Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/BCA5586C80CC11EE94777C52C4F9AE02.roa
File: BCA5586C80CC11EE94777C52C4F9AE02.roa (raw, json)
Hash identifier: fok811kDy7Gc0Rt7ng8E9IihX19Yr5mRMGMBjOmsjuI=
Subject key identifier: C7:59:C5:0B:69:73:51:B6:65:EF:D6:88:72:5A:85:16:6D:ED:9C:BE
Certificate issuer: /CN=A91C1A4E/serialNumber=A921635C7493F21CD26093D5903510802F4E3586
Certificate serial: 0A79
Authority key identifier: A9:21:63:5C:74:93:F2:1C:D2:60:93:D5:90:35:10:80:2F:4E:35:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qSFjXHST8hzSYJPVkDUQgC9ONYY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/BCA5586C80CC11EE94777C52C4F9AE02.roa
Signing time: Fri 16 Feb 2024 20:28:38 +0000
ROA not before: Fri 16 Feb 2024 20:28:38 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 138023
IP address blocks: 103.133.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Apr 2024 04:51:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2681 (0xa79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C1A4E/serialNumber=A921635C7493F21CD26093D5903510802F4E3586
Validity
Not Before: Feb 16 20:28:38 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65cfc575-e65c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e4:18:1a:02:83:48:be:95:fe:b2:4f:d4:75:
c8:3b:9e:ae:11:49:ee:f4:a0:64:ba:29:38:99:ac:
f1:cd:10:11:b8:60:33:26:49:6d:d1:03:16:39:64:
6f:cf:d1:de:43:7f:a9:62:60:a1:22:7e:66:79:91:
d8:af:50:be:84:44:48:db:b8:8a:79:80:8e:85:0e:
d9:13:34:bc:1b:dd:60:40:43:8b:5f:31:3b:b2:89:
b0:33:4f:e5:59:c4:55:0c:f4:9b:23:b8:f8:bf:b7:
e2:2a:eb:ef:71:37:bc:38:43:e2:d9:ca:d7:14:f0:
0d:a5:ab:b6:4c:88:94:e9:77:1a:49:02:37:5d:20:
00:f3:29:63:60:b3:c0:ca:f0:c4:b9:0b:d7:bf:80:
8a:0d:ae:9a:2c:6c:db:57:99:ad:29:fa:0e:1e:32:
03:4d:a0:e2:79:63:c3:fe:fb:69:fd:9c:4d:9b:be:
e6:69:2a:3e:51:ef:9d:d7:bd:fb:8f:2a:5e:cc:ee:
9c:d2:9c:c2:0b:35:f2:b2:f0:b0:6b:c7:8e:3d:5f:
8c:64:f1:89:a8:28:43:50:7a:90:90:f9:b9:41:bf:
cc:69:fb:bd:fd:50:dd:9a:b0:42:4b:f5:6b:9f:78:
bf:8b:7c:9c:da:b9:72:1e:18:c3:e6:99:f2:21:ad:
d5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:59:C5:0B:69:73:51:B6:65:EF:D6:88:72:5A:85:16:6D:ED:9C:BE
X509v3 Authority Key Identifier:
keyid:A9:21:63:5C:74:93:F2:1C:D2:60:93:D5:90:35:10:80:2F:4E:35:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/qSFjXHST8hzSYJPVkDUQgC9ONYY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qSFjXHST8hzSYJPVkDUQgC9ONYY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/BCA5586C80CC11EE94777C52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.133.211.0/24
Signature Algorithm: sha256WithRSAEncryption
09:db:61:85:22:43:30:ca:20:dc:ee:f8:f3:bc:ec:75:d4:79:
34:ec:1c:f3:8f:39:d8:9d:db:99:be:cb:00:6d:d5:3e:10:87:
78:5e:ee:06:a8:3a:3c:69:61:65:45:69:cb:1c:08:4b:ac:eb:
2f:54:f9:e3:14:cf:a9:7a:a0:cd:66:88:05:7b:f6:a3:6e:14:
bc:ac:b9:64:25:d9:68:de:50:2b:a7:b3:58:31:da:42:ba:87:
78:8e:17:ee:68:dc:55:ff:54:03:f1:bf:fd:8c:6d:8f:e5:d9:
11:33:e4:55:7a:a1:fc:96:a6:95:e2:94:46:90:4d:de:60:0e:
98:dd:07:97:5e:96:33:49:6e:13:19:9e:03:82:08:5d:6d:aa:
09:3a:2e:35:c8:04:15:ba:23:b0:07:83:cf:29:a5:da:61:ec:
3e:2e:b9:e8:49:bc:3f:90:d9:3d:a4:27:d9:45:74:b9:75:82:
a0:af:f4:8d:e9:a3:0d:2c:4a:35:cf:6f:9d:25:c5:0c:62:ec:
95:d4:ba:bd:91:43:75:16:bc:0a:64:ef:13:8d:87:de:13:c5:
83:28:4b:dd:c2:31:ff:25:17:d5:a0:e7:32:d9:5e:d8:bc:6c:
2d:86:76:47:01:2a:d6:51:45:1f:5d:38:a5:52:35:cf:4d:ae:
f9:b4:27:a8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCnkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzFBNEUxMTAvBgNVBAUTKEE5MjE2MzVDNzQ5M0YyMUNEMjYwOTNENTkwMzUxMDgw
MkY0RTM1ODYwHhcNMjQwMjE2MjAyODM4WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWNmYzU3NS1lNjVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0OQYGgKDSL6V/rJP1HXIO56uEUnu9KBkuik4mazxzRARuGAzJklt0QMWOWRv
z9HeQ3+pYmChIn5meZHYr1C+hERI27iKeYCOhQ7ZEzS8G91gQEOLXzE7somwM0/l
WcRVDPSbI7j4v7fiKuvvcTe8OEPi2crXFPANpau2TIiU6XcaSQI3XSAA8yljYLPA
yvDEuQvXv4CKDa6aLGzbV5mtKfoOHjIDTaDieWPD/vtp/ZxNm77maSo+Ue+d1737
jypezO6c0pzCCzXysvCwa8eOPV+MZPGJqChDUHqQkPm5Qb/Mafu9/VDdmrBCS/Vr
n3i/i3yc2rlyHhjD5pnyIa3VTwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMdZxQtp
c1G2Ze/WiHJahRZt7Zy+MB8GA1UdIwQYMBaAFKkhY1x0k/Ic0mCT1ZA1EIAvTjWG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUE0RS9BNDlCNEQ3NDM3
QzYxMUVBOUQ5NkFFNTFDNEY5QUUwMi9xU0ZqWEhTVDhoelNZSlBWa0RVUWdDOU9O
WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FTRmpYSFNUOGh6U1lKUFZrRFVRZ0M5T05ZWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzFBNEUvQTQ5QjRENzQzN0M2MTFFQTlEOTZBRTUxQzRGOUFFMDIvQkNBNTU4NkM4
MENDMTFFRTk0Nzc3QzUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnhdMwDQYJKoZIhvcNAQELBQADggEBAAnbYYUiQzDKINzu
+PO87HXUeTTsHPOPOdid25m+ywBt1T4Qh3he7gaoOjxpYWVFacscCEus6y9U+eMU
z6l6oM1miAV79qNuFLysuWQl2WjeUCuns1gx2kK6h3iOF+5o3FX/VAPxv/2MbY/l
2REz5FV6ofyWppXilEaQTd5gDpjdB5deljNJbhMZngOCCF1tqgk6LjXIBBW6I7AH
g88ppdph7D4uuehJvD+Q2T2kJ9lFdLl1gqCv9I3pow0sSjXPb50lxQxi7JXUur2R
Q3UWvApk7xONh94TxYMoS93CMf8lF9Wg5zLZXti8bC2GdkcBKtZRRR9dOKVSNc9N
rvm0J6g=
-----END CERTIFICATE-----
Generated at Fri Apr 12 07:20:49 2024 by rpki-client on console-fra.rpki-client.org