Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/956B95D03B4A11EE86FC5357C4F9AE02.roa
File: 956B95D03B4A11EE86FC5357C4F9AE02.roa (raw, json)
Hash identifier: PZoNIGK8IeymVStjfR0ml+utQlkmhFisuS4MqBuSzE4=
Subject key identifier: E8:EB:0F:07:60:C2:50:1A:11:B0:49:AA:FD:5B:F7:33:05:B8:05:90
Certificate issuer: /CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Certificate serial: 063A
Authority key identifier: D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/956B95D03B4A11EE86FC5357C4F9AE02.roa
Signing time: Tue 15 Aug 2023 09:03:22 +0000
ROA not before: Tue 15 Aug 2023 09:03:22 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 45887
IP address blocks: 103.54.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Jan 2024 06:27:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1594 (0x63a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Validity
Not Before: Aug 15 09:03:22 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64db3f59-99f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:00:17:4f:d6:23:5f:0b:56:ab:7c:b9:66:e2:
bf:3f:e0:e3:fc:1f:d8:d5:07:1b:b3:6f:5b:fd:db:
9d:84:57:81:06:e7:b8:af:72:76:42:e1:cd:0a:83:
b0:66:f7:59:75:e7:d4:0e:88:17:e9:27:1a:ef:c8:
87:7d:9f:0b:e9:9a:95:d3:d4:d0:7b:cd:e6:1b:9d:
27:63:f6:32:1f:29:39:da:83:46:1d:80:8b:a2:64:
a7:8e:59:e7:a3:21:50:8b:e9:ad:23:79:85:d6:54:
3e:77:18:6c:c8:d5:f2:34:bd:34:63:e3:94:15:b9:
4b:87:9c:27:e4:8e:01:63:e4:ae:de:b2:90:d6:c8:
7f:c1:1a:4a:26:a6:b9:87:25:5c:f9:8b:9d:12:7f:
d5:d0:57:22:a5:6f:bf:89:bf:33:fa:6e:b2:92:7c:
b2:53:12:1d:8c:13:32:4d:ed:59:77:36:20:0b:ee:
d6:b2:12:bb:24:27:7c:31:e6:d2:3d:0f:02:36:2d:
92:9f:e2:63:19:6f:c3:1b:04:7b:c5:d7:e3:7c:7f:
03:aa:ae:f9:05:c1:1d:1d:48:08:67:ac:0b:87:d8:
c2:8d:18:32:70:20:7c:36:7d:9a:25:19:82:65:27:
14:40:27:fd:cc:44:2c:10:20:be:70:3b:6c:11:a6:
5d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:EB:0F:07:60:C2:50:1A:11:B0:49:AA:FD:5B:F7:33:05:B8:05:90
X509v3 Authority Key Identifier:
keyid:D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1eU68RWZfH-juGVS-V9RFK80Bek.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/956B95D03B4A11EE86FC5357C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.54.153.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:38:4d:bc:59:f1:55:5e:88:4a:05:18:6c:e6:4c:8d:fb:7f:
42:b0:dc:47:53:90:0b:cf:7a:c3:92:97:7e:25:e4:b9:da:93:
53:bf:6c:9c:b8:97:35:09:4b:52:86:66:c2:7b:8a:48:97:4f:
73:69:24:ea:58:c4:e9:18:89:30:fd:c9:ef:bf:96:61:b4:d0:
e2:4d:e7:b0:ab:57:c2:6d:e7:02:49:59:19:30:b7:ef:87:d0:
e9:60:d1:f6:a4:38:fd:45:f8:66:26:a0:13:f4:ab:e6:b0:d4:
36:30:b4:7d:ef:1f:5d:9d:9f:63:74:d7:44:4a:7f:3c:dc:e4:
94:d8:a4:47:0a:6d:f5:56:03:5e:01:fe:f3:61:0c:6c:56:c5:
75:76:7e:0a:b9:63:3b:81:d7:51:6c:58:5f:93:ff:bc:20:4b:
ac:1c:57:15:70:cf:c0:19:05:8a:8a:b2:ed:e8:93:90:ea:7a:
12:d4:9a:8f:81:af:9f:4b:1f:91:f3:e9:15:29:92:63:a2:0e:
64:79:06:65:4c:5d:80:f2:cb:e3:db:fd:ef:74:3f:3c:12:14:
46:58:30:6c:01:8d:36:dc:e2:e9:9c:57:d4:08:76:83:e1:53:
7b:be:5b:3e:0c:23:b9:9f:c9:13:8a:88:05:c2:e5:5f:43:cd:
29:27:c8:93
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBjowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQwRDIxMTAvBgNVBAUTKEQ1RTUzQUYxMTU5OTdDN0ZBM0I4NjU1MkY5NUY1MTE0
QUYzNDA1RTkwHhcNMjMwODE1MDkwMzIyWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRiM2Y1OS05OWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvQAXT9YjXwtWq3y5ZuK/P+Dj/B/Y1Qcbs29b/dudhFeBBue4r3J2QuHNCoOw
ZvdZdefUDogX6Sca78iHfZ8L6ZqV09TQe83mG50nY/YyHyk52oNGHYCLomSnjlnn
oyFQi+mtI3mF1lQ+dxhsyNXyNL00Y+OUFblLh5wn5I4BY+Su3rKQ1sh/wRpKJqa5
hyVc+YudEn/V0FcipW+/ib8z+m6yknyyUxIdjBMyTe1ZdzYgC+7WshK7JCd8MebS
PQ8CNi2Sn+JjGW/DGwR7xdfjfH8Dqq75BcEdHUgIZ6wLh9jCjRgycCB8Nn2aJRmC
ZScUQCf9zEQsECC+cDtsEaZdyQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOjrDwdg
wlAaEbBJqv1b9zMFuAWQMB8GA1UdIwQYMBaAFNXlOvEVmXx/o7hlUvlfURSvNAXp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDBEMi81OTM3RDQzRTM1
QUQxMUVCODFFRUFEMTJDNEY5QUUwMi8xZVU2OFJXWmZILWp1R1ZTLVY5UkZLODBC
ZWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFlVTY4UldaZkgtanVHVlMtVjlSRks4MEJlay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQwRDIvNTkzN0Q0M0UzNUFEMTFFQjgxRUVBRDEyQzRGOUFFMDIvOTU2Qjk1RDAz
QjRBMTFFRTg2RkM1MzU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnNpkwDQYJKoZIhvcNAQELBQADggEBAA04TbxZ8VVeiEoF
GGzmTI37f0Kw3EdTkAvPesOSl34l5Lnak1O/bJy4lzUJS1KGZsJ7ikiXT3NpJOpY
xOkYiTD9ye+/lmG00OJN57CrV8Jt5wJJWRkwt++H0Olg0fakOP1F+GYmoBP0q+aw
1DYwtH3vH12dn2N010RKfzzc5JTYpEcKbfVWA14B/vNhDGxWxXV2fgq5YzuB11Fs
WF+T/7wgS6wcVxVwz8AZBYqKsu3ok5DqehLUmo+Br59LH5Hz6RUpkmOiDmR5BmVM
XYDyy+Pb/e90PzwSFEZYMGwBjTbc4umcV9QIdoPhU3u+Wz4MI7mfyROKiAXC5V9D
zSknyJM=
-----END CERTIFICATE-----
Generated at Sun Jan 14 07:48:29 2024 by rpki-client on console-ams.rpki-client.org