Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/038B2802C37511EEA283D879C4F9AE02.roa
File: 038B2802C37511EEA283D879C4F9AE02.roa (raw, json)
Hash identifier: QZlkkCXpB4WAKURcrDfMPWB7x9kxX1exgTWEvrEzB2M=
Subject key identifier: AF:78:8A:02:17:F9:C1:82:8A:D1:77:7D:8D:1E:58:F5:9C:1E:FD:1A
Certificate issuer: /CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Certificate serial: 06A9
Authority key identifier: D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/038B2802C37511EEA283D879C4F9AE02.roa
Signing time: Sun 04 Feb 2024 15:49:43 +0000
ROA not before: Sun 04 Feb 2024 15:49:43 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 136557
IP address blocks: 103.54.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 00:25:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1705 (0x6a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Validity
Not Before: Feb 4 15:49:43 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65bfb217-f522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:49:14:e5:48:af:8f:6d:29:b6:2e:94:ec:99:
cb:38:17:2c:d1:bb:97:65:37:80:c3:19:ec:63:76:
60:63:cf:45:99:70:a6:55:13:51:4f:a6:4b:ed:d0:
59:b1:4f:02:53:ee:36:cb:91:87:5c:87:c1:b5:5f:
b0:a0:31:c9:50:fc:ec:88:60:14:d0:cd:53:37:f3:
64:76:57:94:7e:c0:79:4b:68:b9:d3:15:69:30:28:
1e:32:d7:92:8f:c5:1c:82:fa:5d:bd:5a:7f:bc:24:
fd:55:3e:bc:f9:75:7d:ed:87:d6:68:86:50:07:db:
b1:c6:52:e6:c3:8b:4a:99:56:b1:7c:72:e3:f7:0d:
42:92:7d:51:03:8c:42:37:26:19:d1:5f:14:00:35:
94:b0:98:c2:8b:3b:3a:b0:2a:7c:2f:f9:5c:2f:e9:
23:91:4a:b9:36:17:a4:fb:3c:7b:b4:be:5a:ac:bd:
a1:bc:07:54:ab:14:73:57:bd:fa:14:93:bc:0e:86:
56:00:72:9d:78:8c:9e:26:65:83:ec:80:be:c1:62:
07:69:c7:08:11:b7:3d:85:d5:5d:9f:64:24:e3:c6:
5e:ad:ea:b3:70:7b:bb:20:3f:ff:20:c2:c8:a4:ec:
fc:dc:c6:3f:40:e3:e5:51:f3:c2:d7:71:2f:f9:8a:
66:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:78:8A:02:17:F9:C1:82:8A:D1:77:7D:8D:1E:58:F5:9C:1E:FD:1A
X509v3 Authority Key Identifier:
keyid:D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1eU68RWZfH-juGVS-V9RFK80Bek.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/038B2802C37511EEA283D879C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.54.153.0/24
Signature Algorithm: sha256WithRSAEncryption
81:27:be:7c:ed:ad:68:0d:e5:36:c3:ff:8b:7b:e5:d2:06:6c:
2c:f1:c3:bc:27:46:0c:b8:13:08:1e:7c:54:9d:e4:65:45:ae:
49:8e:1c:73:89:fd:31:e9:f7:07:5b:76:27:de:67:24:bf:1c:
3c:b1:15:cc:62:b6:9c:35:b2:4e:67:8b:2e:bd:c1:c6:4e:4a:
9f:07:bc:9f:f5:81:f9:8d:49:aa:53:74:21:04:48:01:49:e6:
39:2c:4e:be:13:ab:1b:42:95:a0:15:a9:22:ee:46:2b:34:15:
88:1c:5b:d4:2f:e6:a9:0e:fa:4b:c4:d5:8b:04:5a:48:a7:05:
53:ff:36:ca:f8:45:58:47:79:04:fa:58:43:54:f5:46:02:b7:
88:6c:08:21:d7:12:a4:1e:8a:9f:1f:70:f2:7c:cf:24:ac:da:
2c:aa:24:bc:bd:fb:8b:9a:45:26:6a:5d:c7:f4:b6:e2:8d:0d:
a1:cf:3d:33:d0:5f:e5:f2:9d:ca:45:34:44:e9:17:49:da:bd:
89:c8:15:01:6f:36:be:61:93:01:5f:1d:be:11:3c:69:6e:f4:
75:ef:2e:10:e6:9c:3e:a5:f7:9f:5c:25:2d:df:19:5f:f7:c5:
73:a4:66:b3:3f:67:da:af:0a:f2:93:6b:25:8f:42:59:ba:6d:
db:39:c5:bd
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBqkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQwRDIxMTAvBgNVBAUTKEQ1RTUzQUYxMTU5OTdDN0ZBM0I4NjU1MkY5NUY1MTE0
QUYzNDA1RTkwHhcNMjQwMjA0MTU0OTQzWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWJmYjIxNy1mNTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7EkU5Uivj20pti6U7JnLOBcs0buXZTeAwxnsY3ZgY89FmXCmVRNRT6ZL7dBZ
sU8CU+42y5GHXIfBtV+woDHJUPzsiGAU0M1TN/NkdleUfsB5S2i50xVpMCgeMteS
j8UcgvpdvVp/vCT9VT68+XV97YfWaIZQB9uxxlLmw4tKmVaxfHLj9w1Ckn1RA4xC
NyYZ0V8UADWUsJjCizs6sCp8L/lcL+kjkUq5Nhek+zx7tL5arL2hvAdUqxRzV736
FJO8DoZWAHKdeIyeJmWD7IC+wWIHaccIEbc9hdVdn2Qk48ZereqzcHu7ID//IMLI
pOz83MY/QOPlUfPC13Ev+YpmnQIDAQABo4IClTCCApEwHQYDVR0OBBYEFK94igIX
+cGCitF3fY0eWPWcHv0aMB8GA1UdIwQYMBaAFNXlOvEVmXx/o7hlUvlfURSvNAXp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDBEMi81OTM3RDQzRTM1
QUQxMUVCODFFRUFEMTJDNEY5QUUwMi8xZVU2OFJXWmZILWp1R1ZTLVY5UkZLODBC
ZWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFlVTY4UldaZkgtanVHVlMtVjlSRks4MEJlay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQwRDIvNTkzN0Q0M0UzNUFEMTFFQjgxRUVBRDEyQzRGOUFFMDIvMDM4QjI4MDJD
Mzc1MTFFRUEyODNEODc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnNpkwDQYJKoZIhvcNAQELBQADggEBAIEnvnztrWgN5TbD
/4t75dIGbCzxw7wnRgy4EwgefFSd5GVFrkmOHHOJ/THp9wdbdifeZyS/HDyxFcxi
tpw1sk5niy69wcZOSp8HvJ/1gfmNSapTdCEESAFJ5jksTr4TqxtClaAVqSLuRis0
FYgcW9Qv5qkO+kvE1YsEWkinBVP/Nsr4RVhHeQT6WENU9UYCt4hsCCHXEqQeip8f
cPJ8zySs2iyqJLy9+4uaRSZqXcf0tuKNDaHPPTPQX+XyncpFNETpF0navYnIFQFv
Nr5hkwFfHb4RPGlu9HXvLhDmnD6l959cJS3fGV/3xXOkZrM/Z9qvCvKTayWPQlm6
bds5xb0=
-----END CERTIFICATE-----
Generated at Thu Feb 22 03:37:37 2024 by rpki-client on console-fra.rpki-client.org