Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/EE01A270B2A511EE93CD6A21C4F9AE02.roa
File: EE01A270B2A511EE93CD6A21C4F9AE02.roa (raw, json)
Hash identifier: g5dKmCWzyJzsLDu5UJNjXS3iUT9QW+yp8yROWp9HC4w=
Subject key identifier: 10:B3:A0:4D:5F:69:64:D1:EB:76:68:3F:92:10:89:D1:A4:BF:99:63
Certificate issuer: /CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Certificate serial: 0696
Authority key identifier: D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/EE01A270B2A511EE93CD6A21C4F9AE02.roa
Signing time: Sun 14 Jan 2024 06:27:03 +0000
ROA not before: Sun 14 Jan 2024 06:27:03 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.54.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 09:23:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1686 (0x696)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Validity
Not Before: Jan 14 06:27:03 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65a37eb7-232b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e7:d3:21:27:a5:a8:2c:af:79:a9:bd:4b:a1:
08:07:3e:eb:6b:5b:ed:b1:3e:25:5d:d2:ab:af:63:
d4:d9:2f:60:72:57:a9:ac:11:d2:bf:1c:9a:e8:a2:
76:0d:26:a2:4e:b6:98:a4:a3:a9:6d:91:a5:cc:2f:
7a:e1:82:53:33:cb:23:c1:c2:93:dc:80:f1:d0:2c:
0b:da:0d:96:34:9c:d1:3c:a6:49:8e:b3:4d:7a:fe:
de:c5:6c:37:cd:1f:47:3e:85:7a:0d:ed:00:ef:23:
7b:00:84:95:63:df:16:7d:3f:d6:2d:c6:d1:d1:fd:
12:c5:7d:cc:bc:73:01:da:1b:93:7a:9a:f8:49:8c:
9a:cc:c0:ec:cc:df:1c:8f:6a:1a:f5:45:60:4a:4b:
f8:ae:2f:79:40:81:ac:16:48:01:30:82:44:9a:f6:
7d:c9:06:52:e1:75:35:00:c4:a5:da:bf:0e:42:c7:
34:c3:78:37:be:dd:84:01:3a:75:d7:e1:fb:b5:53:
71:d3:00:57:65:5a:14:d5:ef:3b:92:96:cc:bc:b4:
df:c6:4b:1d:67:a4:8d:1d:0a:39:81:56:2b:eb:a2:
c8:cb:47:32:90:92:3a:7a:eb:7d:94:2f:ca:99:49:
f1:08:67:1a:fc:d4:b5:c9:a5:d1:71:56:7d:41:4c:
a9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:B3:A0:4D:5F:69:64:D1:EB:76:68:3F:92:10:89:D1:A4:BF:99:63
X509v3 Authority Key Identifier:
keyid:D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1eU68RWZfH-juGVS-V9RFK80Bek.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/EE01A270B2A511EE93CD6A21C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.54.153.0/24
Signature Algorithm: sha256WithRSAEncryption
37:45:c1:f0:f3:42:e0:41:6a:53:a0:6d:7a:ef:96:89:f2:fc:
ae:21:b9:6b:ec:ad:13:92:e4:ae:dc:bd:ac:40:c1:9c:83:f0:
4f:d7:9b:85:de:e6:a7:3a:65:78:9e:e7:29:6d:1d:95:b8:0e:
c3:1c:5e:3b:14:0d:55:54:89:92:9e:44:09:f6:76:3f:a2:0c:
2b:4a:3d:4d:d1:60:71:18:91:ed:c3:f6:89:cd:9d:9f:1f:a0:
84:65:16:20:2e:a7:c7:69:b8:be:e1:de:02:11:a2:4e:b9:26:
8c:db:ec:45:8f:ec:f4:2e:58:18:ed:f0:1c:ea:35:f2:74:dd:
b6:c7:15:9a:5d:87:e3:0f:4f:de:d5:cf:da:f6:22:01:4c:24:
24:27:f4:12:8d:ad:b8:fd:69:7b:b4:24:23:c6:92:e2:9b:90:
85:47:8e:8b:4f:8f:7b:2a:7e:37:78:e4:df:0b:96:1e:75:23:
25:82:76:ba:e0:9b:5e:d3:c4:d2:31:64:a4:05:56:1f:7d:ec:
94:24:87:70:cb:e8:84:52:93:a0:33:e8:ae:ce:3b:e7:6a:d0:
58:98:96:83:15:9e:ed:cf:dd:2f:eb:94:56:fb:48:10:a8:f8:
f9:50:c3:1e:22:1b:54:74:57:79:12:c4:61:cc:8a:99:36:ac:
dd:a8:05:6a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBpYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQwRDIxMTAvBgNVBAUTKEQ1RTUzQUYxMTU5OTdDN0ZBM0I4NjU1MkY5NUY1MTE0
QUYzNDA1RTkwHhcNMjQwMTE0MDYyNzAzWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWEzN2ViNy0yMzJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm+fTISelqCyveam9S6EIBz7ra1vtsT4lXdKrr2PU2S9gcleprBHSvxya6KJ2
DSaiTraYpKOpbZGlzC964YJTM8sjwcKT3IDx0CwL2g2WNJzRPKZJjrNNev7exWw3
zR9HPoV6De0A7yN7AISVY98WfT/WLcbR0f0SxX3MvHMB2huTepr4SYyazMDszN8c
j2oa9UVgSkv4ri95QIGsFkgBMIJEmvZ9yQZS4XU1AMSl2r8OQsc0w3g3vt2EATp1
1+H7tVNx0wBXZVoU1e87kpbMvLTfxksdZ6SNHQo5gVYr66LIy0cykJI6eut9lC/K
mUnxCGca/NS1yaXRcVZ9QUypyQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBCzoE1f
aWTR63ZoP5IQidGkv5ljMB8GA1UdIwQYMBaAFNXlOvEVmXx/o7hlUvlfURSvNAXp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDBEMi81OTM3RDQzRTM1
QUQxMUVCODFFRUFEMTJDNEY5QUUwMi8xZVU2OFJXWmZILWp1R1ZTLVY5UkZLODBC
ZWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFlVTY4UldaZkgtanVHVlMtVjlSRks4MEJlay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQwRDIvNTkzN0Q0M0UzNUFEMTFFQjgxRUVBRDEyQzRGOUFFMDIvRUUwMUEyNzBC
MkE1MTFFRTkzQ0Q2QTIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnNpkwDQYJKoZIhvcNAQELBQADggEBADdFwfDzQuBBalOg
bXrvlony/K4huWvsrROS5K7cvaxAwZyD8E/Xm4Xe5qc6ZXie5yltHZW4DsMcXjsU
DVVUiZKeRAn2dj+iDCtKPU3RYHEYke3D9onNnZ8foIRlFiAup8dpuL7h3gIRok65
Jozb7EWP7PQuWBjt8BzqNfJ03bbHFZpdh+MPT97Vz9r2IgFMJCQn9BKNrbj9aXu0
JCPGkuKbkIVHjotPj3sqfjd45N8Llh51IyWCdrrgm17TxNIxZKQFVh997JQkh3DL
6IRSk6Az6K7OO+dq0FiYloMVnu3P3S/rlFb7SBCo+PlQwx4iG1R0V3kSxGHMipk2
rN2oBWo=
-----END CERTIFICATE-----
Generated at Sat Jan 20 10:11:28 2024 by rpki-client on console-ams.rpki-client.org