Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918067C/99FB609401D011ED9540BB35C4F9AE02/B0EC2E2A01D311EDB0749F3BC4F9AE02.roa
File: B0EC2E2A01D311EDB0749F3BC4F9AE02.roa (raw, json)
Hash identifier: TnA1AsXP41dAbvjIxSEBYTQiV6l4VLsvYNu7hmYbzjc=
Subject key identifier: 21:AB:A8:1B:7A:E7:5F:7C:6D:56:EA:35:D3:EA:31:5B:B8:52:79:2A
Certificate issuer: /CN=A918067C/serialNumber=36D46F1BEA97208FD2220C4C6BFC790610C45CBE
Certificate serial: 0192
Authority key identifier: 36:D4:6F:1B:EA:97:20:8F:D2:22:0C:4C:6B:FC:79:06:10:C4:5C:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NtRvG-qXII_SIgxMa_x5BhDEXL4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918067C/99FB609401D011ED9540BB35C4F9AE02/B0EC2E2A01D311EDB0749F3BC4F9AE02.roa
Signing time: Mon 01 Jan 2024 04:05:18 +0000
ROA not before: Mon 01 Jan 2024 04:05:18 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 17483
IP address blocks: 103.243.68.0/24 maxlen: 24
103.243.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Apr 2024 22:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 402 (0x192)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918067C/serialNumber=36D46F1BEA97208FD2220C4C6BFC790610C45CBE
Validity
Not Before: Jan 1 04:05:18 2024 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=659239fe-c88d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4e:11:b3:8d:17:92:e4:ee:3c:6d:4b:99:b7:
a2:80:41:e8:d7:9e:b8:09:49:13:21:90:8e:81:66:
7a:cf:c4:d4:39:0b:0f:da:11:37:84:30:95:3f:44:
e3:e2:3b:91:5d:59:ac:02:65:64:d1:07:b1:0d:03:
d9:01:4d:14:c4:ce:6c:09:bf:31:a3:d2:32:4d:0f:
c3:d2:d5:2c:83:e1:2b:35:64:a6:73:8c:27:62:06:
1a:03:b0:9a:ef:81:d5:bc:b1:9c:74:62:02:a0:18:
7f:d9:4f:87:b6:45:2f:58:5e:62:b8:f2:41:35:83:
89:55:b4:12:03:7a:11:0c:d0:95:14:f4:c4:9a:4e:
c2:1c:96:c7:34:c9:b4:56:a4:24:de:5e:3f:9c:89:
7b:9e:84:58:f9:b7:a0:d0:e6:fe:8e:61:32:db:f7:
a1:ed:df:b3:d9:a3:90:d1:20:6e:a1:66:f1:f5:da:
a6:4f:c0:6b:f3:34:e4:e1:6c:99:60:80:14:13:b7:
42:8a:04:ec:8e:c5:d5:19:eb:94:bf:f2:9e:6c:8d:
e4:4a:09:26:ca:83:15:58:26:47:db:f2:0f:d8:9d:
9b:ec:d5:94:cd:b8:f7:50:04:52:ad:f8:66:bf:2c:
3c:2b:86:ab:e2:39:9e:f8:ad:eb:68:01:95:bc:6c:
85:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:AB:A8:1B:7A:E7:5F:7C:6D:56:EA:35:D3:EA:31:5B:B8:52:79:2A
X509v3 Authority Key Identifier:
keyid:36:D4:6F:1B:EA:97:20:8F:D2:22:0C:4C:6B:FC:79:06:10:C4:5C:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918067C/99FB609401D011ED9540BB35C4F9AE02/NtRvG-qXII_SIgxMa_x5BhDEXL4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NtRvG-qXII_SIgxMa_x5BhDEXL4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918067C/99FB609401D011ED9540BB35C4F9AE02/B0EC2E2A01D311EDB0749F3BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.243.68.0/23
Signature Algorithm: sha256WithRSAEncryption
80:aa:6b:c9:6b:82:59:d7:d0:92:99:1c:2e:7d:92:78:1f:4d:
89:81:7d:0f:b1:e6:3c:f9:15:f8:2a:c1:9d:f0:4a:7b:ee:61:
d2:b8:44:c8:22:02:2f:93:bc:c2:96:d0:ba:8c:0f:9a:af:52:
2b:cd:e8:53:56:c6:c5:bb:10:f0:72:59:1e:12:7f:4a:31:5e:
17:83:b1:7e:95:0f:68:7a:19:c1:ef:b9:ca:aa:74:2c:9c:a4:
fb:d2:c5:57:d4:c4:2f:b4:2a:65:04:b3:39:9f:27:f7:9d:57:
cf:bd:e2:f9:e2:9b:df:89:4a:e5:f4:56:03:d6:76:da:c0:36:
cd:b1:10:19:cf:a9:db:5a:64:bc:79:a8:09:e9:ad:6e:05:de:
ee:a9:99:7d:5e:10:bf:13:de:84:f3:b0:3e:ae:50:88:dd:49:
ec:6e:32:59:0c:24:67:67:dd:bf:9f:5e:36:52:e8:53:0f:eb:
34:49:18:92:c5:97:e3:9c:98:fe:bf:8d:5a:cb:4d:6f:de:79:
cf:bb:59:99:e0:a0:3f:3d:bc:a7:ed:1b:cd:20:8f:d2:86:51:
ed:8c:94:0c:6d:59:bb:ca:14:4f:f9:0f:a0:0b:4e:48:a9:a0:
c0:60:a9:ed:09:86:51:52:32:0b:56:35:01:08:61:fc:bf:34:
1c:64:3c:28
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAZIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODA2N0MxMTAvBgNVBAUTKDM2RDQ2RjFCRUE5NzIwOEZEMjIyMEM0QzZCRkM3OTA2
MTBDNDVDQkUwHhcNMjQwMTAxMDQwNTE4WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTkyMzlmZS1jODhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtU4Rs40XkuTuPG1LmbeigEHo1564CUkTIZCOgWZ6z8TUOQsP2hE3hDCVP0Tj
4juRXVmsAmVk0QexDQPZAU0UxM5sCb8xo9IyTQ/D0tUsg+ErNWSmc4wnYgYaA7Ca
74HVvLGcdGICoBh/2U+HtkUvWF5iuPJBNYOJVbQSA3oRDNCVFPTEmk7CHJbHNMm0
VqQk3l4/nIl7noRY+beg0Ob+jmEy2/eh7d+z2aOQ0SBuoWbx9dqmT8Br8zTk4WyZ
YIAUE7dCigTsjsXVGeuUv/KebI3kSgkmyoMVWCZH2/IP2J2b7NWUzbj3UARSrfhm
vyw8K4ar4jme+K3raAGVvGyFnwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCGrqBt6
5198bVbqNdPqMVu4UnkqMB8GA1UdIwQYMBaAFDbUbxvqlyCP0iIMTGv8eQYQxFy+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDY3Qy85OUZCNjA5NDAx
RDAxMUVEOTU0MEJCMzVDNEY5QUUwMi9OdFJ2Ry1xWElJX1NJZ3hNYV94NUJoREVY
TDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL050UnZHLXFYSUlfU0lneE1hX3g1QmhERVhMNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODA2N0MvOTlGQjYwOTQwMUQwMTFFRDk1NDBCQjM1QzRGOUFFMDIvQjBFQzJFMkEw
MUQzMTFFREIwNzQ5RjNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn80QwDQYJKoZIhvcNAQELBQADggEBAICqa8lrglnX0JKZ
HC59kngfTYmBfQ+x5jz5FfgqwZ3wSnvuYdK4RMgiAi+TvMKW0LqMD5qvUivN6FNW
xsW7EPByWR4Sf0oxXheDsX6VD2h6GcHvucqqdCycpPvSxVfUxC+0KmUEszmfJ/ed
V8+94vnim9+JSuX0VgPWdtrANs2xEBnPqdtaZLx5qAnprW4F3u6pmX1eEL8T3oTz
sD6uUIjdSexuMlkMJGdn3b+fXjZS6FMP6zRJGJLFl+OcmP6/jVrLTW/eec+7WZng
oD89vKftG80gj9KGUe2MlAxtWbvKFE/5D6ALTkipoMBgqe0JhlFSMgtWNQEIYfy/
NBxkPCg=
-----END CERTIFICATE-----
Generated at Tue Apr 2 03:07:21 2024 by rpki-client on console-fra.rpki-client.org