Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/CD67BA32E72911EEB2F7C676C4F9AE02.roa
File: CD67BA32E72911EEB2F7C676C4F9AE02.roa (raw, json)
Hash identifier: guhGvf1Y3Fm/R+pkw3G7AK6uWBl0RSHUGHBjOx8OjOk=
Subject key identifier: C1:DB:39:ED:C4:71:4E:ED:0C:E5:7D:A6:EC:B9:4D:F5:AA:7C:10:2F
Certificate issuer: /CN=A9147CDA/serialNumber=F3DA51FE80BCDA97087525E204621EA9F5574199
Certificate serial: BE
Authority key identifier: F3:DA:51:FE:80:BC:DA:97:08:75:25:E2:04:62:1E:A9:F5:57:41:99
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89pR_oC82pcIdSXiBGIeqfVXQZk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/CD67BA32E72911EEB2F7C676C4F9AE02.roa
Signing time: Thu 21 Mar 2024 02:22:03 +0000
ROA not before: Thu 21 Mar 2024 02:22:03 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 49217
IP address blocks: 103.197.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 02:43:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 190 (0xbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9147CDA/serialNumber=F3DA51FE80BCDA97087525E204621EA9F5574199
Validity
Not Before: Mar 21 02:22:03 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65fb99ca-6b67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:22:6d:69:4e:63:0d:8c:a9:cb:c3:ec:c1:1f:
03:77:a3:11:2e:25:27:e1:72:81:fd:54:40:b5:49:
5b:bf:ad:1d:aa:85:8a:23:05:e3:8e:bf:2e:f3:57:
00:73:59:42:79:b0:c9:2d:3a:1e:6e:e7:39:d1:52:
d8:f3:85:f9:2b:3e:9f:83:83:8d:7a:6d:3d:83:42:
e2:84:24:8a:8a:c4:de:e6:1a:b0:e4:f6:77:1e:b1:
58:ae:05:9b:a8:06:50:57:4a:a0:07:7e:30:68:20:
5e:ee:0c:4d:bb:b6:38:85:64:18:6e:3a:f5:ab:a1:
6b:c1:2b:5b:f9:45:b9:3d:12:d1:ee:b6:33:08:b6:
38:c6:03:6f:49:b4:c9:54:c7:8f:c3:60:c5:18:19:
a8:c2:74:ad:1e:49:8d:b8:af:9b:58:9b:e5:d9:7e:
d6:06:4e:f0:76:ca:2c:73:6a:d5:4f:19:3e:da:40:
7e:71:b1:df:42:eb:0e:f5:48:16:a0:6c:25:ab:20:
57:92:7d:44:da:a3:a9:b1:42:37:62:d4:8d:28:1f:
50:de:1a:b1:0a:b0:4a:7d:d8:5e:c3:cb:b3:0d:4b:
00:bf:be:95:0b:4e:d0:3f:e3:f1:97:dc:58:6b:3f:
df:0a:71:9d:10:bb:9c:78:23:90:30:6e:9a:fb:cb:
8c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:DB:39:ED:C4:71:4E:ED:0C:E5:7D:A6:EC:B9:4D:F5:AA:7C:10:2F
X509v3 Authority Key Identifier:
keyid:F3:DA:51:FE:80:BC:DA:97:08:75:25:E2:04:62:1E:A9:F5:57:41:99
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/89pR_oC82pcIdSXiBGIeqfVXQZk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89pR_oC82pcIdSXiBGIeqfVXQZk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/CD67BA32E72911EEB2F7C676C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.197.87.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:d8:a3:fd:f9:d6:f3:2f:3b:ae:db:a3:80:9f:18:70:06:0c:
a0:1f:59:b4:13:f4:92:37:cc:ac:d9:64:23:4a:53:55:92:06:
de:a7:c6:40:5c:ae:d9:b2:11:53:94:00:c5:cd:0e:71:4f:f4:
4a:7f:87:33:42:d2:56:b9:d9:ac:58:32:4f:7a:d9:93:1c:dd:
e7:ac:11:0b:f1:18:c4:f5:f7:a5:32:35:5f:bc:22:ae:c5:e2:
ab:ca:0b:e4:1e:43:ed:c5:84:7c:58:26:c7:ae:fd:b2:be:34:
e9:fa:0d:b2:0b:b5:0e:27:98:92:35:87:37:28:78:7c:eb:8d:
2f:9d:1a:b5:29:2f:79:1e:ac:ed:86:1e:98:f4:14:c9:8d:54:
30:f3:1a:e0:fe:e1:5a:4e:0a:f1:29:b2:57:84:a8:e0:63:1e:
7a:ff:ef:51:5b:66:58:45:2b:7f:d3:20:81:2b:d0:ea:d6:9e:
25:bb:33:ef:74:88:3b:ee:04:8f:36:24:6d:30:b8:6d:65:74:
f6:7a:d3:6c:fd:2e:01:72:b0:94:12:4d:39:d8:45:f8:f3:97:
b1:28:97:7b:c6:02:72:7c:d6:88:b4:ac:7d:05:2d:f1:b1:2f:
65:63:92:51:12:a2:f9:d4:6e:a4:81:e9:32:2f:23:e6:2d:5c:
64:93:79:ff
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAL4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDdDREExMTAvBgNVBAUTKEYzREE1MUZFODBCQ0RBOTcwODc1MjVFMjA0NjIxRUE5
RjU1NzQxOTkwHhcNMjQwMzIxMDIyMjAzWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWZiOTljYS02YjY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtyJtaU5jDYypy8PswR8Dd6MRLiUn4XKB/VRAtUlbv60dqoWKIwXjjr8u81cA
c1lCebDJLToebuc50VLY84X5Kz6fg4ONem09g0LihCSKisTe5hqw5PZ3HrFYrgWb
qAZQV0qgB34waCBe7gxNu7Y4hWQYbjr1q6FrwStb+UW5PRLR7rYzCLY4xgNvSbTJ
VMePw2DFGBmownStHkmNuK+bWJvl2X7WBk7wdsosc2rVTxk+2kB+cbHfQusO9UgW
oGwlqyBXkn1E2qOpsUI3YtSNKB9Q3hqxCrBKfdhew8uzDUsAv76VC07QP+Pxl9xY
az/fCnGdELuceCOQMG6a+8uM0wIDAQABo4IClTCCApEwHQYDVR0OBBYEFMHbOe3E
cU7tDOV9puy5TfWqfBAvMB8GA1UdIwQYMBaAFPPaUf6AvNqXCHUl4gRiHqn1V0GZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0NEQS80OUIyN0Q4QTA1
NEQxMUVFOURGQzE2MjRDNEY5QUUwMi84OXBSX29DODJwY0lkU1hpQkdJZXFmVlhR
WmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5cFJfb0M4MnBjSWRTWGlCR0llcWZWWFFaay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDdDREEvNDlCMjdEOEEwNTREMTFFRTlERkMxNjI0QzRGOUFFMDIvQ0Q2N0JBMzJF
NzI5MTFFRUIyRjdDNjc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnxVcwDQYJKoZIhvcNAQELBQADggEBAKnYo/351vMvO67b
o4CfGHAGDKAfWbQT9JI3zKzZZCNKU1WSBt6nxkBcrtmyEVOUAMXNDnFP9Ep/hzNC
0la52axYMk962ZMc3eesEQvxGMT196UyNV+8Iq7F4qvKC+QeQ+3FhHxYJseu/bK+
NOn6DbILtQ4nmJI1hzcoeHzrjS+dGrUpL3kerO2GHpj0FMmNVDDzGuD+4VpOCvEp
sleEqOBjHnr/71FbZlhFK3/TIIEr0OrWniW7M+90iDvuBI82JG0wuG1ldPZ602z9
LgFysJQSTTnYRfjzl7Eol3vGAnJ81oi0rH0FLfGxL2VjklESovnUbqSB6TIvI+Yt
XGSTef8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:05 2024 by rpki-client on console-fra.rpki-client.org