Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB09E/47119D00D00B11EBB5890E7BC4F9AE02/73E21BB0FB3D11EEB154B874C4F9AE02.roa
File: 73E21BB0FB3D11EEB154B874C4F9AE02.roa (raw, json)
Hash identifier: SrJwolZ/EXS7wbgb0oThQJECRbUxiA/ATq2Cgd2l02g=
Subject key identifier: 58:90:E1:44:F1:4D:F7:DE:DC:69:B3:C2:94:10:7B:C4:1C:20:6D:CA
Certificate issuer: /CN=A91CB09E/serialNumber=1760FF71E16BCFEEE7B8D6710D63606799AEF767
Certificate serial: 0517
Authority key identifier: 17:60:FF:71:E1:6B:CF:EE:E7:B8:D6:71:0D:63:60:67:99:AE:F7:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F2D_ceFrz-7nuNZxDWNgZ5mu92c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB09E/47119D00D00B11EBB5890E7BC4F9AE02/73E21BB0FB3D11EEB154B874C4F9AE02.roa
Signing time: Mon 29 Jul 2024 04:14:22 +0000
ROA not before: Mon 29 Jul 2024 04:14:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152700
IP address blocks: 103.136.148.0/24 maxlen: 24
103.136.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Nov 2024 14:06:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1303 (0x517)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB09E
Validity
Not Before: Jul 29 04:14:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66a7171e-b144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:50:85:cb:93:a3:56:69:e6:37:2e:ed:b0:26:
8a:76:03:63:7c:74:91:af:b4:5a:c1:22:7f:02:d5:
03:dd:e2:d6:b5:12:85:36:30:b3:d5:47:8a:9a:93:
ee:5e:ca:10:b5:59:ed:ba:b5:f7:e0:d4:43:ff:20:
d3:42:2b:6a:7f:ad:6d:d6:27:9d:40:41:9e:e7:f1:
9b:36:58:d1:17:6b:54:07:f5:07:b5:11:b0:85:18:
20:fa:7c:b7:19:e4:2f:af:a6:74:12:df:63:ab:b9:
fc:ab:1d:71:b4:6d:d6:e4:e5:d2:7c:60:26:c0:77:
11:de:5d:58:cf:69:08:1e:5d:fc:b3:ff:fd:9d:26:
05:94:8c:be:30:cc:16:b0:20:2b:72:18:ea:5b:cd:
16:8c:da:bc:54:c2:81:4d:ba:7c:76:1c:11:0f:5c:
31:db:cc:84:c2:b0:df:ec:28:a1:61:51:66:fb:9c:
67:31:d9:3d:1d:31:b9:cb:4c:62:d3:f6:79:4d:8e:
0c:8e:46:36:92:33:d5:39:9e:2b:a5:34:c1:7c:5d:
01:51:54:f1:c1:f4:bc:73:7c:c4:1a:86:5a:8e:07:
33:16:91:cc:96:3e:2e:3a:d2:45:01:b5:d6:dd:bb:
89:68:40:f4:ef:47:24:5b:ad:38:08:7e:66:1a:ab:
56:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:90:E1:44:F1:4D:F7:DE:DC:69:B3:C2:94:10:7B:C4:1C:20:6D:CA
X509v3 Authority Key Identifier:
keyid:17:60:FF:71:E1:6B:CF:EE:E7:B8:D6:71:0D:63:60:67:99:AE:F7:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB09E/47119D00D00B11EBB5890E7BC4F9AE02/F2D_ceFrz-7nuNZxDWNgZ5mu92c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F2D_ceFrz-7nuNZxDWNgZ5mu92c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB09E/47119D00D00B11EBB5890E7BC4F9AE02/73E21BB0FB3D11EEB154B874C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.148.0/24
103.136.151.0/24
Signature Algorithm: sha256WithRSAEncryption
03:9b:c2:34:f7:55:ce:5f:62:2d:c1:82:65:77:13:fb:11:30:
98:09:c9:66:01:14:f4:75:71:b8:34:45:97:5b:34:99:d7:e9:
46:74:70:86:7c:fe:a9:25:ea:8e:e1:f2:f7:22:d6:da:9d:2f:
ea:fc:29:ea:fa:d9:d4:e7:b3:80:73:6c:1c:f1:96:6e:04:11:
ae:8a:0b:07:ba:c4:fa:62:17:39:4e:a2:3a:46:84:88:b5:4c:
6c:20:96:9d:1a:5d:a7:c5:b6:fc:8d:db:a1:90:d2:bd:ab:c9:
09:82:47:a1:a8:01:43:f8:70:75:f1:c4:08:dc:80:42:61:bd:
32:30:78:97:e5:78:c2:69:07:e2:2e:83:d4:63:fc:9d:73:43:
01:6b:fb:6b:1d:97:e6:6d:ab:bb:5e:e7:43:e4:47:a9:95:64:
04:00:40:88:dc:27:c9:31:e8:83:52:66:d9:47:07:d8:fa:47:
b0:f4:b6:13:3b:e2:a9:97:44:cc:4c:e0:1a:96:f5:19:f4:66:
11:db:07:0b:a6:86:f1:9c:f7:8b:7e:1e:f9:fa:9d:73:7a:66:
45:b3:3a:af:1f:96:a5:04:04:18:8d:29:71:38:9d:30:e1:a6:
1e:18:a1:a5:f3:e6:82:68:44:fc:de:bd:4c:c3:e3:92:1a:73:
bc:15:94:56
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBRcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0IwOUUxMTAvBgNVBAUTKDE3NjBGRjcxRTE2QkNGRUVFN0I4RDY3MTBENjM2MDY3
OTlBRUY3NjcwHhcNMjQwNzI5MDQxNDIyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE3MTcxZS1iMTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo1CFy5OjVmnmNy7tsCaKdgNjfHSRr7RawSJ/AtUD3eLWtRKFNjCz1UeKmpPu
XsoQtVnturX34NRD/yDTQitqf61t1iedQEGe5/GbNljRF2tUB/UHtRGwhRgg+ny3
GeQvr6Z0Et9jq7n8qx1xtG3W5OXSfGAmwHcR3l1Yz2kIHl38s//9nSYFlIy+MMwW
sCArchjqW80WjNq8VMKBTbp8dhwRD1wx28yEwrDf7CihYVFm+5xnMdk9HTG5y0xi
0/Z5TY4MjkY2kjPVOZ4rpTTBfF0BUVTxwfS8c3zEGoZajgczFpHMlj4uOtJFAbXW
3buJaED070ckW604CH5mGqtWbQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFFiQ4UTx
Tffe3GmzwpQQe8QcIG3KMB8GA1UdIwQYMBaAFBdg/3Hha8/u57jWcQ1jYGeZrvdn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjA5RS80NzExOUQwMEQw
MEIxMUVCQjU4OTBFN0JDNEY5QUUwMi9GMkRfY2VGcnotN251Tlp4RFdOZ1o1bXU5
MmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0YyRF9jZUZyei03bnVOWnhEV05nWjVtdTkyYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0IwOUUvNDcxMTlEMDBEMDBCMTFFQkI1ODkwRTdCQzRGOUFFMDIvNzNFMjFCQjBG
QjNEMTFFRUIxNTRCODc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABniJQDBABniJcwDQYJKoZIhvcNAQELBQADggEBAAObwjT3
Vc5fYi3BgmV3E/sRMJgJyWYBFPR1cbg0RZdbNJnX6UZ0cIZ8/qkl6o7h8vci1tqd
L+r8Ker62dTns4BzbBzxlm4EEa6KCwe6xPpiFzlOojpGhIi1TGwglp0aXafFtvyN
26GQ0r2ryQmCR6GoAUP4cHXxxAjcgEJhvTIweJfleMJpB+Iug9Rj/J1zQwFr+2sd
l+Ztq7te50PkR6mVZAQAQIjcJ8kx6INSZtlHB9j6R7D0thM74qmXRMxM4BqW9Rn0
ZhHbBwumhvGc94t+Hvn6nXN6ZkWzOq8flqUEBBiNKXE4nTDhph4YoaXz5oJoRPze
vUzD45Iac7wVlFY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:13:39 2025 by rpki-client