Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/20564F18337211EE93FDFE0CC4F9AE02.roa
File: 20564F18337211EE93FDFE0CC4F9AE02.roa (raw, json)
Hash identifier: DDkHnhF7eoX7Qy6YTPj35JNpntIm0beD2lGf0gLlCAk=
Subject key identifier: 4B:F2:3A:95:8F:B0:0F:21:D5:92:E3:41:59:E8:50:63:49:F6:25:B0
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 04BC
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/20564F18337211EE93FDFE0CC4F9AE02.roa
Signing time: Tue 05 Sep 2023 00:51:38 +0000
ROA not before: Tue 05 Sep 2023 00:51:38 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 398465
IP address blocks: 103.24.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Sep 2023 04:33:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1212 (0x4bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Sep 5 00:51:38 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=64f67b9a-9ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:75:b2:2e:7a:2d:d1:54:fd:94:44:19:ec:05:
e6:95:97:f8:83:7e:3d:89:08:fa:74:e1:31:c9:0b:
a7:1a:dd:4b:8e:fc:bb:0a:89:84:86:cd:24:9b:40:
5c:6e:44:2e:87:a3:73:31:8a:0e:d6:74:9a:97:6d:
a5:22:24:df:19:7e:9c:59:0b:cc:76:03:56:5c:12:
11:76:27:a8:20:ab:e8:bd:03:f4:38:2c:2b:53:1f:
58:6b:97:8f:a5:77:ca:6c:fb:cb:ec:9b:10:f4:d8:
c1:5c:85:a7:a3:eb:7e:88:c5:df:54:5e:14:e7:70:
ff:f7:b9:4a:ba:9c:58:49:3d:10:aa:3c:38:1d:ec:
55:a2:eb:ac:f4:8e:7b:cf:82:27:89:a3:bb:54:e3:
a6:82:b0:93:06:48:ea:85:b0:c8:fc:86:38:12:dc:
00:1f:2a:87:e5:92:5b:ac:35:45:e0:a4:68:e8:09:
12:21:08:ca:0b:37:fa:34:a1:7c:c9:e5:17:82:12:
fb:b4:1a:92:15:49:db:7b:c8:44:a6:d1:9e:0f:97:
81:5b:e9:9a:a4:a1:35:18:25:17:f5:43:bd:cf:27:
6d:19:df:d0:80:cb:44:be:99:77:79:21:30:88:d1:
f4:5e:25:4e:5a:51:93:58:81:54:2b:19:59:51:20:
66:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:F2:3A:95:8F:B0:0F:21:D5:92:E3:41:59:E8:50:63:49:F6:25:B0
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/20564F18337211EE93FDFE0CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.24.216.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:d7:4c:e9:ed:87:a2:be:46:8d:07:56:be:5b:41:60:19:d7:
0a:13:77:2d:9e:7b:23:75:05:55:68:f9:28:f1:d4:9d:8c:fa:
2d:3d:b8:70:5b:e7:5f:65:58:a9:89:3b:60:9c:ad:d2:2d:ce:
a3:5f:9e:84:91:53:1d:77:45:63:df:f7:73:ac:1f:5d:73:1b:
e9:03:de:14:f8:69:5e:ff:43:b9:60:26:53:17:39:a5:8a:e4:
aa:02:d8:16:4b:d3:50:66:09:79:1d:b8:98:f4:3c:31:14:0a:
95:b1:1d:48:62:43:10:7e:9c:86:5b:1e:34:13:0d:f4:5e:97:
43:23:06:be:27:80:61:94:28:66:f2:5e:e3:85:bc:83:f2:b8:
ca:0e:19:07:95:c2:a8:67:b6:ee:6b:6b:ed:88:53:7b:c9:07:
2b:8b:64:ce:42:ff:d6:da:e4:6b:8e:06:56:cf:21:ba:63:bc:
69:2b:6f:88:59:7b:3f:db:75:13:9b:b2:7e:24:f3:dd:f0:cb:
36:d9:9b:e9:15:dc:e7:b8:62:97:88:41:0e:87:dc:e2:e3:e5:
a9:a8:71:80:3f:aa:c6:84:77:5b:ba:19:f3:1b:56:23:96:60:
40:64:55:fe:cc:12:23:77:41:aa:27:03:22:a2:ff:c0:23:bb:
f7:dd:08:18
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBLwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwOTA1MDA1MTM4WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY2N2I5YS05YWUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArnWyLnot0VT9lEQZ7AXmlZf4g349iQj6dOExyQunGt1Ljvy7ComEhs0km0Bc
bkQuh6NzMYoO1nSal22lIiTfGX6cWQvMdgNWXBIRdieoIKvovQP0OCwrUx9Ya5eP
pXfKbPvL7JsQ9NjBXIWno+t+iMXfVF4U53D/97lKupxYST0Qqjw4HexVouus9I57
z4IniaO7VOOmgrCTBkjqhbDI/IY4EtwAHyqH5ZJbrDVF4KRo6AkSIQjKCzf6NKF8
yeUXghL7tBqSFUnbe8hEptGeD5eBW+mapKE1GCUX9UO9zydtGd/QgMtEvpl3eSEw
iNH0XiVOWlGTWIFUKxlZUSBmjQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEvyOpWP
sA8h1ZLjQVnoUGNJ9iWwMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvMjA1NjRGMTgz
MzcyMTFFRTkzRkRGRTBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnGNgwDQYJKoZIhvcNAQELBQADggEBAI/XTOnth6K+Ro0H
Vr5bQWAZ1woTdy2eeyN1BVVo+Sjx1J2M+i09uHBb519lWKmJO2CcrdItzqNfnoSR
Ux13RWPf93OsH11zG+kD3hT4aV7/Q7lgJlMXOaWK5KoC2BZL01BmCXkduJj0PDEU
CpWxHUhiQxB+nIZbHjQTDfRel0MjBr4ngGGUKGbyXuOFvIPyuMoOGQeVwqhntu5r
a+2IU3vJByuLZM5C/9ba5GuOBlbPIbpjvGkrb4hZez/bdRObsn4k893wyzbZm+kV
3Oe4YpeIQQ6H3OLj5amocYA/qsaEd1u6GfMbViOWYEBkVf7MEiN3QaonAyKi/8Aj
u/fdCBg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org