Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913C509/A5B8FB2E01D711ED9339314EC4F9AE02/2521225201DC11EDA4B7F257C4F9AE02.roa
File: 2521225201DC11EDA4B7F257C4F9AE02.roa (raw, json)
Hash identifier: j3WuJ6zHKCuKaH6Y3S5iFy9UtYPb+9+Q5/BemWhaNwg=
Subject key identifier: 7D:39:0D:95:C2:80:07:38:AB:D3:80:5A:24:59:DE:8A:D0:C7:FE:A1
Certificate issuer: /CN=A913C509/serialNumber=07461E7A913ACEA1E968779A045527C21A1FDDC5
Certificate serial: 0185
Authority key identifier: 07:46:1E:7A:91:3A:CE:A1:E9:68:77:9A:04:55:27:C2:1A:1F:DD:C5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B0YeepE6zqHpaHeaBFUnwhof3cU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913C509/A5B8FB2E01D711ED9339314EC4F9AE02/2521225201DC11EDA4B7F257C4F9AE02.roa
Signing time: Fri 01 Dec 2023 04:34:54 +0000
ROA not before: Fri 01 Dec 2023 04:34:54 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 135602
IP address blocks: 103.243.144.0/24 maxlen: 24
103.243.145.0/24 maxlen: 24
103.243.146.0/24 maxlen: 24
103.243.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 09:11:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 389 (0x185)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913C509/serialNumber=07461E7A913ACEA1E968779A045527C21A1FDDC5
Validity
Not Before: Dec 1 04:34:54 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6569626d-1ab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d2:28:40:7c:50:d0:94:05:23:b6:45:e5:b2:
47:cd:fe:06:2f:d4:f4:37:31:63:d1:28:00:c1:58:
6b:86:cb:92:e4:42:90:9d:58:aa:c2:eb:fa:cd:ca:
80:42:a6:c5:6d:a7:86:56:69:00:7b:9e:d9:8c:fd:
23:4a:47:6b:3c:4f:3b:d6:43:ee:30:1e:29:15:34:
0a:4e:c8:cc:15:cd:a9:1e:54:fb:a8:7a:af:0e:70:
62:65:3a:55:de:fe:a4:f4:86:6b:75:47:2e:96:6b:
5e:99:db:22:0b:8c:0a:af:9a:ae:e9:da:58:a2:28:
09:00:f8:af:9e:c6:24:dc:3f:1e:d6:46:e9:cf:1f:
92:b6:18:fb:ab:84:35:52:1a:61:9a:1a:ae:fe:7b:
c1:37:f0:32:ec:28:d6:7d:72:38:15:a8:65:3e:42:
e7:5a:88:e4:60:43:e0:d1:fa:68:3a:de:61:45:99:
40:a5:e5:5b:00:b4:3d:45:2e:cf:1b:97:77:9f:ab:
ac:27:3a:51:95:1a:d4:3a:aa:c6:e0:38:82:ba:32:
13:26:16:0c:d2:a1:76:03:ec:df:cc:a8:d8:e2:f8:
47:eb:4a:ea:95:e7:1d:ae:0d:b5:61:c3:20:41:c0:
cc:c9:6b:ad:21:06:f3:86:0e:11:0b:0a:13:c0:2f:
bf:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:39:0D:95:C2:80:07:38:AB:D3:80:5A:24:59:DE:8A:D0:C7:FE:A1
X509v3 Authority Key Identifier:
keyid:07:46:1E:7A:91:3A:CE:A1:E9:68:77:9A:04:55:27:C2:1A:1F:DD:C5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913C509/A5B8FB2E01D711ED9339314EC4F9AE02/B0YeepE6zqHpaHeaBFUnwhof3cU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B0YeepE6zqHpaHeaBFUnwhof3cU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C509/A5B8FB2E01D711ED9339314EC4F9AE02/2521225201DC11EDA4B7F257C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.243.144.0/22
Signature Algorithm: sha256WithRSAEncryption
66:db:14:5b:46:9e:9e:52:3f:79:cf:01:3e:6b:24:a3:28:44:
d2:7f:b0:e7:e9:0c:d9:54:51:8d:94:04:7c:0b:61:00:ec:c0:
5a:23:da:34:2f:82:ef:98:ed:08:d0:15:47:ec:27:1f:35:70:
85:8b:5c:fb:3d:52:05:cf:8c:a3:4f:21:73:8e:d8:d7:4a:53:
34:ef:3b:40:e4:67:2a:e7:94:e7:90:f1:a6:ea:4e:24:96:dc:
8e:41:36:65:26:5d:e1:e3:36:3d:0f:8a:74:3a:16:02:a5:10:
2b:6b:59:d6:f6:de:fd:3c:cf:ce:b6:9f:ba:47:b8:71:00:2f:
16:e2:41:55:aa:38:cc:2a:07:05:47:ea:d6:17:3d:fe:35:04:
8c:ad:19:11:f3:f6:8a:08:28:c3:49:dc:1c:0f:7b:e6:8e:33:
63:ae:bd:59:13:31:63:2a:88:a7:c3:d8:c3:cb:d7:fd:b0:5b:
17:00:8b:e9:ef:74:4e:c5:df:30:3a:0e:35:27:c1:de:62:05:
89:41:99:d9:98:f4:30:49:71:5e:20:be:7d:4b:8a:49:c6:08:
8d:fc:1f:37:6f:36:20:55:d1:db:f5:ca:37:b3:75:a8:93:a9:
94:d5:a3:80:7d:74:31:fc:2f:31:61:42:28:04:8e:ee:a8:77:
1d:4a:d5:1a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAYUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0M1MDkxMTAvBgNVBAUTKDA3NDYxRTdBOTEzQUNFQTFFOTY4Nzc5QTA0NTUyN0My
MUExRkREQzUwHhcNMjMxMjAxMDQzNDU0WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTY5NjI2ZC0xYWI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt9IoQHxQ0JQFI7ZF5bJHzf4GL9T0NzFj0SgAwVhrhsuS5EKQnViqwuv6zcqA
QqbFbaeGVmkAe57ZjP0jSkdrPE871kPuMB4pFTQKTsjMFc2pHlT7qHqvDnBiZTpV
3v6k9IZrdUculmtemdsiC4wKr5qu6dpYoigJAPivnsYk3D8e1kbpzx+Sthj7q4Q1
Uhphmhqu/nvBN/Ay7CjWfXI4FahlPkLnWojkYEPg0fpoOt5hRZlApeVbALQ9RS7P
G5d3n6usJzpRlRrUOqrG4DiCujITJhYM0qF2A+zfzKjY4vhH60rqlecdrg21YcMg
QcDMyWutIQbzhg4RCwoTwC+/HwIDAQABo4IClTCCApEwHQYDVR0OBBYEFH05DZXC
gAc4q9OAWiRZ3orQx/6hMB8GA1UdIwQYMBaAFAdGHnqROs6h6Wh3mgRVJ8IaH93F
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzUwOS9BNUI4RkIyRTAx
RDcxMUVEOTMzOTMxNEVDNEY5QUUwMi9CMFllZXBFNnpxSHBhSGVhQkZVbndob2Yz
Y1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0IwWWVlcEU2enFIcGFIZWFCRlVud2hvZjNjVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0M1MDkvQTVCOEZCMkUwMUQ3MTFFRDkzMzkzMTRFQzRGOUFFMDIvMjUyMTIyNTIw
MURDMTFFREE0QjdGMjU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn85AwDQYJKoZIhvcNAQELBQADggEBAGbbFFtGnp5SP3nP
AT5rJKMoRNJ/sOfpDNlUUY2UBHwLYQDswFoj2jQvgu+Y7QjQFUfsJx81cIWLXPs9
UgXPjKNPIXOO2NdKUzTvO0DkZyrnlOeQ8abqTiSW3I5BNmUmXeHjNj0PinQ6FgKl
ECtrWdb23v08z862n7pHuHEALxbiQVWqOMwqBwVH6tYXPf41BIytGRHz9ooIKMNJ
3BwPe+aOM2OuvVkTMWMqiKfD2MPL1/2wWxcAi+nvdE7F3zA6DjUnwd5iBYlBmdmY
9DBJcV4gvn1LiknGCI38HzdvNiBV0dv1yjezdaiTqZTVo4B9dDH8LzFhQigEju6o
dx1K1Ro=
-----END CERTIFICATE-----
Generated at Thu Sep 12 12:08:31 2024 by rpki-client on console-ams.rpki-client.org