Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/347B3C4EE85611EE939B7C5BC4F9AE02.roa
File: 347B3C4EE85611EE939B7C5BC4F9AE02.roa (raw, json)
Hash identifier: dw97uphu3es5uDHm1XhpF+agdtyc6K/fsJiaMsQ22CQ=
Subject key identifier: 7A:6D:8E:68:F1:C1:1D:78:15:4D:FC:38:B8:84:83:BC:75:4E:1E:B1
Certificate issuer: /CN=A9147CDA/serialNumber=F3DA51FE80BCDA97087525E204621EA9F5574199
Certificate serial: C1
Authority key identifier: F3:DA:51:FE:80:BC:DA:97:08:75:25:E2:04:62:1E:A9:F5:57:41:99
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89pR_oC82pcIdSXiBGIeqfVXQZk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/347B3C4EE85611EE939B7C5BC4F9AE02.roa
Signing time: Fri 22 Mar 2024 14:12:24 +0000
ROA not before: Fri 22 Mar 2024 14:12:24 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 24875
IP address blocks: 103.197.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 May 2024 03:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 193 (0xc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9147CDA/serialNumber=F3DA51FE80BCDA97087525E204621EA9F5574199
Validity
Not Before: Mar 22 14:12:24 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65fd91c8-9cfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a3:80:c2:40:8e:54:24:57:98:87:a1:dc:8d:
79:89:67:e2:0f:62:13:38:5e:5e:4a:c1:83:12:5b:
ba:12:c6:4e:5b:47:8c:a2:70:dc:28:fa:1c:9e:84:
a1:0e:34:1d:d1:c5:ab:a9:45:7e:20:14:66:3b:c7:
d3:37:b4:39:cb:4e:43:aa:7e:74:1a:4a:11:af:3d:
bd:d5:30:d9:c9:1e:20:55:3a:2b:58:0a:90:72:1d:
40:cb:b2:fb:aa:d5:58:9d:01:3d:50:6a:fa:9d:68:
36:bb:e4:83:f0:39:da:0e:b6:37:13:47:18:1b:8f:
3d:d8:31:45:c5:8d:70:ae:40:40:3e:e2:71:7f:9d:
64:44:c9:1f:5a:71:1e:42:80:5d:55:63:9e:5c:16:
15:e9:94:07:90:73:bc:44:68:fb:97:97:87:41:28:
ba:63:ff:8f:cb:4f:b3:b5:c6:d2:b0:5c:35:b1:96:
09:a4:a3:d1:7e:a0:0c:6c:37:4e:76:d4:a0:c4:03:
a2:21:a3:2d:b7:17:cb:51:9e:ad:fc:63:9c:e0:3a:
3d:13:f0:64:78:7d:88:68:8f:d0:57:95:7f:5a:b5:
c9:e6:12:0d:b5:98:cc:30:0a:c7:0e:f0:ff:da:a7:
4b:57:21:25:78:5f:fe:97:42:ed:d1:1a:1a:16:51:
a5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:6D:8E:68:F1:C1:1D:78:15:4D:FC:38:B8:84:83:BC:75:4E:1E:B1
X509v3 Authority Key Identifier:
keyid:F3:DA:51:FE:80:BC:DA:97:08:75:25:E2:04:62:1E:A9:F5:57:41:99
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/89pR_oC82pcIdSXiBGIeqfVXQZk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89pR_oC82pcIdSXiBGIeqfVXQZk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/347B3C4EE85611EE939B7C5BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.197.86.0/24
Signature Algorithm: sha256WithRSAEncryption
85:17:98:d2:01:00:c4:70:42:88:28:9b:3e:ad:9a:2b:9b:ca:
33:95:e6:b5:52:c0:27:e9:2a:96:5d:ec:e2:e5:cc:ab:e7:d5:
91:4c:59:0c:64:9b:0f:d0:97:65:1f:ca:c8:dd:46:0f:ef:a9:
dc:3f:05:f0:fc:b9:e5:39:c0:f3:bd:24:13:51:55:39:b2:e5:
91:53:ed:77:0b:75:13:e8:7c:41:a3:31:17:3a:42:27:bc:72:
5b:f1:c2:f4:08:1c:c3:45:a4:93:0d:40:d2:48:cb:35:4c:f8:
64:a4:f3:ea:55:21:bd:0e:44:36:72:99:73:6c:4a:d8:49:8a:
7c:e3:5a:74:2e:a2:b5:eb:f3:4f:94:25:9f:9f:84:4a:a9:f9:
eb:18:21:93:44:7c:09:12:ef:0c:bd:ef:7e:af:22:24:b8:d2:
84:08:cb:68:5f:26:04:43:8e:ff:57:e9:87:9f:ab:03:ee:25:
dc:00:4a:26:fa:3f:d0:2e:bc:00:06:06:37:60:4a:3a:97:ab:
33:b0:52:da:77:f4:ba:d4:e0:01:8b:3a:5e:38:9b:ad:26:54:
e9:44:8c:87:82:2a:d1:ee:f6:8e:bc:a4:d9:f4:88:75:18:34:
45:06:65:bb:9b:5d:b8:f6:b8:07:88:0e:74:10:0d:92:14:cc:
91:d9:08:7f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDdDREExMTAvBgNVBAUTKEYzREE1MUZFODBCQ0RBOTcwODc1MjVFMjA0NjIxRUE5
RjU1NzQxOTkwHhcNMjQwMzIyMTQxMjI0WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWZkOTFjOC05Y2ZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu6OAwkCOVCRXmIeh3I15iWfiD2ITOF5eSsGDElu6EsZOW0eMonDcKPocnoSh
DjQd0cWrqUV+IBRmO8fTN7Q5y05Dqn50GkoRrz291TDZyR4gVTorWAqQch1Ay7L7
qtVYnQE9UGr6nWg2u+SD8DnaDrY3E0cYG4892DFFxY1wrkBAPuJxf51kRMkfWnEe
QoBdVWOeXBYV6ZQHkHO8RGj7l5eHQSi6Y/+Py0+ztcbSsFw1sZYJpKPRfqAMbDdO
dtSgxAOiIaMttxfLUZ6t/GOc4Do9E/BkeH2IaI/QV5V/WrXJ5hINtZjMMArHDvD/
2qdLVyEleF/+l0Lt0RoaFlGliwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHptjmjx
wR14FU38OLiEg7x1Th6xMB8GA1UdIwQYMBaAFPPaUf6AvNqXCHUl4gRiHqn1V0GZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0NEQS80OUIyN0Q4QTA1
NEQxMUVFOURGQzE2MjRDNEY5QUUwMi84OXBSX29DODJwY0lkU1hpQkdJZXFmVlhR
WmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5cFJfb0M4MnBjSWRTWGlCR0llcWZWWFFaay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDdDREEvNDlCMjdEOEEwNTREMTFFRTlERkMxNjI0QzRGOUFFMDIvMzQ3QjNDNEVF
ODU2MTFFRTkzOUI3QzVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnxVYwDQYJKoZIhvcNAQELBQADggEBAIUXmNIBAMRwQogo
mz6tmiubyjOV5rVSwCfpKpZd7OLlzKvn1ZFMWQxkmw/Ql2UfysjdRg/vqdw/BfD8
ueU5wPO9JBNRVTmy5ZFT7XcLdRPofEGjMRc6Qie8clvxwvQIHMNFpJMNQNJIyzVM
+GSk8+pVIb0ORDZymXNsSthJinzjWnQuorXr80+UJZ+fhEqp+esYIZNEfAkS7wy9
736vIiS40oQIy2hfJgRDjv9X6YefqwPuJdwASib6P9AuvAAGBjdgSjqXqzOwUtp3
9LrU4AGLOl44m60mVOlEjIeCKtHu9o68pNn0iHUYNEUGZbubXbj2uAeIDnQQDZIU
zJHZCH8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:57 2024 by rpki-client on console-ams.rpki-client.org