf7cqoN+PXqaDoh13ihU
OIWsdPaWaMFO+nSVwcpIXY5iVlwhIf+flyl2ibuube5WHk7u5zEwQo2kIKLWOOTP
iNRheHnTgVe0G11zZ1LGo5Q/SzM=
-----END CERTIFICATE-----
Generated at Fri Sep 13 20:48:09 2024 by rpki-client on console-fra.rpki-client.org