Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91862F9/4E609A723B7D11EE9656FC64C4F9AE02/7D8A817EE79811EE821DFE56C4F9AE02.roa
File: 7D8A817EE79811EE821DFE56C4F9AE02.roa (raw, json)
Hash identifier: JQBB7LtnbO0M+8uvupDXC/+Hj+jJKGD2OWR1HqGPMrE=
Subject key identifier: 3B:ED:97:85:B4:F3:71:FA:10:AF:08:C3:8C:E2:28:D1:B3:5F:39:B9
Certificate issuer: /CN=A91862F9/serialNumber=BE6341A7CC0CA0F6C1A15E0466EC7155B8283C9D
Certificate serial: 79
Authority key identifier: BE:63:41:A7:CC:0C:A0:F6:C1:A1:5E:04:66:EC:71:55:B8:28:3C:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vmNBp8wMoPbBoV4EZuxxVbgoPJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91862F9/4E609A723B7D11EE9656FC64C4F9AE02/7D8A817EE79811EE821DFE56C4F9AE02.roa
Signing time: Thu 21 Mar 2024 15:34:22 +0000
ROA not before: Thu 21 Mar 2024 15:34:22 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 137883
IP address blocks: 103.253.177.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Mar 2024 13:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121 (0x79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862F9/serialNumber=BE6341A7CC0CA0F6C1A15E0466EC7155B8283C9D
Validity
Not Before: Mar 21 15:34:22 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=65fc537e-d8dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:71:a4:c5:9e:e6:e3:3d:2f:2a:37:80:f9:ff:
e1:ba:c4:a5:ed:61:b7:8a:87:61:7f:22:0c:42:03:
8d:51:86:1e:b0:43:59:a2:0b:b6:2c:05:ed:22:d9:
e9:83:f5:e0:d7:d0:f2:43:62:66:00:1b:49:18:7e:
57:11:e5:ea:77:fe:ca:6b:33:22:10:db:be:0b:7f:
e6:2c:cf:fb:b4:ab:24:50:70:a7:11:f8:27:c2:d0:
8b:4c:94:10:2f:1b:35:ef:c5:66:c6:5f:35:bf:ef:
6d:a4:37:82:2f:a0:83:b0:ae:ba:4f:46:9c:ac:73:
a4:26:e7:4b:bd:73:93:ff:08:d0:cb:46:35:6d:74:
9f:7c:93:0b:cf:81:20:bb:b4:18:d7:f4:38:f9:a4:
1c:2b:84:9d:48:94:9d:cb:12:fb:92:aa:fd:b6:91:
73:cb:e6:96:42:d3:36:4d:6b:a6:be:de:54:82:f7:
95:18:6e:45:28:db:9a:d1:71:59:18:07:bc:9d:fb:
89:fa:37:19:67:09:95:c8:01:e6:5c:ff:6a:96:55:
1e:5e:9a:ff:6c:42:76:7d:96:a4:20:5c:87:dd:a3:
35:f8:c6:84:7e:6b:c4:ad:69:e1:5d:a9:e0:45:f6:
94:9d:73:3a:29:52:ed:61:c1:1b:1f:b5:f6:5d:06:
c8:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:ED:97:85:B4:F3:71:FA:10:AF:08:C3:8C:E2:28:D1:B3:5F:39:B9
X509v3 Authority Key Identifier:
keyid:BE:63:41:A7:CC:0C:A0:F6:C1:A1:5E:04:66:EC:71:55:B8:28:3C:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91862F9/4E609A723B7D11EE9656FC64C4F9AE02/vmNBp8wMoPbBoV4EZuxxVbgoPJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vmNBp8wMoPbBoV4EZuxxVbgoPJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91862F9/4E609A723B7D11EE9656FC64C4F9AE02/7D8A817EE79811EE821DFE56C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.253.177.0/24
Signature Algorithm: sha256WithRSAEncryption
64:e0:e1:47:ab:a4:7e:69:90:8c:06:8e:e9:4a:77:4a:08:21:
34:e9:4d:ee:e6:e4:46:5d:eb:f1:a9:d4:a2:2f:34:13:53:35:
96:b1:6b:4f:16:1c:06:fa:19:af:f9:14:c4:53:16:1e:7d:ec:
be:bb:9d:c6:16:b0:49:f0:a1:d7:ff:14:5b:18:8c:f9:14:f8:
99:2a:2b:aa:4c:8b:1f:9e:73:9f:44:82:49:ca:57:2f:82:db:
5b:88:c8:f4:23:35:0a:8f:de:fd:4f:db:5e:f3:ad:d4:7c:bc:
a4:bd:ef:b7:4f:34:c2:28:b3:c7:19:8c:c1:8d:81:ab:3f:ce:
0f:c4:c7:d2:e1:77:95:3e:13:fc:be:c2:a5:0f:5e:41:7c:d2:
e7:66:d2:02:d7:ee:61:5d:55:e8:05:1f:fe:e7:fa:f2:df:f7:
de:70:d8:76:66:b7:88:df:8b:19:34:1d:4b:80:42:7f:cb:80:
f0:87:47:e7:1d:5a:32:67:01:4f:6f:9b:1d:84:fe:66:61:3c:
d9:82:e5:cf:ca:4e:02:1d:51:18:0a:ae:97:11:00:d6:4f:41:
da:a8:39:ba:fc:5f:c1:4d:d8:82:b6:c8:aa:f6:a8:2e:b3:af:
51:b3:fd:b6:09:cf:aa:e0:fa:d3:ce:8d:d3:ea:85:1a:d5:b4:
e1:72:fd:c9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBeTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
NjJGOTExMC8GA1UEBRMoQkU2MzQxQTdDQzBDQTBGNkMxQTE1RTA0NjZFQzcxNTVC
ODI4M0M5RDAeFw0yNDAzMjExNTM0MjJaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZmM1MzdlLWQ4ZGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDEcaTFnubjPS8qN4D5/+G6xKXtYbeKh2F/IgxCA41Rhh6wQ1miC7YsBe0i2emD
9eDX0PJDYmYAG0kYflcR5ep3/sprMyIQ274Lf+Ysz/u0qyRQcKcR+CfC0ItMlBAv
GzXvxWbGXzW/722kN4IvoIOwrrpPRpysc6Qm50u9c5P/CNDLRjVtdJ98kwvPgSC7
tBjX9Dj5pBwrhJ1IlJ3LEvuSqv22kXPL5pZC0zZNa6a+3lSC95UYbkUo25rRcVkY
B7yd+4n6NxlnCZXIAeZc/2qWVR5emv9sQnZ9lqQgXIfdozX4xoR+a8StaeFdqeBF
9pSdczopUu1hwRsftfZdBsiHAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUO+2XhbTz
cfoQrwjDjOIo0bNfObkwHwYDVR0jBBgwFoAUvmNBp8wMoPbBoV4EZuxxVbgoPJ0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg2MkY5LzRFNjA5QTcyM0I3
RDExRUU5NjU2RkM2NEM0RjlBRTAyL3ZtTkJwOHdNb1BiQm9WNEVadXh4VmJnb1BK
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdm1OQnA4d01vUGJCb1Y0RVp1eHhWYmdvUEowLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NjJGOS80RTYwOUE3MjNCN0QxMUVFOTY1NkZDNjRDNEY5QUUwMi83RDhBODE3RUU3
OTgxMUVFODIxREZFNTZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGf9sTANBgkqhkiG9w0BAQsFAAOCAQEAZODhR6ukfmmQjAaO
6Up3SgghNOlN7ubkRl3r8anUoi80E1M1lrFrTxYcBvoZr/kUxFMWHn3svrudxhaw
SfCh1/8UWxiM+RT4mSorqkyLH55zn0SCScpXL4LbW4jI9CM1Co/e/U/bXvOt1Hy8
pL3vt080wiizxxmMwY2Bqz/OD8TH0uF3lT4T/L7CpQ9eQXzS52bSAtfuYV1V6AUf
/uf68t/33nDYdma3iN+LGTQdS4BCf8uA8IdH5x1aMmcBT2+bHYT+ZmE82YLlz8pO
Ah1RGAqulxEA1k9B2qg5uvxfwU3YgrbIqvaoLrOvUbP9tgnPquD6086N0+qFGtW0
4XL9yQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:14 2024 by rpki-client on console-fra.rpki-client.org