Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/C4649496EC2A11ED8152095BC4F9AE02.roa
File: C4649496EC2A11ED8152095BC4F9AE02.roa (raw, json)
Hash identifier: DDS3Wh9enab8rjIfiISv/1n2Uab3flgaV/SiHHREUHc=
Subject key identifier: 1B:B7:CE:C0:AB:DD:B4:1C:14:EC:E0:17:95:75:41:A7:16:80:C8:BF
Certificate issuer: /CN=A915FECB/serialNumber=B4B4AB9F3CB04430FD64D4EE2ADD0845E44D57FF
Certificate serial: 5F
Authority key identifier: B4:B4:AB:9F:3C:B0:44:30:FD:64:D4:EE:2A:DD:08:45:E4:4D:57:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLSrnzywRDD9ZNTuKt0IReRNV_8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/C4649496EC2A11ED8152095BC4F9AE02.roa
Signing time: Wed 05 Jul 2023 19:13:30 +0000
ROA not before: Wed 05 Jul 2023 19:13:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30938
IP address blocks: 103.136.68.0/24 maxlen: 24
103.136.69.0/24 maxlen: 24
103.136.70.0/24 maxlen: 24
103.136.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Oct 2023 21:51:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95 (0x5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915FECB/serialNumber=B4B4AB9F3CB04430FD64D4EE2ADD0845E44D57FF
Validity
Not Before: Jul 5 19:13:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64a5c0da-a9c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:85:d9:0e:ad:5e:ed:26:3b:b8:b9:78:b0:d1:
07:94:0c:b4:9a:15:cc:62:dd:3a:ff:ea:89:d4:6e:
09:30:3d:38:3a:7e:42:73:97:12:cf:c2:8b:2a:c9:
62:db:6c:9b:4c:ec:84:f5:8d:f6:49:89:64:95:71:
2e:b5:cc:a2:a2:c0:4d:07:45:71:de:ee:4d:9d:42:
de:55:f4:34:61:21:34:0e:8d:00:88:8f:5f:2b:03:
79:46:77:dd:b1:6d:8b:f2:1d:6f:a2:7f:6b:04:69:
a6:39:33:83:1d:69:3b:e3:be:8f:19:85:0c:f2:6e:
1e:c6:fb:82:22:e0:05:36:b0:01:e1:c7:03:e5:23:
b0:e8:32:82:3c:72:49:12:d9:72:c9:3c:10:d2:e0:
15:c0:f1:b9:cc:f9:3c:bc:83:3a:32:d6:d2:03:fd:
05:f8:46:b7:af:f5:10:9f:b8:05:ee:1b:2f:47:30:
87:6e:5e:23:7b:65:1e:c7:2b:36:53:97:3c:35:42:
2c:33:5f:6e:ee:58:77:e7:5c:b6:68:61:fe:db:12:
3f:75:47:b0:7b:87:fe:c5:5e:76:a9:84:25:b9:12:
6d:f3:a0:c5:99:5e:e5:c0:97:63:93:23:57:2f:31:
f8:48:4a:b9:43:48:4e:9a:b7:68:1a:44:28:e8:5f:
31:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:B7:CE:C0:AB:DD:B4:1C:14:EC:E0:17:95:75:41:A7:16:80:C8:BF
X509v3 Authority Key Identifier:
keyid:B4:B4:AB:9F:3C:B0:44:30:FD:64:D4:EE:2A:DD:08:45:E4:4D:57:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/tLSrnzywRDD9ZNTuKt0IReRNV_8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLSrnzywRDD9ZNTuKt0IReRNV_8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/C4649496EC2A11ED8152095BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.68.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:16:b8:10:94:ac:88:f7:f7:4c:04:49:2b:2e:b2:14:82:ea:
53:ee:41:f1:83:e8:7c:4c:11:8a:cd:30:52:8c:11:55:f5:9c:
56:37:ed:90:6e:9d:a7:33:53:1e:fb:b1:56:76:ee:cc:60:be:
95:a9:77:b0:30:cf:a8:8b:7e:6b:5b:b9:8c:8c:fa:9b:38:69:
4b:68:21:94:38:0e:52:9c:62:05:be:18:cf:26:cf:1a:8d:63:
ca:a6:3c:0f:3d:db:48:51:4a:24:bc:1e:7f:e1:8e:08:da:84:
21:06:04:37:b9:44:3c:82:00:c5:85:28:9d:de:8e:92:cf:ad:
10:bd:2e:d8:34:3e:e2:58:be:03:20:6f:3b:43:89:99:bc:2a:
df:05:51:5a:f1:ce:5d:a7:74:b8:23:8b:de:5d:50:bd:05:f2:
b3:19:b9:c1:ef:4a:0d:77:7d:5c:15:8c:65:82:a4:f4:a3:96:
6d:50:c3:68:0b:b1:7a:9c:22:1c:96:f1:0b:f9:06:25:39:ee:
f9:ae:00:66:40:b3:42:4a:9a:3e:20:9d:43:8c:3d:fc:43:d1:
0d:e4:04:02:40:1d:9e:83:b9:10:84:06:0c:6e:02:8b:7d:9a:
cb:41:14:74:d4:fe:2e:c0:d3:53:32:96:62:cd:51:21:6f:83:
92:c2:bc:c3
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBXzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
RkVDQjExMC8GA1UEBRMoQjRCNEFCOUYzQ0IwNDQzMEZENjRENEVFMkFERDA4NDVF
NDRENTdGRjAeFw0yMzA3MDUxOTEzMzBaFw0yNDA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0YTVjMGRhLWE5YzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDbhdkOrV7tJju4uXiw0QeUDLSaFcxi3Tr/6onUbgkwPTg6fkJzlxLPwosqyWLb
bJtM7IT1jfZJiWSVcS61zKKiwE0HRXHe7k2dQt5V9DRhITQOjQCIj18rA3lGd92x
bYvyHW+if2sEaaY5M4MdaTvjvo8ZhQzybh7G+4Ii4AU2sAHhxwPlI7DoMoI8ckkS
2XLJPBDS4BXA8bnM+Ty8gzoy1tID/QX4Rrev9RCfuAXuGy9HMIduXiN7ZR7HKzZT
lzw1QiwzX27uWHfnXLZoYf7bEj91R7B7h/7FXnaphCW5Em3zoMWZXuXAl2OTI1cv
MfhISrlDSE6at2gaRCjoXzGjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUG7fOwKvd
tBwU7OAXlXVBpxaAyL8wHwYDVR0jBBgwFoAUtLSrnzywRDD9ZNTuKt0IReRNV/8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVGRUNCLzRENDdEQzg2OEQw
OTExRURCOTc5MDg1MEM0RjlBRTAyL3RMU3Juenl3UkREOVpOVHVLdDBJUmVSTlZf
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdExTcm56eXdSREQ5Wk5UdUt0MElSZVJOVl84LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
RkVDQi80RDQ3REM4NjhEMDkxMUVEQjk3OTA4NTBDNEY5QUUwMi9DNDY0OTQ5NkVD
MkExMUVEODE1MjA5NUJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAmeIRDANBgkqhkiG9w0BAQsFAAOCAQEAGxa4EJSsiPf3TARJ
Ky6yFILqU+5B8YPofEwRis0wUowRVfWcVjftkG6dpzNTHvuxVnbuzGC+lal3sDDP
qIt+a1u5jIz6mzhpS2ghlDgOUpxiBb4YzybPGo1jyqY8Dz3bSFFKJLwef+GOCNqE
IQYEN7lEPIIAxYUond6Oks+tEL0u2DQ+4li+AyBvO0OJmbwq3wVRWvHOXad0uCOL
3l1QvQXysxm5we9KDXd9XBWMZYKk9KOWbVDDaAuxepwiHJbxC/kGJTnu+a4AZkCz
QkqaPiCdQ4w9/EPRDeQEAkAdnoO5EIQGDG4Ci32ay0EUdNT+LsDTUzKWYs1RIW+D
ksK8ww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org