Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/D651D4FA144411EF9A5FBB3BC4F9AE02.roa
File: D651D4FA144411EF9A5FBB3BC4F9AE02.roa (raw, json)
Hash identifier: GpDZ4wnlvO04eai2ECnPbbLdEXl3ZNh+P0DL4hO+7yY=
Subject key identifier: 01:5D:81:CF:E3:D3:E4:01:24:9C:B5:5E:53:CA:9F:BA:5A:E0:29:C6
Certificate issuer: /CN=A915FECB/serialNumber=B4B4AB9F3CB04430FD64D4EE2ADD0845E44D57FF
Certificate serial: 0116
Authority key identifier: B4:B4:AB:9F:3C:B0:44:30:FD:64:D4:EE:2A:DD:08:45:E4:4D:57:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLSrnzywRDD9ZNTuKt0IReRNV_8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/D651D4FA144411EF9A5FBB3BC4F9AE02.roa
Signing time: Fri 17 May 2024 11:58:56 +0000
ROA not before: Fri 17 May 2024 11:58:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53667
IP address blocks: 103.136.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jun 2024 15:04:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 278 (0x116)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915FECB/serialNumber=B4B4AB9F3CB04430FD64D4EE2ADD0845E44D57FF
Validity
Not Before: May 17 11:58:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66474680-4df0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c1:62:44:06:b9:d9:a6:c0:84:02:ec:69:b3:
95:26:af:94:7d:da:8e:36:ee:34:50:71:da:0d:91:
58:3a:45:7f:52:b4:f0:27:1e:8c:e2:ce:34:f7:22:
41:ef:da:d1:15:f9:2a:25:ec:ce:80:73:9a:bf:8d:
ab:5f:67:de:62:f0:46:68:ee:ec:2c:e4:45:f0:f9:
04:41:6a:49:c5:08:fc:b0:df:9a:7b:19:b4:c3:ee:
91:28:01:b1:36:bb:db:3f:08:d3:a9:00:83:75:c8:
b2:b1:34:85:ab:52:12:9f:07:29:05:fc:fe:83:f2:
36:09:4e:62:d6:28:ac:31:f8:1c:d6:2e:b0:13:4e:
6b:2d:b1:ef:82:46:3e:99:ef:63:24:5c:32:2d:be:
f3:86:b4:a1:00:b2:a9:11:f8:b5:93:5f:55:6e:cc:
8f:9f:ba:bc:5c:e8:25:7d:20:85:e3:88:f3:bc:db:
e0:82:4a:1d:52:ab:65:ef:08:27:e4:d3:ca:4b:3f:
52:3e:7d:4b:21:66:48:3a:e4:c0:56:a5:2d:63:a3:
0f:59:d3:55:c1:8e:9a:bc:b8:a5:eb:5e:6a:a6:0b:
44:08:a4:32:a5:1c:9a:57:07:5b:d3:6f:68:7e:6b:
27:25:d4:08:a9:e7:f7:d5:5f:45:66:d1:48:d9:59:
68:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:5D:81:CF:E3:D3:E4:01:24:9C:B5:5E:53:CA:9F:BA:5A:E0:29:C6
X509v3 Authority Key Identifier:
keyid:B4:B4:AB:9F:3C:B0:44:30:FD:64:D4:EE:2A:DD:08:45:E4:4D:57:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/tLSrnzywRDD9ZNTuKt0IReRNV_8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLSrnzywRDD9ZNTuKt0IReRNV_8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/D651D4FA144411EF9A5FBB3BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.70.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:dd:60:3d:bd:66:f5:94:f0:14:6f:14:6e:8d:76:34:28:10:
a2:29:5f:7e:7a:9c:6b:57:87:d8:e3:6e:df:11:72:c3:08:1b:
75:15:6f:a8:a8:80:74:db:5e:bd:27:97:f1:c9:e0:bb:d4:a3:
fc:48:90:bf:b4:9a:98:cb:32:a7:09:d9:f8:ca:3a:7f:c0:5e:
53:de:fc:ec:cf:8c:77:a7:dc:5e:64:c8:22:d4:6c:87:1d:c7:
5e:64:fa:62:35:9d:f4:2c:3f:ce:a2:af:b1:32:f1:9a:ca:f3:
c3:93:3f:df:f8:01:91:82:97:49:97:fc:37:47:3f:dc:82:f4:
d0:b8:0b:aa:d7:2c:b0:5b:76:55:7d:9d:b2:e3:df:6c:81:0d:
66:b5:64:83:4c:f5:03:35:24:37:12:d2:6d:7b:e4:8b:59:e8:
3b:4a:1d:49:f0:34:bb:a1:20:99:7e:12:24:3e:57:15:d1:c5:
10:0b:6b:07:d7:ed:b7:59:aa:a8:b6:4e:2d:32:b5:e7:73:ec:
be:7c:61:5f:ca:f8:68:5a:95:d9:a7:37:85:b2:da:25:14:48:
0f:15:ed:0d:f2:79:04:2e:ec:dc:fc:82:fc:de:ff:ee:8a:99:
51:fe:22:71:83:b9:8d:b8:48:0e:d8:38:ce:8c:d7:c2:8d:b6:
54:87:18:21
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICARYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUZFQ0IxMTAvBgNVBAUTKEI0QjRBQjlGM0NCMDQ0MzBGRDY0RDRFRTJBREQwODQ1
RTQ0RDU3RkYwHhcNMjQwNTE3MTE1ODU2WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQ3NDY4MC00ZGYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsMFiRAa52abAhALsabOVJq+UfdqONu40UHHaDZFYOkV/UrTwJx6M4s409yJB
79rRFfkqJezOgHOav42rX2feYvBGaO7sLORF8PkEQWpJxQj8sN+aexm0w+6RKAGx
NrvbPwjTqQCDdciysTSFq1ISnwcpBfz+g/I2CU5i1iisMfgc1i6wE05rLbHvgkY+
me9jJFwyLb7zhrShALKpEfi1k19VbsyPn7q8XOglfSCF44jzvNvggkodUqtl7wgn
5NPKSz9SPn1LIWZIOuTAVqUtY6MPWdNVwY6avLil615qpgtECKQypRyaVwdb029o
fmsnJdQIqef31V9FZtFI2VlohQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAFdgc/j
0+QBJJy1XlPKn7pa4CnGMB8GA1UdIwQYMBaAFLS0q588sEQw/WTU7irdCEXkTVf/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RkVDQi80RDQ3REM4NjhE
MDkxMUVEQjk3OTA4NTBDNEY5QUUwMi90TFNybnp5d1JERDlaTlR1S3QwSVJlUk5W
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RMU3Juenl3UkREOVpOVHVLdDBJUmVSTlZfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUZFQ0IvNEQ0N0RDODY4RDA5MTFFREI5NzkwODUwQzRGOUFFMDIvRDY1MUQ0RkEx
NDQ0MTFFRjlBNUZCQjNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABniEYwDQYJKoZIhvcNAQELBQADggEBAFrdYD29ZvWU8BRv
FG6NdjQoEKIpX356nGtXh9jjbt8RcsMIG3UVb6iogHTbXr0nl/HJ4LvUo/xIkL+0
mpjLMqcJ2fjKOn/AXlPe/OzPjHen3F5kyCLUbIcdx15k+mI1nfQsP86ir7Ey8ZrK
88OTP9/4AZGCl0mX/DdHP9yC9NC4C6rXLLBbdlV9nbLj32yBDWa1ZINM9QM1JDcS
0m175ItZ6DtKHUnwNLuhIJl+EiQ+VxXRxRALawfX7bdZqqi2Ti0ytedz7L58YV/K
+GhaldmnN4Wy2iUUSA8V7Q3yeQQu7Nz8gvze/+6KmVH+InGDuY24SA7YOM6M18KN
tlSHGCE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org