Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917F8F2/022D571CD65E11EAB60CA36BC4F9AE02/DB137BAA07A711EF85DF1B17C4F9AE02.roa
File: DB137BAA07A711EF85DF1B17C4F9AE02.roa (raw, json)
Hash identifier: CZXfioN2/L3xjGzytc+fDFq5K1pnBa+Gc5IViD10gQ0=
Subject key identifier: 5C:A2:AB:D3:98:81:57:A8:7E:C8:38:99:CF:F8:E2:F9:EE:6F:A2:9C
Certificate issuer: /CN=A917F8F2/serialNumber=B791BD1C9E2081AA84F8078066C0C7F60A63790E
Certificate serial: 0767
Authority key identifier: B7:91:BD:1C:9E:20:81:AA:84:F8:07:80:66:C0:C7:F6:0A:63:79:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t5G9HJ4ggaqE-AeAZsDH9gpjeQ4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917F8F2/022D571CD65E11EAB60CA36BC4F9AE02/DB137BAA07A711EF85DF1B17C4F9AE02.roa
Signing time: Wed 01 May 2024 10:44:59 +0000
ROA not before: Wed 01 May 2024 10:44:59 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 17557
IP address blocks: 103.149.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 08:52:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1895 (0x767)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917F8F2/serialNumber=B791BD1C9E2081AA84F8078066C0C7F60A63790E
Validity
Not Before: May 1 10:44:59 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66321d2b-20a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c1:0c:30:49:b3:12:5d:9c:6c:5d:d4:fe:8d:
c0:d3:ad:7f:58:1b:45:66:1f:d1:23:6b:d1:d4:21:
82:78:a2:14:7e:a4:da:89:b6:55:a3:75:aa:8c:f6:
0d:0c:a0:87:9f:fb:26:bf:27:e5:2b:3c:37:ea:17:
13:73:d8:33:67:78:fb:aa:af:36:62:15:57:df:a5:
2b:71:2d:81:30:8d:a1:59:88:7f:23:87:32:a9:d3:
4e:1d:af:33:ea:6e:55:cc:74:c4:03:60:d3:92:27:
b9:d4:63:f0:34:b3:d1:f6:a3:65:e1:bc:50:0a:f6:
c9:14:fe:02:3d:1d:99:92:be:4e:78:d4:76:69:f6:
21:ff:ce:67:94:e7:20:db:11:de:62:e6:13:e2:5b:
c9:99:d8:ca:a8:f7:7a:03:01:27:ac:78:4b:70:30:
c8:1e:3e:58:c1:ad:f5:ea:2b:78:09:9b:1e:be:3b:
85:8b:62:9f:29:f9:1f:5d:44:6b:b1:93:49:02:13:
09:d7:8b:f7:82:9f:6d:d8:c1:01:4d:04:de:15:3a:
2e:a6:a0:3d:22:b5:bf:90:ea:f1:24:17:7d:e6:32:
ae:37:42:b7:28:1d:bb:f3:07:f1:73:c6:7e:84:d2:
5b:4c:08:47:dc:c9:54:fc:fa:45:8e:01:3e:3b:36:
f2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A2:AB:D3:98:81:57:A8:7E:C8:38:99:CF:F8:E2:F9:EE:6F:A2:9C
X509v3 Authority Key Identifier:
keyid:B7:91:BD:1C:9E:20:81:AA:84:F8:07:80:66:C0:C7:F6:0A:63:79:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917F8F2/022D571CD65E11EAB60CA36BC4F9AE02/t5G9HJ4ggaqE-AeAZsDH9gpjeQ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t5G9HJ4ggaqE-AeAZsDH9gpjeQ4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F8F2/022D571CD65E11EAB60CA36BC4F9AE02/DB137BAA07A711EF85DF1B17C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.8.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:b2:3d:98:e8:9f:62:b9:96:54:9c:d4:78:f6:83:4d:78:d4:
82:06:ba:7d:b0:6d:6c:6d:b4:fe:07:8c:f7:e9:64:af:0a:76:
12:d1:5a:19:2a:31:81:a0:3f:c5:ac:b8:78:1e:ba:65:71:ca:
a2:e0:a4:4c:5e:12:46:32:69:43:c9:18:17:57:7f:44:79:77:
ec:ee:92:4d:e9:67:d4:c9:e3:b6:e3:cf:aa:c2:13:75:80:34:
4c:9e:33:6c:85:1c:af:91:fd:7a:40:92:71:34:5e:7b:63:82:
1b:b8:0e:ae:77:a8:4f:a6:8a:6f:88:ad:25:a0:29:ba:18:13:
9b:cf:c7:94:f3:46:8b:a5:39:8e:be:af:e5:eb:b8:df:6c:90:
b0:37:78:84:05:68:92:7b:10:0d:21:c4:91:d0:e5:70:8c:e5:
7c:ae:c2:22:f8:04:60:ac:6d:61:1c:08:ca:fc:8d:84:6b:39:
95:58:46:65:67:f8:f2:5f:4a:74:5f:37:c9:cc:bc:46:0a:fb:
83:da:4f:61:b1:03:75:52:57:f7:10:15:87:35:9a:9f:d2:11:
0c:63:5e:66:96:44:a0:e0:0a:3c:3a:b9:12:1d:82:5d:6c:08:
78:5d:37:33:d9:ad:b5:a7:82:c7:ce:0f:94:01:ff:99:af:49:
fd:a6:85:a7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB2cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0Y4RjIxMTAvBgNVBAUTKEI3OTFCRDFDOUUyMDgxQUE4NEY4MDc4MDY2QzBDN0Y2
MEE2Mzc5MEUwHhcNMjQwNTAxMTA0NDU5WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMyMWQyYi0yMGE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyMEMMEmzEl2cbF3U/o3A061/WBtFZh/RI2vR1CGCeKIUfqTaibZVo3WqjPYN
DKCHn/smvyflKzw36hcTc9gzZ3j7qq82YhVX36UrcS2BMI2hWYh/I4cyqdNOHa8z
6m5VzHTEA2DTkie51GPwNLPR9qNl4bxQCvbJFP4CPR2Zkr5OeNR2afYh/85nlOcg
2xHeYuYT4lvJmdjKqPd6AwEnrHhLcDDIHj5Ywa316it4CZsevjuFi2KfKfkfXURr
sZNJAhMJ14v3gp9t2MEBTQTeFToupqA9IrW/kOrxJBd95jKuN0K3KB278wfxc8Z+
hNJbTAhH3MlU/PpFjgE+OzbyaQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFyiq9OY
gVeofsg4mc/44vnub6KcMB8GA1UdIwQYMBaAFLeRvRyeIIGqhPgHgGbAx/YKY3kO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjhGMi8wMjJENTcxQ0Q2
NUUxMUVBQjYwQ0EzNkJDNEY5QUUwMi90NUc5SEo0Z2dhcUUtQWVBWnNESDlncGpl
UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Q1RzlISjRnZ2FxRS1BZUFac0RIOWdwamVRNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0Y4RjIvMDIyRDU3MUNENjVFMTFFQUI2MENBMzZCQzRGOUFFMDIvREIxMzdCQUEw
N0E3MTFFRjg1REYxQjE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnlQgwDQYJKoZIhvcNAQELBQADggEBAF2yPZjon2K5llSc
1Hj2g0141IIGun2wbWxttP4HjPfpZK8KdhLRWhkqMYGgP8WsuHgeumVxyqLgpExe
EkYyaUPJGBdXf0R5d+zukk3pZ9TJ47bjz6rCE3WANEyeM2yFHK+R/XpAknE0Xntj
ghu4Dq53qE+mim+IrSWgKboYE5vPx5TzRoulOY6+r+XruN9skLA3eIQFaJJ7EA0h
xJHQ5XCM5XyuwiL4BGCsbWEcCMr8jYRrOZVYRmVn+PJfSnRfN8nMvEYK+4PaT2Gx
A3VSV/cQFYc1mp/SEQxjXmaWRKDgCjw6uRIdgl1sCHhdNzPZrbWngsfOD5QB/5mv
Sf2mhac=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org