Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/5B83053260F811EEB1E68971C4F9AE02.roa
File: 5B83053260F811EEB1E68971C4F9AE02.roa (raw, json)
Hash identifier: BpH/1lxVW9jcdKded5spAAOTGET7ID0YVg1wniwyIOI=
Subject key identifier: 33:F3:BB:42:8E:4F:33:9D:2F:E8:A6:00:A0:91:8D:09:5D:18:9F:CE
Certificate issuer: /CN=A9147CDA/serialNumber=F3DA51FE80BCDA97087525E204621EA9F5574199
Certificate serial: 40
Authority key identifier: F3:DA:51:FE:80:BC:DA:97:08:75:25:E2:04:62:1E:A9:F5:57:41:99
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89pR_oC82pcIdSXiBGIeqfVXQZk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/5B83053260F811EEB1E68971C4F9AE02.roa
Signing time: Mon 02 Oct 2023 07:50:30 +0000
ROA not before: Mon 02 Oct 2023 07:50:30 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 400402
IP address blocks: 103.197.85.0/24 maxlen: 24
103.197.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Nov 2023 03:59:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64 (0x40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9147CDA/serialNumber=F3DA51FE80BCDA97087525E204621EA9F5574199
Validity
Not Before: Oct 2 07:50:30 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=651a7646-e039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9d:c8:1b:ad:b5:11:7b:e0:ef:e4:14:f1:e9:
59:45:fc:d3:90:31:45:54:5e:10:86:80:18:70:9e:
dd:03:63:9c:fd:5a:e7:e0:be:f4:73:29:48:ed:cd:
00:49:75:e3:3a:9b:6d:7d:61:75:ca:a4:ef:45:b3:
a4:d2:b5:30:45:9f:e2:51:2e:79:17:bf:bf:8b:22:
e5:be:de:eb:f1:e1:6c:2c:30:30:2e:6d:82:e3:0c:
33:96:98:7a:46:e9:af:71:ee:5d:22:92:31:58:1d:
f0:cf:97:7a:a0:13:76:19:61:53:b9:92:91:0c:d9:
9f:96:70:5d:ce:d9:7d:e0:18:9a:38:17:b0:7a:16:
d9:9a:7c:5a:37:e0:28:5c:32:79:92:a0:5f:9d:10:
54:a5:78:96:a2:f5:ea:2b:85:29:e7:6f:08:3f:c7:
47:77:44:a6:38:46:67:8a:0b:06:28:55:c3:de:48:
71:c5:7b:58:58:91:97:ca:8d:04:4e:72:92:f2:3b:
2a:5c:9e:5b:81:34:07:34:f9:37:1b:86:07:2a:56:
a8:2f:ac:5b:49:23:50:1a:32:4b:de:0a:bd:08:51:
40:a5:5f:d8:ff:83:52:3f:ee:ee:63:79:07:5a:ba:
7f:5e:97:f4:c2:59:09:2f:61:f1:95:c1:9e:ca:ae:
2c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:F3:BB:42:8E:4F:33:9D:2F:E8:A6:00:A0:91:8D:09:5D:18:9F:CE
X509v3 Authority Key Identifier:
keyid:F3:DA:51:FE:80:BC:DA:97:08:75:25:E2:04:62:1E:A9:F5:57:41:99
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/89pR_oC82pcIdSXiBGIeqfVXQZk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89pR_oC82pcIdSXiBGIeqfVXQZk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/5B83053260F811EEB1E68971C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.197.85.0/24
103.197.87.0/24
Signature Algorithm: sha256WithRSAEncryption
45:c5:a7:5c:9c:6f:f0:61:88:6f:f8:f6:05:93:71:0f:29:d7:
63:06:db:bd:c2:5f:4b:0b:f6:60:87:f9:00:a6:92:c9:e5:9d:
18:fa:65:ff:1b:04:7e:30:78:68:94:9d:5c:be:78:ee:17:47:
b1:39:75:f2:ed:2e:87:a3:bc:03:f0:3a:32:90:d8:4e:2c:bc:
c1:44:66:04:b8:61:68:12:19:89:c1:cb:ce:82:b6:1d:cb:4e:
8c:e0:60:96:43:79:92:62:91:c5:8e:b1:5c:30:74:77:d0:cf:
11:d8:f5:52:41:0a:eb:03:e8:91:e6:59:85:da:2d:cd:43:86:
49:24:1b:62:31:e6:31:e9:34:7a:ba:ee:14:a0:1d:2f:e6:2f:
e5:3c:ef:d7:78:d4:13:42:00:0a:34:8b:57:84:69:53:24:8a:
68:8e:db:be:40:4d:43:a1:b4:b4:f3:af:94:75:3d:6e:f5:9d:
a0:e1:ca:b6:28:28:37:74:9c:44:fb:6e:ef:64:4e:f4:ea:20:
e5:4f:e9:61:ab:2f:16:80:ff:33:d3:08:74:ba:06:13:e7:01:
3a:94:52:7a:b5:f7:9e:d9:8f:0c:2c:ef:b9:ac:6b:13:0e:81:
6a:09:29:20:bb:4c:9d:db:e7:18:5d:47:80:ae:d7:18:ae:c4:
34:44:a4:f7
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBQDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
N0NEQTExMC8GA1UEBRMoRjNEQTUxRkU4MEJDREE5NzA4NzUyNUUyMDQ2MjFFQTlG
NTU3NDE5OTAeFw0yMzEwMDIwNzUwMzBaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MWE3NjQ2LWUwMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCuncgbrbURe+Dv5BTx6VlF/NOQMUVUXhCGgBhwnt0DY5z9WufgvvRzKUjtzQBJ
deM6m219YXXKpO9Fs6TStTBFn+JRLnkXv7+LIuW+3uvx4WwsMDAubYLjDDOWmHpG
6a9x7l0ikjFYHfDPl3qgE3YZYVO5kpEM2Z+WcF3O2X3gGJo4F7B6FtmafFo34Chc
MnmSoF+dEFSleJai9eorhSnnbwg/x0d3RKY4RmeKCwYoVcPeSHHFe1hYkZfKjQRO
cpLyOypcnluBNAc0+TcbhgcqVqgvrFtJI1AaMkveCr0IUUClX9j/g1I/7u5jeQda
un9el/TCWQkvYfGVwZ7Kriw1AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUM/O7Qo5P
M50v6KYAoJGNCV0Yn84wHwYDVR0jBBgwFoAU89pR/oC82pcIdSXiBGIeqfVXQZkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3Q0RBLzQ5QjI3RDhBMDU0
RDExRUU5REZDMTYyNEM0RjlBRTAyLzg5cFJfb0M4MnBjSWRTWGlCR0llcWZWWFFa
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvODlwUl9vQzgycGNJZFNYaUJHSWVxZlZYUVprLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
N0NEQS80OUIyN0Q4QTA1NEQxMUVFOURGQzE2MjRDNEY5QUUwMi81QjgzMDUzMjYw
RjgxMUVFQjFFNjg5NzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAGfFVQMEAGfFVzANBgkqhkiG9w0BAQsFAAOCAQEARcWnXJxv
8GGIb/j2BZNxDynXYwbbvcJfSwv2YIf5AKaSyeWdGPpl/xsEfjB4aJSdXL547hdH
sTl18u0uh6O8A/A6MpDYTiy8wURmBLhhaBIZicHLzoK2HctOjOBglkN5kmKRxY6x
XDB0d9DPEdj1UkEK6wPokeZZhdotzUOGSSQbYjHmMek0erruFKAdL+Yv5Tzv13jU
E0IACjSLV4RpUySKaI7bvkBNQ6G0tPOvlHU9bvWdoOHKtigoN3ScRPtu72RO9Oog
5U/pYasvFoD/M9MIdLoGE+cBOpRSerX3ntmPDCzvuaxrEw6BagkpILtMndvnGF1H
gK7XGK7ENESk9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:57 2024 by rpki-client on console-ams.rpki-client.org