Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/DC252BC866D011EF9DE0C540C4F9AE02.roa
File: DC252BC866D011EF9DE0C540C4F9AE02.roa (raw, json)
Hash identifier: glO5K5it3Ked/AcIyPXcqWAVPtvzcREcIkS4GBUHLnw=
Subject key identifier: B4:E7:74:5B:5B:B6:6E:ED:4C:98:7F:78:B0:A7:BF:E3:4F:E9:13:05
Certificate issuer: /CN=A915FECB/serialNumber=B4B4AB9F3CB04430FD64D4EE2ADD0845E44D57FF
Certificate serial: 0153
Authority key identifier: B4:B4:AB:9F:3C:B0:44:30:FD:64:D4:EE:2A:DD:08:45:E4:4D:57:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLSrnzywRDD9ZNTuKt0IReRNV_8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/DC252BC866D011EF9DE0C540C4F9AE02.roa
Signing time: Fri 30 Aug 2024 13:07:50 +0000
ROA not before: Fri 30 Aug 2024 13:07:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151704
IP address blocks: 103.136.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 13:24:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 339 (0x153)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915FECB/serialNumber=B4B4AB9F3CB04430FD64D4EE2ADD0845E44D57FF
Validity
Not Before: Aug 30 13:07:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66d1c426-8a14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:9b:c6:7c:c7:6c:21:53:3f:55:fe:5f:a1:cc:
2f:93:33:5f:83:29:1c:e5:10:d6:a7:e8:85:ed:48:
4d:60:85:47:70:59:82:05:2c:93:6c:2c:fb:fe:24:
bb:34:ff:f7:0c:54:cd:85:da:07:8f:83:3f:75:7f:
48:e4:15:c9:ec:b9:24:a7:37:fc:f5:c5:73:48:f7:
56:3b:2b:eb:2b:47:d9:9d:b7:f7:e1:cd:87:7a:b2:
f6:d0:07:fa:23:7b:bf:a6:33:aa:47:eb:67:c9:a0:
6a:29:ca:40:4b:3d:b9:06:69:49:3e:94:87:a4:e2:
d9:7d:b8:81:10:9e:22:17:d8:5c:a4:70:8c:5a:83:
a0:e2:fb:8b:4e:4f:2b:ce:56:e7:f8:7f:5e:b4:99:
a4:41:a6:42:23:87:9c:1b:de:59:58:58:7b:70:41:
44:92:f0:18:9c:a5:62:d6:8b:3e:64:54:fe:5e:5a:
a8:de:18:26:17:00:04:9a:52:29:46:96:c5:a5:7d:
f3:3c:3f:01:18:b0:44:ac:e8:ff:40:4b:7e:fb:fb:
18:ef:69:51:d9:8e:60:d0:b8:fc:f0:a1:9d:6d:af:
9c:3d:e2:79:cc:75:7d:54:c4:40:cf:5d:45:86:ff:
c6:aa:32:f5:b4:e9:2c:a7:18:05:d7:ab:24:10:32:
33:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E7:74:5B:5B:B6:6E:ED:4C:98:7F:78:B0:A7:BF:E3:4F:E9:13:05
X509v3 Authority Key Identifier:
keyid:B4:B4:AB:9F:3C:B0:44:30:FD:64:D4:EE:2A:DD:08:45:E4:4D:57:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/tLSrnzywRDD9ZNTuKt0IReRNV_8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLSrnzywRDD9ZNTuKt0IReRNV_8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915FECB/4D47DC868D0911EDB9790850C4F9AE02/DC252BC866D011EF9DE0C540C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.70.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:4f:2c:65:93:15:54:eb:9d:e7:ef:95:a0:c6:19:b0:6b:c6:
bb:e2:04:fd:c9:6b:94:7d:a8:7e:6c:4a:fb:8d:3f:39:03:e4:
64:79:40:e8:79:59:83:76:02:f4:f9:0a:e6:ec:da:c4:e6:2f:
06:a2:82:7e:ab:28:56:d6:4d:b2:6d:99:ac:c8:b3:ce:68:fd:
b3:9b:a9:8b:a5:0c:a2:6e:f9:32:61:64:b9:75:22:c4:22:8d:
35:e7:73:7f:f9:2d:32:47:f7:03:b7:77:fe:9f:65:cf:3d:c4:
d1:93:94:76:a7:ee:ac:a8:6d:30:8f:98:b5:3e:3e:99:43:fb:
5d:2b:ea:9b:57:5b:fc:39:ae:5a:94:a1:1a:f0:de:e1:f6:5a:
6d:fa:db:04:5d:5b:28:57:4e:69:80:72:a1:d9:1d:2a:b2:15:
e5:4e:eb:bb:47:47:62:b2:b7:21:17:04:b1:c3:b4:4b:ea:e8:
65:8d:16:b4:0b:be:07:34:37:d0:6e:91:1c:9f:0b:19:a7:72:
07:f5:04:66:70:a9:cd:ae:2d:35:e7:ce:ca:d1:11:60:6d:e0:
17:26:4a:34:26:02:39:d1:fb:17:2a:c3:31:57:30:12:98:0a:
ac:55:08:3f:c1:87:bb:37:21:1e:db:cf:cb:99:4a:33:63:a7:
37:11:36:bb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAVMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUZFQ0IxMTAvBgNVBAUTKEI0QjRBQjlGM0NCMDQ0MzBGRDY0RDRFRTJBREQwODQ1
RTQ0RDU3RkYwHhcNMjQwODMwMTMwNzUwWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQxYzQyNi04YTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+JvGfMdsIVM/Vf5focwvkzNfgykc5RDWp+iF7UhNYIVHcFmCBSyTbCz7/iS7
NP/3DFTNhdoHj4M/dX9I5BXJ7Lkkpzf89cVzSPdWOyvrK0fZnbf34c2HerL20Af6
I3u/pjOqR+tnyaBqKcpASz25BmlJPpSHpOLZfbiBEJ4iF9hcpHCMWoOg4vuLTk8r
zlbn+H9etJmkQaZCI4ecG95ZWFh7cEFEkvAYnKVi1os+ZFT+Xlqo3hgmFwAEmlIp
RpbFpX3zPD8BGLBErOj/QEt++/sY72lR2Y5g0Lj88KGdba+cPeJ5zHV9VMRAz11F
hv/GqjL1tOkspxgF16skEDIzzQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLTndFtb
tm7tTJh/eLCnv+NP6RMFMB8GA1UdIwQYMBaAFLS0q588sEQw/WTU7irdCEXkTVf/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RkVDQi80RDQ3REM4NjhE
MDkxMUVEQjk3OTA4NTBDNEY5QUUwMi90TFNybnp5d1JERDlaTlR1S3QwSVJlUk5W
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RMU3Juenl3UkREOVpOVHVLdDBJUmVSTlZfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUZFQ0IvNEQ0N0RDODY4RDA5MTFFREI5NzkwODUwQzRGOUFFMDIvREMyNTJCQzg2
NkQwMTFFRjlERTBDNTQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABniEYwDQYJKoZIhvcNAQELBQADggEBALJPLGWTFVTrnefv
laDGGbBrxrviBP3Ja5R9qH5sSvuNPzkD5GR5QOh5WYN2AvT5Cubs2sTmLwaign6r
KFbWTbJtmazIs85o/bObqYulDKJu+TJhZLl1IsQijTXnc3/5LTJH9wO3d/6fZc89
xNGTlHan7qyobTCPmLU+PplD+10r6ptXW/w5rlqUoRrw3uH2Wm362wRdWyhXTmmA
cqHZHSqyFeVO67tHR2KytyEXBLHDtEvq6GWNFrQLvgc0N9BukRyfCxmncgf1BGZw
qc2uLTXnzsrREWBt4BcmSjQmAjnR+xcqwzFXMBKYCqxVCD/Bh7s3IR7bz8uZSjNj
pzcRNrs=
-----END CERTIFICATE-----
Generated at Mon Oct 7 16:59:04 2024 by rpki-client on console-fra.rpki-client.org