Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911AE24/F2F675FEF3FF11ED952D741CC4F9AE02/EB9C8BC4F42A11EDABF24F4DC4F9AE02.roa
File: EB9C8BC4F42A11EDABF24F4DC4F9AE02.roa (raw, json)
Hash identifier: mCOZMGqSknhpOsm33ll8/Z5i+yTHgsJuPSNPz8M4aZw=
Subject key identifier: 77:83:2E:D8:AF:82:2D:38:49:FB:B5:BB:38:E8:0C:5E:EF:F8:45:7D
Certificate issuer: /CN=A911AE24/serialNumber=24223D0C7D101DB7AD7E3CB8DDB170629365CAEE
Certificate serial: 04
Authority key identifier: 24:22:3D:0C:7D:10:1D:B7:AD:7E:3C:B8:DD:B1:70:62:93:65:CA:EE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JCI9DH0QHbetfjy43bFwYpNlyu4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911AE24/F2F675FEF3FF11ED952D741CC4F9AE02/EB9C8BC4F42A11EDABF24F4DC4F9AE02.roa
Signing time: Tue 16 May 2023 20:47:50 +0000
ROA not before: Tue 16 May 2023 20:47:50 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 17557
IP address blocks: 103.199.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 May 2023 07:06:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911AE24/serialNumber=24223D0C7D101DB7AD7E3CB8DDB170629365CAEE
Validity
Not Before: May 16 20:47:50 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=6463ebf6-0836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c1:60:ac:11:b8:55:43:0f:af:69:94:2a:f2:
41:60:c6:a0:bf:f3:4f:39:02:6d:35:1f:59:29:fc:
f0:71:0a:ae:fa:b9:3f:56:cf:dd:ed:c3:d7:d3:88:
fb:99:45:2e:f1:25:60:58:ac:73:03:16:0c:e9:da:
72:8a:73:16:b6:4a:99:85:ae:1d:99:ea:fd:4c:47:
81:63:03:6b:94:11:1a:ad:00:43:59:09:3f:3c:28:
ca:c6:a7:90:ce:bc:ff:10:ab:3a:0c:7a:34:b2:5f:
33:17:a5:aa:57:8f:a2:aa:f2:dc:f2:63:a2:1d:48:
9e:b1:c8:15:c6:b4:08:13:f0:bf:64:57:21:be:77:
81:e8:d2:4d:a4:20:61:cd:60:3d:9f:2c:6c:34:43:
57:4d:2d:be:7e:80:c3:cc:81:40:e3:11:27:6b:4f:
98:9f:e0:df:38:3c:71:0f:52:78:27:01:03:98:7b:
85:40:49:40:42:36:4e:4d:0a:e9:ce:f2:e4:6c:87:
30:f8:e5:f9:62:10:ca:4e:5c:3a:cc:8a:87:e3:1e:
4f:ed:46:62:ac:fe:f6:5f:f8:8e:e0:8a:52:4a:fe:
62:a1:0d:ea:ea:43:ba:da:28:38:9d:e9:0f:a3:c0:
2c:62:db:89:c6:09:94:14:78:ec:3f:fa:ff:3d:81:
52:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:83:2E:D8:AF:82:2D:38:49:FB:B5:BB:38:E8:0C:5E:EF:F8:45:7D
X509v3 Authority Key Identifier:
keyid:24:22:3D:0C:7D:10:1D:B7:AD:7E:3C:B8:DD:B1:70:62:93:65:CA:EE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911AE24/F2F675FEF3FF11ED952D741CC4F9AE02/JCI9DH0QHbetfjy43bFwYpNlyu4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JCI9DH0QHbetfjy43bFwYpNlyu4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911AE24/F2F675FEF3FF11ED952D741CC4F9AE02/EB9C8BC4F42A11EDABF24F4DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.199.141.0/24
Signature Algorithm: sha256WithRSAEncryption
70:2b:b3:ce:68:1c:59:13:ee:db:4d:54:19:b7:0b:50:83:57:
a8:10:75:78:24:c7:6f:ee:4a:32:be:f5:d5:82:92:6b:32:e8:
08:ce:a6:5b:d3:39:f2:78:58:5a:92:25:e0:05:b7:1c:eb:2a:
4f:fd:9f:f3:5c:05:34:77:a0:75:ed:d8:2f:8c:be:af:33:07:
73:24:27:2e:8f:ae:75:7c:ab:31:31:2d:cb:72:9f:81:ba:d9:
3a:68:18:78:2d:0c:ba:cc:4d:43:aa:f6:0b:4e:63:83:98:8f:
ba:e0:67:cd:e4:6d:2e:a1:1b:22:e9:39:5f:b0:eb:c1:cf:ff:
55:1c:98:1e:34:74:a8:10:f4:d3:03:ad:42:ef:9b:6b:1f:13:
72:60:33:91:0d:95:ef:c2:5c:85:99:d1:ab:72:7b:d0:a5:7f:
cf:b3:7b:23:67:71:6f:81:4a:33:22:2a:a2:d4:51:76:2d:a8:
c0:63:12:f3:73:fc:e0:05:ed:54:b1:70:5e:6c:e4:b8:de:21:
cf:38:80:3e:c0:c0:48:4f:4c:57:87:6f:56:aa:f9:a9:e4:9a:
d8:12:99:97:fd:b1:ae:28:e4:b4:16:56:ce:04:f4:d6:4f:2c:
49:bd:6b:47:d7:4f:6d:93:81:1d:fe:12:ec:e3:15:89:dd:f3:
d1:92:db:6a
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
QUUyNDExMC8GA1UEBRMoMjQyMjNEMEM3RDEwMURCN0FEN0UzQ0I4RERCMTcwNjI5
MzY1Q0FFRTAeFw0yMzA1MTYyMDQ3NTBaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NjNlYmY2LTA4MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCxwWCsEbhVQw+vaZQq8kFgxqC/8085Am01H1kp/PBxCq76uT9Wz93tw9fTiPuZ
RS7xJWBYrHMDFgzp2nKKcxa2SpmFrh2Z6v1MR4FjA2uUERqtAENZCT88KMrGp5DO
vP8QqzoMejSyXzMXpapXj6Kq8tzyY6IdSJ6xyBXGtAgT8L9kVyG+d4Ho0k2kIGHN
YD2fLGw0Q1dNLb5+gMPMgUDjESdrT5if4N84PHEPUngnAQOYe4VASUBCNk5NCunO
8uRshzD45fliEMpOXDrMiofjHk/tRmKs/vZf+I7gilJK/mKhDerqQ7raKDid6Q+j
wCxi24nGCZQUeOw/+v89gVK5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUd4Mu2K+C
LThJ+7W7OOgMXu/4RX0wHwYDVR0jBBgwFoAUJCI9DH0QHbetfjy43bFwYpNlyu4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFBRTI0L0YyRjY3NUZFRjNG
RjExRUQ5NTJENzQxQ0M0RjlBRTAyL0pDSTlESDBRSGJldGZqeTQzYkZ3WXBObHl1
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSkNJOURIMFFIYmV0Zmp5NDNiRndZcE5seXU0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
QUUyNC9GMkY2NzVGRUYzRkYxMUVEOTUyRDc0MUNDNEY5QUUwMi9FQjlDOEJDNEY0
MkExMUVEQUJGMjRGNERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGfHjTANBgkqhkiG9w0BAQsFAAOCAQEAcCuzzmgcWRPu201U
GbcLUINXqBB1eCTHb+5KMr711YKSazLoCM6mW9M58nhYWpIl4AW3HOsqT/2f81wF
NHegde3YL4y+rzMHcyQnLo+udXyrMTEty3KfgbrZOmgYeC0MusxNQ6r2C05jg5iP
uuBnzeRtLqEbIuk5X7Drwc//VRyYHjR0qBD00wOtQu+bax8TcmAzkQ2V78JchZnR
q3J70KV/z7N7I2dxb4FKMyIqotRRdi2owGMS83P84AXtVLFwXmzkuN4hzziAPsDA
SE9MV4dvVqr5qeSa2BKZl/2xrijktBZWzgT01k8sSb1rR9dPbZOBHf4S7OMVid3z
0ZLbag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org