Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91834AD/0DE4AD0408FE11EA9833C578C4F9AE02/C152F164693111EF9085774CC4F9AE02.roa
File: C152F164693111EF9085774CC4F9AE02.roa (raw, json)
Hash identifier: sMSsVYfXIy3+gm+GqXf3k72DjthO0eHJqsI3H7P4epo=
Subject key identifier: FC:89:7D:D1:88:45:A1:25:14:82:37:00:CE:CE:B1:F6:46:CC:9E:C3
Certificate issuer: /CN=A91834AD/serialNumber=4D76F793E2B129F46F8FC90E21F9D0FEAF10D040
Certificate serial: 0BAF
Authority key identifier: 4D:76:F7:93:E2:B1:29:F4:6F:8F:C9:0E:21:F9:D0:FE:AF:10:D0:40
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXb3k-KxKfRvj8kOIfnQ_q8Q0EA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91834AD/0DE4AD0408FE11EA9833C578C4F9AE02/C152F164693111EF9085774CC4F9AE02.roa
Signing time: Mon 02 Sep 2024 13:46:29 +0000
ROA not before: Mon 02 Sep 2024 13:46:29 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 136425
IP address blocks: 103.87.136.0/22 maxlen: 23
103.87.137.0/24 maxlen: 24
103.87.138.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 19:05:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2991 (0xbaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91834AD/serialNumber=4D76F793E2B129F46F8FC90E21F9D0FEAF10D040
Validity
Not Before: Sep 2 13:46:29 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66d5c1b5-6d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:17:05:04:8a:c1:ae:47:e8:c5:32:b0:8c:77:
5d:c0:dc:16:19:11:55:44:44:b0:4d:13:74:19:68:
a3:18:99:4d:0f:54:33:be:5b:90:8a:ef:e0:d5:ce:
13:de:7f:87:99:7d:fd:d6:f7:19:cf:7f:7e:32:41:
18:50:3c:6f:57:3a:d6:d3:fb:e5:a7:99:33:9c:e7:
f8:f9:c3:8e:fa:ef:bd:68:db:e5:54:c4:36:8e:71:
ab:bb:c7:f5:72:5c:31:39:7c:bd:c9:5d:97:4c:c0:
bb:5b:12:72:c7:06:a9:b0:d2:61:c6:f3:ab:cb:51:
41:67:75:6c:0b:77:42:b5:b6:06:4f:e1:5f:92:fb:
d5:ac:c1:24:ea:81:5e:57:93:c8:31:c8:52:95:58:
e4:5e:33:7b:52:d1:41:be:73:5e:99:b8:78:d8:cf:
5c:ac:55:e1:14:6b:99:2b:97:c6:27:fc:8d:13:e7:
9f:4b:c6:70:ca:5e:af:f5:df:8b:79:41:47:f5:54:
13:a5:33:97:5c:2b:11:0d:c4:49:d6:a7:69:db:00:
5f:69:cf:e2:92:b2:86:4c:ee:9b:94:07:2f:5e:72:
15:2d:21:a7:3f:39:53:12:e3:2d:8b:88:ab:2f:40:
e7:9f:9a:43:2b:53:c4:97:45:26:66:6b:4c:90:fb:
f1:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:89:7D:D1:88:45:A1:25:14:82:37:00:CE:CE:B1:F6:46:CC:9E:C3
X509v3 Authority Key Identifier:
keyid:4D:76:F7:93:E2:B1:29:F4:6F:8F:C9:0E:21:F9:D0:FE:AF:10:D0:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91834AD/0DE4AD0408FE11EA9833C578C4F9AE02/TXb3k-KxKfRvj8kOIfnQ_q8Q0EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXb3k-KxKfRvj8kOIfnQ_q8Q0EA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91834AD/0DE4AD0408FE11EA9833C578C4F9AE02/C152F164693111EF9085774CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.87.136.0/22
Signature Algorithm: sha256WithRSAEncryption
15:05:61:be:4c:90:26:f5:15:05:3f:29:67:9d:90:7b:95:cd:
7c:d0:7f:b5:6b:44:f5:1e:42:00:6b:01:d1:04:10:1e:66:e9:
2c:72:29:5a:b1:10:63:18:1b:3e:97:ff:6f:c2:ea:24:06:f0:
03:9e:a6:1c:03:a2:56:92:b4:87:5b:a9:54:29:32:df:4d:2e:
c7:22:14:f4:f7:7b:75:30:f8:43:82:e1:a5:96:ce:f2:1d:79:
21:7b:54:81:b7:3b:d0:b9:7f:70:e0:b1:da:20:65:96:32:03:
fe:e2:1d:f1:42:d4:fd:18:c0:5b:5a:29:31:1a:a0:fe:05:91:
18:c1:8a:94:f9:92:4a:f8:1b:a0:2a:55:aa:4d:55:f6:b4:b6:
23:5b:36:f7:d8:f3:30:32:60:c8:04:f8:a9:c8:fd:38:d9:bb:
99:36:39:e9:e0:54:6d:c4:ee:a3:97:2c:2d:af:6b:a4:30:ff:
bb:a8:dd:30:8e:aa:e2:22:b2:c7:d6:5a:94:14:b8:b3:1b:f8:
6e:bf:8a:b4:ca:dc:99:12:7e:b3:27:a3:89:0d:e1:09:a4:06:
4b:07:2f:9f:e8:16:b4:e8:e1:31:32:68:39:bd:c1:1b:af:c6:
76:66:c3:a6:93:4a:a0:e5:06:07:bc:54:cf:8b:25:f9:b6:6b:
25:5b:7c:5b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC68wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODM0QUQxMTAvBgNVBAUTKDRENzZGNzkzRTJCMTI5RjQ2RjhGQzkwRTIxRjlEMEZF
QUYxMEQwNDAwHhcNMjQwOTAyMTM0NjI5WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ1YzFiNS02ZDIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtRcFBIrBrkfoxTKwjHddwNwWGRFVRESwTRN0GWijGJlND1QzvluQiu/g1c4T
3n+HmX391vcZz39+MkEYUDxvVzrW0/vlp5kznOf4+cOO+u+9aNvlVMQ2jnGru8f1
clwxOXy9yV2XTMC7WxJyxwapsNJhxvOry1FBZ3VsC3dCtbYGT+FfkvvVrMEk6oFe
V5PIMchSlVjkXjN7UtFBvnNembh42M9crFXhFGuZK5fGJ/yNE+efS8Zwyl6v9d+L
eUFH9VQTpTOXXCsRDcRJ1qdp2wBfac/ikrKGTO6blAcvXnIVLSGnPzlTEuMti4ir
L0Dnn5pDK1PEl0UmZmtMkPvxHQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPyJfdGI
RaElFII3AM7OsfZGzJ7DMB8GA1UdIwQYMBaAFE1295PisSn0b4/JDiH50P6vENBA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MzRBRC8wREU0QUQwNDA4
RkUxMUVBOTgzM0M1NzhDNEY5QUUwMi9UWGIzay1LeEtmUnZqOGtPSWZuUV9xOFEw
RUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RYYjNrLUt4S2ZSdmo4a09JZm5RX3E4UTBFQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODM0QUQvMERFNEFEMDQwOEZFMTFFQTk4MzNDNTc4QzRGOUFFMDIvQzE1MkYxNjQ2
OTMxMTFFRjkwODU3NzRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnV4gwDQYJKoZIhvcNAQELBQADggEBABUFYb5MkCb1FQU/
KWedkHuVzXzQf7VrRPUeQgBrAdEEEB5m6SxyKVqxEGMYGz6X/2/C6iQG8AOephwD
olaStIdbqVQpMt9NLsciFPT3e3Uw+EOC4aWWzvIdeSF7VIG3O9C5f3DgsdogZZYy
A/7iHfFC1P0YwFtaKTEaoP4FkRjBipT5kkr4G6AqVapNVfa0tiNbNvfY8zAyYMgE
+KnI/TjZu5k2OengVG3E7qOXLC2va6Qw/7uo3TCOquIissfWWpQUuLMb+G6/irTK
3JkSfrMno4kN4QmkBksHL5/oFrTo4TEyaDm9wRuvxnZmw6aTSqDlBge8VM+LJfm2
ayVbfFs=
-----END CERTIFICATE-----
Generated at Mon Sep 2 21:05:44 2024 by rpki-client on console-ams.rpki-client.org