Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/B4852DF4877C11EE9A88C85DC4F9AE02.roa
File: B4852DF4877C11EE9A88C85DC4F9AE02.roa (raw, json)
Hash identifier: yTX/JhMa9Uh4bMhLlHlmXAoRKRUuSf6fi7dUZTqyCaU=
Subject key identifier: FA:0C:85:91:4B:C2:DF:EF:2E:87:E0:27:AB:4D:DB:56:F1:50:38:4F
Certificate issuer: /CN=A91FFE9F/serialNumber=0B095236234E6935BAA341E3235A3DB473ACC67F
Certificate serial: 0DF7
Authority key identifier: 0B:09:52:36:23:4E:69:35:BA:A3:41:E3:23:5A:3D:B4:73:AC:C6:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CwlSNiNOaTW6o0HjI1o9tHOsxn8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/B4852DF4877C11EE9A88C85DC4F9AE02.roa
Signing time: Tue 21 Nov 2023 13:53:34 +0000
ROA not before: Tue 21 Nov 2023 13:53:34 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 136030
IP address blocks: 103.130.156.0/24 maxlen: 24
103.130.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Dec 2023 17:21:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3575 (0xdf7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FFE9F/serialNumber=0B095236234E6935BAA341E3235A3DB473ACC67F
Validity
Not Before: Nov 21 13:53:34 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=655cb65d-8b6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:48:7c:bb:78:fb:48:d2:a9:a7:42:04:56:a1:
17:39:9b:93:66:fc:ea:6b:40:5b:e5:ed:a1:c6:0a:
69:85:c9:3f:38:ef:8f:92:a8:6a:92:fb:ac:49:12:
42:7f:f6:d2:bb:99:55:23:fc:82:a9:ce:cb:ac:4d:
7f:f5:21:45:e5:b4:dd:07:53:68:5d:3d:7a:aa:27:
56:c1:f3:b5:f0:c8:9a:50:34:ae:3f:47:6c:3a:24:
2e:7a:e5:7d:a4:80:70:42:4a:2b:ee:26:ea:06:61:
d7:d7:70:c1:83:9f:c4:0e:eb:c7:80:8a:81:d8:a2:
61:f3:80:23:60:d5:d7:16:cc:8e:aa:f6:a5:28:b9:
c8:8d:c7:e1:f1:15:e2:4a:36:3e:8e:4a:e3:4a:d0:
10:89:05:e4:68:82:69:c5:0c:6e:a2:57:04:6e:a6:
12:5b:fe:8a:91:cf:98:32:e1:55:ea:ac:70:48:b0:
42:0f:14:2f:c7:a8:9d:6d:46:7e:02:be:bd:63:13:
6a:85:3d:0e:7b:06:40:b2:84:c7:b3:69:b4:75:59:
48:cf:f3:6d:2b:0d:3d:49:2a:72:81:7a:2f:24:45:
8f:2f:4e:61:50:10:cc:8b:3b:d9:83:62:4f:67:ce:
a1:a3:88:1b:8e:ff:38:4b:53:0a:74:21:6e:9a:fa:
ae:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0C:85:91:4B:C2:DF:EF:2E:87:E0:27:AB:4D:DB:56:F1:50:38:4F
X509v3 Authority Key Identifier:
keyid:0B:09:52:36:23:4E:69:35:BA:A3:41:E3:23:5A:3D:B4:73:AC:C6:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/CwlSNiNOaTW6o0HjI1o9tHOsxn8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CwlSNiNOaTW6o0HjI1o9tHOsxn8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/B4852DF4877C11EE9A88C85DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.156.0/23
Signature Algorithm: sha256WithRSAEncryption
32:cf:fe:d3:04:90:e8:9e:9a:9e:b7:37:16:c0:84:8a:60:44:
36:b1:54:89:50:ea:16:e9:4d:a1:ab:a8:b8:ca:81:a8:a7:d1:
b2:e5:e4:01:5a:4a:09:9a:e6:0e:d9:b2:c7:7e:85:58:63:9a:
e7:e4:7e:49:c5:ed:21:06:e1:9a:bc:cf:13:5f:b5:07:47:73:
63:5e:d5:c9:9e:fb:e1:1f:7b:e1:da:e9:f4:80:6e:01:14:69:
83:27:7f:90:a8:ef:35:a9:73:c9:df:14:ae:3d:46:72:37:c3:
e4:64:da:8e:af:ad:00:f4:e0:86:27:f7:fb:ef:5c:26:1f:1a:
81:ca:4b:ac:5a:c4:a1:5b:73:18:a7:9e:f4:a6:d5:fa:0d:0d:
cc:b8:83:27:43:f6:26:a8:7d:b5:30:f6:b5:b6:b7:83:fb:10:
65:78:62:e1:75:59:4b:69:ce:fa:48:ab:09:63:f8:25:1d:e7:
86:3e:77:da:db:35:4e:96:ca:a7:c7:1f:2e:8b:f0:dc:dd:42:
60:a6:2b:57:02:ce:6d:3e:38:d2:6b:4c:f1:53:e8:23:1c:42:
db:c9:1f:cf:16:df:19:53:40:35:e5:ee:e2:0c:61:71:66:95:
36:e8:b9:1e:f4:ce:05:e1:57:17:20:74:3c:28:79:d4:0f:e5:
95:93:0d:c1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDfcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkZFOUYxMTAvBgNVBAUTKDBCMDk1MjM2MjM0RTY5MzVCQUEzNDFFMzIzNUEzREI0
NzNBQ0M2N0YwHhcNMjMxMTIxMTM1MzM0WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVjYjY1ZC04YjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm0h8u3j7SNKpp0IEVqEXOZuTZvzqa0Bb5e2hxgpphck/OO+PkqhqkvusSRJC
f/bSu5lVI/yCqc7LrE1/9SFF5bTdB1NoXT16qidWwfO18MiaUDSuP0dsOiQueuV9
pIBwQkor7ibqBmHX13DBg5/EDuvHgIqB2KJh84AjYNXXFsyOqvalKLnIjcfh8RXi
SjY+jkrjStAQiQXkaIJpxQxuolcEbqYSW/6Kkc+YMuFV6qxwSLBCDxQvx6idbUZ+
Ar69YxNqhT0OewZAsoTHs2m0dVlIz/NtKw09SSpygXovJEWPL05hUBDMizvZg2JP
Z86ho4gbjv84S1MKdCFumvquJwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPoMhZFL
wt/vLofgJ6tN21bxUDhPMB8GA1UdIwQYMBaAFAsJUjYjTmk1uqNB4yNaPbRzrMZ/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRkU5Ri84QkUwNjNFMDdC
MTYxMUU5OTk0OUFDNTFDNEY5QUUwMi9Dd2xTTmlOT2FUVzZvMEhqSTFvOXRIT3N4
bjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0N3bFNOaU5PYVRXNm8wSGpJMW85dEhPc3huOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkZFOUYvOEJFMDYzRTA3QjE2MTFFOTk5NDlBQzUxQzRGOUFFMDIvQjQ4NTJERjQ4
NzdDMTFFRTlBODhDODVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFngpwwDQYJKoZIhvcNAQELBQADggEBADLP/tMEkOiemp63
NxbAhIpgRDaxVIlQ6hbpTaGrqLjKgain0bLl5AFaSgma5g7Zssd+hVhjmufkfknF
7SEG4Zq8zxNftQdHc2Ne1cme++Efe+Ha6fSAbgEUaYMnf5Co7zWpc8nfFK49RnI3
w+Rk2o6vrQD04IYn9/vvXCYfGoHKS6xaxKFbcxinnvSm1foNDcy4gydD9iaofbUw
9rW2t4P7EGV4YuF1WUtpzvpIqwlj+CUd54Y+d9rbNU6WyqfHHy6L8NzdQmCmK1cC
zm0+ONJrTPFT6CMcQtvJH88W3xlTQDXl7uIMYXFmlTbouR70zgXhVxcgdDwoedQP
5ZWTDcE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:40 2024 by rpki-client on console-ams.rpki-client.org