Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913B31D/E7E7EC50BD6911ED9B55226EC4F9AE02/77D00C0ABD6D11EDB9B1D286C4F9AE02.roa
File: 77D00C0ABD6D11EDB9B1D286C4F9AE02.roa (raw, json)
Hash identifier: jka2FLtJek/QxOtMc1GO5J+BIhuFKDvN5hLDgENj7Eo=
Subject key identifier: D0:70:4E:07:94:A3:74:B9:51:EB:3C:E6:CD:7D:ED:A9:FC:A1:06:57
Certificate issuer: /CN=A913B31D/serialNumber=2E9C11C6D2945D52F95F24C39DD1F4187A3417E5
Certificate serial: 83
Authority key identifier: 2E:9C:11:C6:D2:94:5D:52:F9:5F:24:C3:9D:D1:F4:18:7A:34:17:E5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LpwRxtKUXVL5XyTDndH0GHo0F-U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913B31D/E7E7EC50BD6911ED9B55226EC4F9AE02/77D00C0ABD6D11EDB9B1D286C4F9AE02.roa
Signing time: Mon 13 Nov 2023 05:15:24 +0000
ROA not before: Mon 13 Nov 2023 05:15:24 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 136000
IP address blocks: 103.21.4.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 15 Aug 2024 02:39:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131 (0x83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913B31D/serialNumber=2E9C11C6D2945D52F95F24C39DD1F4187A3417E5
Validity
Not Before: Nov 13 05:15:24 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6551b0eb-3926
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:9b:ce:f7:63:fd:8e:64:48:a3:80:b2:bd:64:
9a:a3:64:4b:aa:4c:85:1a:8d:7d:eb:46:aa:93:a4:
bd:d7:cc:bc:10:bb:0e:b6:79:6e:a2:23:b8:20:ad:
48:ad:0a:a1:87:40:e4:c0:2d:58:32:e4:5b:ac:10:
03:27:3c:76:d3:47:91:67:88:79:ae:62:41:43:7a:
fc:47:fe:38:97:f9:46:59:15:91:1b:d0:ea:04:3a:
93:b3:db:43:67:58:b6:f5:fc:dd:a2:48:9b:5a:f9:
d5:ca:78:1a:bc:8c:53:c3:4c:e1:66:32:3f:30:69:
3b:17:db:86:2e:f0:d7:fa:1f:ed:87:84:25:91:90:
8e:26:5f:af:ff:62:b5:c6:26:85:5d:de:f8:49:b1:
01:49:fa:10:c0:07:71:e0:ad:d3:6c:ab:ad:4b:ec:
18:f6:20:e2:9f:00:fb:67:d1:36:7b:9b:19:ef:6d:
40:27:8d:f3:f2:f3:42:4d:90:7c:e7:d4:14:37:9e:
b2:e9:69:39:90:01:d0:01:df:13:9c:b4:05:b1:c5:
44:36:62:40:f6:62:a6:d0:b2:8b:97:2b:da:8f:e6:
af:dd:8a:b9:a8:9f:9b:ab:a9:67:32:41:b2:fd:5c:
c4:17:cb:f7:45:e3:fa:3f:45:12:3f:5d:5b:ea:f9:
60:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:70:4E:07:94:A3:74:B9:51:EB:3C:E6:CD:7D:ED:A9:FC:A1:06:57
X509v3 Authority Key Identifier:
keyid:2E:9C:11:C6:D2:94:5D:52:F9:5F:24:C3:9D:D1:F4:18:7A:34:17:E5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913B31D/E7E7EC50BD6911ED9B55226EC4F9AE02/LpwRxtKUXVL5XyTDndH0GHo0F-U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LpwRxtKUXVL5XyTDndH0GHo0F-U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B31D/E7E7EC50BD6911ED9B55226EC4F9AE02/77D00C0ABD6D11EDB9B1D286C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.21.4.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:da:1f:94:59:82:bf:4b:4a:d7:f2:da:e8:6d:2d:f0:27:8d:
45:a4:27:1b:04:51:e1:6e:c9:95:28:17:ff:ec:e2:b4:dd:3a:
e4:e7:14:ef:dc:31:47:35:4d:6d:e7:7c:0b:0b:7a:fe:86:da:
51:4c:98:81:1d:a6:8c:7e:f1:c2:c7:ca:3f:3e:d2:2b:04:c2:
a0:3e:8d:fe:76:30:5e:20:3a:6a:88:33:82:39:a1:ad:bd:b2:
c2:40:55:ce:08:1a:9e:5c:c7:86:13:ad:47:d2:b1:42:7b:7e:
89:67:69:95:dd:d5:d3:67:49:e5:00:f2:b7:c6:5d:49:79:dd:
ad:e4:02:b5:17:53:8a:65:4e:e4:3f:61:f1:39:46:02:de:3b:
bd:c9:32:81:28:4d:ca:97:ea:09:38:72:6c:0d:27:54:71:1c:
3f:aa:10:b4:3a:11:db:13:01:5c:65:81:20:46:df:47:31:3c:
5e:9a:3a:35:7c:a8:ba:0d:c7:88:25:ab:dd:fe:58:b1:7a:45:
b3:f5:77:6d:18:97:78:1e:0e:80:cb:27:ba:8c:6e:54:bd:f9:
33:de:62:7e:04:65:f8:e7:3b:e6:71:ac:4f:9e:e8:91:d8:f5:
02:7b:43:a3:2d:78:6c:6f:99:8a:c0:d9:f5:85:81:73:41:f4:
e4:3a:8e:b2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAIMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0IzMUQxMTAvBgNVBAUTKDJFOUMxMUM2RDI5NDVENTJGOTVGMjRDMzlERDFGNDE4
N0EzNDE3RTUwHhcNMjMxMTEzMDUxNTI0WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTUxYjBlYi0zOTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5JvO92P9jmRIo4CyvWSao2RLqkyFGo1960aqk6S918y8ELsOtnluoiO4IK1I
rQqhh0DkwC1YMuRbrBADJzx200eRZ4h5rmJBQ3r8R/44l/lGWRWRG9DqBDqTs9tD
Z1i29fzdokibWvnVyngavIxTw0zhZjI/MGk7F9uGLvDX+h/th4QlkZCOJl+v/2K1
xiaFXd74SbEBSfoQwAdx4K3TbKutS+wY9iDinwD7Z9E2e5sZ721AJ43z8vNCTZB8
59QUN56y6Wk5kAHQAd8TnLQFscVENmJA9mKm0LKLlyvaj+av3Yq5qJ+bq6lnMkGy
/VzEF8v3ReP6P0USP11b6vlg4wIDAQABo4IClTCCApEwHQYDVR0OBBYEFNBwTgeU
o3S5Ues85s197an8oQZXMB8GA1UdIwQYMBaAFC6cEcbSlF1S+V8kw53R9Bh6NBfl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjMxRC9FN0U3RUM1MEJE
NjkxMUVEOUI1NTIyNkVDNEY5QUUwMi9McHdSeHRLVVhWTDVYeVREbmRIMEdIbzBG
LVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xwd1J4dEtVWFZMNVh5VERuZEgwR0hvMEYtVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0IzMUQvRTdFN0VDNTBCRDY5MTFFRDlCNTUyMjZFQzRGOUFFMDIvNzdEMDBDMEFC
RDZEMTFFREI5QjFEMjg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnFQQwDQYJKoZIhvcNAQELBQADggEBAKraH5RZgr9LStfy
2uhtLfAnjUWkJxsEUeFuyZUoF//s4rTdOuTnFO/cMUc1TW3nfAsLev6G2lFMmIEd
pox+8cLHyj8+0isEwqA+jf52MF4gOmqIM4I5oa29ssJAVc4IGp5cx4YTrUfSsUJ7
folnaZXd1dNnSeUA8rfGXUl53a3kArUXU4plTuQ/YfE5RgLeO73JMoEoTcqX6gk4
cmwNJ1RxHD+qELQ6EdsTAVxlgSBG30cxPF6aOjV8qLoNx4glq93+WLF6RbP1d20Y
l3geDoDLJ7qMblS9+TPeYn4EZfjnO+ZxrE+e6JHY9QJ7Q6MteGxvmYrA2fWFgXNB
9OQ6jrI=
-----END CERTIFICATE-----
Generated at Thu Aug 15 05:16:39 2024 by rpki-client on console-ams.rpki-client.org