Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/BCFFBCAAB77511EE846DC250C4F9AE02.roa
File: BCFFBCAAB77511EE846DC250C4F9AE02.roa (raw, json)
Hash identifier: mkZLyJWbkajmZocA7d1V7furZ5TbIyW59x2OV3VmIQ8=
Subject key identifier: CA:44:CE:9F:B6:BB:7B:E9:1E:78:0F:1F:AE:EF:94:A1:81:B8:54:9A
Certificate issuer: /CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Certificate serial: 069D
Authority key identifier: D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/BCFFBCAAB77511EE846DC250C4F9AE02.roa
Signing time: Sat 20 Jan 2024 09:24:40 +0000
ROA not before: Sat 20 Jan 2024 09:24:40 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 216414
IP address blocks: 103.54.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 04 Feb 2024 15:47:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1693 (0x69d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Validity
Not Before: Jan 20 09:24:40 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65ab9158-bff4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f9:6d:55:6f:d6:61:c7:d0:78:cc:45:5d:22:
90:f0:e7:3f:1e:c9:15:91:f4:77:8f:e3:fa:1d:ad:
22:71:cd:ca:01:18:1f:f3:7b:6a:a5:d7:64:93:ae:
71:ab:6e:9e:16:c9:d7:5d:46:fa:38:89:3e:49:95:
69:79:d1:b8:71:09:1b:86:1a:2f:7d:0d:e9:06:d0:
fa:49:13:28:cc:98:49:b4:d1:81:b2:81:76:1b:3f:
77:17:db:5f:b3:a9:4b:93:d0:90:e0:36:40:87:ce:
86:63:b0:3e:20:dc:89:be:bb:44:2d:ed:c1:14:13:
38:87:39:b6:47:28:83:43:cc:5f:0a:24:a9:5c:07:
72:7e:13:99:14:12:71:95:43:5f:e2:bc:4f:da:49:
45:de:65:7c:f3:bf:3e:5c:63:fc:84:4c:76:0a:19:
8a:9d:31:05:a5:98:19:07:94:1a:f3:97:8d:5b:5e:
bd:09:a8:09:b0:16:78:00:f3:b8:5f:73:0b:81:5f:
fd:3a:10:b5:8a:fb:8c:54:4f:ff:35:88:f7:fa:3e:
36:bc:2b:93:72:4e:14:db:bc:12:0f:db:1d:d7:c6:
a3:ae:32:36:a0:0e:66:72:b6:a7:52:bc:95:94:71:
d5:93:b0:a6:5f:d4:21:54:25:2d:e1:9d:c6:83:f7:
6d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:44:CE:9F:B6:BB:7B:E9:1E:78:0F:1F:AE:EF:94:A1:81:B8:54:9A
X509v3 Authority Key Identifier:
keyid:D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1eU68RWZfH-juGVS-V9RFK80Bek.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/BCFFBCAAB77511EE846DC250C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.54.153.0/24
Signature Algorithm: sha256WithRSAEncryption
01:49:a2:96:7b:e1:ee:75:22:4f:e1:3e:ff:b0:a8:c7:0d:38:
2b:62:4a:93:3a:5a:a9:df:39:d9:ba:ed:b8:42:85:33:d5:b5:
bb:cf:1f:77:fb:c1:4c:60:4c:d1:dc:cf:83:cb:a4:75:3a:17:
83:02:ef:38:b8:79:67:c7:d2:2f:02:af:2b:9d:55:72:97:97:
30:87:9c:c8:22:05:73:62:b6:0d:28:d4:a0:65:26:53:28:ce:
11:95:a9:d8:13:88:cd:6e:40:a2:6c:b1:09:d5:b6:8f:cb:12:
7f:6c:ae:86:47:c1:25:14:b7:31:66:d1:e8:7c:7e:03:39:79:
23:e6:8e:c8:72:37:27:18:e0:71:9e:fa:b9:6e:01:2a:da:0d:
c7:82:7b:4e:9a:7a:71:0e:c6:03:36:0c:9b:30:d0:cb:a1:e9:
da:bb:da:7d:9e:ec:5d:83:6a:9d:fe:bd:78:fe:ac:d9:4a:67:
a1:00:c8:0a:b7:e7:a4:35:01:4d:10:23:a2:56:60:c6:8e:c0:
29:73:97:ac:43:7f:6a:2c:ff:58:10:86:0a:d2:c1:6d:f7:06:
70:78:50:e1:0f:46:07:30:7f:0d:d5:e0:51:b5:c9:bf:91:3b:
c6:c1:93:b2:11:f5:1e:e3:b3:3a:82:ad:2f:80:82:45:16:34:
fb:bc:b8:ad
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBp0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQwRDIxMTAvBgNVBAUTKEQ1RTUzQUYxMTU5OTdDN0ZBM0I4NjU1MkY5NUY1MTE0
QUYzNDA1RTkwHhcNMjQwMTIwMDkyNDQwWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWFiOTE1OC1iZmY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxvltVW/WYcfQeMxFXSKQ8Oc/HskVkfR3j+P6Ha0icc3KARgf83tqpddkk65x
q26eFsnXXUb6OIk+SZVpedG4cQkbhhovfQ3pBtD6SRMozJhJtNGBsoF2Gz93F9tf
s6lLk9CQ4DZAh86GY7A+INyJvrtELe3BFBM4hzm2RyiDQ8xfCiSpXAdyfhOZFBJx
lUNf4rxP2klF3mV8878+XGP8hEx2ChmKnTEFpZgZB5Qa85eNW169CagJsBZ4APO4
X3MLgV/9OhC1ivuMVE//NYj3+j42vCuTck4U27wSD9sd18ajrjI2oA5mcranUryV
lHHVk7CmX9QhVCUt4Z3Gg/dt2wIDAQABo4IClTCCApEwHQYDVR0OBBYEFMpEzp+2
u3vpHngPH67vlKGBuFSaMB8GA1UdIwQYMBaAFNXlOvEVmXx/o7hlUvlfURSvNAXp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDBEMi81OTM3RDQzRTM1
QUQxMUVCODFFRUFEMTJDNEY5QUUwMi8xZVU2OFJXWmZILWp1R1ZTLVY5UkZLODBC
ZWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFlVTY4UldaZkgtanVHVlMtVjlSRks4MEJlay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQwRDIvNTkzN0Q0M0UzNUFEMTFFQjgxRUVBRDEyQzRGOUFFMDIvQkNGRkJDQUFC
Nzc1MTFFRTg0NkRDMjUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnNpkwDQYJKoZIhvcNAQELBQADggEBAAFJopZ74e51Ik/h
Pv+wqMcNOCtiSpM6WqnfOdm67bhChTPVtbvPH3f7wUxgTNHcz4PLpHU6F4MC7zi4
eWfH0i8CryudVXKXlzCHnMgiBXNitg0o1KBlJlMozhGVqdgTiM1uQKJssQnVto/L
En9sroZHwSUUtzFm0eh8fgM5eSPmjshyNycY4HGe+rluASraDceCe06aenEOxgM2
DJsw0Muh6dq72n2e7F2Dap3+vXj+rNlKZ6EAyAq356Q1AU0QI6JWYMaOwClzl6xD
f2os/1gQhgrSwW33BnB4UOEPRgcwfw3V4FG1yb+RO8bBk7IR9R7jszqCrS+AgkUW
NPu8uK0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org