Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/858C82D8D3DB11EB9FCD6135C4F9AE02.roa
File: 858C82D8D3DB11EB9FCD6135C4F9AE02.roa (raw, json)
Hash identifier: G1Mw+n2vB3CzP813zs8H/GbYZ1BZTVqUlTaDUuFMxpI=
Subject key identifier: 2B:D9:5F:9B:2A:39:BA:AF:B9:FC:0E:A0:A1:11:F0:FB:85:BB:6B:AC
Certificate issuer: /CN=A914A139/serialNumber=A25ED8A1427AE93B24D30DCCDFA832538B5008AD
Certificate serial: 0A64
Authority key identifier: A2:5E:D8:A1:42:7A:E9:3B:24:D3:0D:CC:DF:A8:32:53:8B:50:08:AD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ol7YoUJ66Tsk0w3M36gyU4tQCK0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/858C82D8D3DB11EB9FCD6135C4F9AE02.roa
Signing time: Wed 30 Aug 2023 19:47:41 +0000
ROA not before: Wed 30 Aug 2023 19:47:41 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 139325
IP address blocks: 103.141.64.0/23 maxlen: 23
103.141.64.0/24 maxlen: 24
103.141.65.0/24 maxlen: 24
2001:df0:f280::/48 maxlen: 48
2001:df0:f280::/56 maxlen: 56
2001:df0:f280:100::/56 maxlen: 56
2001:df0:f280:200::/56 maxlen: 56
2001:df0:f280:300::/56 maxlen: 56
2001:df0:f280:400::/56 maxlen: 56
2001:df0:f280:500::/56 maxlen: 56
2001:df0:f280:600::/56 maxlen: 56
2001:df0:f280:700::/56 maxlen: 56
Validation: Failed, certificate revoked on Wed 24 Jan 2024 05:57:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2660 (0xa64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914A139/serialNumber=A25ED8A1427AE93B24D30DCCDFA832538B5008AD
Validity
Not Before: Aug 30 19:47:41 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64ef9cdd-5fca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:57:cc:da:10:cd:6b:bd:5a:10:75:48:32:9f:
e4:79:7e:96:48:15:a3:29:cc:39:37:1c:18:43:32:
8e:b5:bc:e2:56:58:94:9a:a3:9a:83:19:cf:f2:2d:
d4:43:d5:ba:81:73:bf:ac:93:c4:92:10:ca:b7:02:
4b:24:5e:b3:a1:3c:0b:4c:8f:0d:f3:2e:33:96:11:
ad:20:1d:2c:f7:f0:15:28:7b:e3:0a:60:1c:b3:87:
1d:03:3c:ef:2c:e3:cb:14:38:7e:44:ed:94:33:cc:
c0:c9:56:8e:55:ce:51:e1:a1:3f:cb:5d:45:2a:fd:
0a:fe:7f:07:65:5e:3c:44:20:c3:ee:bf:48:e9:1e:
07:57:da:35:af:bd:c2:c5:f4:3c:f1:7d:1d:61:15:
95:2b:db:a6:fe:bd:d1:2d:97:3f:c1:8a:d8:79:1b:
ff:b2:52:52:48:85:50:69:72:e8:5b:49:0c:36:6b:
05:44:cc:61:e4:72:b6:e9:b2:d5:fb:66:79:7e:d3:
81:d6:7a:5b:6b:37:ea:4c:06:51:7c:9f:1b:64:89:
5f:72:15:1a:a7:f9:14:75:94:aa:bc:7c:4e:e6:50:
af:b3:61:19:79:b5:81:9b:ce:32:4e:e6:f9:76:b3:
dc:35:9b:02:fb:5c:9b:ff:ae:48:c2:74:2c:33:38:
b3:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D9:5F:9B:2A:39:BA:AF:B9:FC:0E:A0:A1:11:F0:FB:85:BB:6B:AC
X509v3 Authority Key Identifier:
keyid:A2:5E:D8:A1:42:7A:E9:3B:24:D3:0D:CC:DF:A8:32:53:8B:50:08:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/ol7YoUJ66Tsk0w3M36gyU4tQCK0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ol7YoUJ66Tsk0w3M36gyU4tQCK0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/858C82D8D3DB11EB9FCD6135C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.141.64.0/23
IPv6:
2001:df0:f280::/48
Signature Algorithm: sha256WithRSAEncryption
28:eb:26:8d:aa:95:da:29:bb:c1:52:17:5d:ab:c0:ef:54:f7:
d9:64:2f:ec:0c:3f:f2:48:1f:f6:81:70:0f:14:48:17:c9:f2:
61:38:ac:81:e6:be:7a:a6:f5:8c:c9:bc:5d:af:47:c5:ba:ae:
10:0f:67:9a:06:f4:95:46:60:86:4f:cf:3c:7b:c6:0d:49:a0:
d6:a6:eb:04:f0:e3:8d:6c:8d:e3:bf:49:d5:3e:62:8a:c8:82:
7e:5f:f5:12:75:01:49:13:b4:62:85:27:9a:7f:42:f4:5c:fd:
0e:1f:b2:df:57:6a:fa:b1:cb:26:9c:6f:e0:94:b4:d1:0a:68:
83:bc:2b:55:7e:6c:04:90:59:ed:d9:6c:85:ca:24:86:6f:3f:
b7:5e:15:76:41:87:d3:0e:68:03:b6:21:59:4a:ca:3b:12:7c:
83:5c:f3:fd:1b:8d:d5:db:7d:ae:3b:bd:80:28:22:94:7a:21:
1d:bf:15:fd:79:2f:a6:40:23:f8:dd:23:26:f9:8f:1c:9c:81:
20:1f:c5:e5:e4:12:e9:46:92:62:89:0f:13:3a:65:07:83:c9:
f7:f1:2d:6b:53:a8:b8:1c:3e:f3:f3:1f:a6:92:ce:e2:5b:2d:
ff:42:42:de:3d:32:d1:7c:ac:02:2e:21:7f:23:0a:b4:88:56:
63:92:58:26
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICCmQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEExMzkxMTAvBgNVBAUTKEEyNUVEOEExNDI3QUU5M0IyNEQzMERDQ0RGQTgzMjUz
OEI1MDA4QUQwHhcNMjMwODMwMTk0NzQxWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVmOWNkZC01ZmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzlfM2hDNa71aEHVIMp/keX6WSBWjKcw5NxwYQzKOtbziVliUmqOagxnP8i3U
Q9W6gXO/rJPEkhDKtwJLJF6zoTwLTI8N8y4zlhGtIB0s9/AVKHvjCmAcs4cdAzzv
LOPLFDh+RO2UM8zAyVaOVc5R4aE/y11FKv0K/n8HZV48RCDD7r9I6R4HV9o1r73C
xfQ88X0dYRWVK9um/r3RLZc/wYrYeRv/slJSSIVQaXLoW0kMNmsFRMxh5HK26bLV
+2Z5ftOB1npbazfqTAZRfJ8bZIlfchUap/kUdZSqvHxO5lCvs2EZebWBm84yTub5
drPcNZsC+1yb/65IwnQsMzizsQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFCvZX5sq
ObqvufwOoKER8PuFu2usMB8GA1UdIwQYMBaAFKJe2KFCeuk7JNMNzN+oMlOLUAit
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QTEzOS9FQkI5RUM2MDI0
Q0ExMUVBQUMyQUU1ODZDNEY5QUUwMi9vbDdZb1VKNjZUc2swdzNNMzZneVU0dFFD
SzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29sN1lvVUo2NlRzazB3M00zNmd5VTR0UUNLMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEExMzkvRUJCOUVDNjAyNENBMTFFQUFDMkFFNTg2QzRGOUFFMDIvODU4QzgyRDhE
M0RCMTFFQjlGQ0Q2MTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnjUAwDwQCAAIwCQMHACABDfDygDANBgkqhkiG9w0BAQsF
AAOCAQEAKOsmjaqV2im7wVIXXavA71T32WQv7Aw/8kgf9oFwDxRIF8nyYTisgea+
eqb1jMm8Xa9HxbquEA9nmgb0lUZghk/PPHvGDUmg1qbrBPDjjWyN479J1T5iisiC
fl/1EnUBSRO0YoUnmn9C9Fz9Dh+y31dq+rHLJpxv4JS00Qpog7wrVX5sBJBZ7dls
hcokhm8/t14VdkGH0w5oA7YhWUrKOxJ8g1zz/RuN1dt9rju9gCgilHohHb8V/Xkv
pkAj+N0jJvmPHJyBIB/F5eQS6UaSYokPEzplB4PJ9/Eta1OouBw+8/MfppLO4lst
/0JC3j0y0XysAi4hfyMKtIhWY5JYJg==
-----END CERTIFICATE-----
Generated at Wed Jan 24 07:08:50 2024 by rpki-client on console-fra.rpki-client.org