Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/041BC7FC906E11EE8E239D32C4F9AE02.roa
File: 041BC7FC906E11EE8E239D32C4F9AE02.roa (raw, json)
Hash identifier: DqvVj9EkeFlpCDdoKCJu6+rikrM0vJw+3SryRAQrubI=
Subject key identifier: 88:D7:37:F1:6F:73:82:C0:7F:71:00:26:C4:9D:69:A6:AB:8B:71:DF
Certificate issuer: /CN=A91FFE9F/serialNumber=0B095236234E6935BAA341E3235A3DB473ACC67F
Certificate serial: 0E00
Authority key identifier: 0B:09:52:36:23:4E:69:35:BA:A3:41:E3:23:5A:3D:B4:73:AC:C6:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CwlSNiNOaTW6o0HjI1o9tHOsxn8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/041BC7FC906E11EE8E239D32C4F9AE02.roa
Signing time: Fri 01 Dec 2023 17:21:08 +0000
ROA not before: Fri 01 Dec 2023 17:21:08 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 136030
IP address blocks: 103.130.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Dec 2023 13:37:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3584 (0xe00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FFE9F/serialNumber=0B095236234E6935BAA341E3235A3DB473ACC67F
Validity
Not Before: Dec 1 17:21:08 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=656a1604-f2c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:11:b8:16:ca:8c:91:a8:37:13:7a:c2:b6:39:
bb:0e:dd:33:c5:bd:71:d4:81:49:21:af:4f:7f:f2:
b3:5d:1b:ce:b6:9d:62:9e:5e:f3:a2:b0:91:8c:bb:
89:4c:96:4d:6c:45:08:b4:aa:56:71:7f:6f:31:2c:
f5:df:f9:4a:45:3d:b6:f3:7a:9e:79:ec:28:ae:2f:
1c:dd:92:7c:49:c1:58:49:51:60:79:35:bc:0f:bc:
ad:97:f0:cd:b6:14:ab:41:be:61:0a:3e:60:4c:4f:
47:4d:89:1f:ee:e4:53:29:8b:04:98:04:7a:7c:2a:
32:b7:fd:2e:d3:c5:49:da:5f:e2:4c:5c:84:f7:55:
c8:c3:72:0d:63:9d:49:59:41:e4:9f:5b:f1:b3:88:
37:40:ee:5d:41:2c:36:61:06:6f:f1:7f:c2:b9:d8:
3e:30:aa:3f:1e:a4:c2:9b:e0:e0:cb:9b:9b:b1:6c:
63:90:3e:e4:43:e1:0c:d0:f5:d4:40:7a:03:b7:28:
0b:85:a0:59:65:52:d4:9e:f0:45:d6:3b:bc:16:8d:
01:46:84:74:fc:1a:d5:10:00:7a:37:c1:93:ae:9d:
c0:13:13:9f:c9:f5:33:ab:31:bb:5d:36:f1:e3:14:
5b:b2:30:bd:5c:b3:b0:b6:29:e1:9e:c9:49:cc:91:
e5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D7:37:F1:6F:73:82:C0:7F:71:00:26:C4:9D:69:A6:AB:8B:71:DF
X509v3 Authority Key Identifier:
keyid:0B:09:52:36:23:4E:69:35:BA:A3:41:E3:23:5A:3D:B4:73:AC:C6:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/CwlSNiNOaTW6o0HjI1o9tHOsxn8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CwlSNiNOaTW6o0HjI1o9tHOsxn8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/041BC7FC906E11EE8E239D32C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.156.0/24
Signature Algorithm: sha256WithRSAEncryption
53:0e:96:92:22:f7:71:f6:69:ec:14:c4:9e:fe:64:6d:6e:c9:
2b:09:19:1a:9a:e9:ef:59:6c:2b:99:b7:0c:2c:a5:84:52:46:
bd:e3:19:14:83:d9:fa:70:73:4d:50:00:a6:db:f9:87:f5:c6:
f7:e1:2f:b4:9e:a0:80:05:ab:64:44:3f:0c:35:a2:08:5e:61:
c9:b4:d6:79:e1:d9:d6:b2:21:71:63:ab:3b:73:57:74:2b:3e:
43:f7:96:38:b6:9e:40:b6:18:28:53:42:aa:bb:72:55:01:0a:
5e:c6:bc:10:f0:df:cc:18:8e:64:11:46:0a:2a:e1:94:a6:49:
ba:eb:68:b9:51:82:e3:48:56:84:6d:de:44:f3:01:76:0a:79:
4b:5e:0a:40:6c:90:80:78:9e:59:2d:0a:7a:a0:8c:3a:e9:b8:
59:8e:f9:7a:55:0d:2e:22:7d:f9:ca:1b:a2:3c:6c:5c:46:6c:
ea:a9:9b:46:8e:07:f0:13:d0:60:46:c6:dc:39:8a:88:21:d5:
f8:3e:86:06:e9:ee:bb:8b:32:7d:e8:1b:1c:09:04:ac:06:5a:
fa:8e:0f:3e:eb:5c:0a:3e:3d:34:dc:8f:42:d3:88:47:6e:2f:
ef:92:18:f2:db:fe:bc:bc:98:1f:fb:23:e0:f5:00:79:b3:be:
73:e3:81:98
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDgAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkZFOUYxMTAvBgNVBAUTKDBCMDk1MjM2MjM0RTY5MzVCQUEzNDFFMzIzNUEzREI0
NzNBQ0M2N0YwHhcNMjMxMjAxMTcyMTA4WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTZhMTYwNC1mMmM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2BG4FsqMkag3E3rCtjm7Dt0zxb1x1IFJIa9Pf/KzXRvOtp1inl7zorCRjLuJ
TJZNbEUItKpWcX9vMSz13/lKRT2283qeeewori8c3ZJ8ScFYSVFgeTW8D7ytl/DN
thSrQb5hCj5gTE9HTYkf7uRTKYsEmAR6fCoyt/0u08VJ2l/iTFyE91XIw3INY51J
WUHkn1vxs4g3QO5dQSw2YQZv8X/Cudg+MKo/HqTCm+Dgy5ubsWxjkD7kQ+EM0PXU
QHoDtygLhaBZZVLUnvBF1ju8Fo0BRoR0/BrVEAB6N8GTrp3AExOfyfUzqzG7XTbx
4xRbsjC9XLOwtinhnslJzJHlCQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIjXN/Fv
c4LAf3EAJsSdaaari3HfMB8GA1UdIwQYMBaAFAsJUjYjTmk1uqNB4yNaPbRzrMZ/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRkU5Ri84QkUwNjNFMDdC
MTYxMUU5OTk0OUFDNTFDNEY5QUUwMi9Dd2xTTmlOT2FUVzZvMEhqSTFvOXRIT3N4
bjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0N3bFNOaU5PYVRXNm8wSGpJMW85dEhPc3huOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkZFOUYvOEJFMDYzRTA3QjE2MTFFOTk5NDlBQzUxQzRGOUFFMDIvMDQxQkM3RkM5
MDZFMTFFRThFMjM5RDMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABngpwwDQYJKoZIhvcNAQELBQADggEBAFMOlpIi93H2aewU
xJ7+ZG1uySsJGRqa6e9ZbCuZtwwspYRSRr3jGRSD2fpwc01QAKbb+Yf1xvfhL7Se
oIAFq2REPww1ogheYcm01nnh2dayIXFjqztzV3QrPkP3lji2nkC2GChTQqq7clUB
Cl7GvBDw38wYjmQRRgoq4ZSmSbrraLlRguNIVoRt3kTzAXYKeUteCkBskIB4nlkt
CnqgjDrpuFmO+XpVDS4iffnKG6I8bFxGbOqpm0aOB/AT0GBGxtw5iogh1fg+hgbp
7ruLMn3oGxwJBKwGWvqODz7rXAo+PTTcj0LTiEduL++SGPLb/ry8mB/7I+D1AHmz
vnPjgZg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org