Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/5C5FAC6E688011EEBB14EA58C4F9AE02.roa
File: 5C5FAC6E688011EEBB14EA58C4F9AE02.roa (raw, json)
Hash identifier: 5agWaRzjQNDplH+6vq3FZq7pNpjcgmDUI+NkZApJGxE=
Subject key identifier: DE:81:B4:5B:BB:ED:3A:E6:A5:76:DC:66:ED:18:72:C6:A9:3E:17:57
Certificate issuer: /CN=A915FECB/serialNumber=B4B4AB9F3CB04430FD64D4EE2ADD0845E44D57FF
Certificate serial: F4
Authority key identifier: B4:B4:AB:9F:3C:B0:44:30:FD:64:D4:EE:2A:DD:08:45:E4:4D:57:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLSrnzywRDD9ZNTuKt0IReRNV_8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/5C5FAC6E688011EEBB14EA58C4F9AE02.roa
Signing time: Fri 05 Apr 2024 06:08:58 +0000
ROA not before: Fri 05 Apr 2024 06:08:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30938
IP address blocks: 103.136.68.0/24 maxlen: 24
103.136.69.0/24 maxlen: 24
103.136.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Apr 2024 09:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 244 (0xf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915FECB/serialNumber=B4B4AB9F3CB04430FD64D4EE2ADD0845E44D57FF
Validity
Not Before: Apr 5 06:08:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=660f9579-b7af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7c:ee:0c:8a:8f:b4:f2:d5:4f:a9:14:86:2c:
07:8d:58:f3:93:39:53:f3:a7:cf:e6:b2:34:d5:15:
ce:92:8b:69:3d:1d:7d:fe:fe:93:2e:d5:d6:79:c0:
1e:95:4e:f7:23:dc:13:61:68:75:42:47:cf:cb:b7:
ad:b0:91:0f:a7:e3:cd:ca:75:a6:b3:2b:b2:0b:ab:
25:c1:91:6b:a6:35:ea:05:97:cf:55:96:c9:5e:a2:
df:37:ae:50:f3:65:b7:a0:ec:16:1d:33:3a:a3:46:
83:68:40:18:23:09:b4:67:39:11:36:a6:19:f4:9d:
bf:41:a2:b0:af:da:2f:91:7d:ee:61:33:2b:62:f3:
9a:90:6d:1f:34:b7:56:8a:f1:b8:0f:51:99:92:4f:
e4:3c:d0:bb:3d:a0:a2:23:a6:94:3c:9c:39:ec:1a:
a2:04:a5:4a:bd:91:04:6e:e8:66:55:95:46:3e:69:
d9:67:a0:5b:67:06:c4:c0:3a:b0:41:4e:e9:7b:6f:
f3:4f:e8:9f:24:16:59:c5:af:53:99:47:0e:99:e5:
dd:c8:3a:aa:dc:b0:05:7f:a4:a6:df:03:61:2f:87:
ef:4f:24:da:d7:c9:d7:18:af:00:1f:9f:27:77:3e:
9e:3a:b9:67:14:f8:aa:e7:93:80:b2:72:a2:61:c8:
87:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:81:B4:5B:BB:ED:3A:E6:A5:76:DC:66:ED:18:72:C6:A9:3E:17:57
X509v3 Authority Key Identifier:
keyid:B4:B4:AB:9F:3C:B0:44:30:FD:64:D4:EE:2A:DD:08:45:E4:4D:57:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/tLSrnzywRDD9ZNTuKt0IReRNV_8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLSrnzywRDD9ZNTuKt0IReRNV_8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/5C5FAC6E688011EEBB14EA58C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.68.0-103.136.70.255
Signature Algorithm: sha256WithRSAEncryption
6b:10:cc:7d:aa:3d:6b:eb:72:12:4a:07:08:76:a9:fc:e4:99:
31:20:96:98:11:5e:4f:aa:a5:f2:43:b0:ca:7b:1d:a6:5c:39:
a9:d7:cc:12:a1:b0:7a:0a:37:98:05:3a:2c:98:89:84:dc:37:
2f:4f:ce:6f:14:d0:6c:65:01:8c:84:ef:a4:80:e4:f1:13:a0:
95:02:12:b1:22:04:09:dc:ee:51:0a:41:e3:8c:d5:fa:f2:c3:
ca:1f:19:eb:f9:46:f6:15:cf:35:7d:7c:26:b8:e4:da:eb:9d:
93:51:1e:be:5b:2f:0e:81:c5:b9:9d:af:5d:7d:63:c1:20:1d:
f9:07:6d:52:a4:52:4a:d3:9d:2d:cf:8a:a4:af:f5:8c:0c:8d:
5f:f1:cf:8c:df:a8:06:9c:80:d8:aa:78:2c:01:51:ae:cd:b3:
b5:2c:fd:06:f7:7b:35:91:25:a3:6b:16:c6:6f:78:17:a2:b1:
91:ee:35:9c:c3:bc:44:0f:2f:e0:5c:29:31:7d:04:02:51:34:
f0:04:08:23:23:77:24:92:59:2a:dd:a7:c2:ef:58:84:1b:dc:
c3:39:64:3e:0c:91:0f:18:37:6d:19:69:bc:4e:ba:3c:64:4f:
a7:e1:fd:17:30:3a:a4:dc:4b:2c:a4:c3:7a:d2:42:31:11:21:
83:4a:2f:de
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICAPQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUZFQ0IxMTAvBgNVBAUTKEI0QjRBQjlGM0NCMDQ0MzBGRDY0RDRFRTJBREQwODQ1
RTQ0RDU3RkYwHhcNMjQwNDA1MDYwODU4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBmOTU3OS1iN2FmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqnzuDIqPtPLVT6kUhiwHjVjzkzlT86fP5rI01RXOkotpPR19/v6TLtXWecAe
lU73I9wTYWh1QkfPy7etsJEPp+PNynWmsyuyC6slwZFrpjXqBZfPVZbJXqLfN65Q
82W3oOwWHTM6o0aDaEAYIwm0ZzkRNqYZ9J2/QaKwr9ovkX3uYTMrYvOakG0fNLdW
ivG4D1GZkk/kPNC7PaCiI6aUPJw57BqiBKVKvZEEbuhmVZVGPmnZZ6BbZwbEwDqw
QU7pe2/zT+ifJBZZxa9TmUcOmeXdyDqq3LAFf6Sm3wNhL4fvTyTa18nXGK8AH58n
dz6eOrlnFPiq55OAsnKiYciHdwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFN6BtFu7
7TrmpXbcZu0YcsapPhdXMB8GA1UdIwQYMBaAFLS0q588sEQw/WTU7irdCEXkTVf/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RkVDQi80RDQ3REM4NjhE
MDkxMUVEQjk3OTA4NTBDNEY5QUUwMi90TFNybnp5d1JERDlaTlR1S3QwSVJlUk5W
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RMU3Juenl3UkREOVpOVHVLdDBJUmVSTlZfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUZFQ0IvNEQ0N0RDODY4RDA5MTFFREI5NzkwODUwQzRGOUFFMDIvNUM1RkFDNkU2
ODgwMTFFRUJCMTRFQTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAmeIRAMEAGeIRjANBgkqhkiG9w0BAQsFAAOCAQEAaxDM
fao9a+tyEkoHCHap/OSZMSCWmBFeT6ql8kOwynsdplw5qdfMEqGwego3mAU6LJiJ
hNw3L0/ObxTQbGUBjITvpIDk8ROglQISsSIECdzuUQpB44zV+vLDyh8Z6/lG9hXP
NX18Jrjk2uudk1EevlsvDoHFuZ2vXX1jwSAd+QdtUqRSStOdLc+KpK/1jAyNX/HP
jN+oBpyA2Kp4LAFRrs2ztSz9Bvd7NZElo2sWxm94F6Kxke41nMO8RA8v4FwpMX0E
AlE08AQIIyN3JJJZKt2nwu9YhBvcwzlkPgyRDxg3bRlpvE66PGRPp+H9FzA6pNxL
LKTDetJCMREhg0ov3g==
-----END CERTIFICATE-----
Generated at Fri Apr 12 12:38:46 2024 by rpki-client on console-fra.rpki-client.org