Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912BBC9/83FF9FECAA8111EAB42A0433C4F9AE02/157768B8BC1511ED90C9391AC4F9AE02.roa
File: 157768B8BC1511ED90C9391AC4F9AE02.roa (raw, json)
Hash identifier: lW7loQ1Hb3NwcWWygHclbwRj40q86f0HkwGpWwa/mJ8=
Subject key identifier: F5:90:60:82:B3:73:38:0C:8F:0B:08:D2:CC:44:83:E8:59:D0:C6:9A
Certificate issuer: /CN=A912BBC9/serialNumber=D3B7215E1660A19EFD2E772F9BA7A7BDC6EE0D28
Certificate serial: 0766
Authority key identifier: D3:B7:21:5E:16:60:A1:9E:FD:2E:77:2F:9B:A7:A7:BD:C6:EE:0D:28
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/07chXhZgoZ79Lncvm6envcbuDSg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912BBC9/83FF9FECAA8111EAB42A0433C4F9AE02/157768B8BC1511ED90C9391AC4F9AE02.roa
Signing time: Sat 11 Mar 2023 00:29:11 +0000
ROA not before: Sat 11 Mar 2023 00:29:11 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 139351
IP address blocks: 103.141.158.0/24 maxlen: 24
103.141.159.0/24 maxlen: 24
2400:17a0::/48 maxlen: 48
2400:17a0:1::/48 maxlen: 48
2400:17a0:2::/48 maxlen: 48
2400:17a0:3::/48 maxlen: 48
2400:17a0:4::/48 maxlen: 48
2400:17a0:5::/48 maxlen: 48
2400:17a0:6::/48 maxlen: 48
2400:17a0:7::/48 maxlen: 48
2400:17a0:8::/48 maxlen: 48
2400:17a0:9::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1894 (0x766)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912BBC9/serialNumber=D3B7215E1660A19EFD2E772F9BA7A7BDC6EE0D28
Validity
Not Before: Mar 11 00:29:11 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=640bcb57-3340
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:66:60:69:80:98:b7:27:ff:c0:49:c4:0a:74:
63:12:3a:c3:30:dc:cb:f9:19:9e:61:af:48:57:68:
e2:4c:27:1d:90:2e:af:96:ab:ea:37:cf:58:24:8a:
b3:d4:3c:74:5b:bf:d4:e6:af:86:b7:50:38:3d:8d:
fc:79:4a:a8:6e:04:d7:72:d4:c5:66:da:60:4a:b1:
77:38:fd:94:21:16:9b:10:e2:d4:25:a1:be:80:66:
83:0f:29:d7:a7:f6:ee:b4:b2:5f:59:b4:4f:2d:1c:
ed:94:4e:ca:ad:1e:51:19:c9:60:d6:89:54:37:ac:
69:b7:af:f0:eb:b5:6d:f0:dd:e0:9a:b7:0b:77:71:
ef:bb:61:0c:59:64:68:16:eb:ed:90:64:5e:34:15:
13:4f:69:53:0e:7f:35:9a:69:3d:4a:f2:bb:9d:c5:
89:2e:19:1e:c4:b3:67:9d:05:da:df:86:41:3f:8e:
d7:91:ee:0f:c2:4b:8f:73:6f:8d:f1:b0:0a:ce:51:
9d:63:99:1c:a2:68:eb:ef:0e:cb:af:85:04:b8:1f:
85:1a:75:60:5d:c6:b5:ac:43:90:60:a9:1a:91:5c:
c9:cd:66:36:45:35:92:3e:79:02:e1:54:f9:c8:67:
5c:de:4d:5b:06:87:64:d6:dd:67:24:b0:7d:7f:2d:
47:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:90:60:82:B3:73:38:0C:8F:0B:08:D2:CC:44:83:E8:59:D0:C6:9A
X509v3 Authority Key Identifier:
keyid:D3:B7:21:5E:16:60:A1:9E:FD:2E:77:2F:9B:A7:A7:BD:C6:EE:0D:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912BBC9/83FF9FECAA8111EAB42A0433C4F9AE02/07chXhZgoZ79Lncvm6envcbuDSg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/07chXhZgoZ79Lncvm6envcbuDSg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BBC9/83FF9FECAA8111EAB42A0433C4F9AE02/157768B8BC1511ED90C9391AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.141.158.0/23
IPv6:
2400:17a0::-2400:17a0:9:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b7:d1:0f:75:c7:9e:f2:11:18:e1:ff:c2:89:4f:d9:c7:fb:20:
1a:ef:f4:99:30:13:99:61:b0:e2:c9:bf:84:80:93:32:0a:a4:
3b:fb:fd:73:80:d6:2d:87:3a:33:e7:5c:2f:3a:7b:09:ab:cb:
71:c7:c2:3c:76:83:28:13:49:b6:8f:6b:09:dc:3e:b6:36:b8:
3a:b0:db:06:c7:80:b2:70:d5:df:33:92:53:b4:a7:36:95:88:
2c:54:3b:cf:75:f0:ab:23:d7:61:e9:b4:df:f5:b7:88:12:4a:
2e:12:21:5c:36:7e:a8:38:ef:3e:cd:d1:83:d2:29:0a:97:f0:
91:f8:3f:74:82:a4:de:39:73:f6:4b:8f:ac:c8:26:8b:83:1b:
fc:e4:15:09:fd:a9:c5:12:55:6a:8e:43:17:c3:1c:8c:94:ba:
70:ef:1d:ca:94:70:2f:75:8b:60:95:2d:45:88:ef:39:92:af:
21:9c:fb:88:ab:eb:1e:25:7e:24:7d:fe:b1:95:4b:2a:55:6c:
bc:4a:18:a4:fa:56:16:0d:ac:a7:20:8b:36:5c:30:ee:f9:c9:
39:33:6d:44:99:d1:3f:20:4e:67:61:d0:98:6a:e9:4e:72:e2:
98:d2:8a:f1:93:fe:70:10:9f:cc:3e:b6:c8:43:de:b6:0e:cf:
40:01:84:5c
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICB2YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkJCQzkxMTAvBgNVBAUTKEQzQjcyMTVFMTY2MEExOUVGRDJFNzcyRjlCQTdBN0JE
QzZFRTBEMjgwHhcNMjMwMzExMDAyOTExWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDBiY2I1Ny0zMzQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA02ZgaYCYtyf/wEnECnRjEjrDMNzL+RmeYa9IV2jiTCcdkC6vlqvqN89YJIqz
1Dx0W7/U5q+Gt1A4PY38eUqobgTXctTFZtpgSrF3OP2UIRabEOLUJaG+gGaDDynX
p/butLJfWbRPLRztlE7KrR5RGclg1olUN6xpt6/w67Vt8N3gmrcLd3Hvu2EMWWRo
FuvtkGReNBUTT2lTDn81mmk9SvK7ncWJLhkexLNnnQXa34ZBP47Xke4PwkuPc2+N
8bAKzlGdY5kcomjr7w7Lr4UEuB+FGnVgXca1rEOQYKkakVzJzWY2RTWSPnkC4VT5
yGdc3k1bBodk1t1nJLB9fy1HcQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFPWQYIKz
czgMjwsI0sxEg+hZ0MaaMB8GA1UdIwQYMBaAFNO3IV4WYKGe/S53L5unp73G7g0o
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkJDOS84M0ZGOUZFQ0FB
ODExMUVBQjQyQTA0MzNDNEY5QUUwMi8wN2NoWGhaZ29aNzlMbmN2bTZlbnZjYnVE
U2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzA3Y2hYaFpnb1o3OUxuY3ZtNmVudmNidURTZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkJCQzkvODNGRjlGRUNBQTgxMTFFQUI0MkEwNDMzQzRGOUFFMDIvMTU3NzY4QjhC
QzE1MTFFRDkwQzkzOTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMAwEAgABMAYDBAFnjZ4wGAQCAAIwEjAQAwUFJAAXoAMHASQAF6AACDANBgkq
hkiG9w0BAQsFAAOCAQEAt9EPdcee8hEY4f/CiU/Zx/sgGu/0mTATmWGw4sm/hICT
MgqkO/v9c4DWLYc6M+dcLzp7CavLccfCPHaDKBNJto9rCdw+tja4OrDbBseAsnDV
3zOSU7SnNpWILFQ7z3XwqyPXYem03/W3iBJKLhIhXDZ+qDjvPs3Rg9IpCpfwkfg/
dIKk3jlz9kuPrMgmi4Mb/OQVCf2pxRJVao5DF8McjJS6cO8dypRwL3WLYJUtRYjv
OZKvIZz7iKvrHiV+JH3+sZVLKlVsvEoYpPpWFg2spyCLNlww7vnJOTNtRJnRPyBO
Z2HQmGrpTnLimNKK8ZP+cBCfzD62yEPetg7PQAGEXA==
-----END CERTIFICATE-----
Generated at Sat Aug 5 15:48:43 2023 by rpki-client on console-ams.rpki-client.org