Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/B3FA014498F111EE8EA32673C4F9AE02.roa
File: B3FA014498F111EE8EA32673C4F9AE02.roa (raw, json)
Hash identifier: fCGVwqdnYb1JNvxiA9yyF2gSee4rg6cZH2k+ZnN7eNY=
Subject key identifier: F8:34:5C:45:79:46:68:47:09:B7:90:15:F9:2B:B0:22:42:E4:0F:06
Certificate issuer: /CN=A9147CDA/serialNumber=F3DA51FE80BCDA97087525E204621EA9F5574199
Certificate serial: 6E
Authority key identifier: F3:DA:51:FE:80:BC:DA:97:08:75:25:E2:04:62:1E:A9:F5:57:41:99
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89pR_oC82pcIdSXiBGIeqfVXQZk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/B3FA014498F111EE8EA32673C4F9AE02.roa
Signing time: Tue 12 Dec 2023 13:23:57 +0000
ROA not before: Tue 12 Dec 2023 13:23:57 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 21246
IP address blocks: 103.197.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jan 2024 04:15:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110 (0x6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9147CDA/serialNumber=F3DA51FE80BCDA97087525E204621EA9F5574199
Validity
Not Before: Dec 12 13:23:57 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65785eed-822b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ab:99:59:55:34:c3:af:37:8c:d6:6b:9d:32:
1c:fa:a9:98:d3:77:1c:0f:c3:5f:53:3a:5e:11:cb:
b7:6a:6c:bd:d4:0a:8a:69:a1:fa:34:4e:ee:47:09:
dd:a8:e8:03:16:47:4d:4c:0e:b3:5f:39:62:0a:23:
b7:b0:8f:9e:ec:69:c9:2e:55:24:a1:88:f0:18:8c:
d0:ff:79:56:e1:de:19:71:1f:90:31:ae:5a:b6:ff:
41:93:d7:33:d3:39:2b:c1:16:de:f9:df:3b:12:ef:
ab:2b:55:48:e5:c5:06:5f:52:dd:96:07:a3:2d:91:
d9:f4:4c:1f:fd:df:16:30:ce:3c:92:3d:0f:8f:53:
ed:e0:4c:57:fe:51:79:97:64:da:f3:23:0b:a0:3d:
e2:8f:eb:34:e0:0c:1e:7f:47:b6:48:f9:ed:50:b1:
20:1d:25:fc:69:86:f3:2b:dc:85:b7:ba:80:a8:87:
50:49:11:13:95:f2:c8:d3:12:5e:71:4a:57:51:78:
d3:87:31:7d:27:18:25:28:5e:ac:4f:f4:2f:70:2c:
66:ac:18:01:76:a7:27:cb:3b:e8:83:fc:99:9c:05:
9d:48:b6:a5:b2:d7:fb:fa:2c:8a:ae:8e:f6:dc:6e:
d1:1a:76:c8:30:36:e5:bc:ce:ee:da:df:e8:6b:d9:
65:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:34:5C:45:79:46:68:47:09:B7:90:15:F9:2B:B0:22:42:E4:0F:06
X509v3 Authority Key Identifier:
keyid:F3:DA:51:FE:80:BC:DA:97:08:75:25:E2:04:62:1E:A9:F5:57:41:99
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/89pR_oC82pcIdSXiBGIeqfVXQZk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89pR_oC82pcIdSXiBGIeqfVXQZk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/B3FA014498F111EE8EA32673C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.197.85.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:bd:6c:9b:bd:02:cb:02:59:bc:79:ae:e9:c6:4f:2a:2c:4a:
a4:8c:ad:1b:de:b8:42:2d:a9:dd:e2:e0:a3:14:ca:74:e6:24:
72:a4:ba:69:9e:5b:99:62:f4:7b:14:09:69:7d:94:09:13:e0:
00:11:36:87:c8:19:42:ac:9e:72:9a:ef:ca:64:93:dd:77:4f:
e7:73:9d:29:15:fb:f1:9a:b3:92:ef:96:bc:71:ff:c4:dd:58:
26:bf:cb:79:08:27:a2:28:fe:57:9a:ae:c0:8a:e7:af:93:96:
ca:34:1f:64:f7:ea:c3:4a:c6:d5:e3:1a:1d:c1:57:db:10:62:
16:42:f8:25:82:4b:a7:ee:45:8e:0b:c9:c0:9b:7e:f9:b1:f7:
3f:cf:34:6c:c2:25:c0:e4:25:14:d1:b2:b2:07:e4:dd:33:78:
ce:ac:ab:34:94:d8:42:32:2c:60:b9:87:1f:17:68:f7:65:a1:
85:b0:a2:04:b3:dd:01:24:eb:56:e0:0f:55:0b:4c:b4:fe:ff:
0a:1b:75:3e:68:ce:d5:77:71:e8:b6:5d:85:f6:9e:8a:ae:b4:
06:22:ff:50:3b:6d:40:12:db:81:b7:e2:32:2b:87:ff:16:a9:
cb:d3:c4:32:4d:b7:e1:ec:72:97:cf:c4:a3:5c:a1:3f:7c:85:
14:2c:25:c9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBbjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
N0NEQTExMC8GA1UEBRMoRjNEQTUxRkU4MEJDREE5NzA4NzUyNUUyMDQ2MjFFQTlG
NTU3NDE5OTAeFw0yMzEyMTIxMzIzNTdaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1Nzg1ZWVkLTgyMmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCmq5lZVTTDrzeM1mudMhz6qZjTdxwPw19TOl4Ry7dqbL3UCoppofo0Tu5HCd2o
6AMWR01MDrNfOWIKI7ewj57sackuVSShiPAYjND/eVbh3hlxH5Axrlq2/0GT1zPT
OSvBFt753zsS76srVUjlxQZfUt2WB6Mtkdn0TB/93xYwzjySPQ+PU+3gTFf+UXmX
ZNrzIwugPeKP6zTgDB5/R7ZI+e1QsSAdJfxphvMr3IW3uoCoh1BJEROV8sjTEl5x
SldReNOHMX0nGCUoXqxP9C9wLGasGAF2pyfLO+iD/JmcBZ1ItqWy1/v6LIqujvbc
btEadsgwNuW8zu7a3+hr2WVdAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU+DRcRXlG
aEcJt5AV+SuwIkLkDwYwHwYDVR0jBBgwFoAU89pR/oC82pcIdSXiBGIeqfVXQZkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3Q0RBLzQ5QjI3RDhBMDU0
RDExRUU5REZDMTYyNEM0RjlBRTAyLzg5cFJfb0M4MnBjSWRTWGlCR0llcWZWWFFa
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvODlwUl9vQzgycGNJZFNYaUJHSWVxZlZYUVprLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
N0NEQS80OUIyN0Q4QTA1NEQxMUVFOURGQzE2MjRDNEY5QUUwMi9CM0ZBMDE0NDk4
RjExMUVFOEVBMzI2NzNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGfFVTANBgkqhkiG9w0BAQsFAAOCAQEATb1sm70CywJZvHmu
6cZPKixKpIytG964Qi2p3eLgoxTKdOYkcqS6aZ5bmWL0exQJaX2UCRPgABE2h8gZ
QqyecprvymST3XdP53OdKRX78Zqzku+WvHH/xN1YJr/LeQgnoij+V5quwIrnr5OW
yjQfZPfqw0rG1eMaHcFX2xBiFkL4JYJLp+5FjgvJwJt++bH3P880bMIlwOQlFNGy
sgfk3TN4zqyrNJTYQjIsYLmHHxdo92WhhbCiBLPdASTrVuAPVQtMtP7/Cht1PmjO
1Xdx6LZdhfaeiq60BiL/UDttQBLbgbfiMiuH/xapy9PEMk234exyl8/Eo1yhP3yF
FCwlyQ==
-----END CERTIFICATE-----
Generated at Fri Jan 12 06:50:14 2024 by rpki-client on console-ams.rpki-client.org