Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/35174AC6E85611EE939B7C5BC4F9AE02.roa
File: 35174AC6E85611EE939B7C5BC4F9AE02.roa (raw, json)
Hash identifier: cWgdK8QCpc3BVzLycZXVuMDHmnKXPFbKd2Ai8qggpwg=
Subject key identifier: 1F:30:A3:FA:1B:B0:98:DC:49:AB:5D:DB:CB:66:26:51:26:BF:39:F6
Certificate issuer: /CN=A9147CDA/serialNumber=F3DA51FE80BCDA97087525E204621EA9F5574199
Certificate serial: C2
Authority key identifier: F3:DA:51:FE:80:BC:DA:97:08:75:25:E2:04:62:1E:A9:F5:57:41:99
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89pR_oC82pcIdSXiBGIeqfVXQZk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/35174AC6E85611EE939B7C5BC4F9AE02.roa
Signing time: Fri 22 Mar 2024 14:12:25 +0000
ROA not before: Fri 22 Mar 2024 14:12:25 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 30860
IP address blocks: 103.197.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 May 2024 02:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 194 (0xc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9147CDA/serialNumber=F3DA51FE80BCDA97087525E204621EA9F5574199
Validity
Not Before: Mar 22 14:12:25 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65fd91c9-3ea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d3:ed:b1:10:0a:98:c5:ec:2a:e5:c9:b2:d9:
da:4b:2d:13:77:71:d2:06:e5:d5:3c:99:d2:54:af:
1d:ba:42:78:e2:52:18:cc:e0:55:dd:86:38:63:3f:
15:4b:a0:44:66:a4:1d:bf:cf:59:2b:9b:96:41:7b:
68:44:4c:de:d0:59:27:76:46:02:41:d9:f3:ae:c4:
93:a0:48:86:75:e0:f6:fe:aa:00:30:ae:f2:f2:0d:
45:75:e7:ee:c9:8e:d4:0b:ba:bb:9c:84:0a:eb:a6:
ba:95:16:55:44:59:5b:bc:88:d0:48:33:7a:93:69:
07:d8:f0:07:1f:e0:0a:12:01:7f:8b:95:5b:ca:bd:
a2:02:bf:6d:83:c0:de:71:76:ab:f2:c1:d2:ee:e7:
b3:98:1a:79:64:93:64:1c:9f:0f:90:14:cc:93:27:
5b:88:23:ae:c5:f2:f3:b4:26:e5:28:24:92:a3:52:
7b:ff:ce:b3:22:17:fa:d3:75:b6:60:7a:14:bd:5c:
3e:dc:d1:d2:e6:03:e0:c9:05:ab:4c:8a:4f:4a:0c:
1e:f7:3b:08:3a:e5:40:df:e2:85:d2:c6:69:19:67:
05:59:0a:28:45:36:ab:57:91:c5:df:a6:46:0f:fb:
ff:d0:de:6a:6e:71:e5:d7:a4:02:f0:4e:0e:25:d8:
68:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:30:A3:FA:1B:B0:98:DC:49:AB:5D:DB:CB:66:26:51:26:BF:39:F6
X509v3 Authority Key Identifier:
keyid:F3:DA:51:FE:80:BC:DA:97:08:75:25:E2:04:62:1E:A9:F5:57:41:99
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/89pR_oC82pcIdSXiBGIeqfVXQZk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89pR_oC82pcIdSXiBGIeqfVXQZk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/35174AC6E85611EE939B7C5BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.197.85.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:62:90:7f:c6:6d:e8:54:7f:43:54:5b:3a:76:d3:e3:87:27:
03:71:5f:a2:02:02:57:c9:c0:fc:7e:45:65:f0:f0:95:fb:eb:
4c:19:1c:97:e0:bf:b0:33:e2:17:34:af:db:35:f6:77:cb:63:
ac:6e:ba:b8:e4:cc:df:7a:6a:3d:d6:42:e5:17:c7:7e:95:be:
c6:d9:b3:b8:99:c2:93:a2:8d:4c:df:08:61:a5:a2:ba:78:d6:
4e:b6:75:cf:7a:94:41:52:ea:c4:84:47:d0:e6:bc:5c:c5:16:
b1:51:43:ff:a3:3f:76:d9:8d:98:e7:2b:ab:71:1d:66:bb:df:
0d:46:2a:85:64:62:e7:ab:d4:cb:db:af:5d:54:65:2c:27:a0:
25:3d:53:08:67:a1:52:1b:5e:ba:5c:88:56:ba:fa:c5:63:35:
81:76:ea:de:71:97:ca:07:13:1e:af:0c:55:e0:e5:e1:9a:b2:
1b:e3:4a:d3:73:50:94:54:a4:ac:72:6d:60:38:2f:16:c2:b2:
d8:4c:f7:46:30:81:91:bc:da:61:61:3a:39:bb:b0:9a:35:0e:
fe:11:78:6d:00:26:02:c9:76:03:bc:d3:9c:3b:04:73:39:57:
25:82:b9:63:80:dc:63:f0:e9:8b:5c:58:8c:e9:8e:20:69:37:
41:40:28:98
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDdDREExMTAvBgNVBAUTKEYzREE1MUZFODBCQ0RBOTcwODc1MjVFMjA0NjIxRUE5
RjU1NzQxOTkwHhcNMjQwMzIyMTQxMjI1WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWZkOTFjOS0zZWEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAodPtsRAKmMXsKuXJstnaSy0Td3HSBuXVPJnSVK8dukJ44lIYzOBV3YY4Yz8V
S6BEZqQdv89ZK5uWQXtoREze0FkndkYCQdnzrsSToEiGdeD2/qoAMK7y8g1Fdefu
yY7UC7q7nIQK66a6lRZVRFlbvIjQSDN6k2kH2PAHH+AKEgF/i5Vbyr2iAr9tg8De
cXar8sHS7uezmBp5ZJNkHJ8PkBTMkydbiCOuxfLztCblKCSSo1J7/86zIhf603W2
YHoUvVw+3NHS5gPgyQWrTIpPSgwe9zsIOuVA3+KF0sZpGWcFWQooRTarV5HF36ZG
D/v/0N5qbnHl16QC8E4OJdho7wIDAQABo4IClTCCApEwHQYDVR0OBBYEFB8wo/ob
sJjcSatd28tmJlEmvzn2MB8GA1UdIwQYMBaAFPPaUf6AvNqXCHUl4gRiHqn1V0GZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0NEQS80OUIyN0Q4QTA1
NEQxMUVFOURGQzE2MjRDNEY5QUUwMi84OXBSX29DODJwY0lkU1hpQkdJZXFmVlhR
WmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5cFJfb0M4MnBjSWRTWGlCR0llcWZWWFFaay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDdDREEvNDlCMjdEOEEwNTREMTFFRTlERkMxNjI0QzRGOUFFMDIvMzUxNzRBQzZF
ODU2MTFFRTkzOUI3QzVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnxVUwDQYJKoZIhvcNAQELBQADggEBAA9ikH/GbehUf0NU
Wzp20+OHJwNxX6ICAlfJwPx+RWXw8JX760wZHJfgv7Az4hc0r9s19nfLY6xuurjk
zN96aj3WQuUXx36VvsbZs7iZwpOijUzfCGGlorp41k62dc96lEFS6sSER9DmvFzF
FrFRQ/+jP3bZjZjnK6txHWa73w1GKoVkYuer1Mvbr11UZSwnoCU9UwhnoVIbXrpc
iFa6+sVjNYF26t5xl8oHEx6vDFXg5eGashvjStNzUJRUpKxybWA4LxbCsthM90Yw
gZG82mFhOjm7sJo1Dv4ReG0AJgLJdgO805w7BHM5VyWCuWOA3GPw6YtcWIzpjiBp
N0FAKJg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:57 2024 by rpki-client on console-ams.rpki-client.org