Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/0F787B4E42A411EE846B0E20C4F9AE02.roa
File: 0F787B4E42A411EE846B0E20C4F9AE02.roa (raw, json)
Hash identifier: tmDDVV9qk4DJvifXiysHwS9M1g23/LSfUnM+ieKVGq0=
Subject key identifier: 43:CC:F5:19:CF:31:40:87:74:EF:50:CE:5F:60:94:53:E2:C0:5D:47
Certificate issuer: /CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Certificate serial: 0640
Authority key identifier: D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/0F787B4E42A411EE846B0E20C4F9AE02.roa
Signing time: Thu 24 Aug 2023 17:31:30 +0000
ROA not before: Thu 24 Aug 2023 17:31:30 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 63930
IP address blocks: 103.54.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Jan 2024 06:27:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1600 (0x640)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Validity
Not Before: Aug 24 17:31:30 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64e793f1-6b7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:38:84:7f:b7:55:12:3b:71:d6:8e:b8:be:d4:
a0:19:ab:c2:4f:cd:fb:28:78:02:ff:71:d3:42:31:
c7:f7:1e:dd:f1:54:be:91:bc:c1:ba:ca:c2:2b:2c:
8e:3f:24:55:aa:c1:7b:e8:01:a5:4f:93:13:75:2c:
e5:17:7d:17:60:1a:e7:c2:8b:69:72:ce:9f:11:43:
77:be:c6:97:ac:dc:2f:17:5a:26:aa:7f:9a:13:26:
80:65:9d:99:af:0f:8c:5b:64:75:a1:24:93:5f:76:
78:37:1f:e5:8c:cb:26:0b:e3:e7:2d:c9:70:82:b4:
21:77:0a:b8:7f:be:d6:0e:9e:ce:cd:98:c8:a5:2c:
17:8e:26:4f:55:a3:30:96:2e:0c:d9:bb:a9:ed:21:
4f:20:e2:f4:b9:56:26:84:75:b9:af:e8:80:50:aa:
82:83:98:6d:6e:82:b0:70:b4:f5:a1:d6:e1:ae:2b:
f4:0b:ed:d3:07:8e:1b:60:62:d0:22:9f:9c:0b:81:
f2:e3:da:4b:b0:92:e3:df:78:f4:88:7d:87:76:eb:
4f:2b:97:d6:9a:e7:ee:e4:ea:9d:a6:79:0f:62:6a:
de:92:83:61:07:3a:87:19:68:8e:77:11:49:b9:5d:
19:e6:fe:58:e0:d0:4f:6d:f2:6b:13:f3:77:47:01:
8c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:CC:F5:19:CF:31:40:87:74:EF:50:CE:5F:60:94:53:E2:C0:5D:47
X509v3 Authority Key Identifier:
keyid:D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1eU68RWZfH-juGVS-V9RFK80Bek.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/0F787B4E42A411EE846B0E20C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.54.153.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:c8:84:e9:24:c7:b2:c1:a2:05:15:5a:50:0f:86:00:f7:bb:
f1:cd:3d:9d:80:5e:68:88:d5:45:06:18:fe:bf:e1:2e:26:29:
fa:c2:45:22:9e:2e:10:0c:dd:33:7e:69:6b:64:c5:75:ec:91:
a1:0c:1b:5e:ec:0d:c5:be:67:5b:15:45:03:f2:80:31:32:c4:
34:c3:b9:31:20:cb:3d:4c:df:36:5d:3e:17:e4:81:95:cf:e7:
de:77:e6:8f:01:fd:e1:f4:ec:a4:ef:51:99:a7:87:4e:55:71:
39:af:f8:9e:fc:2f:16:ab:2f:89:a2:80:72:a9:47:47:07:7a:
d5:e3:3a:3d:fb:cf:a1:56:b7:48:8b:59:cf:da:ac:14:74:15:
6a:53:fb:45:81:39:16:0e:17:99:1b:7f:0e:72:62:05:14:4b:
e8:12:f2:6d:bd:40:01:b8:02:13:bb:b5:74:38:fa:72:3e:b1:
9e:41:55:f1:fc:59:3c:ec:6c:3a:54:e8:d9:60:10:a3:cc:02:
f2:dd:c1:df:37:40:2a:78:3d:37:77:c9:52:df:9d:d6:85:4d:
a7:3b:72:b8:72:9d:78:ac:3c:be:d1:80:23:9b:12:fd:83:b4:
95:f7:e5:0c:69:d9:8b:e3:34:2c:19:d9:bf:8f:6e:7f:4a:8d:
88:c9:e0:3b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBkAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQwRDIxMTAvBgNVBAUTKEQ1RTUzQUYxMTU5OTdDN0ZBM0I4NjU1MkY5NUY1MTE0
QUYzNDA1RTkwHhcNMjMwODI0MTczMTMwWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGU3OTNmMS02YjdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnTiEf7dVEjtx1o64vtSgGavCT837KHgC/3HTQjHH9x7d8VS+kbzBusrCKyyO
PyRVqsF76AGlT5MTdSzlF30XYBrnwotpcs6fEUN3vsaXrNwvF1omqn+aEyaAZZ2Z
rw+MW2R1oSSTX3Z4Nx/ljMsmC+PnLclwgrQhdwq4f77WDp7OzZjIpSwXjiZPVaMw
li4M2bup7SFPIOL0uVYmhHW5r+iAUKqCg5htboKwcLT1odbhriv0C+3TB44bYGLQ
Ip+cC4Hy49pLsJLj33j0iH2HdutPK5fWmufu5OqdpnkPYmrekoNhBzqHGWiOdxFJ
uV0Z5v5Y4NBPbfJrE/N3RwGMlQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEPM9RnP
MUCHdO9Qzl9glFPiwF1HMB8GA1UdIwQYMBaAFNXlOvEVmXx/o7hlUvlfURSvNAXp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDBEMi81OTM3RDQzRTM1
QUQxMUVCODFFRUFEMTJDNEY5QUUwMi8xZVU2OFJXWmZILWp1R1ZTLVY5UkZLODBC
ZWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFlVTY4UldaZkgtanVHVlMtVjlSRks4MEJlay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQwRDIvNTkzN0Q0M0UzNUFEMTFFQjgxRUVBRDEyQzRGOUFFMDIvMEY3ODdCNEU0
MkE0MTFFRTg0NkIwRTIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnNpkwDQYJKoZIhvcNAQELBQADggEBAFvIhOkkx7LBogUV
WlAPhgD3u/HNPZ2AXmiI1UUGGP6/4S4mKfrCRSKeLhAM3TN+aWtkxXXskaEMG17s
DcW+Z1sVRQPygDEyxDTDuTEgyz1M3zZdPhfkgZXP59535o8B/eH07KTvUZmnh05V
cTmv+J78LxarL4migHKpR0cHetXjOj37z6FWt0iLWc/arBR0FWpT+0WBORYOF5kb
fw5yYgUUS+gS8m29QAG4AhO7tXQ4+nI+sZ5BVfH8WTzsbDpU6NlgEKPMAvLdwd83
QCp4PTd3yVLfndaFTac7crhynXisPL7RgCObEv2DtJX35Qxp2YvjNCwZ2b+Pbn9K
jYjJ4Ds=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org