Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/143ED8525E9D11EEBBDEB572C4F9AE02.roa
File: 143ED8525E9D11EEBBDEB572C4F9AE02.roa (raw, json)
Hash identifier: 7t4WE2Q6yObzoNBgjsrUyslfSVEx+SM+ORnpTUdSiqY=
Subject key identifier: 94:33:5D:C2:2A:61:01:62:D2:2A:B7:CD:6C:89:48:32:BD:EA:4B:BE
Certificate issuer: /CN=A91187FD/serialNumber=68852AB7F2714FCF54D75F0AAE3068ADC38B35CC
Certificate serial: 3F
Authority key identifier: 68:85:2A:B7:F2:71:4F:CF:54:D7:5F:0A:AE:30:68:AD:C3:8B:35:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIUqt_JxT89U118KrjBorcOLNcw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/143ED8525E9D11EEBBDEB572C4F9AE02.roa
Signing time: Fri 29 Sep 2023 14:56:03 +0000
ROA not before: Fri 29 Sep 2023 14:56:03 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 9409
IP address blocks: 103.151.154.0/24 maxlen: 24
2401:3fa0:ff00::/40 maxlen: 40
Validation: Failed, certificate revoked on Sat 30 Sep 2023 13:45:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63 (0x3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91187FD/serialNumber=68852AB7F2714FCF54D75F0AAE3068ADC38B35CC
Validity
Not Before: Sep 29 14:56:03 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=6516e583-8a18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e4:b7:72:a8:83:7f:8b:42:a6:e4:ac:7d:88:
45:f9:3f:b1:c2:24:73:53:1e:2c:f8:b1:64:27:16:
23:ed:f9:e4:52:96:12:81:64:ed:d8:3f:94:76:cd:
e1:b5:7d:8b:52:cf:da:48:d5:07:6d:82:c9:62:10:
8b:4c:8c:83:3d:df:59:26:3e:84:68:0b:df:c5:4a:
bd:e0:ec:39:2e:27:de:6d:2b:c6:9f:c0:bc:46:72:
b3:cd:1f:47:44:40:0c:4f:84:ba:fc:08:6b:c0:0a:
ac:29:b4:35:44:a0:60:01:60:24:c7:35:3a:f8:0d:
91:32:81:d9:f4:18:18:8f:5d:c8:43:86:21:13:34:
14:49:94:c7:04:2f:42:4f:4f:6a:ba:01:d6:ef:ad:
fe:16:3b:c6:20:dd:9b:de:86:fe:0c:aa:c3:f5:37:
4a:b4:9c:e6:71:35:ae:63:07:0a:40:2e:0c:39:70:
28:66:ba:a3:84:3b:12:1e:72:9d:47:54:82:ed:68:
88:79:d3:27:98:19:f4:7a:e1:b4:5b:5e:39:5f:7f:
c2:43:b9:13:18:e5:6b:9e:ae:46:12:5f:76:1b:db:
32:44:50:0f:d9:16:62:67:9e:a1:cc:65:d7:5d:48:
79:59:98:45:1e:08:7a:1f:a6:86:15:6f:b2:c5:21:
98:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:33:5D:C2:2A:61:01:62:D2:2A:B7:CD:6C:89:48:32:BD:EA:4B:BE
X509v3 Authority Key Identifier:
keyid:68:85:2A:B7:F2:71:4F:CF:54:D7:5F:0A:AE:30:68:AD:C3:8B:35:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/aIUqt_JxT89U118KrjBorcOLNcw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIUqt_JxT89U118KrjBorcOLNcw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/143ED8525E9D11EEBBDEB572C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.154.0/24
IPv6:
2401:3fa0:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
21:b4:ad:a6:51:36:2d:42:35:51:ee:37:34:37:70:7a:b6:7a:
1f:83:f4:36:b7:d5:52:f5:07:16:31:2a:37:72:30:21:40:8c:
c4:43:e8:86:9a:07:57:da:53:c2:90:e0:37:21:d2:9a:e3:d6:
d6:73:f1:e8:07:23:0d:a9:a5:5b:60:64:55:44:88:e1:4a:cb:
15:17:bc:bf:5c:f5:be:45:af:da:9a:6b:fd:6f:10:6c:14:56:
7e:5f:08:83:8f:9f:ed:d0:fa:9d:06:75:50:95:ad:e0:d3:d6:
d6:de:6d:31:5c:91:40:61:ae:db:73:96:b0:63:fc:c2:4e:da:
6a:e7:71:c3:8f:6a:e9:5c:56:c1:53:e3:dd:b0:4c:1d:ed:a9:
92:03:1e:6a:4a:bb:1b:ca:f2:da:f9:50:d0:2d:b0:2b:76:d7:
3f:f5:80:99:d8:87:7b:70:52:ac:e6:0b:6c:24:58:53:90:2b:
6e:ef:5a:50:52:17:56:c9:98:19:87:60:5f:e9:59:a3:8c:b1:
5d:96:9b:db:56:25:51:a1:46:29:82:27:e4:30:91:8f:2b:b3:
96:2b:40:d9:eb:b4:b8:dd:bd:43:0c:0e:57:e3:2b:c2:83:19:
f2:ef:37:6a:e2:f0:a1:e1:3f:da:d7:0c:f7:b3:a3:a3:79:7a:
aa:ca:d1:53
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIBPzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
ODdGRDExMC8GA1UEBRMoNjg4NTJBQjdGMjcxNEZDRjU0RDc1RjBBQUUzMDY4QURD
MzhCMzVDQzAeFw0yMzA5MjkxNDU2MDNaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MTZlNTgzLThhMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCs5LdyqIN/i0Km5Kx9iEX5P7HCJHNTHiz4sWQnFiPt+eRSlhKBZO3YP5R2zeG1
fYtSz9pI1QdtgsliEItMjIM931kmPoRoC9/FSr3g7DkuJ95tK8afwLxGcrPNH0dE
QAxPhLr8CGvACqwptDVEoGABYCTHNTr4DZEygdn0GBiPXchDhiETNBRJlMcEL0JP
T2q6Adbvrf4WO8Yg3Zvehv4MqsP1N0q0nOZxNa5jBwpALgw5cChmuqOEOxIecp1H
VILtaIh50yeYGfR64bRbXjlff8JDuRMY5WuerkYSX3Yb2zJEUA/ZFmJnnqHMZddd
SHlZmEUeCHofpoYVb7LFIZhTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUlDNdwiph
AWLSKrfNbIlIMr3qS74wHwYDVR0jBBgwFoAUaIUqt/JxT89U118KrjBorcOLNcww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE4N0ZELzU1RUQ2QTE2MTBB
MDExRUU5MzQ5M0M1MkM0RjlBRTAyL2FJVXF0X0p4VDg5VTExOEtyakJvcmNPTE5j
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYUlVcXRfSnhUODlVMTE4S3JqQm9yY09MTmN3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
ODdGRC81NUVENkExNjEwQTAxMUVFOTM0OTNDNTJDNEY5QUUwMi8xNDNFRDg1MjVF
OUQxMUVFQkJERUI1NzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAvBggrBgEFBQcBBwEB/wQg
MB4wDAQCAAEwBgMEAGeXmjAOBAIAAjAIAwYAJAE/oP8wDQYJKoZIhvcNAQELBQAD
ggEBACG0raZRNi1CNVHuNzQ3cHq2eh+D9Da31VL1BxYxKjdyMCFAjMRD6IaaB1fa
U8KQ4Dch0prj1tZz8egHIw2ppVtgZFVEiOFKyxUXvL9c9b5Fr9qaa/1vEGwUVn5f
CIOPn+3Q+p0GdVCVreDT1tbebTFckUBhrttzlrBj/MJO2mrnccOPaulcVsFT492w
TB3tqZIDHmpKuxvK8tr5UNAtsCt21z/1gJnYh3twUqzmC2wkWFOQK27vWlBSF1bJ
mBmHYF/pWaOMsV2Wm9tWJVGhRimCJ+QwkY8rs5YrQNnrtLjdvUMMDlfjK8KDGfLv
N2ri8KHhP9rXDPezo6N5eqrK0VM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org