Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/D0FA2F4C42E011EE88B1F93EC4F9AE02.roa
File: D0FA2F4C42E011EE88B1F93EC4F9AE02.roa (raw, json)
Hash identifier: wI4yv/VnRGSfQeK6hNE0Jtjt4uqquKJiP0zFF/ElIbI=
Subject key identifier: 3D:5E:F8:E2:30:D4:B4:46:10:F1:96:B0:B0:6A:5E:D5:C4:4A:40:F3
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 04BA
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/D0FA2F4C42E011EE88B1F93EC4F9AE02.roa
Signing time: Tue 05 Sep 2023 00:51:36 +0000
ROA not before: Tue 05 Sep 2023 00:51:36 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 201670
IP address blocks: 103.231.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Oct 2023 12:26:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1210 (0x4ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Sep 5 00:51:36 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=64f67b98-8166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4d:c7:3a:39:2c:b7:3d:8f:5e:78:0c:56:12:
49:a4:99:2a:36:df:f2:66:eb:92:b3:83:6f:61:16:
7d:2f:04:6d:f4:dc:eb:40:d9:78:d0:f1:96:0d:d5:
1d:77:b5:17:5f:2c:f5:b5:e9:51:6b:a7:cd:2e:d9:
8d:31:a9:2e:b8:ae:77:7b:32:0d:06:99:f2:d6:f4:
df:e8:16:9b:c2:87:6f:56:5c:a8:68:17:e6:b0:fa:
f0:58:ed:c6:a3:84:b0:01:b4:50:38:26:c9:69:47:
04:2a:06:28:13:19:16:9c:ce:f9:d1:d4:a7:21:0d:
dd:f3:1c:e7:dd:c5:f0:e0:2e:8f:89:bf:8e:60:30:
c0:5a:10:9d:fd:ff:27:b3:f9:1d:40:f3:98:9f:0f:
f5:74:6f:7b:b9:f9:b8:40:00:1c:72:c4:96:5c:6e:
6d:49:63:e2:2f:4e:9c:8c:c7:51:a6:e6:6b:24:b6:
1b:9a:36:fe:b3:6d:1b:1a:c9:87:24:0f:60:c8:7b:
ae:93:de:cc:c1:af:ce:db:5e:68:b5:8a:f4:f2:b3:
15:99:01:fe:2d:49:e7:44:67:7a:74:68:50:f7:56:
b8:1e:97:08:63:48:7d:56:3d:46:de:51:d1:aa:81:
43:42:ae:63:71:32:10:b5:e3:bb:65:ae:2f:9e:69:
4a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:5E:F8:E2:30:D4:B4:46:10:F1:96:B0:B0:6A:5E:D5:C4:4A:40:F3
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/D0FA2F4C42E011EE88B1F93EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.231.56.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:1f:15:0b:bf:a6:64:cc:bf:ba:35:c0:b0:93:18:f6:e9:ce:
57:24:1b:fb:a9:16:98:76:32:ec:15:f9:c4:ae:6b:b7:57:19:
3b:09:c9:91:73:f4:74:5b:d8:30:d4:5a:b6:02:ac:5f:c8:91:
18:07:f4:37:18:9f:bb:ea:9a:a7:16:91:4c:77:cf:91:18:8d:
77:5f:3a:87:d2:47:09:f5:50:08:e1:e1:54:6f:2f:e4:a3:5f:
83:65:9c:95:82:ef:27:59:f0:f7:a9:78:e0:d5:46:05:ed:e8:
c5:91:7f:1f:4c:f0:be:cd:95:f4:9d:c8:13:27:45:3c:e1:e6:
9a:a6:9f:d4:04:3d:e4:50:2f:a5:ec:be:14:07:0d:a3:ca:6c:
93:36:a5:05:58:89:ea:c6:9a:0a:f4:23:80:cd:e5:fd:94:9a:
6f:ee:81:f2:f9:d1:a5:74:05:98:5e:44:a4:27:79:9e:60:a9:
20:79:90:b1:22:ce:2e:3b:cc:15:e5:d7:d3:f3:7e:80:f9:12:
65:ed:27:70:18:e4:21:3c:4b:64:7a:0e:24:4d:32:a0:31:f6:
56:af:d6:61:16:f9:20:6f:fd:a7:10:d9:c6:ea:71:bf:06:74:
91:a7:f3:af:0b:ba:09:e3:f0:5c:8a:92:2d:67:d6:c1:1c:67:
36:bd:d2:0f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBLowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwOTA1MDA1MTM2WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY2N2I5OC04MTY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApk3HOjkstz2PXngMVhJJpJkqNt/yZuuSs4NvYRZ9LwRt9NzrQNl40PGWDdUd
d7UXXyz1telRa6fNLtmNMakuuK53ezINBpny1vTf6BabwodvVlyoaBfmsPrwWO3G
o4SwAbRQOCbJaUcEKgYoExkWnM750dSnIQ3d8xzn3cXw4C6Pib+OYDDAWhCd/f8n
s/kdQPOYnw/1dG97ufm4QAAccsSWXG5tSWPiL06cjMdRpuZrJLYbmjb+s20bGsmH
JA9gyHuuk97Mwa/O215otYr08rMVmQH+LUnnRGd6dGhQ91a4HpcIY0h9Vj1G3lHR
qoFDQq5jcTIQteO7Za4vnmlKrQIDAQABo4IClTCCApEwHQYDVR0OBBYEFD1e+OIw
1LRGEPGWsLBqXtXESkDzMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvRDBGQTJGNEM0
MkUwMTFFRTg4QjFGOTNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn5zgwDQYJKoZIhvcNAQELBQADggEBALQfFQu/pmTMv7o1
wLCTGPbpzlckG/upFph2MuwV+cSua7dXGTsJyZFz9HRb2DDUWrYCrF/IkRgH9DcY
n7vqmqcWkUx3z5EYjXdfOofSRwn1UAjh4VRvL+SjX4NlnJWC7ydZ8PepeODVRgXt
6MWRfx9M8L7NlfSdyBMnRTzh5pqmn9QEPeRQL6XsvhQHDaPKbJM2pQVYierGmgr0
I4DN5f2Umm/ugfL50aV0BZheRKQneZ5gqSB5kLEizi47zBXl19PzfoD5EmXtJ3AY
5CE8S2R6DiRNMqAx9lav1mEW+SBv/acQ2cbqcb8GdJGn868Lugnj8FyKki1n1sEc
Zza90g8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org