Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9162661/32911D184FDB11E99AF34C5CC4F9AE02/EA88C7CAE17A11EC93AB7473C4F9AE02.roa
File: EA88C7CAE17A11EC93AB7473C4F9AE02.roa (raw, json)
Hash identifier: QpqS9rWaSIODcNEhubTPIYFD1obbpwik5EwG/Xe9goY=
Subject key identifier: D5:52:0D:A2:F9:02:56:67:EC:33:65:CF:CB:DB:16:FD:EE:55:93:33
Certificate issuer: /CN=A9162661/serialNumber=ACD26F134FCE0764CC67FC9F265C785341C1B5D4
Certificate serial: 0E68
Authority key identifier: AC:D2:6F:13:4F:CE:07:64:CC:67:FC:9F:26:5C:78:53:41:C1:B5:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rNJvE0_OB2TMZ_yfJlx4U0HBtdQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9162661/32911D184FDB11E99AF34C5CC4F9AE02/EA88C7CAE17A11EC93AB7473C4F9AE02.roa
Signing time: Sun 14 May 2023 19:08:46 +0000
ROA not before: Sun 14 May 2023 19:08:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138932
IP address blocks: 103.137.96.0/24 maxlen: 24
103.137.97.0/24 maxlen: 24
2404:ae40::/32 maxlen: 32
2404:ae40::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 17 Jun 2024 09:50:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3688 (0xe68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162661/serialNumber=ACD26F134FCE0764CC67FC9F265C785341C1B5D4
Validity
Not Before: May 14 19:08:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=646131be-bf0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:49:f3:76:d8:03:f8:75:a1:0e:88:52:bd:30:
a8:54:8f:f5:1a:f8:79:b2:72:ce:56:27:05:6d:23:
03:e5:0a:d4:a2:a4:19:5c:61:d2:38:62:94:34:93:
93:51:8f:a4:15:8b:c7:f7:91:c9:8e:0e:8d:92:fa:
92:2d:92:cd:5d:a1:58:7c:a3:9f:a3:f5:0a:99:03:
75:1b:ea:f0:6e:e6:02:e3:11:9e:01:11:88:47:b6:
41:c8:1d:1d:44:9e:96:59:09:36:ce:73:30:93:0f:
b8:8a:e9:e0:2a:b0:11:a5:05:24:56:87:fd:fa:91:
98:19:86:94:3b:6f:f8:fc:e7:60:ab:4b:6b:e2:f0:
06:0a:c8:ad:4a:d1:20:bd:2b:2d:19:90:a9:df:55:
09:3d:db:8f:e0:33:5e:e0:70:fe:7b:a0:69:68:f5:
04:c5:3d:03:a8:c9:59:e5:51:48:9e:49:05:9d:14:
01:8a:dd:e4:65:9e:af:90:74:28:06:02:60:3c:ae:
ae:14:6e:35:9c:6e:86:3d:be:90:51:03:1e:e9:81:
cc:e5:c1:d9:ad:b0:f0:84:17:a1:a4:cf:d5:bf:f4:
76:5f:ad:40:d1:35:3d:25:0b:dc:b8:a1:a5:46:74:
0b:32:4b:77:aa:4d:d5:cd:35:22:c6:c3:7e:51:c5:
98:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:52:0D:A2:F9:02:56:67:EC:33:65:CF:CB:DB:16:FD:EE:55:93:33
X509v3 Authority Key Identifier:
keyid:AC:D2:6F:13:4F:CE:07:64:CC:67:FC:9F:26:5C:78:53:41:C1:B5:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9162661/32911D184FDB11E99AF34C5CC4F9AE02/rNJvE0_OB2TMZ_yfJlx4U0HBtdQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rNJvE0_OB2TMZ_yfJlx4U0HBtdQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9162661/32911D184FDB11E99AF34C5CC4F9AE02/EA88C7CAE17A11EC93AB7473C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.96.0/23
IPv6:
2404:ae40::/32
Signature Algorithm: sha256WithRSAEncryption
79:78:2e:80:b2:70:95:bc:e7:23:56:d5:35:00:00:c4:c7:be:
65:34:6e:46:2f:80:67:7c:8d:f3:e4:60:33:28:5d:a6:b8:1a:
30:f0:c7:b1:cb:13:4b:c3:bd:37:ae:ff:e7:b4:cb:43:a1:80:
c6:ee:c2:de:64:7b:23:ef:97:ea:54:a8:fd:d9:93:93:1b:1d:
8a:46:7f:43:6f:34:01:ea:34:0c:33:3e:b1:8d:41:b9:22:c5:
24:c0:28:5b:43:0f:53:b4:47:af:5b:9c:47:ad:4e:2c:91:26:
7f:30:8f:6a:ce:e6:46:f2:89:0a:9f:ec:b0:f3:58:8c:5e:7f:
0b:6b:c4:8b:9b:9b:2f:f7:19:da:9c:c5:c8:a6:c5:78:87:f6:
5d:ef:93:83:0a:f2:13:6b:ac:57:1c:77:b3:2d:d4:b1:ac:38:
61:45:0c:96:74:7f:c7:e6:00:54:0f:db:d9:38:63:c3:50:b2:
04:f8:e8:a9:ad:d4:fc:f7:a4:cb:27:9e:e4:ef:37:04:d3:12:
de:28:80:03:98:7c:5c:08:e5:9d:e1:3b:c3:52:93:ca:a4:39:
c2:e3:0b:a7:a9:77:1a:cf:c6:60:b1:80:42:9e:da:33:32:28:
e2:f1:4b:52:8e:26:74:02:86:78:0e:bc:63:e3:b7:0b:5c:08:
0c:5b:e0:cc
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDmgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjI2NjExMTAvBgNVBAUTKEFDRDI2RjEzNEZDRTA3NjRDQzY3RkM5RjI2NUM3ODUz
NDFDMUI1RDQwHhcNMjMwNTE0MTkwODQ2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDYxMzFiZS1iZjBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt0nzdtgD+HWhDohSvTCoVI/1Gvh5snLOVicFbSMD5QrUoqQZXGHSOGKUNJOT
UY+kFYvH95HJjg6NkvqSLZLNXaFYfKOfo/UKmQN1G+rwbuYC4xGeARGIR7ZByB0d
RJ6WWQk2znMwkw+4iungKrARpQUkVof9+pGYGYaUO2/4/Odgq0tr4vAGCsitStEg
vSstGZCp31UJPduP4DNe4HD+e6BpaPUExT0DqMlZ5VFInkkFnRQBit3kZZ6vkHQo
BgJgPK6uFG41nG6GPb6QUQMe6YHM5cHZrbDwhBehpM/Vv/R2X61A0TU9JQvcuKGl
Generated at Mon Jun 17 13:06:26 2024 by rpki-client on console-fra.rpki-client.org