Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/D6559988887511EEB43FE44BC4F9AE02.roa
File: D6559988887511EEB43FE44BC4F9AE02.roa (raw, json)
Hash identifier: OslPj8CJ5FYXOt/G/Lsfkkoc++VRrntRZpo+WGrMkLE=
Subject key identifier: A5:F7:F4:C9:B9:92:56:64:5E:9C:99:02:F8:57:E2:85:84:5C:CE:C1
Certificate issuer: /CN=A91FFE9F/serialNumber=0B095236234E6935BAA341E3235A3DB473ACC67F
Certificate serial: 0E0F
Authority key identifier: 0B:09:52:36:23:4E:69:35:BA:A3:41:E3:23:5A:3D:B4:73:AC:C6:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CwlSNiNOaTW6o0HjI1o9tHOsxn8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/D6559988887511EEB43FE44BC4F9AE02.roa
Signing time: Tue 19 Dec 2023 13:38:48 +0000
ROA not before: Tue 19 Dec 2023 13:38:48 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 140607
IP address blocks: 103.130.156.0/24 maxlen: 24
103.130.157.0/24 maxlen: 24
103.130.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 12:49:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3599 (0xe0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FFE9F/serialNumber=0B095236234E6935BAA341E3235A3DB473ACC67F
Validity
Not Before: Dec 19 13:38:48 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=65819ce8-02bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:71:27:e2:c9:d1:fd:d3:96:49:cc:c1:cb:c8:
37:b7:df:50:0a:c0:1d:fe:ef:55:00:c7:c0:05:f6:
0d:6f:ba:16:3d:cb:74:0f:69:6a:6b:b5:d5:4f:4d:
cd:4b:1b:2d:9b:16:2f:bd:8d:89:63:8c:96:a1:e3:
34:85:38:23:0d:3a:9e:e5:c6:e5:6e:71:1e:67:d8:
75:06:fb:16:38:bc:27:d0:60:4a:de:6a:4b:5c:52:
c2:c4:1c:e3:b0:53:85:c0:20:4a:cf:0a:b7:20:7e:
81:a3:6c:c8:dc:3f:33:e7:b4:bc:21:58:c6:64:05:
ee:fd:be:d7:c0:02:a1:5e:fb:fd:5a:8b:2b:85:76:
c5:1b:e9:46:34:9b:1e:e7:55:c2:a8:df:ea:df:b3:
0e:24:7a:b4:f2:e1:88:63:7f:90:1a:10:b5:e5:9c:
f4:96:46:50:40:0b:9f:ad:83:a5:5a:cd:79:12:2b:
f5:5f:00:c5:b3:db:60:c1:d5:6f:34:f5:e9:ce:fc:
72:7d:20:cf:d7:cb:f1:94:71:b9:1e:93:e2:8e:c5:
34:0e:25:9c:bc:7e:dd:d6:eb:13:7d:1e:c7:b9:cd:
ed:5c:08:5f:a4:91:77:ef:fa:ce:72:da:23:ac:65:
e7:d2:8a:15:27:fe:29:83:b6:aa:a0:78:b7:10:36:
66:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F7:F4:C9:B9:92:56:64:5E:9C:99:02:F8:57:E2:85:84:5C:CE:C1
X509v3 Authority Key Identifier:
keyid:0B:09:52:36:23:4E:69:35:BA:A3:41:E3:23:5A:3D:B4:73:AC:C6:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/CwlSNiNOaTW6o0HjI1o9tHOsxn8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CwlSNiNOaTW6o0HjI1o9tHOsxn8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/D6559988887511EEB43FE44BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.156.0/23
103.130.159.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:9e:5b:9b:1f:29:80:02:93:47:ed:b8:c1:46:45:e3:da:42:
49:f1:80:a6:db:63:5b:8e:62:14:cb:c1:2e:28:fd:9d:f4:cf:
9d:55:b9:0d:10:1a:93:be:f4:7e:32:94:a2:dc:e7:5a:12:d1:
c6:cc:13:46:c9:6c:2b:ca:85:06:16:90:98:e8:11:21:2c:a6:
ee:20:3d:45:48:e4:3d:3a:4a:e1:82:1d:92:eb:e4:8f:68:e9:
c6:cd:99:82:b4:a6:d1:10:55:41:6a:2e:18:1f:40:2c:2c:b6:
8f:49:75:b4:c4:43:5e:0a:87:98:0d:ec:5e:ac:16:b6:4d:82:
35:5a:86:93:2c:88:0a:7f:41:16:97:86:cb:1e:56:9a:48:47:
40:da:dd:e8:8a:69:bf:57:ee:1c:51:bf:e1:07:7d:9e:3f:0b:
9c:1f:43:3d:b6:d4:00:97:a7:c9:86:6d:97:da:bb:d9:c7:f7:
cb:8e:07:7f:fa:9b:b7:5f:fe:35:b6:72:5f:53:b9:84:42:5b:
38:19:c5:86:6f:8d:95:80:79:6a:a8:53:75:38:ec:73:d9:09:
d1:5a:e3:a5:cf:90:a8:03:17:4c:e8:11:60:be:01:ea:8d:20:
74:06:6d:fa:7d:66:49:1e:e8:45:d7:69:b8:f4:86:dd:90:7f:
75:e6:85:44
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDg8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkZFOUYxMTAvBgNVBAUTKDBCMDk1MjM2MjM0RTY5MzVCQUEzNDFFMzIzNUEzREI0
NzNBQ0M2N0YwHhcNMjMxMjE5MTMzODQ4WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTgxOWNlOC0wMmJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvnEn4snR/dOWSczBy8g3t99QCsAd/u9VAMfABfYNb7oWPct0D2lqa7XVT03N
SxstmxYvvY2JY4yWoeM0hTgjDTqe5cblbnEeZ9h1BvsWOLwn0GBK3mpLXFLCxBzj
sFOFwCBKzwq3IH6Bo2zI3D8z57S8IVjGZAXu/b7XwAKhXvv9WosrhXbFG+lGNJse
51XCqN/q37MOJHq08uGIY3+QGhC15Zz0lkZQQAufrYOlWs15Eiv1XwDFs9tgwdVv
NPXpzvxyfSDP18vxlHG5HpPijsU0DiWcvH7d1usTfR7Huc3tXAhfpJF37/rOctoj
rGXn0ooVJ/4pg7aqoHi3EDZm/QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKX39Mm5
klZkXpyZAvhX4oWEXM7BMB8GA1UdIwQYMBaAFAsJUjYjTmk1uqNB4yNaPbRzrMZ/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRkU5Ri84QkUwNjNFMDdC
MTYxMUU5OTk0OUFDNTFDNEY5QUUwMi9Dd2xTTmlOT2FUVzZvMEhqSTFvOXRIT3N4
bjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0N3bFNOaU5PYVRXNm8wSGpJMW85dEhPc3huOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkZFOUYvOEJFMDYzRTA3QjE2MTFFOTk5NDlBQzUxQzRGOUFFMDIvRDY1NTk5ODg4
ODc1MTFFRUI0M0ZFNDRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFngpwDBABngp8wDQYJKoZIhvcNAQELBQADggEBAE+eW5sf
KYACk0ftuMFGRePaQknxgKbbY1uOYhTLwS4o/Z30z51VuQ0QGpO+9H4ylKLc51oS
0cbME0bJbCvKhQYWkJjoESEspu4gPUVI5D06SuGCHZLr5I9o6cbNmYK0ptEQVUFq
LhgfQCwsto9JdbTEQ14Kh5gN7F6sFrZNgjVahpMsiAp/QRaXhsseVppIR0Da3eiK
ab9X7hxRv+EHfZ4/C5wfQz221ACXp8mGbZfau9nH98uOB3/6m7df/jW2cl9TuYRC
WzgZxYZvjZWAeWqoU3U47HPZCdFa46XPkKgDF0zoEWC+AeqNIHQGbfp9Zkke6EXX
abj0ht2Qf3XmhUQ=
-----END CERTIFICATE-----
Generated at Mon Oct 28 14:25:16 2024 by rpki-client on console-fra.rpki-client.org