Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918F8B1/7D54A0CAB58611E9AA5F4D65C4F9AE02/1335D3BCF56411EEA47C8A60C4F9AE02.roa
File: 1335D3BCF56411EEA47C8A60C4F9AE02.roa (raw, json)
Hash identifier: W0ME7oFHl1QAXJ3bsrsQ8aI6u59ep8kQbQG48qbhyjM=
Subject key identifier: 39:8B:EB:61:DB:29:21:1A:EB:62:2D:36:D7:3B:4F:C4:F0:0C:68:63
Certificate issuer: /CN=A918F8B1/serialNumber=B5B3FC3E760877EF4F8D8E843BDD68CE0F405530
Certificate serial: 0D16
Authority key identifier: B5:B3:FC:3E:76:08:77:EF:4F:8D:8E:84:3B:DD:68:CE:0F:40:55:30
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tbP8PnYId-9PjY6EO91ozg9AVTA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918F8B1/7D54A0CAB58611E9AA5F4D65C4F9AE02/1335D3BCF56411EEA47C8A60C4F9AE02.roa
Signing time: Mon 08 Apr 2024 05:06:36 +0000
ROA not before: Mon 08 Apr 2024 05:06:36 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 138624
IP address blocks: 103.134.225.0/24 maxlen: 24
103.158.243.0/24 maxlen: 24
2001:df7:d500::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 Apr 2024 22:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3350 (0xd16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918F8B1/serialNumber=B5B3FC3E760877EF4F8D8E843BDD68CE0F405530
Validity
Not Before: Apr 8 05:06:36 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66137b5c-9a39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:74:bd:5b:bc:a3:ff:ae:27:32:69:0a:cd:1c:
31:2b:b4:dd:df:92:48:9d:0c:ed:f5:87:8a:2c:0c:
77:f8:e5:25:00:be:97:1d:da:27:6c:dc:1b:4b:c9:
5d:b3:8c:d5:f1:f9:22:bf:0f:e3:8e:a8:ba:b3:38:
52:ea:14:54:8e:a4:d5:45:06:39:84:dc:a7:21:c8:
7f:55:dd:c0:09:30:59:d3:df:b0:e3:72:b6:ce:ce:
77:c1:f4:06:aa:b5:c9:27:47:16:50:e2:ad:a9:32:
7b:35:d7:f5:57:76:ab:06:0e:2a:73:8e:aa:c0:8f:
c3:2e:ee:f7:f4:a9:1e:61:8e:9b:11:b5:ee:51:62:
78:83:af:99:98:5b:79:4d:5a:5c:a9:9a:8d:ca:05:
ca:be:7b:47:54:95:cd:13:cc:28:c5:50:74:f3:66:
66:61:39:17:0f:6e:a8:fe:a2:ab:eb:c3:ae:02:bc:
f3:27:ac:25:5e:2e:b3:5b:3e:b3:0d:71:0e:88:92:
0f:0b:ce:ce:09:cf:47:58:83:00:62:72:8c:71:b9:
37:48:9e:eb:e5:08:27:d1:da:1f:04:75:21:c9:15:
ee:fc:ba:ab:c5:cb:bd:5a:a4:df:ef:e4:5c:38:10:
69:e6:b6:95:2f:7d:6b:01:77:54:33:ed:4c:79:cc:
90:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:8B:EB:61:DB:29:21:1A:EB:62:2D:36:D7:3B:4F:C4:F0:0C:68:63
X509v3 Authority Key Identifier:
keyid:B5:B3:FC:3E:76:08:77:EF:4F:8D:8E:84:3B:DD:68:CE:0F:40:55:30
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918F8B1/7D54A0CAB58611E9AA5F4D65C4F9AE02/tbP8PnYId-9PjY6EO91ozg9AVTA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tbP8PnYId-9PjY6EO91ozg9AVTA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F8B1/7D54A0CAB58611E9AA5F4D65C4F9AE02/1335D3BCF56411EEA47C8A60C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.225.0/24
103.158.243.0/24
IPv6:
2001:df7:d500::/48
Signature Algorithm: sha256WithRSAEncryption
6e:51:ea:59:35:2a:38:ea:b3:c7:81:bf:cb:92:a7:ca:fd:39:
80:9a:fa:cd:23:e5:cd:56:dc:fa:28:0c:af:c4:28:55:4b:cd:
06:8c:af:0b:1d:b4:12:b8:bc:06:0f:5f:2a:3d:55:dc:91:6d:
15:67:23:98:89:88:37:9c:89:20:c0:1e:8e:ca:4d:59:0a:48:
1d:63:03:29:cf:77:57:ad:7c:01:fb:e5:ee:4d:a5:17:b6:17:
51:48:84:85:b9:c9:69:ec:db:de:0a:90:35:b9:9a:27:15:60:
d3:39:6d:20:50:ef:12:c8:eb:22:10:08:a3:02:76:77:81:71:
fb:0a:28:ab:1a:cc:36:0d:0c:5b:c7:f1:66:7e:da:99:36:7d:
b5:5e:36:37:a7:7a:e5:fd:88:a9:ef:d4:c0:9c:b0:88:93:ff:
73:42:5d:74:1e:bc:2e:c5:82:df:01:71:3a:c0:10:ab:71:1f:
2f:f2:29:f2:78:0a:46:55:11:cb:ae:c5:98:5c:52:a8:98:68:
6a:cb:72:38:a4:f3:bf:df:85:76:36:0b:01:7d:6e:2f:e3:ed:
bf:83:9e:ff:2f:26:5a:c5:79:03:76:f0:cd:dc:f5:66:b3:1d:
6f:3e:0d:69:c0:bc:18:1f:d2:da:fb:47:5b:19:00:15:0b:96:
5a:61:ee:70
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICDRYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEY4QjExMTAvBgNVBAUTKEI1QjNGQzNFNzYwODc3RUY0RjhEOEU4NDNCREQ2OENF
MEY0MDU1MzAwHhcNMjQwNDA4MDUwNjM2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjEzN2I1Yy05YTM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA23S9W7yj/64nMmkKzRwxK7Td35JInQzt9YeKLAx3+OUlAL6XHdonbNwbS8ld
s4zV8fkivw/jjqi6szhS6hRUjqTVRQY5hNynIch/Vd3ACTBZ09+w43K2zs53wfQG
qrXJJ0cWUOKtqTJ7Ndf1V3arBg4qc46qwI/DLu739KkeYY6bEbXuUWJ4g6+ZmFt5
TVpcqZqNygXKvntHVJXNE8woxVB082ZmYTkXD26o/qKr68OuArzzJ6wlXi6zWz6z
DXEOiJIPC87OCc9HWIMAYnKMcbk3SJ7r5Qgn0dofBHUhyRXu/Lqrxcu9WqTf7+Rc
OBBp5raVL31rAXdUM+1MecyQ7wIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFDmL62Hb
KSEa62ItNtc7T8TwDGhjMB8GA1UdIwQYMBaAFLWz/D52CHfvT42OhDvdaM4PQFUw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjhCMS83RDU0QTBDQUI1
ODYxMUU5QUE1RjRENjVDNEY5QUUwMi90YlA4UG5ZSWQtOVBqWTZFTzkxb3pnOUFW
VEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RiUDhQbllJZC05UGpZNkVPOTFvemc5QVZUQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEY4QjEvN0Q1NEEwQ0FCNTg2MTFFOUFBNUY0RDY1QzRGOUFFMDIvMTMzNUQzQkNG
NTY0MTFFRUE0N0M4QTYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABnhuEDBABnnvMwDwQCAAIwCQMHACABDffVADANBgkqhkiG
9w0BAQsFAAOCAQEAblHqWTUqOOqzx4G/y5Knyv05gJr6zSPlzVbc+igMr8QoVUvN
BoyvCx20Eri8Bg9fKj1V3JFtFWcjmImIN5yJIMAejspNWQpIHWMDKc93V618Afvl
7k2lF7YXUUiEhbnJaezb3gqQNbmaJxVg0zltIFDvEsjrIhAIowJ2d4Fx+wooqxrM
Ng0MW8fxZn7amTZ9tV42N6d65f2Iqe/UwJywiJP/c0JddB68LsWC3wFxOsAQq3Ef
L/Ip8ngKRlURy67FmFxSqJhoastyOKTzv9+FdjYLAX1uL+Ptv4Oe/y8mWsV5A3bw
zdz1ZrMdbz4NacC8GB/S2vtHWxkAFQuWWmHucA==
-----END CERTIFICATE-----
Generated at Mon Apr 8 23:48:07 2024 by rpki-client on console-fra.rpki-client.org