Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B8928/728D69EAD95311EBBC684587C4F9AE02/B0A147DC019A11ECA637716FC4F9AE02.roa
File: B0A147DC019A11ECA637716FC4F9AE02.roa (raw, json)
Hash identifier: h+ebYrgkrfjFrrV9kJk+p+kpHMLMn37UzStme+0sUlE=
Subject key identifier: FE:79:C3:6B:EC:2A:45:7E:AC:FE:C3:CC:BB:6D:E2:D1:3A:47:DE:09
Certificate issuer: /CN=A91B8928/serialNumber=66DC8B7D5F9AFE785DD35A7C2915D51CB669CECB
Certificate serial: 0495
Authority key identifier: 66:DC:8B:7D:5F:9A:FE:78:5D:D3:5A:7C:29:15:D5:1C:B6:69:CE:CB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZtyLfV-a_nhd01p8KRXVHLZpzss.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B8928/728D69EAD95311EBBC684587C4F9AE02/B0A147DC019A11ECA637716FC4F9AE02.roa
Signing time: Mon 01 Jan 2024 01:23:15 +0000
ROA not before: Mon 01 Jan 2024 01:23:15 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 3
IP address blocks: 103.157.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 06:23:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1173 (0x495)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B8928/serialNumber=66DC8B7D5F9AFE785DD35A7C2915D51CB669CECB
Validity
Not Before: Jan 1 01:23:15 2024 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=65921402-6de0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0b:a7:49:bc:51:71:86:81:33:f6:e1:dd:96:
71:e7:11:d1:06:15:8d:bf:a9:44:16:7c:fb:56:b6:
bc:24:af:59:14:95:5c:74:89:7e:56:77:34:3a:fd:
08:11:aa:aa:ad:41:12:54:aa:c0:87:6f:df:c8:89:
d8:4f:67:f3:03:3b:90:9d:0c:24:ab:54:ed:58:29:
6a:e3:15:29:6a:68:d3:bd:71:87:77:cd:68:76:49:
9d:4d:0f:4d:c8:fd:23:79:6a:73:6d:98:eb:f1:fa:
ad:1e:e4:b3:30:61:b3:d2:f8:be:a5:4e:a8:4a:cc:
3b:06:c9:d6:9f:89:ba:4b:64:f3:a7:a5:f5:b1:84:
79:99:5b:72:1e:7c:b6:8d:7b:5a:e7:5c:62:43:f8:
cf:d4:40:17:13:90:cf:05:05:84:cb:95:73:60:bb:
6f:22:c9:fb:4c:45:b2:75:7a:44:2f:56:5f:9f:98:
c9:a7:bf:33:92:c0:f3:e3:0f:22:65:45:36:99:0f:
9c:84:bf:f8:da:4b:7e:4e:e3:80:3a:4f:3e:0e:76:
99:0e:ff:de:cc:f6:2b:30:93:4a:8c:d4:b1:a1:47:
05:71:0b:99:a9:d2:3e:18:33:f7:2f:f4:8b:d2:12:
79:42:96:ea:2f:74:df:96:7b:1f:1b:95:0d:10:c4:
4f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:79:C3:6B:EC:2A:45:7E:AC:FE:C3:CC:BB:6D:E2:D1:3A:47:DE:09
X509v3 Authority Key Identifier:
keyid:66:DC:8B:7D:5F:9A:FE:78:5D:D3:5A:7C:29:15:D5:1C:B6:69:CE:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B8928/728D69EAD95311EBBC684587C4F9AE02/ZtyLfV-a_nhd01p8KRXVHLZpzss.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZtyLfV-a_nhd01p8KRXVHLZpzss.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B8928/728D69EAD95311EBBC684587C4F9AE02/B0A147DC019A11ECA637716FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.157.101.0/24
Signature Algorithm: sha256WithRSAEncryption
75:50:3f:40:55:35:15:85:9c:10:04:98:74:5d:67:1d:a7:72:
7b:6d:ba:da:08:08:09:00:ad:56:86:da:50:52:25:c0:07:12:
60:ec:54:3a:87:b4:a6:cb:10:ad:8a:1e:f7:b8:5b:b3:8b:df:
d5:39:77:88:e2:6f:23:48:cc:32:17:4d:0a:b0:99:62:f1:b4:
95:a4:cf:0b:57:d5:fd:dd:18:73:05:a5:ab:d9:3d:13:22:2e:
e9:8b:6f:da:bb:50:0c:40:5f:c3:e4:43:63:5f:34:75:bc:a4:
d4:e9:a7:e1:aa:01:fd:12:14:df:eb:f5:78:2d:81:be:1a:e9:
7d:25:08:51:45:4a:f8:57:c6:65:2d:81:d2:6e:0a:eb:1e:89:
02:19:d2:6b:28:a7:08:d8:9c:41:e4:ec:07:37:35:67:b9:6a:
7f:b9:f6:a3:6c:21:56:ee:fd:eb:b5:ed:0a:e8:e4:1c:46:99:
6d:ef:07:ab:00:a4:94:2a:c8:01:eb:82:61:1f:4d:c4:c9:ef:
24:03:78:33:65:c2:bc:28:25:2f:96:31:a2:17:a1:78:71:1d:
3d:04:bc:98:67:b6:35:07:ec:9b:8e:90:40:aa:5c:bd:0c:87:
fb:10:94:83:f2:a1:3c:41:2c:b7:b1:a8:5f:14:e4:cb:1e:ae:
2b:91:31:96
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBJUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjg5MjgxMTAvBgNVBAUTKDY2REM4QjdENUY5QUZFNzg1REQzNUE3QzI5MTVENTFD
QjY2OUNFQ0IwHhcNMjQwMTAxMDEyMzE1WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTkyMTQwMi02ZGUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxAunSbxRcYaBM/bh3ZZx5xHRBhWNv6lEFnz7Vra8JK9ZFJVcdIl+Vnc0Ov0I
EaqqrUESVKrAh2/fyInYT2fzAzuQnQwkq1TtWClq4xUpamjTvXGHd81odkmdTQ9N
yP0jeWpzbZjr8fqtHuSzMGGz0vi+pU6oSsw7BsnWn4m6S2Tzp6X1sYR5mVtyHny2
jXta51xiQ/jP1EAXE5DPBQWEy5VzYLtvIsn7TEWydXpEL1Zfn5jJp78zksDz4w8i
ZUU2mQ+chL/42kt+TuOAOk8+DnaZDv/ezPYrMJNKjNSxoUcFcQuZqdI+GDP3L/SL
0hJ5QpbqL3TflnsfG5UNEMRPdwIDAQABo4IClTCCApEwHQYDVR0OBBYEFP55w2vs
KkV+rP7DzLtt4tE6R94JMB8GA1UdIwQYMBaAFGbci31fmv54XdNafCkV1Ry2ac7L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODkyOC83MjhENjlFQUQ5
NTMxMUVCQkM2ODQ1ODdDNEY5QUUwMi9adHlMZlYtYV9uaGQwMXA4S1JYVkhMWnB6
c3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1p0eUxmVi1hX25oZDAxcDhLUlhWSExacHpzcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjg5MjgvNzI4RDY5RUFEOTUzMTFFQkJDNjg0NTg3QzRGOUFFMDIvQjBBMTQ3REMw
MTlBMTFFQ0E2Mzc3MTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnnWUwDQYJKoZIhvcNAQELBQADggEBAHVQP0BVNRWFnBAE
mHRdZx2ncnttutoICAkArVaG2lBSJcAHEmDsVDqHtKbLEK2KHve4W7OL39U5d4ji
byNIzDIXTQqwmWLxtJWkzwtX1f3dGHMFpavZPRMiLumLb9q7UAxAX8PkQ2NfNHW8
pNTpp+GqAf0SFN/r9Xgtgb4a6X0lCFFFSvhXxmUtgdJuCuseiQIZ0msopwjYnEHk
7Ac3NWe5an+59qNsIVbu/eu17Qro5BxGmW3vB6sApJQqyAHrgmEfTcTJ7yQDeDNl
wrwoJS+WMaIXoXhxHT0EvJhntjUH7JuOkECqXL0Mh/sQlIPyoTxBLLexqF8U5Mse
riuRMZY=
-----END CERTIFICATE-----
Generated at Tue Jan 23 09:31:53 2024 by rpki-client on console-ams.rpki-client.org