Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/0FE8CF900D6811EF8151AC42C4F9AE02.roa
File: 0FE8CF900D6811EF8151AC42C4F9AE02.roa (raw, json)
Hash identifier: ay0UdPHqUIbgcmWGqYheG9dd6kNKlvX6T2sn4RSFKPA=
Subject key identifier: E7:35:DD:D4:A0:64:4E:46:B3:C5:26:BF:BD:84:EE:AA:64:60:F8:E8
Certificate issuer: /CN=A915FECB/serialNumber=B4B4AB9F3CB04430FD64D4EE2ADD0845E44D57FF
Certificate serial: 010F
Authority key identifier: B4:B4:AB:9F:3C:B0:44:30:FD:64:D4:EE:2A:DD:08:45:E4:4D:57:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLSrnzywRDD9ZNTuKt0IReRNV_8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/0FE8CF900D6811EF8151AC42C4F9AE02.roa
Signing time: Wed 08 May 2024 18:23:27 +0000
ROA not before: Wed 08 May 2024 18:23:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 103.136.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 09:34:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 271 (0x10f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915FECB/serialNumber=B4B4AB9F3CB04430FD64D4EE2ADD0845E44D57FF
Validity
Not Before: May 8 18:23:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=663bc31e-1e88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8d:32:b5:19:ea:d2:af:33:2c:7e:56:94:c4:
38:c2:1e:87:b1:77:10:b5:8a:bc:ba:d1:60:4f:ae:
a3:d9:2e:54:74:ae:95:9c:74:66:ee:99:95:51:02:
e3:77:bf:9b:aa:77:05:b8:bb:3b:7e:0e:2b:6f:19:
93:36:23:04:05:6e:3e:11:8b:d0:db:c3:05:33:f2:
67:5a:d9:2a:1e:a8:c1:de:d7:66:dc:3f:4e:d2:b7:
6c:66:90:ca:e4:c2:d3:32:8a:21:57:07:e9:6d:da:
92:0d:40:ae:dc:d7:e6:38:3b:f9:96:01:13:e7:ea:
14:b5:ca:31:67:90:b9:c8:cc:05:24:15:f9:01:61:
dc:9c:dc:28:25:c2:12:ee:eb:80:c4:2b:27:76:2b:
73:5a:76:17:e7:27:54:10:bd:e4:2a:23:03:da:ce:
27:76:fe:7f:f6:be:94:2b:69:26:61:85:3b:28:af:
a5:00:70:9b:99:61:2e:f9:0e:fa:9e:35:f3:b8:09:
36:51:e8:d3:8f:de:b6:47:96:22:2a:bb:26:16:8a:
ee:b3:69:48:82:87:22:c2:11:70:a8:f1:3d:cb:6b:
c0:18:9a:74:6c:9d:8e:ae:fd:52:03:24:a7:8b:68:
5b:d4:2b:a1:f3:14:df:da:2b:f5:f2:82:e5:5b:47:
1d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:35:DD:D4:A0:64:4E:46:B3:C5:26:BF:BD:84:EE:AA:64:60:F8:E8
X509v3 Authority Key Identifier:
keyid:B4:B4:AB:9F:3C:B0:44:30:FD:64:D4:EE:2A:DD:08:45:E4:4D:57:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/tLSrnzywRDD9ZNTuKt0IReRNV_8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLSrnzywRDD9ZNTuKt0IReRNV_8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/0FE8CF900D6811EF8151AC42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.70.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:18:37:da:90:4a:1c:29:41:50:d5:8c:10:c8:13:6f:85:1d:
4a:cd:e3:72:7c:07:5a:42:19:17:00:cc:7a:9f:ae:31:22:6d:
5c:48:a1:04:6d:37:31:c0:00:db:a8:68:b0:66:32:15:82:f8:
74:f0:00:ff:79:3f:c1:40:9d:79:e8:89:91:89:4f:db:26:03:
eb:cd:9e:dd:ba:08:25:c1:f8:2a:ce:4f:66:b0:e7:55:16:f0:
c8:e2:47:cb:b6:ba:ae:22:63:74:39:73:3e:00:d1:c4:0c:a5:
e0:39:8a:4c:90:39:63:5d:dd:3f:78:6a:da:d9:f1:3d:5e:f0:
24:dd:1a:78:75:f7:10:69:f8:2f:a6:71:b1:1b:ac:a8:f2:35:
ec:dd:b1:d5:ac:99:d6:79:61:ae:bc:3b:9f:55:3e:e5:2f:69:
16:a1:84:58:5c:18:88:8b:05:fe:17:6f:d8:a5:31:5d:0f:ed:
7d:37:c6:1c:8c:96:2e:63:24:d4:23:54:a6:68:8d:95:b0:f8:
ac:34:e1:93:c8:4c:39:ba:b6:fc:79:ab:c8:8d:2a:0e:f8:69:
1f:61:19:f2:01:9e:59:8a:02:92:f7:1a:e6:cc:cd:7a:f0:ac:
fe:ca:93:b7:03:a0:95:1d:f1:45:22:d9:a8:b3:85:55:ba:ae:
4b:4b:a3:91
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAQ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUZFQ0IxMTAvBgNVBAUTKEI0QjRBQjlGM0NCMDQ0MzBGRDY0RDRFRTJBREQwODQ1
RTQ0RDU3RkYwHhcNMjQwNTA4MTgyMzI3WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNiYzMxZS0xZTg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuo0ytRnq0q8zLH5WlMQ4wh6HsXcQtYq8utFgT66j2S5UdK6VnHRm7pmVUQLj
d7+bqncFuLs7fg4rbxmTNiMEBW4+EYvQ28MFM/JnWtkqHqjB3tdm3D9O0rdsZpDK
5MLTMoohVwfpbdqSDUCu3NfmODv5lgET5+oUtcoxZ5C5yMwFJBX5AWHcnNwoJcIS
7uuAxCsnditzWnYX5ydUEL3kKiMD2s4ndv5/9r6UK2kmYYU7KK+lAHCbmWEu+Q76
njXzuAk2UejTj962R5YiKrsmForus2lIgociwhFwqPE9y2vAGJp0bJ2Orv1SAySn
i2hb1Cuh8xTf2iv18oLlW0cd2wIDAQABo4IClTCCApEwHQYDVR0OBBYEFOc13dSg
ZE5Gs8Umv72E7qpkYPjoMB8GA1UdIwQYMBaAFLS0q588sEQw/WTU7irdCEXkTVf/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RkVDQi80RDQ3REM4NjhE
MDkxMUVEQjk3OTA4NTBDNEY5QUUwMi90TFNybnp5d1JERDlaTlR1S3QwSVJlUk5W
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RMU3Juenl3UkREOVpOVHVLdDBJUmVSTlZfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUZFQ0IvNEQ0N0RDODY4RDA5MTFFREI5NzkwODUwQzRGOUFFMDIvMEZFOENGOTAw
RDY4MTFFRjgxNTFBQzQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABniEYwDQYJKoZIhvcNAQELBQADggEBAMkYN9qQShwpQVDV
jBDIE2+FHUrN43J8B1pCGRcAzHqfrjEibVxIoQRtNzHAANuoaLBmMhWC+HTwAP95
P8FAnXnoiZGJT9smA+vNnt26CCXB+CrOT2aw51UW8MjiR8u2uq4iY3Q5cz4A0cQM
peA5ikyQOWNd3T94atrZ8T1e8CTdGnh19xBp+C+mcbEbrKjyNezdsdWsmdZ5Ya68
O59VPuUvaRahhFhcGIiLBf4Xb9ilMV0P7X03xhyMli5jJNQjVKZojZWw+Kw04ZPI
TDm6tvx5q8iNKg74aR9hGfIBnlmKApL3GubMzXrwrP7Kk7cDoJUd8UUi2aizhVW6
rktLo5E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org