Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1CD708523B4A11EEA4BB216FC4F9AE02.roa
File: 1CD708523B4A11EEA4BB216FC4F9AE02.roa (raw, json)
Hash identifier: QUk7Gw8AlHH0gcBbgSdvJpbhH3rU8nVB1WY1Ewi2sWc=
Subject key identifier: 96:33:CA:AA:B4:43:58:41:B8:F3:B7:96:9C:39:00:D1:18:4A:8F:A8
Certificate issuer: /CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Certificate serial: 0638
Authority key identifier: D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1CD708523B4A11EEA4BB216FC4F9AE02.roa
Signing time: Tue 15 Aug 2023 09:00:00 +0000
ROA not before: Tue 15 Aug 2023 09:00:00 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 47813
IP address blocks: 103.54.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Sep 2023 15:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1592 (0x638)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Validity
Not Before: Aug 15 09:00:00 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64db3e8f-293f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:4c:b4:8f:6c:40:fb:b3:5d:f0:e6:cc:a6:c0:
da:1d:38:3d:c5:21:47:a9:fe:d6:cf:b2:d6:37:de:
bc:35:c8:1d:16:2f:fb:14:1b:bc:61:f3:e2:42:ff:
d7:c6:3c:9d:fa:fa:e9:1e:aa:da:3a:a8:27:f5:cb:
9e:2e:90:c1:70:64:e0:0e:52:0b:3e:d8:2d:4e:84:
8f:f4:ff:f1:a0:68:85:bb:a6:fd:c2:a6:af:6b:20:
4b:0e:6f:c3:3c:b6:d1:84:73:5e:7e:4a:1a:1a:cf:
7e:63:de:9f:54:71:c5:09:e0:5f:e5:41:28:51:af:
c2:d1:41:02:53:1f:ba:0e:05:1d:6b:97:92:d1:74:
01:45:ce:22:7f:52:7b:9a:19:eb:cf:97:95:fd:b7:
fa:8b:4d:6d:c6:96:37:f2:ea:7a:dd:a0:e2:98:e3:
be:d6:9e:d8:c4:23:e9:02:ec:92:0c:59:3e:ec:14:
0f:62:fa:2e:90:1b:c7:6a:97:e3:60:cf:c6:b2:43:
06:eb:d9:69:55:2f:31:07:a5:d5:b4:32:39:d8:58:
72:43:dc:8b:4f:0f:80:10:7d:8e:9d:14:0f:7b:ff:
37:2c:8d:a1:f4:34:2d:aa:dc:84:a8:df:b8:81:4f:
ab:38:af:a2:05:6b:26:6d:c8:56:0e:b7:03:1b:2a:
9b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:33:CA:AA:B4:43:58:41:B8:F3:B7:96:9C:39:00:D1:18:4A:8F:A8
X509v3 Authority Key Identifier:
keyid:D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1eU68RWZfH-juGVS-V9RFK80Bek.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1CD708523B4A11EEA4BB216FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.54.152.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:54:65:37:26:c4:27:88:ff:7a:91:58:b9:af:a5:d0:2e:a2:
d7:bf:40:88:fd:69:b3:a0:92:90:60:11:ed:37:93:7d:fe:2f:
4c:6a:99:cd:0a:25:c8:a4:f6:1c:28:61:97:ee:0e:6b:5e:7c:
bd:a3:5c:d6:63:ed:cb:d5:8e:ea:b2:a2:1f:01:90:b1:f2:9a:
11:d2:da:68:11:ae:d0:b9:99:f3:95:61:e5:ad:af:d2:27:65:
87:10:c4:cc:d2:4d:61:8c:74:95:dd:96:5f:8c:d7:9a:54:72:
c1:61:d5:63:45:39:c5:39:03:a8:20:d4:66:92:3e:e0:a3:e9:
2e:86:e5:a5:6f:93:b7:3a:f6:7b:0f:6f:2e:ea:04:10:52:fd:
a6:ed:19:db:0b:fb:6c:8b:0b:7d:a3:87:23:15:94:f6:e1:3c:
83:7b:14:a1:fd:a5:d6:91:7d:0c:a2:db:0d:0f:03:82:16:d2:
f7:8e:ff:be:4a:1b:94:f7:9d:67:8c:26:e5:c1:84:b4:fe:8c:
58:93:eb:2a:20:7f:d2:e2:8b:8f:1c:e1:fe:02:ef:f9:2e:e3:
60:7f:d1:36:98:f7:e8:fb:89:2c:14:cf:94:2e:58:16:0e:17:
c8:08:e1:12:08:fa:af:fc:f9:85:7f:8f:0f:7a:95:9c:c7:b7:
4e:9c:0d:93
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBjgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQwRDIxMTAvBgNVBAUTKEQ1RTUzQUYxMTU5OTdDN0ZBM0I4NjU1MkY5NUY1MTE0
QUYzNDA1RTkwHhcNMjMwODE1MDkwMDAwWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRiM2U4Zi0yOTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Ey0j2xA+7Nd8ObMpsDaHTg9xSFHqf7Wz7LWN968NcgdFi/7FBu8YfPiQv/X
xjyd+vrpHqraOqgn9cueLpDBcGTgDlILPtgtToSP9P/xoGiFu6b9wqavayBLDm/D
PLbRhHNefkoaGs9+Y96fVHHFCeBf5UEoUa/C0UECUx+6DgUda5eS0XQBRc4if1J7
mhnrz5eV/bf6i01txpY38up63aDimOO+1p7YxCPpAuySDFk+7BQPYvoukBvHapfj
YM/GskMG69lpVS8xB6XVtDI52FhyQ9yLTw+AEH2OnRQPe/83LI2h9DQtqtyEqN+4
gU+rOK+iBWsmbchWDrcDGyqbBwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJYzyqq0
Q1hBuPO3lpw5ANEYSo+oMB8GA1UdIwQYMBaAFNXlOvEVmXx/o7hlUvlfURSvNAXp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDBEMi81OTM3RDQzRTM1
QUQxMUVCODFFRUFEMTJDNEY5QUUwMi8xZVU2OFJXWmZILWp1R1ZTLVY5UkZLODBC
ZWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFlVTY4UldaZkgtanVHVlMtVjlSRks4MEJlay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQwRDIvNTkzN0Q0M0UzNUFEMTFFQjgxRUVBRDEyQzRGOUFFMDIvMUNENzA4NTIz
QjRBMTFFRUE0QkIyMTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnNpgwDQYJKoZIhvcNAQELBQADggEBAKdUZTcmxCeI/3qR
WLmvpdAuote/QIj9abOgkpBgEe03k33+L0xqmc0KJcik9hwoYZfuDmtefL2jXNZj
7cvVjuqyoh8BkLHymhHS2mgRrtC5mfOVYeWtr9InZYcQxMzSTWGMdJXdll+M15pU
csFh1WNFOcU5A6gg1GaSPuCj6S6G5aVvk7c69nsPby7qBBBS/abtGdsL+2yLC32j
hyMVlPbhPIN7FKH9pdaRfQyi2w0PA4IW0veO/75KG5T3nWeMJuXBhLT+jFiT6yog
f9Lii48c4f4C7/ku42B/0TaY9+j7iSwUz5QuWBYOF8gI4RII+q/8+YV/jw96lZzH
t06cDZM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org