Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C7F8/E2510E1C129511EE84BAD746C4F9AE02/86303ED85C2711EE84ACF162C4F9AE02.roa
File: 86303ED85C2711EE84ACF162C4F9AE02.roa (raw, json)
Hash identifier: /NHE/8R0AW+QsNMZjCRB0Vb3V86+LAcO0Fd40hPTppQ=
Subject key identifier: 53:D0:21:27:0A:8C:F0:1B:66:43:11:53:A6:AA:58:7B:0F:C4:E6:DB
Certificate issuer: /CN=A914C7F8/serialNumber=E50963D70468727356B78B7FC4380974429B64E1
Certificate serial: 3B
Authority key identifier: E5:09:63:D7:04:68:72:73:56:B7:8B:7F:C4:38:09:74:42:9B:64:E1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Qlj1wRocnNWt4t_xDgJdEKbZOE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C7F8/E2510E1C129511EE84BAD746C4F9AE02/86303ED85C2711EE84ACF162C4F9AE02.roa
Signing time: Tue 26 Sep 2023 04:45:32 +0000
ROA not before: Tue 26 Sep 2023 04:45:32 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 149509
IP address blocks: 103.208.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Oct 2023 02:16:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59 (0x3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C7F8/serialNumber=E50963D70468727356B78B7FC4380974429B64E1
Validity
Not Before: Sep 26 04:45:32 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=651261ec-bc06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:be:82:23:bd:ea:d0:fc:86:dc:5a:91:bc:f6:
bf:2a:60:b6:b2:63:d5:54:e3:91:2e:8d:75:4e:7c:
ae:3c:47:f9:92:25:75:00:24:bc:f8:6e:8f:74:2f:
9c:8f:70:95:53:cd:c1:45:6a:e7:95:89:37:64:b7:
db:33:e5:ef:e8:ea:15:9a:f8:08:ed:36:32:86:6a:
89:7e:ee:9c:62:21:76:b1:48:d8:eb:1e:62:c2:80:
a8:4d:4e:a4:53:7e:19:bc:73:a7:ef:d0:5c:91:10:
b1:d5:d5:c6:86:55:a2:38:1c:33:6f:4b:1b:0c:9b:
5c:44:fb:57:e2:9d:ca:ef:6c:81:d3:43:ba:b3:01:
48:04:22:e8:6a:01:cc:5d:7f:b2:16:45:76:1e:f9:
a6:f0:73:88:07:04:2c:b6:64:cb:37:d9:9e:40:d0:
64:98:f6:18:f9:27:80:bd:66:f7:8e:18:ed:59:62:
6d:2e:36:2d:84:88:18:db:5e:a1:ae:6c:67:3f:bf:
e5:5d:8b:57:86:be:27:cc:79:af:fc:40:5a:ac:a3:
bd:9f:97:54:c1:53:c7:7c:1a:4d:ef:c2:5a:91:a2:
0a:f7:41:e5:37:32:81:34:24:69:30:cd:9a:82:79:
c7:76:d1:a3:1f:28:1b:83:13:8b:27:d4:cd:e3:24:
44:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D0:21:27:0A:8C:F0:1B:66:43:11:53:A6:AA:58:7B:0F:C4:E6:DB
X509v3 Authority Key Identifier:
keyid:E5:09:63:D7:04:68:72:73:56:B7:8B:7F:C4:38:09:74:42:9B:64:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C7F8/E2510E1C129511EE84BAD746C4F9AE02/5Qlj1wRocnNWt4t_xDgJdEKbZOE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Qlj1wRocnNWt4t_xDgJdEKbZOE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C7F8/E2510E1C129511EE84BAD746C4F9AE02/86303ED85C2711EE84ACF162C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.208.67.0/24
Signature Algorithm: sha256WithRSAEncryption
36:ea:78:ba:cd:df:b5:7c:5d:74:e5:80:3d:13:5d:4d:d8:ed:
48:3e:de:b4:ca:c7:31:ef:50:e7:72:f2:dd:a6:79:b2:c1:53:
e0:22:74:8d:24:d0:63:a4:9e:f4:3a:a4:65:31:c0:85:7c:a5:
e2:82:b7:51:22:2b:74:d3:6f:db:56:8e:3b:6b:33:da:39:59:
15:04:94:6a:01:82:68:9e:aa:68:b1:ad:ba:c3:65:bf:f5:9b:
5b:49:46:0c:74:7f:04:79:0b:71:d3:8c:09:ed:cb:fd:04:18:
19:18:d2:cf:f2:a1:27:87:22:4d:3c:42:10:07:38:c6:f0:c7:
27:ef:ea:8a:53:d7:a0:9c:d5:45:c9:26:da:66:9b:9f:92:71:
ee:26:74:24:d2:02:1a:36:8f:82:91:e9:87:74:e3:25:b9:12:
14:af:05:6a:18:75:0b:2f:ac:ee:2f:9e:43:91:17:7b:fc:57:
8f:46:fd:ea:4b:d2:80:42:e8:70:36:83:b1:de:16:1d:b8:87:
34:39:3d:75:98:cf:57:de:10:38:e4:68:9d:85:c7:88:06:4e:
a8:71:b0:f2:12:d6:1c:86:27:d9:9e:6f:e0:31:72:9c:75:a9:
67:be:39:30:55:4d:d0:a6:b8:f0:e5:c4:a4:64:46:b9:57:29:
73:9d:a8:d2
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBOzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
QzdGODExMC8GA1UEBRMoRTUwOTYzRDcwNDY4NzI3MzU2Qjc4QjdGQzQzODA5NzQ0
MjlCNjRFMTAeFw0yMzA5MjYwNDQ1MzJaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MTI2MWVjLWJjMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCYvoIjverQ/IbcWpG89r8qYLayY9VU45EujXVOfK48R/mSJXUAJLz4bo90L5yP
cJVTzcFFaueViTdkt9sz5e/o6hWa+AjtNjKGaol+7pxiIXaxSNjrHmLCgKhNTqRT
fhm8c6fv0FyRELHV1caGVaI4HDNvSxsMm1xE+1fincrvbIHTQ7qzAUgEIuhqAcxd
f7IWRXYe+abwc4gHBCy2ZMs32Z5A0GSY9hj5J4C9ZveOGO1ZYm0uNi2EiBjbXqGu
bGc/v+Vdi1eGvifMea/8QFqso72fl1TBU8d8Gk3vwlqRogr3QeU3MoE0JGkwzZqC
ecd20aMfKBuDE4sn1M3jJET/AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUU9AhJwqM
8BtmQxFTpqpYew/E5tswHwYDVR0jBBgwFoAU5Qlj1wRocnNWt4t/xDgJdEKbZOEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRDN0Y4L0UyNTEwRTFDMTI5
NTExRUU4NEJBRDc0NkM0RjlBRTAyLzVRbGoxd1JvY25OV3Q0dF94RGdKZEVLYlpP
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNVFsajF3Um9jbk5XdDR0X3hEZ0pkRUtiWk9FLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
QzdGOC9FMjUxMEUxQzEyOTUxMUVFODRCQUQ3NDZDNEY5QUUwMi84NjMwM0VEODVD
MjcxMUVFODRBQ0YxNjJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGfQQzANBgkqhkiG9w0BAQsFAAOCAQEANup4us3ftXxddOWA
PRNdTdjtSD7etMrHMe9Q53Ly3aZ5ssFT4CJ0jSTQY6Se9DqkZTHAhXyl4oK3USIr
dNNv21aOO2sz2jlZFQSUagGCaJ6qaLGtusNlv/WbW0lGDHR/BHkLcdOMCe3L/QQY
GRjSz/KhJ4ciTTxCEAc4xvDHJ+/qilPXoJzVRckm2mabn5Jx7iZ0JNICGjaPgpHp
h3TjJbkSFK8Fahh1Cy+s7i+eQ5EXe/xXj0b96kvSgELocDaDsd4WHbiHNDk9dZjP
V94QOORonYXHiAZOqHGw8hLWHIYn2Z5v4DFynHWpZ745MFVN0Ka48OXEpGRGuVcp
c52o0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-ams.rpki-client.org