Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/B34FE19CAA4D11EE8F1C3147C4F9AE02.roa
File: B34FE19CAA4D11EE8F1C3147C4F9AE02.roa (raw, json)
Hash identifier: ivVfZgZB4Xacfy32w7MUbd1PTIJm0MaihNz7/MLpuD4=
Subject key identifier: 5E:91:43:0F:15:BB:EF:24:6F:C4:57:AC:4F:70:94:DC:EA:E1:CD:63
Certificate issuer: /CN=A9147CDA/serialNumber=F3DA51FE80BCDA97087525E204621EA9F5574199
Certificate serial: 99
Authority key identifier: F3:DA:51:FE:80:BC:DA:97:08:75:25:E2:04:62:1E:A9:F5:57:41:99
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89pR_oC82pcIdSXiBGIeqfVXQZk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/B34FE19CAA4D11EE8F1C3147C4F9AE02.roa
Signing time: Thu 01 Feb 2024 03:22:48 +0000
ROA not before: Thu 01 Feb 2024 03:22:48 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 198652
IP address blocks: 103.197.86.0/24 maxlen: 24
103.197.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 07:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153 (0x99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9147CDA/serialNumber=F3DA51FE80BCDA97087525E204621EA9F5574199
Validity
Not Before: Feb 1 03:22:48 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65bb0e87-19da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7f:84:ad:de:54:e9:c8:e4:1d:e9:45:6c:dd:
ce:25:bc:6d:8c:0a:ab:11:89:af:9f:b3:7e:af:fa:
07:1a:c6:91:69:78:a1:56:51:59:44:e9:1f:84:61:
c4:25:7c:18:fa:82:7d:e1:b0:74:ed:77:e7:3e:4b:
2e:08:13:18:67:a0:0f:67:a1:54:11:3a:65:ab:6b:
04:ef:1f:ba:11:3f:5d:01:33:b1:ff:6d:bd:3b:7f:
1d:5c:c0:ce:b4:ed:e1:c4:b0:00:40:5c:07:80:d1:
2e:97:fb:01:f8:ca:4b:dd:7e:7e:2f:ae:20:af:f1:
f4:47:6b:12:66:e0:4e:ce:f0:a0:e4:3e:4f:82:dd:
cf:7f:6a:8f:4c:ad:a2:ff:df:65:89:9b:30:d6:11:
ee:a3:17:ff:3e:41:a8:4a:b8:77:e8:6f:5f:a6:b3:
02:e8:07:36:3b:cf:89:a2:58:10:22:4f:5a:48:3e:
5a:d7:58:ff:e7:7d:70:5f:2d:09:f6:93:d4:47:fa:
ff:34:cd:31:69:50:bc:eb:cd:ff:5b:10:a3:f7:0a:
8e:82:b3:c5:4b:90:eb:d4:dc:31:24:bf:5f:b2:f4:
8b:61:7a:aa:d0:f6:d3:bb:9f:5b:69:1e:ad:97:6e:
a1:d3:e0:e5:1c:58:e7:e3:fc:f7:fb:fa:28:07:6a:
8f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:91:43:0F:15:BB:EF:24:6F:C4:57:AC:4F:70:94:DC:EA:E1:CD:63
X509v3 Authority Key Identifier:
keyid:F3:DA:51:FE:80:BC:DA:97:08:75:25:E2:04:62:1E:A9:F5:57:41:99
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/89pR_oC82pcIdSXiBGIeqfVXQZk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89pR_oC82pcIdSXiBGIeqfVXQZk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/B34FE19CAA4D11EE8F1C3147C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.197.86.0/23
Signature Algorithm: sha256WithRSAEncryption
95:db:0c:77:ae:c0:f6:eb:9d:de:24:32:51:22:2c:19:29:23:
de:f4:d7:99:3d:a0:f5:68:19:09:e9:84:17:73:f9:2a:22:66:
7f:79:0f:96:82:81:fd:cf:7a:02:56:82:d3:da:24:36:34:ab:
e7:fa:27:89:48:9b:74:3d:9d:2c:6f:7f:97:1d:b4:d8:91:10:
23:10:94:72:aa:c6:2e:90:52:1c:ce:e4:c6:51:c2:ae:e7:a2:
c4:81:ff:7f:f3:6c:13:1f:40:7d:01:ae:60:f8:c4:c0:0b:cf:
26:09:73:0d:55:8c:3b:e8:15:e5:5a:f0:34:14:02:ee:4b:fc:
b7:56:e8:5b:78:25:05:d0:65:0e:11:f3:b7:1e:13:52:09:ee:
c0:67:3e:87:87:59:7f:71:c4:bf:0d:e7:43:b5:3d:66:3e:3b:
fc:9b:5e:1f:01:81:bc:be:e2:e1:9e:d7:da:87:78:7b:e1:a2:
67:78:7c:59:84:62:0b:a7:a6:fc:df:d4:af:33:37:d8:f9:6e:
69:f6:33:f3:35:ec:5f:42:53:cd:79:55:d0:2d:73:71:58:04:
6e:10:cb:00:73:98:09:24:32:3f:8c:49:aa:57:d9:f7:e7:d4:
4b:5f:2f:e5:1e:34:53:d9:c4:0d:dd:08:80:5a:19:01:67:7d:
33:7c:c5:34
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAJkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDdDREExMTAvBgNVBAUTKEYzREE1MUZFODBCQ0RBOTcwODc1MjVFMjA0NjIxRUE5
RjU1NzQxOTkwHhcNMjQwMjAxMDMyMjQ4WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWJiMGU4Ny0xOWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvX+Erd5U6cjkHelFbN3OJbxtjAqrEYmvn7N+r/oHGsaRaXihVlFZROkfhGHE
JXwY+oJ94bB07XfnPksuCBMYZ6APZ6FUETplq2sE7x+6ET9dATOx/229O38dXMDO
tO3hxLAAQFwHgNEul/sB+MpL3X5+L64gr/H0R2sSZuBOzvCg5D5Pgt3Pf2qPTK2i
/99liZsw1hHuoxf/PkGoSrh36G9fprMC6Ac2O8+JolgQIk9aSD5a11j/531wXy0J
9pPUR/r/NM0xaVC8683/WxCj9wqOgrPFS5Dr1NwxJL9fsvSLYXqq0PbTu59baR6t
l26h0+DlHFjn4/z3+/ooB2qP7wIDAQABo4IClTCCApEwHQYDVR0OBBYEFF6RQw8V
u+8kb8RXrE9wlNzq4c1jMB8GA1UdIwQYMBaAFPPaUf6AvNqXCHUl4gRiHqn1V0GZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0NEQS80OUIyN0Q4QTA1
NEQxMUVFOURGQzE2MjRDNEY5QUUwMi84OXBSX29DODJwY0lkU1hpQkdJZXFmVlhR
WmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5cFJfb0M4MnBjSWRTWGlCR0llcWZWWFFaay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDdDREEvNDlCMjdEOEEwNTREMTFFRTlERkMxNjI0QzRGOUFFMDIvQjM0RkUxOUNB
QTREMTFFRThGMUMzMTQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnxVYwDQYJKoZIhvcNAQELBQADggEBAJXbDHeuwPbrnd4k
MlEiLBkpI97015k9oPVoGQnphBdz+SoiZn95D5aCgf3PegJWgtPaJDY0q+f6J4lI
m3Q9nSxvf5cdtNiRECMQlHKqxi6QUhzO5MZRwq7nosSB/3/zbBMfQH0BrmD4xMAL
zyYJcw1VjDvoFeVa8DQUAu5L/LdW6Ft4JQXQZQ4R87ceE1IJ7sBnPoeHWX9xxL8N
50O1PWY+O/ybXh8Bgby+4uGe19qHeHvhomd4fFmEYgunpvzf1K8zN9j5bmn2M/M1
7F9CU815VdAtc3FYBG4QywBzmAkkMj+MSapX2ffn1EtfL+UeNFPZxA3dCIBaGQFn
fTN8xTQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:05 2024 by rpki-client on console-fra.rpki-client.org