Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186CDF/4481F0A811DE11EBB9F9F777C4F9AE02/1590D7B8A9EE11EEA1869233C4F9AE02.roa
File: 1590D7B8A9EE11EEA1869233C4F9AE02.roa (raw, json)
Hash identifier: 4PGC2s88E5mEe35HBTN9jPPB0fGyltjAGdUl3kS0IwQ=
Subject key identifier: 06:9E:CA:3C:4A:D1:43:D6:3A:8F:D5:D7:A3:EC:74:A8:62:39:9D:7B
Certificate issuer: /CN=A9186CDF/serialNumber=A5322E98206815276DC12617961938FFC6C8848A
Certificate serial: 0688
Authority key identifier: A5:32:2E:98:20:68:15:27:6D:C1:26:17:96:19:38:FF:C6:C8:84:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pTIumCBoFSdtwSYXlhk4_8bIhIo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186CDF/4481F0A811DE11EBB9F9F777C4F9AE02/1590D7B8A9EE11EEA1869233C4F9AE02.roa
Signing time: Wed 03 Jan 2024 04:10:53 +0000
ROA not before: Wed 03 Jan 2024 04:10:53 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 834
IP address blocks: 103.157.136.0/24 maxlen: 24
103.157.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 05:12:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1672 (0x688)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186CDF/serialNumber=A5322E98206815276DC12617961938FFC6C8848A
Validity
Not Before: Jan 3 04:10:53 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6594de4c-4b21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:98:09:60:b9:54:13:cf:f7:f3:4a:23:ad:12:
3c:ff:0d:5f:f1:3a:88:bd:08:a8:c7:35:b7:c1:35:
95:9b:ff:72:db:33:66:ed:c5:7f:80:07:cf:70:af:
99:88:0a:84:2d:7f:01:90:25:a6:c1:28:a1:94:11:
f7:b0:b3:f4:2e:3e:f9:bf:9b:91:8f:4e:e0:a0:d3:
42:c1:6b:0e:64:fb:5c:15:0d:83:92:8a:ce:eb:d9:
b4:9d:4a:fd:84:0e:09:0a:dd:8d:eb:fb:81:ba:10:
7e:fd:4e:f7:20:4a:e8:c4:36:da:52:1a:04:44:29:
74:6c:a8:6c:78:78:4a:b7:26:d0:cf:a4:3e:4e:a2:
5b:87:71:70:73:2f:fb:fc:f0:28:a1:54:f7:09:05:
5e:a4:6b:18:9e:11:d5:73:31:83:22:a3:4f:2b:00:
34:2b:b2:17:52:7f:c5:43:e2:b4:b6:ff:8e:04:37:
dc:ae:0e:d7:81:7d:82:05:50:fc:c3:cb:8a:2a:dd:
7b:0c:4c:89:a3:d9:02:45:e1:54:e6:de:b6:de:0f:
b6:b9:2f:aa:4a:d6:7d:c5:52:26:cf:b3:d0:0f:30:
98:80:a7:f1:61:4a:80:61:be:24:cf:98:98:44:c7:
06:4b:1c:b7:d7:84:f3:44:12:8b:1a:73:f9:0c:fc:
73:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:9E:CA:3C:4A:D1:43:D6:3A:8F:D5:D7:A3:EC:74:A8:62:39:9D:7B
X509v3 Authority Key Identifier:
keyid:A5:32:2E:98:20:68:15:27:6D:C1:26:17:96:19:38:FF:C6:C8:84:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186CDF/4481F0A811DE11EBB9F9F777C4F9AE02/pTIumCBoFSdtwSYXlhk4_8bIhIo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pTIumCBoFSdtwSYXlhk4_8bIhIo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186CDF/4481F0A811DE11EBB9F9F777C4F9AE02/1590D7B8A9EE11EEA1869233C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.157.136.0/23
Signature Algorithm: sha256WithRSAEncryption
89:4d:10:6b:85:a6:31:ec:9f:bc:e5:25:d0:7b:e6:ef:f8:da:
fe:41:21:5b:68:30:92:1f:7f:76:9f:6e:3b:50:76:e2:32:0b:
02:6a:53:bb:da:2c:00:8c:ae:a9:f5:b3:ee:18:a1:1c:1f:8d:
47:c8:f9:22:54:76:17:62:13:39:65:23:b5:af:ec:e4:99:22:
db:da:ec:38:9a:f9:2b:49:e5:f3:b5:c1:21:ec:8a:5e:52:b6:
83:79:7b:4d:03:ea:be:0c:72:e3:da:e3:8b:d4:52:36:74:0c:
19:c9:da:fc:20:1d:dd:0a:e5:cb:44:50:5a:2e:44:16:06:7c:
4e:7e:d0:fc:e5:2a:e6:93:7c:1b:4b:bf:13:a2:11:bf:0b:9e:
69:d9:ed:dd:8a:97:01:52:49:83:2e:fa:6d:b6:85:06:76:7c:
d0:e0:ca:4e:1b:89:a9:a9:a5:70:c7:80:92:ba:34:0b:1a:07:
ec:3a:4a:c4:c7:68:34:f5:a5:ee:7a:23:5e:bd:15:cc:be:76:
bb:8a:a0:48:b1:53:f0:2e:ad:28:38:ba:3d:bc:37:d9:c7:5e:
0a:bd:15:b2:67:96:09:fd:ce:09:6c:56:4c:6d:2f:ca:a2:d2:
d3:b0:46:2c:6d:ab:12:53:77:57:e3:65:8a:b9:2c:20:26:56:
86:15:e5:2f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBogwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODZDREYxMTAvBgNVBAUTKEE1MzIyRTk4MjA2ODE1Mjc2REMxMjYxNzk2MTkzOEZG
QzZDODg0OEEwHhcNMjQwMTAzMDQxMDUzWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk0ZGU0Yy00YjIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtJgJYLlUE8/380ojrRI8/w1f8TqIvQioxzW3wTWVm/9y2zNm7cV/gAfPcK+Z
iAqELX8BkCWmwSihlBH3sLP0Lj75v5uRj07goNNCwWsOZPtcFQ2DkorO69m0nUr9
hA4JCt2N6/uBuhB+/U73IEroxDbaUhoERCl0bKhseHhKtybQz6Q+TqJbh3Fwcy/7
/PAooVT3CQVepGsYnhHVczGDIqNPKwA0K7IXUn/FQ+K0tv+OBDfcrg7XgX2CBVD8
w8uKKt17DEyJo9kCReFU5t623g+2uS+qStZ9xVImz7PQDzCYgKfxYUqAYb4kz5iY
RMcGSxy314TzRBKLGnP5DPxzzwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAaeyjxK
0UPWOo/V16PsdKhiOZ17MB8GA1UdIwQYMBaAFKUyLpggaBUnbcEmF5YZOP/GyISK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NkNERi80NDgxRjBBODEx
REUxMUVCQjlGOUY3NzdDNEY5QUUwMi9wVEl1bUNCb0ZTZHR3U1lYbGhrNF84Yklo
SW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BUSXVtQ0JvRlNkdHdTWVhsaGs0XzhiSWhJby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZDREYvNDQ4MUYwQTgxMURFMTFFQkI5RjlGNzc3QzRGOUFFMDIvMTU5MEQ3QjhB
OUVFMTFFRUExODY5MjMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnYgwDQYJKoZIhvcNAQELBQADggEBAIlNEGuFpjHsn7zl
JdB75u/42v5BIVtoMJIff3afbjtQduIyCwJqU7vaLACMrqn1s+4YoRwfjUfI+SJU
dhdiEzllI7Wv7OSZItva7Dia+StJ5fO1wSHsil5StoN5e00D6r4McuPa44vUUjZ0
DBnJ2vwgHd0K5ctEUFouRBYGfE5+0PzlKuaTfBtLvxOiEb8LnmnZ7d2KlwFSSYMu
+m22hQZ2fNDgyk4biamppXDHgJK6NAsaB+w6SsTHaDT1pe56I169Fcy+druKoEix
U/AurSg4uj28N9nHXgq9FbJnlgn9zglsVkxtL8qi0tOwRixtqxJTd1fjZYq5LCAm
VoYV5S8=
-----END CERTIFICATE-----
Generated at Wed Jan 10 07:52:44 2024 by rpki-client on console-fra.rpki-client.org