Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C475/E022A0580E9111EAB0E87441C4F9AE02/8C13C84069D311EB9DC5D465C4F9AE02.roa
File: 8C13C84069D311EB9DC5D465C4F9AE02.roa (raw, json)
Hash identifier: Pcmg23dGzGuCXS6ODObdUydnNvyMglPj9u46qG1/D2Q=
Subject key identifier: F2:EF:76:44:32:DD:FB:DD:99:68:1A:52:0F:B7:0A:63:3F:5A:56:3B
Certificate issuer: /CN=A914C475/serialNumber=228507EFF81AA28E491E326FBD1DC3B3C90872B8
Certificate serial: 05D8
Authority key identifier: 22:85:07:EF:F8:1A:A2:8E:49:1E:32:6F:BD:1D:C3:B3:C9:08:72:B8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IoUH7_gaoo5JHjJvvR3Ds8kIcrg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C475/E022A0580E9111EAB0E87441C4F9AE02/8C13C84069D311EB9DC5D465C4F9AE02.roa
Signing time: Thu 30 Nov 2023 20:07:25 +0000
ROA not before: Thu 30 Nov 2023 20:07:25 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 134723
IP address blocks: 103.197.205.0/24 maxlen: 24
2403:680::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 05 Jun 2024 09:20:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1496 (0x5d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C475/serialNumber=228507EFF81AA28E491E326FBD1DC3B3C90872B8
Validity
Not Before: Nov 30 20:07:25 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6568eb7d-c70e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ab:72:4d:2a:16:58:4a:fb:e7:ac:1c:90:90:
79:97:e5:79:38:c6:7e:23:63:1e:29:36:e5:bd:bc:
82:d1:10:b9:30:51:fc:7d:fb:4a:90:4c:ba:81:70:
28:7c:c6:70:43:fe:cb:82:c3:30:6f:55:3c:dd:e6:
58:ec:aa:52:f4:e5:97:c9:6c:6f:36:64:4d:5a:38:
9c:4b:39:46:a3:4f:95:41:10:d3:2f:f7:a2:5a:96:
67:5e:0f:b1:05:b8:18:8c:ca:03:e2:df:59:f0:bb:
26:40:cd:fe:d8:f2:17:85:03:a7:0b:2b:2d:18:28:
f2:d8:78:fc:04:25:f7:a9:2a:82:f2:64:e6:32:ea:
a0:f5:9e:5d:33:37:6c:2d:60:95:20:f0:3b:34:35:
90:06:4d:13:46:ce:5c:44:52:3c:8e:09:c5:bf:84:
70:d3:46:2e:b5:45:84:4a:7c:68:70:bd:01:7c:80:
c5:68:71:13:4c:a5:00:a8:71:6c:b9:7d:03:f1:8c:
7d:dc:c9:80:5f:d2:fe:25:f6:20:fd:db:fa:7c:ef:
5c:53:32:08:dc:c9:24:6e:27:f6:07:7d:34:94:a5:
46:33:70:09:8b:6e:b6:ec:b0:b1:3e:2f:4d:e9:18:
e8:4c:90:fc:5b:6a:1f:9b:d5:50:0a:fc:6e:a1:22:
75:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:EF:76:44:32:DD:FB:DD:99:68:1A:52:0F:B7:0A:63:3F:5A:56:3B
X509v3 Authority Key Identifier:
keyid:22:85:07:EF:F8:1A:A2:8E:49:1E:32:6F:BD:1D:C3:B3:C9:08:72:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C475/E022A0580E9111EAB0E87441C4F9AE02/IoUH7_gaoo5JHjJvvR3Ds8kIcrg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IoUH7_gaoo5JHjJvvR3Ds8kIcrg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C475/E022A0580E9111EAB0E87441C4F9AE02/8C13C84069D311EB9DC5D465C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.197.205.0/24
IPv6:
2403:680::/32
Signature Algorithm: sha256WithRSAEncryption
57:4a:11:65:9b:d7:e4:d5:b8:72:dc:47:33:23:3b:61:69:f1:
43:52:90:e3:c3:d3:53:7c:71:33:96:a0:99:bb:ce:23:37:dd:
66:d9:74:36:8e:d2:b3:6b:60:4e:41:7e:bb:fb:9f:d6:44:6a:
b6:32:7e:9c:71:44:0e:dc:a2:37:f2:da:e3:4c:ca:8d:98:57:
66:7c:61:20:99:55:b4:12:e0:e2:d9:6c:cd:11:37:bb:b7:19:
c8:9b:11:c2:3c:05:76:f1:d5:bb:b5:95:61:e6:15:bd:51:c3:
d8:b3:0a:fb:70:c7:ef:69:e0:06:be:a1:67:06:01:22:2c:f5:
06:b4:a2:2a:cd:02:71:1d:0e:e0:90:7e:6a:9c:ca:2f:e8:a0:
6f:37:8a:05:81:ad:24:58:c4:69:ff:c7:b1:61:14:7c:3a:2c:
bd:4d:7a:dc:71:47:d1:d5:7e:4b:ba:0e:1d:c1:d6:df:c6:01:
79:c8:f2:d0:a6:73:33:d0:4d:9e:9b:35:66:b7:40:f3:61:d2:
56:3f:87:17:75:6a:77:e1:8d:4f:16:b0:4b:1e:29:b4:8f:ec:
43:8a:fa:99:f0:27:81:48:c0:31:9a:2b:d1:98:99:20:ab:c2:
45:55:15:f8:d8:58:96:0b:54:66:2f:3a:80:25:9e:e9:11:ec:
6f:db:e8:8f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBdgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEM0NzUxMTAvBgNVBAUTKDIyODUwN0VGRjgxQUEyOEU0OTFFMzI2RkJEMURDM0Iz
QzkwODcyQjgwHhcNMjMxMTMwMjAwNzI1WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTY4ZWI3ZC1jNzBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2qtyTSoWWEr756wckJB5l+V5OMZ+I2MeKTblvbyC0RC5MFH8fftKkEy6gXAo
fMZwQ/7LgsMwb1U83eZY7KpS9OWXyWxvNmRNWjicSzlGo0+VQRDTL/eiWpZnXg+x
BbgYjMoD4t9Z8LsmQM3+2PIXhQOnCystGCjy2Hj8BCX3qSqC8mTmMuqg9Z5dMzds
LWCVIPA7NDWQBk0TRs5cRFI8jgnFv4Rw00YutUWESnxocL0BfIDFaHETTKUAqHFs
uX0D8Yx93MmAX9L+JfYg/dv6fO9cUzII3Mkkbif2B300lKVGM3AJi2627LCxPi9N
6RjoTJD8W2ofm9VQCvxuoSJ1wwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPLvdkQy
3fvdmWgaUg+3CmM/WlY7MB8GA1UdIwQYMBaAFCKFB+/4GqKOSR4yb70dw7PJCHK4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzQ3NS9FMDIyQTA1ODBF
OTExMUVBQjBFODc0NDFDNEY5QUUwMi9Jb1VIN19nYW9vNUpIakp2dlIzRHM4a0lj
cmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lvVUg3X2dhb281SkhqSnZ2UjNEczhrSWNyZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEM0NzUvRTAyMkEwNTgwRTkxMTFFQUIwRTg3NDQxQzRGOUFFMDIvOEMxM0M4NDA2
OUQzMTFFQjlEQzVENDY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABnxc0wDQQCAAIwBwMFACQDBoAwDQYJKoZIhvcNAQELBQAD
ggEBAFdKEWWb1+TVuHLcRzMjO2Fp8UNSkOPD01N8cTOWoJm7ziM33WbZdDaO0rNr
YE5Bfrv7n9ZEarYyfpxxRA7cojfy2uNMyo2YV2Z8YSCZVbQS4OLZbM0RN7u3Gcib
EcI8BXbx1bu1lWHmFb1Rw9izCvtwx+9p4Aa+oWcGASIs9Qa0oirNAnEdDuCQfmqc
yi/ooG83igWBrSRYxGn/x7FhFHw6LL1NetxxR9HVfku6Dh3B1t/GAXnI8tCmczPQ
TZ6bNWa3QPNh0lY/hxd1anfhjU8WsEseKbSP7EOK+pnwJ4FIwDGaK9GYmSCrwkVV
FfjYWJYLVGYvOoAlnukR7G/b6I8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-ams.rpki-client.org