Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915B5B1/ED629F0CD7E811EC92A94F4CC4F9AE02/08508DF83A6A11EEA7104732C4F9AE02.roa
File: 08508DF83A6A11EEA7104732C4F9AE02.roa (raw, json)
Hash identifier: 6+MkOSVsdh8i//GZ3c6zcr8CyrVglqnflvzU45hMolQ=
Subject key identifier: 4E:07:B0:80:87:63:E4:F8:FE:A3:CE:DD:B1:CA:BE:6A:F6:4E:73:C1
Certificate issuer: /CN=A915B5B1/serialNumber=DFDC3ADB33CAA8591EFAF2776C3B0C556C08A2B6
Certificate serial: 01D7
Authority key identifier: DF:DC:3A:DB:33:CA:A8:59:1E:FA:F2:77:6C:3B:0C:55:6C:08:A2:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/39w62zPKqFke-vJ3bDsMVWwIorY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915B5B1/ED629F0CD7E811EC92A94F4CC4F9AE02/08508DF83A6A11EEA7104732C4F9AE02.roa
Signing time: Mon 14 Aug 2023 06:21:55 +0000
ROA not before: Mon 14 Aug 2023 06:21:55 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 149836
IP address blocks: 103.187.244.0/24 maxlen: 24
2001:df0:c240::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 13 May 2024 21:18:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 471 (0x1d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915B5B1/serialNumber=DFDC3ADB33CAA8591EFAF2776C3B0C556C08A2B6
Validity
Not Before: Aug 14 06:21:55 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64d9c802-9372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3c:57:5f:ef:a0:83:c0:8c:e4:c5:02:fa:9b:
6a:ad:61:87:b8:1c:f2:2e:59:12:2a:31:56:2b:35:
6d:a2:a2:17:7e:fb:dd:29:b7:e5:d9:98:ea:4e:a6:
7e:4b:43:6a:ed:85:d8:a0:fc:52:c3:ae:4f:42:06:
3e:17:3f:91:2e:3d:e2:1f:f8:ae:0c:88:b9:88:fd:
5b:11:66:17:9e:cf:f5:1b:70:5f:bc:a1:cc:7e:ec:
59:2c:c4:92:79:99:fc:72:ef:e9:bd:5e:17:de:86:
af:06:a7:a6:b7:97:69:5a:96:cf:fd:de:a4:41:ba:
56:84:55:81:37:9b:20:e1:f4:43:99:07:f7:e5:5a:
6c:5b:c2:16:0e:c3:46:b8:a8:7a:f4:c1:c1:32:1f:
18:20:87:20:10:96:32:40:82:50:1d:7c:7a:71:ec:
57:d0:fa:46:e7:9a:65:a1:f1:03:12:6a:e2:2e:73:
e5:2f:78:7d:97:25:8b:e3:f1:d8:29:c4:fd:57:1d:
21:da:d9:6a:43:c4:08:62:10:8a:5f:e3:01:f0:6a:
f4:7c:36:fa:1c:2d:60:cc:3e:7b:e7:92:e9:15:aa:
bf:84:e0:b9:d1:76:5a:9d:4c:20:92:10:2c:62:9f:
28:94:19:8a:af:44:02:8e:2a:f8:3c:ee:65:ce:cc:
dd:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:07:B0:80:87:63:E4:F8:FE:A3:CE:DD:B1:CA:BE:6A:F6:4E:73:C1
X509v3 Authority Key Identifier:
keyid:DF:DC:3A:DB:33:CA:A8:59:1E:FA:F2:77:6C:3B:0C:55:6C:08:A2:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915B5B1/ED629F0CD7E811EC92A94F4CC4F9AE02/39w62zPKqFke-vJ3bDsMVWwIorY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/39w62zPKqFke-vJ3bDsMVWwIorY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B5B1/ED629F0CD7E811EC92A94F4CC4F9AE02/08508DF83A6A11EEA7104732C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.187.244.0/24
IPv6:
2001:df0:c240::/48
Signature Algorithm: sha256WithRSAEncryption
49:4c:37:a5:59:b0:df:69:64:8a:7b:f0:1d:c6:a6:b7:66:92:
5c:fd:98:69:d0:e3:93:11:4d:43:bd:f6:90:e8:e5:96:bf:25:
40:19:47:7f:5b:49:04:e6:f1:3c:0b:3e:84:d8:34:f1:ec:cf:
53:85:9e:9c:f6:e5:ea:61:52:10:8b:e0:96:8e:1b:4e:fe:f0:
6b:0b:01:5d:ed:75:51:c3:79:90:51:c2:ae:2d:82:32:08:28:
a4:4c:b6:49:8f:06:c1:15:85:af:e0:63:fb:e0:6e:79:a2:a5:
f0:4f:51:18:0f:e9:be:d0:b1:e4:c3:01:b2:21:81:31:de:bb:
0d:27:f4:b3:69:ea:1f:2e:16:d2:87:06:1d:7f:9f:5d:88:3e:
6f:4d:0e:b5:e1:f1:3b:18:5c:94:a0:39:ea:58:16:5f:b6:14:
81:71:40:3e:72:c5:1f:e9:0f:9e:70:16:e4:fc:d9:e3:4f:57:
b4:3e:9b:a4:41:0a:d5:57:d0:25:ae:48:75:8a:16:9e:3f:cb:
5d:47:c8:86:00:e5:e4:3c:dc:71:f3:4b:ae:dc:1d:ee:5a:c4:
ad:48:3e:2d:a1:84:d7:ce:7f:ac:c9:9f:d5:8d:73:9f:0a:fb:
7d:46:0c:ab:f3:40:05:7a:76:2e:15:f6:79:58:a7:d3:e7:99:
58:af:2f:2b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAdcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUI1QjExMTAvBgNVBAUTKERGREMzQURCMzNDQUE4NTkxRUZBRjI3NzZDM0IwQzU1
NkMwOEEyQjYwHhcNMjMwODE0MDYyMTU1WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQ5YzgwMi05MzcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvzxXX++gg8CM5MUC+ptqrWGHuBzyLlkSKjFWKzVtoqIXfvvdKbfl2ZjqTqZ+
S0Nq7YXYoPxSw65PQgY+Fz+RLj3iH/iuDIi5iP1bEWYXns/1G3BfvKHMfuxZLMSS
eZn8cu/pvV4X3oavBqemt5dpWpbP/d6kQbpWhFWBN5sg4fRDmQf35VpsW8IWDsNG
uKh69MHBMh8YIIcgEJYyQIJQHXx6cexX0PpG55plofEDEmriLnPlL3h9lyWL4/HY
KcT9Vx0h2tlqQ8QIYhCKX+MB8Gr0fDb6HC1gzD5755LpFaq/hOC50XZanUwgkhAs
Yp8olBmKr0QCjir4PO5lzszdnwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFE4HsICH
Y+T4/qPO3bHKvmr2TnPBMB8GA1UdIwQYMBaAFN/cOtszyqhZHvryd2w7DFVsCKK2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QjVCMS9FRDYyOUYwQ0Q3
RTgxMUVDOTJBOTRGNENDNEY5QUUwMi8zOXc2MnpQS3FGa2UtdkozYkRzTVZXd0lv
clkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzM5dzYyelBLcUZrZS12SjNiRHNNVld3SW9yWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUI1QjEvRUQ2MjlGMENEN0U4MTFFQzkyQTk0RjRDQzRGOUFFMDIvMDg1MDhERjgz
QTZBMTFFRUE3MTA0NzMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnu/QwDwQCAAIwCQMHACABDfDCQDANBgkqhkiG9w0BAQsF
AAOCAQEASUw3pVmw32lkinvwHcamt2aSXP2YadDjkxFNQ732kOjllr8lQBlHf1tJ
BObxPAs+hNg08ezPU4WenPbl6mFSEIvglo4bTv7wawsBXe11UcN5kFHCri2CMggo
pEy2SY8GwRWFr+Bj++BueaKl8E9RGA/pvtCx5MMBsiGBMd67DSf0s2nqHy4W0ocG
HX+fXYg+b00OteHxOxhclKA56lgWX7YUgXFAPnLFH+kPnnAW5PzZ409XtD6bpEEK
1VfQJa5IdYoWnj/LXUfIhgDl5DzccfNLrtwd7lrErUg+LaGE185/rMmf1Y1znwr7
fUYMq/NABXp2LhX2eVin0+eZWK8vKw==
-----END CERTIFICATE-----
Generated at Mon May 13 23:20:46 2024 by rpki-client on console-ams.rpki-client.org