Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915F316/281B9D60F6D111EAA69DE429C4F9AE02/1BF27DB4F6D211EA840CF72AC4F9AE02.roa
File: 1BF27DB4F6D211EA840CF72AC4F9AE02.roa (raw, json)
Hash identifier: OL87HLhCe3+VO1Y3Yncd3v1Ap7OzLUNyOQrSur08AME=
Subject key identifier: 0A:D6:A0:A2:EC:DB:98:E0:2E:97:C6:D7:43:AF:A0:7F:6A:B1:67:BC
Certificate issuer: /CN=A915F316/serialNumber=04290CB24EEEF0A3A787187CB4FFC747DE861731
Certificate serial: 068F
Authority key identifier: 04:29:0C:B2:4E:EE:F0:A3:A7:87:18:7C:B4:FF:C7:47:DE:86:17:31
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BCkMsk7u8KOnhxh8tP_HR96GFzE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915F316/281B9D60F6D111EAA69DE429C4F9AE02/1BF27DB4F6D211EA840CF72AC4F9AE02.roa
Signing time: Mon 18 Sep 2023 21:59:10 +0000
ROA not before: Mon 18 Sep 2023 21:59:10 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 135157
IP address blocks: 103.193.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 22:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1679 (0x68f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915F316/serialNumber=04290CB24EEEF0A3A787187CB4FFC747DE861731
Validity
Not Before: Sep 18 21:59:10 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=6508c82e-e4bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:09:64:4f:c9:e4:19:03:0c:e6:ac:2a:e3:40:
b6:88:da:a9:b1:a7:16:df:8b:78:cd:38:84:2a:20:
8e:ec:67:1c:7a:66:85:4e:7f:fc:d4:0f:bf:78:d2:
2d:40:07:f5:81:bc:ee:82:33:38:05:f2:d5:60:8f:
3e:a5:f3:0e:cd:66:e9:f8:a0:fd:e0:18:1e:71:21:
11:87:4f:44:84:de:c4:6e:60:41:2d:0c:c1:f9:b9:
76:d8:56:6c:64:29:62:14:5b:0e:a2:5c:de:d7:fd:
cd:7b:23:c3:f3:75:8b:27:b4:e5:33:64:06:6f:7e:
22:af:23:fb:09:f6:bf:9d:d2:a9:04:08:fd:b2:37:
37:22:ca:dd:5c:2c:98:20:97:c5:08:e8:4f:7a:b5:
b4:c5:bc:f8:2d:0d:de:03:44:18:62:73:0d:d8:f7:
65:02:e7:86:7a:9e:10:42:5f:e1:fe:d1:6a:40:9f:
90:56:54:37:46:59:c5:a4:69:d4:3a:e5:22:8a:dc:
7c:c1:5d:65:ed:46:99:ec:38:d9:76:aa:0d:f3:d6:
30:bb:d8:1a:3d:c3:71:b0:1c:63:e0:89:b1:52:7f:
63:44:7e:c4:9b:6e:bc:1b:0e:74:e2:e7:40:71:db:
49:90:04:2b:5f:f0:08:00:31:3f:80:93:4c:eb:6b:
da:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D6:A0:A2:EC:DB:98:E0:2E:97:C6:D7:43:AF:A0:7F:6A:B1:67:BC
X509v3 Authority Key Identifier:
keyid:04:29:0C:B2:4E:EE:F0:A3:A7:87:18:7C:B4:FF:C7:47:DE:86:17:31
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915F316/281B9D60F6D111EAA69DE429C4F9AE02/BCkMsk7u8KOnhxh8tP_HR96GFzE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BCkMsk7u8KOnhxh8tP_HR96GFzE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915F316/281B9D60F6D111EAA69DE429C4F9AE02/1BF27DB4F6D211EA840CF72AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.193.139.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:4e:a6:39:40:28:92:d0:99:b6:49:5b:2e:63:c3:6c:11:c3:
41:ce:e3:26:e0:a5:29:41:df:f6:11:4c:1f:82:bd:63:49:54:
30:8a:b7:b2:6d:9e:ad:07:38:34:42:43:0f:dd:88:db:f4:d6:
ad:6d:d1:39:76:aa:cd:45:e7:02:f2:a3:f4:b2:a7:2b:a8:d4:
2b:94:09:c3:98:b5:2f:81:f7:62:56:98:28:3b:cf:bc:8a:24:
2e:96:f3:c3:6b:52:fb:25:72:00:7d:d6:d3:f2:64:05:b2:dd:
e6:be:2f:7e:aa:ba:bf:64:f8:14:c9:75:b0:8c:1a:71:d9:26:
e9:1a:a4:6e:e5:07:71:f0:3c:98:36:78:5f:8d:b7:91:51:4b:
ac:f0:cf:d4:4b:12:da:dc:dc:5d:0d:b7:51:7d:d2:68:66:eb:
ae:c6:e2:5b:a7:5e:28:e4:c1:63:49:6e:eb:0f:eb:b2:36:7f:
2b:ef:9e:9f:11:23:a4:56:67:de:8e:47:7a:11:bc:41:3b:b7:
f5:18:94:c6:68:59:06:60:4c:ed:af:7a:48:97:09:5c:0a:fe:
84:8f:f2:13:59:48:18:ae:86:02:46:12:a8:90:7d:65:04:86:
4b:63:f9:a2:3b:2d:28:d3:e2:56:f2:81:b1:5a:be:e3:e2:94:
d8:77:97:37
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUYzMTYxMTAvBgNVBAUTKDA0MjkwQ0IyNEVFRUYwQTNBNzg3MTg3Q0I0RkZDNzQ3
REU4NjE3MzEwHhcNMjMwOTE4MjE1OTEwWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTA4YzgyZS1lNGJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwAlkT8nkGQMM5qwq40C2iNqpsacW34t4zTiEKiCO7GccemaFTn/81A+/eNIt
QAf1gbzugjM4BfLVYI8+pfMOzWbp+KD94BgecSERh09EhN7EbmBBLQzB+bl22FZs
ZCliFFsOolze1/3NeyPD83WLJ7TlM2QGb34iryP7Cfa/ndKpBAj9sjc3IsrdXCyY
IJfFCOhPerW0xbz4LQ3eA0QYYnMN2PdlAueGep4QQl/h/tFqQJ+QVlQ3RlnFpGnU
OuUiitx8wV1l7UaZ7DjZdqoN89Ywu9gaPcNxsBxj4ImxUn9jRH7Em268Gw504udA
cdtJkAQrX/AIADE/gJNM62vamwIDAQABo4IClTCCApEwHQYDVR0OBBYEFArWoKLs
25jgLpfG10OvoH9qsWe8MB8GA1UdIwQYMBaAFAQpDLJO7vCjp4cYfLT/x0fehhcx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RjMxNi8yODFCOUQ2MEY2
RDExMUVBQTY5REU0MjlDNEY5QUUwMi9CQ2tNc2s3dThLT25oeGg4dFBfSFI5NkdG
ekUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JDa01zazd1OEtPbmh4aDh0UF9IUjk2R0Z6RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUYzMTYvMjgxQjlENjBGNkQxMTFFQUE2OURFNDI5QzRGOUFFMDIvMUJGMjdEQjRG
NkQyMTFFQTg0MENGNzJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnwYswDQYJKoZIhvcNAQELBQADggEBAMROpjlAKJLQmbZJ
Wy5jw2wRw0HO4ybgpSlB3/YRTB+CvWNJVDCKt7Jtnq0HODRCQw/diNv01q1t0Tl2
qs1F5wLyo/Sypyuo1CuUCcOYtS+B92JWmCg7z7yKJC6W88NrUvslcgB91tPyZAWy
3ea+L36qur9k+BTJdbCMGnHZJukapG7lB3HwPJg2eF+Nt5FRS6zwz9RLEtrc3F0N
t1F90mhm667G4lunXijkwWNJbusP67I2fyvvnp8RI6RWZ96OR3oRvEE7t/UYlMZo
WQZgTO2vekiXCVwK/oSP8hNZSBiuhgJGEqiQfWUEhktj+aI7LSjT4lbygbFavuPi
lNh3lzc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org