Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/607F9B0609F711EFA32B3236C4F9AE02.roa
File: 607F9B0609F711EFA32B3236C4F9AE02.roa (raw, json)
Hash identifier: tSQfSn5725DlqhCKVnvpscewCy5Y588A9uszdJ168qA=
Subject key identifier: 4E:CB:6D:EF:4D:38:A7:44:83:8A:7E:91:F8:88:7E:B4:EE:00:B4:C7
Certificate issuer: /CN=A915FECB/serialNumber=B4B4AB9F3CB04430FD64D4EE2ADD0845E44D57FF
Certificate serial: 0125
Authority key identifier: B4:B4:AB:9F:3C:B0:44:30:FD:64:D4:EE:2A:DD:08:45:E4:4D:57:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLSrnzywRDD9ZNTuKt0IReRNV_8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/607F9B0609F711EFA32B3236C4F9AE02.roa
Signing time: Sat 08 Jun 2024 19:56:23 +0000
ROA not before: Sat 08 Jun 2024 19:56:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30938
IP address blocks: 103.136.69.0/24 maxlen: 24
103.136.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 Aug 2024 13:06:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 293 (0x125)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915FECB/serialNumber=B4B4AB9F3CB04430FD64D4EE2ADD0845E44D57FF
Validity
Not Before: Jun 8 19:56:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6664b766-c58b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d8:c0:b4:62:6c:5e:dd:e3:33:e3:19:2f:3f:
2e:86:06:91:78:13:68:f8:b3:68:07:8b:72:af:68:
78:49:1d:0e:40:97:04:0c:11:71:3f:58:6e:c6:44:
b0:c4:7a:84:f0:62:f0:eb:da:0a:91:73:e8:a8:3d:
da:a1:87:4d:2b:be:65:30:42:4c:02:86:34:48:2d:
6f:b6:2e:62:66:0b:3f:7c:21:55:65:bb:8f:27:62:
4e:26:18:71:ae:7f:16:95:c1:00:e9:49:c0:4b:ec:
bb:07:2c:d1:e0:bb:4c:07:20:1a:58:36:a4:b7:45:
97:07:66:f6:b0:d9:70:aa:c1:01:12:be:3e:0f:20:
b9:7d:6e:16:63:b1:1c:f3:5e:c8:a4:c0:d6:c0:c5:
ec:42:c7:0b:81:35:d8:36:16:c9:87:1c:c4:cd:58:
8d:08:98:bf:1d:dc:42:5e:bb:3b:7f:1f:6f:62:fb:
97:43:2e:6c:d9:5d:a6:73:62:76:57:66:da:fa:4b:
45:49:48:11:66:16:d9:3c:87:c5:60:f5:a6:f3:be:
6e:ad:41:2c:5b:f3:45:80:b4:b4:ac:45:57:14:a6:
fd:b2:94:fa:bd:1c:4e:60:fd:bf:47:2e:07:0d:71:
20:03:23:e7:c4:e9:04:67:a7:5e:48:bf:89:b5:23:
ef:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:CB:6D:EF:4D:38:A7:44:83:8A:7E:91:F8:88:7E:B4:EE:00:B4:C7
X509v3 Authority Key Identifier:
keyid:B4:B4:AB:9F:3C:B0:44:30:FD:64:D4:EE:2A:DD:08:45:E4:4D:57:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/tLSrnzywRDD9ZNTuKt0IReRNV_8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLSrnzywRDD9ZNTuKt0IReRNV_8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/607F9B0609F711EFA32B3236C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.69.0-103.136.70.255
Signature Algorithm: sha256WithRSAEncryption
61:8d:1f:17:cc:15:b5:71:7b:a8:7f:61:66:fb:89:c1:5d:f8:
c7:83:da:91:87:cb:15:a1:07:64:55:b4:f6:95:b5:f3:05:50:
6f:e0:f8:e9:c9:eb:90:3f:78:d9:42:87:82:b1:6b:a0:5b:84:
43:3e:cb:aa:cc:66:4d:50:31:81:1e:e0:5b:5d:1e:45:45:2b:
9a:db:97:95:a2:07:18:b5:e2:67:d4:60:32:6c:9e:59:6b:e1:
e8:3f:78:84:ad:13:68:2b:0e:eb:98:03:95:51:d9:2f:1d:11:
a0:d2:b6:33:38:9b:3c:2c:85:79:c8:24:c9:16:63:d6:c6:ff:
53:af:14:20:23:bc:74:10:d5:1c:38:21:a9:ba:3b:39:2a:bb:
a3:87:29:e0:85:62:06:9b:42:a4:f7:4e:f6:b7:49:46:66:a2:
2f:f2:b1:b6:4b:ca:b4:27:5d:a3:a6:59:0b:9a:0b:15:1e:cb:
8c:2d:13:7d:56:c2:5f:76:de:51:59:00:ec:f5:11:39:0f:97:
fa:bb:ee:58:b6:21:de:93:b5:39:26:c6:5b:2d:57:dc:36:20:
b2:44:da:37:06:50:a2:f9:8c:23:f8:65:b5:50:85:7e:bb:2d:
29:93:44:f8:93:94:6c:e1:0a:c2:94:7a:d9:87:91:cd:e2:28:
71:23:98:f8
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICASUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUZFQ0IxMTAvBgNVBAUTKEI0QjRBQjlGM0NCMDQ0MzBGRDY0RDRFRTJBREQwODQ1
RTQ0RDU3RkYwHhcNMjQwNjA4MTk1NjIzWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjY0Yjc2Ni1jNThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAudjAtGJsXt3jM+MZLz8uhgaReBNo+LNoB4tyr2h4SR0OQJcEDBFxP1huxkSw
xHqE8GLw69oKkXPoqD3aoYdNK75lMEJMAoY0SC1vti5iZgs/fCFVZbuPJ2JOJhhx
rn8WlcEA6UnAS+y7ByzR4LtMByAaWDakt0WXB2b2sNlwqsEBEr4+DyC5fW4WY7Ec
817IpMDWwMXsQscLgTXYNhbJhxzEzViNCJi/HdxCXrs7fx9vYvuXQy5s2V2mc2J2
V2ba+ktFSUgRZhbZPIfFYPWm875urUEsW/NFgLS0rEVXFKb9spT6vRxOYP2/Ry4H
DXEgAyPnxOkEZ6deSL+JtSPvnQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFE7Lbe9N
OKdEg4p+kfiIfrTuALTHMB8GA1UdIwQYMBaAFLS0q588sEQw/WTU7irdCEXkTVf/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RkVDQi80RDQ3REM4NjhE
MDkxMUVEQjk3OTA4NTBDNEY5QUUwMi90TFNybnp5d1JERDlaTlR1S3QwSVJlUk5W
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RMU3Juenl3UkREOVpOVHVLdDBJUmVSTlZfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUZFQ0IvNEQ0N0RDODY4RDA5MTFFREI5NzkwODUwQzRGOUFFMDIvNjA3RjlCMDYw
OUY3MTFFRkEzMkIzMjM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAGeIRQMEAGeIRjANBgkqhkiG9w0BAQsFAAOCAQEAYY0f
F8wVtXF7qH9hZvuJwV34x4PakYfLFaEHZFW09pW18wVQb+D46cnrkD942UKHgrFr
oFuEQz7LqsxmTVAxgR7gW10eRUUrmtuXlaIHGLXiZ9RgMmyeWWvh6D94hK0TaCsO
65gDlVHZLx0RoNK2MzibPCyFecgkyRZj1sb/U68UICO8dBDVHDghqbo7OSq7o4cp
4IViBptCpPdO9rdJRmaiL/KxtkvKtCddo6ZZC5oLFR7LjC0TfVbCX3beUVkA7PUR
OQ+X+rvuWLYh3pO1OSbGWy1X3DYgskTaNwZQovmMI/hltVCFfrstKZNE+JOUbOEK
wpR62YeRzeIocSOY+A==
-----END CERTIFICATE-----
Generated at Fri Aug 30 15:58:44 2024 by rpki-client on console-fra.rpki-client.org