Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5ED4/2A15F24034DC11E98B67B85EC4F9AE02/B9F60EAE3DAF11EA87C61F7FC4F9AE02.roa
File: B9F60EAE3DAF11EA87C61F7FC4F9AE02.roa (raw, json)
Hash identifier: iU49nvPIRjrZJA/Xk0SIcWY01nuOj5adTFeJaiHn9to=
Subject key identifier: CE:CA:07:67:69:11:F7:85:07:77:46:B2:B1:28:6D:2E:7F:80:AA:84
Certificate issuer: /CN=A91D5ED4/serialNumber=8141D54951627865D065ECE0000911FA0EA4FFAD
Certificate serial: 0F7B
Authority key identifier: 81:41:D5:49:51:62:78:65:D0:65:EC:E0:00:09:11:FA:0E:A4:FF:AD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gUHVSVFieGXQZezgAAkR-g6k_60.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D5ED4/2A15F24034DC11E98B67B85EC4F9AE02/B9F60EAE3DAF11EA87C61F7FC4F9AE02.roa
Signing time: Tue 06 Feb 2024 18:25:48 +0000
ROA not before: Tue 06 Feb 2024 18:25:48 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 132082
IP address blocks: 103.108.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 May 2024 05:55:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3963 (0xf7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D5ED4/serialNumber=8141D54951627865D065ECE0000911FA0EA4FFAD
Validity
Not Before: Feb 6 18:25:48 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65c279ab-1531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:7e:cf:ff:88:51:ce:04:71:63:0f:ac:12:8e:
5b:b3:33:f9:95:73:72:42:5d:37:8b:2f:9f:ac:5a:
14:63:47:52:db:22:53:b9:6e:c2:a9:c9:3e:79:10:
fa:f7:63:34:69:fd:2a:b9:85:f6:fa:2d:c4:21:20:
40:f4:28:d2:17:35:11:ff:9b:f4:60:ff:b7:82:2b:
eb:1b:4f:e8:2c:dc:1c:ef:4b:41:f1:c0:91:f2:80:
43:c3:bc:73:1c:6f:cc:f6:92:d2:31:82:98:8d:df:
1b:df:d6:0a:e8:82:42:11:1a:24:3b:8a:b9:b6:4e:
15:82:ab:2d:b2:ff:db:21:00:e2:06:97:09:c3:36:
b1:9d:7b:db:86:45:88:6a:f1:c8:6a:cf:70:d3:33:
83:b6:f7:c0:18:e4:60:2b:73:9a:7c:22:20:dd:5c:
3d:71:da:c8:de:58:57:44:89:9f:59:20:65:fa:58:
3b:03:f1:e0:2f:8e:9a:04:3b:cc:59:13:41:b0:10:
47:df:4f:b6:ab:3a:74:2c:a5:a6:9e:44:37:65:c0:
5c:6b:aa:ff:a6:f8:c3:3e:3f:7a:9f:f1:7e:aa:d2:
da:eb:f7:03:e8:ce:d0:f8:bd:1a:27:c0:07:7f:a5:
d7:b3:bf:ef:fd:c5:ff:2a:a5:e0:64:c1:17:8f:61:
69:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:CA:07:67:69:11:F7:85:07:77:46:B2:B1:28:6D:2E:7F:80:AA:84
X509v3 Authority Key Identifier:
keyid:81:41:D5:49:51:62:78:65:D0:65:EC:E0:00:09:11:FA:0E:A4:FF:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D5ED4/2A15F24034DC11E98B67B85EC4F9AE02/gUHVSVFieGXQZezgAAkR-g6k_60.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gUHVSVFieGXQZezgAAkR-g6k_60.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5ED4/2A15F24034DC11E98B67B85EC4F9AE02/B9F60EAE3DAF11EA87C61F7FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.108.147.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:e7:f7:ef:20:bb:84:47:74:8c:2e:a1:03:a9:69:6d:3c:2f:
da:2d:2b:3a:d8:c1:b3:92:6d:81:fd:35:f4:2c:08:9a:e5:60:
7e:4b:9b:92:8d:5b:14:51:e4:93:97:7b:62:fb:03:8a:7e:36:
72:b9:b3:78:17:79:b2:5c:07:db:99:07:a4:68:4f:d8:74:ee:
0f:9a:b5:c1:e9:e7:93:4e:25:27:c9:c8:10:1b:17:0d:de:8b:
3f:c5:43:4c:42:a6:a3:d5:5e:5f:3f:b3:49:b8:fc:f2:c5:21:
dc:d0:3b:7d:57:ac:1e:b5:71:d5:9f:05:10:1f:9d:da:5e:f4:
61:9e:e2:ec:54:a9:b4:45:d5:4a:4d:dc:fd:a1:89:1c:ef:8e:
ae:eb:92:3c:c4:a7:34:43:59:26:b5:2b:52:ea:e7:e5:8c:e1:
93:30:b6:10:15:9e:b0:e9:39:70:52:c6:cb:60:a0:b9:00:5c:
f0:5d:c6:f0:bb:37:dc:d0:52:bb:f6:8b:04:fc:c6:75:0c:86:
5f:cd:70:94:2f:cf:7e:b0:5e:80:8f:c7:3c:73:9d:38:7b:93:
8e:14:2d:f9:3e:98:da:cd:64:d4:80:1d:86:9a:b8:77:c5:a7:
8d:9a:b1:69:e5:da:56:3e:48:e3:fc:ab:6b:88:82:db:c1:04:
21:09:60:c8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICD3swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDVFRDQxMTAvBgNVBAUTKDgxNDFENTQ5NTE2Mjc4NjVEMDY1RUNFMDAwMDkxMUZB
MEVBNEZGQUQwHhcNMjQwMjA2MTgyNTQ4WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWMyNzlhYi0xNTMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2n7P/4hRzgRxYw+sEo5bszP5lXNyQl03iy+frFoUY0dS2yJTuW7Cqck+eRD6
92M0af0quYX2+i3EISBA9CjSFzUR/5v0YP+3givrG0/oLNwc70tB8cCR8oBDw7xz
HG/M9pLSMYKYjd8b39YK6IJCERokO4q5tk4Vgqstsv/bIQDiBpcJwzaxnXvbhkWI
avHIas9w0zODtvfAGORgK3OafCIg3Vw9cdrI3lhXRImfWSBl+lg7A/HgL46aBDvM
WRNBsBBH30+2qzp0LKWmnkQ3ZcBca6r/pvjDPj96n/F+qtLa6/cD6M7Q+L0aJ8AH
f6XXs7/v/cX/KqXgZMEXj2FpYQIDAQABo4IClTCCApEwHQYDVR0OBBYEFM7KB2dp
EfeFB3dGsrEobS5/gKqEMB8GA1UdIwQYMBaAFIFB1UlRYnhl0GXs4AAJEfoOpP+t
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENUVENC8yQTE1RjI0MDM0
REMxMUU5OEI2N0I4NUVDNEY5QUUwMi9nVUhWU1ZGaWVHWFFaZXpnQUFrUi1nNmtf
NjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dVSFZTVkZpZUdYUVplemdBQWtSLWc2a182MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDVFRDQvMkExNUYyNDAzNERDMTFFOThCNjdCODVFQzRGOUFFMDIvQjlGNjBFQUUz
REFGMTFFQTg3QzYxRjdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnbJMwDQYJKoZIhvcNAQELBQADggEBAE7n9+8gu4RHdIwu
oQOpaW08L9otKzrYwbOSbYH9NfQsCJrlYH5Lm5KNWxRR5JOXe2L7A4p+NnK5s3gX
ebJcB9uZB6RoT9h07g+atcHp55NOJSfJyBAbFw3eiz/FQ0xCpqPVXl8/s0m4/PLF
IdzQO31XrB61cdWfBRAfndpe9GGe4uxUqbRF1UpN3P2hiRzvjq7rkjzEpzRDWSa1
K1Lq5+WM4ZMwthAVnrDpOXBSxstgoLkAXPBdxvC7N9zQUrv2iwT8xnUMhl/NcJQv
z36wXoCPxzxznTh7k44ULfk+mNrNZNSAHYaauHfFp42asWnl2lY+SOP8q2uIgtvB
BCEJYMg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org