Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E151/12ACD6BAF4DC11EB8F7DB949C4F9AE02/28B70046F4DE11EBA13B564DC4F9AE02.roa
File: 28B70046F4DE11EBA13B564DC4F9AE02.roa (raw, json)
Hash identifier: u2W1tXeoqpyiKeMrbSMV+XalXDC+Tjft/pmnPdUqLEw=
Subject key identifier: 02:F5:C1:63:52:A6:4F:6E:CB:D8:7B:8E:6A:85:51:6B:D2:70:EA:49
Certificate issuer: /CN=A917E151/serialNumber=0CD64E4BD6FAD397C7471118A2803B87DD2C1D53
Certificate serial: 03D9
Authority key identifier: 0C:D6:4E:4B:D6:FA:D3:97:C7:47:11:18:A2:80:3B:87:DD:2C:1D:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DNZOS9b605fHRxEYooA7h90sHVM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E151/12ACD6BAF4DC11EB8F7DB949C4F9AE02/28B70046F4DE11EBA13B564DC4F9AE02.roa
Signing time: Wed 05 Jul 2023 00:50:35 +0000
ROA not before: Wed 05 Jul 2023 00:50:35 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 137845
IP address blocks: 103.115.168.0/22 maxlen: 24
2403:1840::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 17 Oct 2023 11:46:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 985 (0x3d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E151/serialNumber=0CD64E4BD6FAD397C7471118A2803B87DD2C1D53
Validity
Not Before: Jul 5 00:50:35 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64a4be5b-74c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:78:fb:d5:8a:b3:dd:f2:f5:bd:a1:05:eb:32:
8d:a8:a6:ed:3a:8f:10:fc:a8:d9:50:9c:74:30:47:
5c:c1:f2:4b:8c:95:f3:62:27:8e:3c:b8:df:9f:ea:
07:77:be:e1:05:a2:5d:b9:4a:f5:12:00:34:85:75:
c6:02:3f:ea:b9:dd:fc:12:33:2f:2d:94:0e:ed:79:
c5:b8:52:24:0b:a6:ff:16:d3:13:6f:5f:13:02:97:
d6:ac:38:ea:61:4f:c8:f0:c9:11:f0:e2:17:42:1f:
ba:0a:36:fc:ed:2c:13:ca:12:99:46:76:45:34:d1:
00:9c:b9:57:fb:af:ec:fc:2b:af:4d:8b:5f:4d:df:
b0:0d:51:84:36:e2:9d:75:92:08:73:6a:41:08:ac:
b2:ce:f2:fe:1a:0b:dc:a1:38:b6:a1:5d:70:76:e2:
bd:e8:f6:61:77:49:2a:7e:4d:0b:6a:24:22:f8:a9:
ed:6e:6e:d1:6f:3e:be:df:15:5a:48:33:d0:7a:54:
07:7c:0e:b6:df:98:44:5f:74:81:48:06:77:bd:6d:
7d:cf:bf:dd:5a:ad:70:90:da:4e:d2:7f:ab:d6:af:
c5:f8:48:8f:65:23:ff:5e:99:fa:a2:dd:fa:c4:ee:
13:5c:a3:c0:2b:24:f0:90:01:c0:65:5b:10:12:f9:
20:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:F5:C1:63:52:A6:4F:6E:CB:D8:7B:8E:6A:85:51:6B:D2:70:EA:49
X509v3 Authority Key Identifier:
keyid:0C:D6:4E:4B:D6:FA:D3:97:C7:47:11:18:A2:80:3B:87:DD:2C:1D:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E151/12ACD6BAF4DC11EB8F7DB949C4F9AE02/DNZOS9b605fHRxEYooA7h90sHVM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DNZOS9b605fHRxEYooA7h90sHVM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E151/12ACD6BAF4DC11EB8F7DB949C4F9AE02/28B70046F4DE11EBA13B564DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.115.168.0/22
IPv6:
2403:1840::/32
Signature Algorithm: sha256WithRSAEncryption
19:8e:6b:0f:83:8b:8e:95:af:be:48:9a:c7:4c:6f:d2:ed:b8:
f1:8b:ec:c7:84:e8:5d:10:16:00:04:24:71:8f:22:a3:a0:80:
82:a7:48:af:ad:ba:a8:a2:4a:46:2e:95:78:12:27:4d:98:37:
0e:26:75:a2:b4:5c:b1:52:2f:e7:db:e1:d4:fa:99:ec:0b:c2:
67:13:35:7c:8a:aa:37:7c:10:10:c1:60:85:da:ea:21:5e:4f:
f1:0f:c2:ff:2f:cd:a0:bd:b7:35:f8:fb:06:b7:95:ac:ba:e5:
c2:82:e6:cc:98:12:59:02:7b:56:ee:5c:83:cd:63:ff:88:04:
97:d0:1a:c7:5d:0b:bf:61:03:1f:17:60:b7:6c:a7:1e:2f:e7:
c9:24:b8:7e:2d:8c:86:3d:9e:6b:d8:3b:9d:61:45:87:1c:60:
e2:c8:54:b8:af:de:ba:2c:5e:cd:42:60:b7:3b:0f:f8:df:1a:
48:93:f4:ff:35:b7:1d:d4:c1:06:2a:69:cf:99:62:1d:2f:3a:
8f:91:fd:38:9a:37:31:3b:b3:ad:bb:ae:83:71:ed:82:cb:b3:
55:7e:a8:a6:d8:28:9c:70:98:02:c0:dc:69:6b:78:6b:df:2b:
5c:1a:5d:1d:35:d8:7d:d5:b9:c8:b0:41:df:48:f6:73:76:b8:
5a:3f:5a:7c
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA9kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0UxNTExMTAvBgNVBAUTKDBDRDY0RTRCRDZGQUQzOTdDNzQ3MTExOEEyODAzQjg3
REQyQzFENTMwHhcNMjMwNzA1MDA1MDM1WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE0YmU1Yi03NGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx3j71Yqz3fL1vaEF6zKNqKbtOo8Q/KjZUJx0MEdcwfJLjJXzYieOPLjfn+oH
d77hBaJduUr1EgA0hXXGAj/qud38EjMvLZQO7XnFuFIkC6b/FtMTb18TApfWrDjq
YU/I8MkR8OIXQh+6Cjb87SwTyhKZRnZFNNEAnLlX+6/s/CuvTYtfTd+wDVGENuKd
dZIIc2pBCKyyzvL+GgvcoTi2oV1wduK96PZhd0kqfk0LaiQi+Kntbm7Rbz6+3xVa
SDPQelQHfA6235hEX3SBSAZ3vW19z7/dWq1wkNpO0n+r1q/F+EiPZSP/Xpn6ot36
xO4TXKPAKyTwkAHAZVsQEvkgawIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFAL1wWNS
pk9uy9h7jmqFUWvScOpJMB8GA1UdIwQYMBaAFAzWTkvW+tOXx0cRGKKAO4fdLB1T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTE1MS8xMkFDRDZCQUY0
REMxMUVCOEY3REI5NDlDNEY5QUUwMi9ETlpPUzliNjA1ZkhSeEVZb29BN2g5MHNI
Vk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ROWk9TOWI2MDVmSFJ4RVlvb0E3aDkwc0hWTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0UxNTEvMTJBQ0Q2QkFGNERDMTFFQjhGN0RCOTQ5QzRGOUFFMDIvMjhCNzAwNDZG
NERFMTFFQkExM0I1NjREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnc6gwDQQCAAIwBwMFACQDGEAwDQYJKoZIhvcNAQELBQAD
ggEBABmOaw+Di46Vr75ImsdMb9LtuPGL7MeE6F0QFgAEJHGPIqOggIKnSK+tuqii
SkYulXgSJ02YNw4mdaK0XLFSL+fb4dT6mewLwmcTNXyKqjd8EBDBYIXa6iFeT/EP
wv8vzaC9tzX4+wa3lay65cKC5syYElkCe1buXIPNY/+IBJfQGsddC79hAx8XYLds
px4v58kkuH4tjIY9nmvYO51hRYccYOLIVLiv3rosXs1CYLc7D/jfGkiT9P81tx3U
wQYqac+ZYh0vOo+R/TiaNzE7s627roNx7YLLs1V+qKbYKJxwmALA3GlreGvfK1wa
XR012H3VuciwQd9I9nN2uFo/Wnw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org