Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914E5F6/BCA66B7EDA8E11ED835C3925C4F9AE02/D4007752DA9211ED99CD1D28C4F9AE02.roa
File: D4007752DA9211ED99CD1D28C4F9AE02.roa (raw, json)
Hash identifier: lAZ/bIlQmvr0uOCtQgO7bIinbyPQnj3OomJD0uJ2RVI=
Subject key identifier: B9:3C:D3:09:9F:BE:5A:7C:B5:C5:12:67:D0:D1:99:47:4B:50:2A:9F
Certificate issuer: /CN=A914E5F6/serialNumber=AFF85F7EF3DA5887438DD2061F2E9EE0B2DD0A7F
Certificate serial: 8C
Authority key identifier: AF:F8:5F:7E:F3:DA:58:87:43:8D:D2:06:1F:2E:9E:E0:B2:DD:0A:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_hffvPaWIdDjdIGHy6e4LLdCn8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914E5F6/BCA66B7EDA8E11ED835C3925C4F9AE02/D4007752DA9211ED99CD1D28C4F9AE02.roa
Signing time: Wed 03 Jan 2024 16:01:54 +0000
ROA not before: Wed 03 Jan 2024 16:01:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134371
IP address blocks: 103.243.238.0/24 maxlen: 24
203.31.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 07:20:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140 (0x8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914E5F6/serialNumber=AFF85F7EF3DA5887438DD2061F2E9EE0B2DD0A7F
Validity
Not Before: Jan 3 16:01:54 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=659584f2-3c9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1e:d4:37:cf:ce:f8:9e:dd:65:59:b3:20:44:
c1:1b:bb:bd:3d:80:b0:03:26:d7:5d:09:ce:c2:36:
50:7d:4b:af:5e:64:30:e4:2f:f3:e7:d6:1a:25:da:
83:dd:6b:8e:a5:54:db:89:d3:27:c9:ef:51:84:16:
65:d3:0c:81:38:d4:5a:72:19:18:72:4c:4f:46:dd:
0b:53:46:fb:d5:bd:9b:e5:21:11:64:ff:ca:3d:e5:
6b:93:20:2f:ff:c8:3d:89:21:5e:b1:37:9c:c3:8d:
b0:e2:ca:70:63:4d:b4:63:0f:a9:55:6f:c6:8d:ea:
18:71:2d:fb:48:9e:96:1c:a7:2c:15:0b:ff:b2:d2:
ed:7c:a9:ec:1d:7b:27:01:9d:3c:ff:f4:0c:30:0f:
99:b0:87:59:a3:5b:5f:26:c4:87:51:7f:7d:c6:e0:
1c:71:af:fc:6b:42:09:ca:43:0f:6b:d8:71:c5:f7:
e8:da:01:c5:15:8f:0f:ad:f0:db:76:35:ef:0a:9b:
f8:22:3c:61:75:96:4e:f6:b1:53:41:02:c6:77:4e:
de:da:5b:21:6a:71:0e:9f:4b:33:ca:04:f8:38:d7:
df:8d:31:58:cd:28:cc:2c:95:3f:72:c0:23:39:5d:
11:21:f4:5c:37:fb:af:00:a6:82:35:07:e9:7b:25:
5f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:3C:D3:09:9F:BE:5A:7C:B5:C5:12:67:D0:D1:99:47:4B:50:2A:9F
X509v3 Authority Key Identifier:
keyid:AF:F8:5F:7E:F3:DA:58:87:43:8D:D2:06:1F:2E:9E:E0:B2:DD:0A:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914E5F6/BCA66B7EDA8E11ED835C3925C4F9AE02/r_hffvPaWIdDjdIGHy6e4LLdCn8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_hffvPaWIdDjdIGHy6e4LLdCn8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E5F6/BCA66B7EDA8E11ED835C3925C4F9AE02/D4007752DA9211ED99CD1D28C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.243.238.0/24
203.31.169.0/24
Signature Algorithm: sha256WithRSAEncryption
13:c8:4d:b4:c6:36:ff:57:a5:16:50:b2:36:6a:d2:da:fa:16:
a9:00:fd:94:29:5f:11:86:54:ea:c3:97:a7:48:0b:e4:af:19:
fd:8e:1d:d9:03:81:15:48:f1:3c:f1:59:c4:73:d8:15:8a:ec:
06:58:67:64:8a:88:1d:eb:27:81:4d:be:e6:b6:4a:b5:5e:f2:
b1:29:9b:dd:02:9c:31:c5:62:6e:e5:f8:e2:ef:69:a8:b7:04:
2d:ca:a4:06:b3:37:09:48:c3:c7:95:e6:1b:74:14:0f:0a:05:
4b:70:0a:29:0b:5f:0a:19:63:05:c5:e9:d5:b9:10:9d:9f:05:
2c:9b:24:c8:f5:ec:46:0f:ad:06:54:47:a4:9a:3d:50:55:a6:
b4:e1:46:d6:5d:19:41:48:fc:1b:97:6f:8a:3c:05:df:c5:96:
15:d4:24:a2:43:61:4b:90:f1:67:51:fb:24:9f:cc:78:64:52:
83:bf:c3:8c:90:40:44:6f:ab:eb:6e:dc:db:51:93:12:80:b3:
da:03:27:59:74:61:63:09:3f:4e:5e:65:dd:f7:66:bd:d8:97:
50:68:65:21:70:ea:59:46:b9:d6:20:79:5b:8d:4d:a9:39:37:
a5:4b:86:e3:c6:ed:e7:28:e1:85:48:74:b0:02:39:24:94:8b:
9c:c5:bd:df
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAIwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEU1RjYxMTAvBgNVBAUTKEFGRjg1RjdFRjNEQTU4ODc0MzhERDIwNjFGMkU5RUUw
QjJERDBBN0YwHhcNMjQwMTAzMTYwMTU0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk1ODRmMi0zYzllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqx7UN8/O+J7dZVmzIETBG7u9PYCwAybXXQnOwjZQfUuvXmQw5C/z59YaJdqD
3WuOpVTbidMnye9RhBZl0wyBONRachkYckxPRt0LU0b71b2b5SERZP/KPeVrkyAv
/8g9iSFesTecw42w4spwY020Yw+pVW/GjeoYcS37SJ6WHKcsFQv/stLtfKnsHXsn
AZ08//QMMA+ZsIdZo1tfJsSHUX99xuAcca/8a0IJykMPa9hxxffo2gHFFY8PrfDb
djXvCpv4IjxhdZZO9rFTQQLGd07e2lshanEOn0szygT4ONffjTFYzSjMLJU/csAj
OV0RIfRcN/uvAKaCNQfpeyVfOwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLk80wmf
vlp8tcUSZ9DRmUdLUCqfMB8GA1UdIwQYMBaAFK/4X37z2liHQ43SBh8unuCy3Qp/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTVGNi9CQ0E2NkI3RURB
OEUxMUVEODM1QzM5MjVDNEY5QUUwMi9yX2hmZnZQYVdJZERqZElHSHk2ZTRMTGRD
bjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JfaGZmdlBhV0lkRGpkSUdIeTZlNExMZENuOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEU1RjYvQkNBNjZCN0VEQThFMTFFRDgzNUMzOTI1QzRGOUFFMDIvRDQwMDc3NTJE
QTkyMTFFRDk5Q0QxRDI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABn8+4DBADLH6kwDQYJKoZIhvcNAQELBQADggEBABPITbTG
Nv9XpRZQsjZq0tr6FqkA/ZQpXxGGVOrDl6dIC+SvGf2OHdkDgRVI8TzxWcRz2BWK
7AZYZ2SKiB3rJ4FNvua2SrVe8rEpm90CnDHFYm7l+OLvaai3BC3KpAazNwlIw8eV
5ht0FA8KBUtwCikLXwoZYwXF6dW5EJ2fBSybJMj17EYPrQZUR6SaPVBVprThRtZd
GUFI/BuXb4o8Bd/FlhXUJKJDYUuQ8WdR+ySfzHhkUoO/w4yQQERvq+tu3NtRkxKA
s9oDJ1l0YWMJP05eZd33Zr3Yl1BoZSFw6llGudYgeVuNTak5N6VLhuPG7eco4YVI
dLACOSSUi5zFvd8=
-----END CERTIFICATE-----
Generated at Mon Feb 26 11:39:48 2024 by rpki-client on console-fra.rpki-client.org