Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91655EF/607729D0FAC111E8BC76D671C4F9AE02/63C0C1FA39AF11EEBEAB2C37C4F9AE02.roa
File: 63C0C1FA39AF11EEBEAB2C37C4F9AE02.roa (raw, json)
Hash identifier: jMjFjldtifgBq5qoJXxIsNeaJaBVAUH/9dWihbRYwHg=
Subject key identifier: EB:CE:A8:8E:B9:03:4A:DD:1C:2F:00:98:7F:5F:A7:EB:C6:65:6C:C4
Certificate issuer: /CN=A91655EF/serialNumber=074E16CCA080D545FEF4F2D8ADCB909F0ECB20A2
Certificate serial: 10A0
Authority key identifier: 07:4E:16:CC:A0:80:D5:45:FE:F4:F2:D8:AD:CB:90:9F:0E:CB:20:A2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B04WzKCA1UX-9PLYrcuQnw7LIKI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91655EF/607729D0FAC111E8BC76D671C4F9AE02/63C0C1FA39AF11EEBEAB2C37C4F9AE02.roa
Signing time: Sat 16 Dec 2023 18:05:35 +0000
ROA not before: Sat 16 Dec 2023 18:05:35 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 138474
IP address blocks: 103.126.148.0/22 maxlen: 22
103.126.148.0/23 maxlen: 23
103.126.148.0/24 maxlen: 24
103.126.149.0/24 maxlen: 24
103.126.150.0/23 maxlen: 23
103.126.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Mar 2024 20:59:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4256 (0x10a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91655EF/serialNumber=074E16CCA080D545FEF4F2D8ADCB909F0ECB20A2
Validity
Not Before: Dec 16 18:05:35 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=657de6ee-e1e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f1:59:91:43:84:c5:b0:e7:ee:a0:d6:59:65:
03:5e:dc:eb:be:00:80:35:73:bf:c7:90:50:21:c2:
80:30:9a:ed:2e:4f:32:58:f7:ce:d5:c7:e8:62:24:
dd:74:37:b6:79:3e:0a:51:5b:5f:8a:41:23:6b:8e:
38:d7:02:91:6b:3d:47:78:16:b5:1d:3a:67:b8:74:
7e:86:42:a7:61:87:db:ac:85:db:10:cf:0d:e7:d7:
26:22:d2:55:5a:c5:af:8a:2e:52:e9:f2:33:6c:21:
81:a2:d3:65:66:ee:61:ee:e6:38:00:85:29:59:e3:
6c:ad:f5:5c:3a:2d:f0:13:89:5f:81:7c:52:92:71:
17:a9:80:92:46:f3:47:9d:40:88:47:de:b8:e4:a9:
f5:46:f6:a1:dc:e0:f2:f7:8c:28:fd:1b:7b:00:7a:
9e:55:5a:65:a7:ca:1f:1c:27:42:ad:46:91:80:83:
d6:5d:b6:26:8c:84:85:7c:f7:8a:0a:b0:c9:30:7d:
b6:45:05:fa:2b:c8:96:90:99:40:e9:c3:49:2e:d2:
3f:66:77:fe:58:c4:50:34:f7:e2:61:f6:cf:88:70:
1c:73:8c:41:1f:03:d4:bd:f5:4f:e6:6d:c1:a1:67:
1e:91:76:87:d0:d4:00:d9:ea:ad:3e:ac:d6:7f:7c:
91:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:CE:A8:8E:B9:03:4A:DD:1C:2F:00:98:7F:5F:A7:EB:C6:65:6C:C4
X509v3 Authority Key Identifier:
keyid:07:4E:16:CC:A0:80:D5:45:FE:F4:F2:D8:AD:CB:90:9F:0E:CB:20:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91655EF/607729D0FAC111E8BC76D671C4F9AE02/B04WzKCA1UX-9PLYrcuQnw7LIKI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B04WzKCA1UX-9PLYrcuQnw7LIKI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91655EF/607729D0FAC111E8BC76D671C4F9AE02/63C0C1FA39AF11EEBEAB2C37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.126.148.0/22
Signature Algorithm: sha256WithRSAEncryption
21:4b:cd:99:a8:87:2b:55:90:9e:19:bf:19:c6:7f:2b:94:a9:
16:44:62:c3:89:23:0e:7d:2a:85:90:81:7d:be:da:7e:3c:35:
e6:ce:c3:91:88:1e:e7:9f:8a:3a:b8:d1:80:10:c7:0e:88:42:
8d:21:fa:fd:25:4b:75:00:32:b3:51:b5:2e:3b:31:11:03:37:
af:f0:ff:59:26:be:9e:fd:a6:52:7a:06:6a:ac:0a:13:76:53:
66:6d:c9:5f:9f:12:3c:5a:b3:c6:ae:83:b3:70:cc:62:d9:05:
5d:63:f1:df:e8:56:de:56:62:b7:4a:29:71:3b:6e:46:d2:7a:
be:31:df:4b:e0:f3:69:d4:eb:9c:3a:fe:1e:8b:69:48:93:85:
9c:4e:4c:e1:fa:00:65:ca:dc:ba:02:26:79:9b:e4:01:f6:11:
5a:e2:94:ee:a2:fb:5e:76:ee:32:8b:19:9a:89:7f:fc:50:75:
4e:37:ef:21:4c:e3:a0:f6:12:2a:65:3a:d0:bb:0d:b2:d6:0f:
b8:82:15:56:0e:70:a0:8f:d7:b9:83:1c:d9:d4:4f:22:c1:b7:
47:d7:f3:b7:ce:74:28:34:08:7c:07:7a:c3:cc:dd:55:46:f1:
c6:6c:e6:d6:4b:88:f0:1d:9e:5d:a8:fa:a6:5e:b8:45:c5:d5:
31:47:7c:d2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICEKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU1RUYxMTAvBgNVBAUTKDA3NEUxNkNDQTA4MEQ1NDVGRUY0RjJEOEFEQ0I5MDlG
MEVDQjIwQTIwHhcNMjMxMjE2MTgwNTM1WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTdkZTZlZS1lMWUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzvFZkUOExbDn7qDWWWUDXtzrvgCANXO/x5BQIcKAMJrtLk8yWPfO1cfoYiTd
dDe2eT4KUVtfikEja4441wKRaz1HeBa1HTpnuHR+hkKnYYfbrIXbEM8N59cmItJV
WsWvii5S6fIzbCGBotNlZu5h7uY4AIUpWeNsrfVcOi3wE4lfgXxSknEXqYCSRvNH
nUCIR9645Kn1Rvah3ODy94wo/Rt7AHqeVVplp8ofHCdCrUaRgIPWXbYmjISFfPeK
CrDJMH22RQX6K8iWkJlA6cNJLtI/Znf+WMRQNPfiYfbPiHAcc4xBHwPUvfVP5m3B
oWcekXaH0NQA2eqtPqzWf3yR1wIDAQABo4IClTCCApEwHQYDVR0OBBYEFOvOqI65
A0rdHC8AmH9fp+vGZWzEMB8GA1UdIwQYMBaAFAdOFsyggNVF/vTy2K3LkJ8OyyCi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTVFRi82MDc3MjlEMEZB
QzExMUU4QkM3NkQ2NzFDNEY5QUUwMi9CMDRXektDQTFVWC05UExZcmN1UW53N0xJ
S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0IwNFd6S0NBMVVYLTlQTFlyY3VRbnc3TElLSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU1RUYvNjA3NzI5RDBGQUMxMTFFOEJDNzZENjcxQzRGOUFFMDIvNjNDMEMxRkEz
OUFGMTFFRUJFQUIyQzM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnfpQwDQYJKoZIhvcNAQELBQADggEBACFLzZmohytVkJ4Z
vxnGfyuUqRZEYsOJIw59KoWQgX2+2n48NebOw5GIHuefijq40YAQxw6IQo0h+v0l
S3UAMrNRtS47MREDN6/w/1kmvp79plJ6BmqsChN2U2ZtyV+fEjxas8aug7NwzGLZ
BV1j8d/oVt5WYrdKKXE7bkbSer4x30vg82nU65w6/h6LaUiThZxOTOH6AGXK3LoC
Jnmb5AH2EVrilO6i+1527jKLGZqJf/xQdU437yFM46D2EiplOtC7DbLWD7iCFVYO
cKCP17mDHNnUTyLBt0fX87fOdCg0CHwHesPM3VVG8cZs5tZLiPAdnl2o+qZeuEXF
1TFHfNI=
-----END CERTIFICATE-----
Generated at Wed Mar 20 21:38:59 2024 by rpki-client on console-ams.rpki-client.org