Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AD09B/1E2FBED45C6411EEA59A821EC4F9AE02/BF9435005C6B11EE81B57678C4F9AE02.roa
File: BF9435005C6B11EE81B57678C4F9AE02.roa (raw, json)
Hash identifier: rs5PaUaqdWqqTZ+ZiglniAN4n1XbZ8VDStKzJbqd3XY=
Subject key identifier: 02:45:C5:D2:EB:C9:CE:52:DA:09:6E:57:80:F7:78:64:85:42:7C:21
Certificate issuer: /CN=A91AD09B/serialNumber=1AF3C89CF147F2FEB51DAAE8957DB99D387263B8
Certificate serial: 04
Authority key identifier: 1A:F3:C8:9C:F1:47:F2:FE:B5:1D:AA:E8:95:7D:B9:9D:38:72:63:B8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GvPInPFH8v61HarolX25nThyY7g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AD09B/1E2FBED45C6411EEA59A821EC4F9AE02/BF9435005C6B11EE81B57678C4F9AE02.roa
Signing time: Tue 26 Sep 2023 12:53:54 +0000
ROA not before: Tue 26 Sep 2023 12:53:54 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 150178
IP address blocks: 103.7.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Sep 2023 13:35:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AD09B/serialNumber=1AF3C89CF147F2FEB51DAAE8957DB99D387263B8
Validity
Not Before: Sep 26 12:53:54 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=6512d462-0b0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4e:19:c6:17:91:68:96:71:5a:49:cf:f4:21:
aa:52:b1:6b:26:66:d7:c0:2d:9a:79:d3:d1:ea:36:
e2:ad:e4:d6:f5:0a:60:f3:eb:5c:29:cc:65:03:1b:
7b:48:de:e0:24:91:a1:5b:49:53:81:6e:c2:07:0e:
8a:5e:69:98:14:02:20:3c:a5:03:e0:a7:d0:07:60:
d2:30:aa:63:31:ee:6b:3e:a1:cd:9c:0c:97:6e:9b:
5f:ba:4f:2e:4e:83:34:28:fa:d3:f6:57:45:aa:2f:
93:24:48:60:df:bb:76:a8:8b:e6:c2:37:e1:96:05:
2a:11:5f:fc:1b:76:64:95:2e:8b:87:dd:8a:1a:56:
e5:ef:a5:a0:0b:90:95:42:90:09:3b:5b:15:2d:58:
63:a1:5d:b7:18:38:de:8b:ee:21:c2:6a:b3:2f:25:
d4:c0:5e:62:e5:7f:f6:a4:98:6b:ed:1d:a8:64:88:
d0:6b:2d:84:ac:b1:29:fb:71:03:d8:ee:42:e5:23:
11:50:bd:12:7c:d5:b8:f2:64:45:88:c1:4e:54:ae:
e0:b3:a7:b2:7c:c1:53:e4:f5:1a:1c:9b:52:30:23:
b7:03:23:1b:8e:3f:8c:7f:68:07:32:c0:b5:a3:c7:
1b:fb:48:fb:4d:1d:a5:f3:be:5f:a5:78:51:b8:cc:
3c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:45:C5:D2:EB:C9:CE:52:DA:09:6E:57:80:F7:78:64:85:42:7C:21
X509v3 Authority Key Identifier:
keyid:1A:F3:C8:9C:F1:47:F2:FE:B5:1D:AA:E8:95:7D:B9:9D:38:72:63:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AD09B/1E2FBED45C6411EEA59A821EC4F9AE02/GvPInPFH8v61HarolX25nThyY7g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GvPInPFH8v61HarolX25nThyY7g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AD09B/1E2FBED45C6411EEA59A821EC4F9AE02/BF9435005C6B11EE81B57678C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.7.121.0/24
Signature Algorithm: sha256WithRSAEncryption
80:58:68:29:65:f8:60:1f:0b:62:72:2c:a6:80:20:21:fb:a3:
fa:07:a4:a3:f7:15:ac:c3:25:e7:58:82:2a:06:ee:cf:26:f1:
0b:b0:7a:4e:38:f0:8a:7d:fe:1f:11:22:87:7f:53:9e:07:63:
f7:82:25:05:c1:59:e6:b3:d2:8b:82:fc:50:bd:3f:77:4b:0f:
df:fa:59:54:f9:67:af:92:3f:92:a6:e0:0a:5b:66:3e:d4:a5:
06:7e:25:f3:51:15:1f:e7:fd:88:34:99:63:14:7d:10:33:1d:
29:f9:78:66:2c:16:76:89:5f:fa:a8:b9:c9:92:37:3c:79:0e:
26:3e:e8:22:d2:ee:e2:ba:77:3a:74:ab:6f:a7:bd:b4:1e:4c:
5d:b9:25:c9:27:32:20:27:2b:72:a5:89:62:bb:f7:d5:ae:aa:
2b:d4:4e:9d:58:fd:c6:3c:23:e2:61:6a:46:a0:7d:6c:63:b9:
70:be:34:57:59:ba:b2:07:ed:4d:49:7f:00:69:de:5f:90:fb:
98:42:fb:d7:26:f3:29:b0:2b:55:90:56:f2:9f:e2:b0:18:51:
f9:5e:76:0d:af:f3:55:77:12:57:aa:7b:51:11:ad:6c:de:b6:
89:a0:a0:9c:a8:f5:b6:28:d9:fd:81:ca:e0:e5:67:64:95:50:
32:dd:1d:a3
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
RDA5QjExMC8GA1UEBRMoMUFGM0M4OUNGMTQ3RjJGRUI1MURBQUU4OTU3REI5OUQz
ODcyNjNCODAeFw0yMzA5MjYxMjUzNTRaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MTJkNDYyLTBiMGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+ThnGF5FolnFaSc/0IapSsWsmZtfALZp509HqNuKt5Nb1CmDz61wpzGUDG3tI
3uAkkaFbSVOBbsIHDopeaZgUAiA8pQPgp9AHYNIwqmMx7ms+oc2cDJdum1+6Ty5O
gzQo+tP2V0WqL5MkSGDfu3aoi+bCN+GWBSoRX/wbdmSVLouH3YoaVuXvpaALkJVC
kAk7WxUtWGOhXbcYON6L7iHCarMvJdTAXmLlf/akmGvtHahkiNBrLYSssSn7cQPY
7kLlIxFQvRJ81bjyZEWIwU5UruCzp7J8wVPk9Rocm1IwI7cDIxuOP4x/aAcywLWj
xxv7SPtNHaXzvl+leFG4zDyPAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUAkXF0uvJ
zlLaCW5XgPd4ZIVCfCEwHwYDVR0jBBgwFoAUGvPInPFH8v61HarolX25nThyY7gw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFEMDlCLzFFMkZCRUQ0NUM2
NDExRUVBNTlBODIxRUM0RjlBRTAyL0d2UEluUEZIOHY2MUhhcm9sWDI1blRoeVk3
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvR3ZQSW5QRkg4djYxSGFyb2xYMjVuVGh5WTdnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RDA5Qi8xRTJGQkVENDVDNjQxMUVFQTU5QTgyMUVDNEY5QUUwMi9CRjk0MzUwMDVD
NkIxMUVFODFCNTc2NzhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGcHeTANBgkqhkiG9w0BAQsFAAOCAQEAgFhoKWX4YB8LYnIs
poAgIfuj+geko/cVrMMl51iCKgbuzybxC7B6Tjjwin3+HxEih39Tngdj94IlBcFZ
5rPSi4L8UL0/d0sP3/pZVPlnr5I/kqbgCltmPtSlBn4l81EVH+f9iDSZYxR9EDMd
Kfl4ZiwWdolf+qi5yZI3PHkOJj7oItLu4rp3OnSrb6e9tB5MXbklyScyICcrcqWJ
Yrv31a6qK9ROnVj9xjwj4mFqRqB9bGO5cL40V1m6sgftTUl/AGneX5D7mEL71ybz
KbArVZBW8p/isBhR+V52Da/zVXcSV6p7URGtbN62iaCgnKj1tijZ/YHK4OVnZJVQ
Mt0dow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org