Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918A05D/C1EFB0804E2511EEAAAE6D49C4F9AE02/ABF58BC650B711EE80742A2BC4F9AE02.roa
File: ABF58BC650B711EE80742A2BC4F9AE02.roa (raw, json)
Hash identifier: ZPxQawRqoprnL5VAXmxsBblT/kzRwYgk1RQGIjh6R6Y=
Subject key identifier: 84:76:5B:B3:4A:89:7C:AE:D6:86:CA:06:8C:12:0E:54:CD:4C:41:CC
Certificate issuer: /CN=A918A05D/serialNumber=0F545E6273D7C97E9995411F76D5C4F006BB5186
Certificate serial: 07
Authority key identifier: 0F:54:5E:62:73:D7:C9:7E:99:95:41:1F:76:D5:C4:F0:06:BB:51:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D1ReYnPXyX6ZlUEfdtXE8Aa7UYY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918A05D/C1EFB0804E2511EEAAAE6D49C4F9AE02/ABF58BC650B711EE80742A2BC4F9AE02.roa
Signing time: Mon 11 Sep 2023 15:27:09 +0000
ROA not before: Mon 11 Sep 2023 15:27:09 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 55154
IP address blocks: 103.115.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Oct 2023 01:50:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918A05D/serialNumber=0F545E6273D7C97E9995411F76D5C4F006BB5186
Validity
Not Before: Sep 11 15:27:09 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64ff31cd-94a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:95:a1:0d:d2:cf:0b:b4:61:a3:4c:0d:29:b9:
9c:9a:a9:31:5c:a0:7a:2b:e0:1b:4d:c9:7c:6e:56:
ee:78:66:8f:c7:a5:36:85:cb:2e:e1:4e:cf:14:4f:
c5:ae:ae:a1:84:38:ac:e9:36:aa:53:ae:b6:d2:6a:
19:5a:18:82:44:95:8a:6e:e5:57:db:08:db:65:83:
bc:80:58:78:e1:13:f0:7b:7f:12:08:b0:f0:cf:04:
f7:e5:c9:3f:3c:59:59:41:dc:f1:ca:11:41:84:11:
05:b0:4a:6e:bb:8c:7e:9d:95:2e:3d:5b:52:fc:58:
b1:42:63:c1:13:b6:d2:e8:e0:17:fe:ab:f2:17:ce:
5d:29:71:5c:a3:aa:b6:1d:98:a9:c7:a3:d1:84:ad:
75:21:5d:60:e1:01:42:44:af:e9:c6:59:72:ea:ca:
e5:c9:37:0c:68:b1:ba:d5:f7:21:78:fa:af:56:5b:
9d:1a:1a:f2:0f:a3:a9:3e:2b:2d:79:17:de:bb:d1:
59:50:bf:a0:bf:e5:b8:f4:ab:13:91:a7:0f:ed:b4:
80:44:fa:9e:2f:2f:70:f5:12:c6:1c:f6:be:ec:1b:
51:e3:73:60:5e:8e:75:7b:7f:8c:c0:5e:d7:1c:17:
2c:8c:76:55:3c:04:a3:d5:c6:02:2e:f9:bd:1b:6e:
47:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:76:5B:B3:4A:89:7C:AE:D6:86:CA:06:8C:12:0E:54:CD:4C:41:CC
X509v3 Authority Key Identifier:
keyid:0F:54:5E:62:73:D7:C9:7E:99:95:41:1F:76:D5:C4:F0:06:BB:51:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918A05D/C1EFB0804E2511EEAAAE6D49C4F9AE02/D1ReYnPXyX6ZlUEfdtXE8Aa7UYY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D1ReYnPXyX6ZlUEfdtXE8Aa7UYY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A05D/C1EFB0804E2511EEAAAE6D49C4F9AE02/ABF58BC650B711EE80742A2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.115.19.0/24
Signature Algorithm: sha256WithRSAEncryption
61:df:9d:2e:a3:17:f8:40:50:44:2d:25:67:97:ba:42:a0:c8:
6a:d9:bb:92:14:75:d0:3d:64:9a:9e:81:c3:bb:a5:42:7b:19:
fc:08:d8:bc:79:70:e6:40:8c:d8:00:ff:bb:f3:ad:36:5f:aa:
e5:62:76:71:47:26:cf:3d:d4:19:22:fd:ef:5e:45:2e:b1:40:
8e:b5:f8:71:55:02:63:6a:dd:d0:86:bf:4a:b6:23:fd:b8:38:
ea:b8:61:ee:1d:68:25:e5:19:03:0d:90:d9:ab:14:92:d5:3b:
83:0c:19:25:44:9b:99:11:6b:ae:c6:01:ce:a3:47:c9:90:aa:
16:cc:b3:07:1b:20:5f:d5:fa:bc:df:4d:b9:65:25:5b:73:21:
d7:1e:80:3c:3f:7b:66:51:71:ce:13:5a:cd:41:9c:f7:f0:ec:
9c:94:0b:92:73:c1:9a:49:33:7f:5e:e0:34:5f:67:b3:07:7d:
89:9f:28:ab:2c:fe:5f:91:67:10:78:ff:3f:9c:4e:69:1d:36:
08:d4:66:a2:86:51:b0:77:16:18:45:37:b3:ea:36:26:d2:c5:
8e:f7:87:30:f6:88:9e:14:67:0b:d4:4b:bc:1b:03:a0:4b:25:
6c:65:39:a8:12:9d:b6:9e:96:ab:43:62:73:77:09:f3:64:3e:
e0:1c:53:22
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
QTA1RDExMC8GA1UEBRMoMEY1NDVFNjI3M0Q3Qzk3RTk5OTU0MTFGNzZENUM0RjAw
NkJCNTE4NjAeFw0yMzA5MTExNTI3MDlaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZmYzMWNkLTk0YTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+laEN0s8LtGGjTA0puZyaqTFcoHor4BtNyXxuVu54Zo/HpTaFyy7hTs8UT8Wu
rqGEOKzpNqpTrrbSahlaGIJElYpu5VfbCNtlg7yAWHjhE/B7fxIIsPDPBPflyT88
WVlB3PHKEUGEEQWwSm67jH6dlS49W1L8WLFCY8ETttLo4Bf+q/IXzl0pcVyjqrYd
mKnHo9GErXUhXWDhAUJEr+nGWXLqyuXJNwxosbrV9yF4+q9WW50aGvIPo6k+Ky15
F9670VlQv6C/5bj0qxORpw/ttIBE+p4vL3D1EsYc9r7sG1Hjc2BejnV7f4zAXtcc
FyyMdlU8BKPVxgIu+b0bbkf1AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUhHZbs0qJ
fK7WhsoGjBIOVM1MQcwwHwYDVR0jBBgwFoAUD1ReYnPXyX6ZlUEfdtXE8Aa7UYYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThBMDVEL0MxRUZCMDgwNEUy
NTExRUVBQUFFNkQ0OUM0RjlBRTAyL0QxUmVZblBYeVg2WmxVRWZkdFhFOEFhN1VZ
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRDFSZVluUFh5WDZabFVFZmR0WEU4QWE3VVlZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QTA1RC9DMUVGQjA4MDRFMjUxMUVFQUFBRTZENDlDNEY5QUUwMi9BQkY1OEJDNjUw
QjcxMUVFODA3NDJBMkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdzEzANBgkqhkiG9w0BAQsFAAOCAQEAYd+dLqMX+EBQRC0l
Z5e6QqDIatm7khR10D1kmp6Bw7ulQnsZ/AjYvHlw5kCM2AD/u/OtNl+q5WJ2cUcm
zz3UGSL9715FLrFAjrX4cVUCY2rd0Ia/SrYj/bg46rhh7h1oJeUZAw2Q2asUktU7
gwwZJUSbmRFrrsYBzqNHyZCqFsyzBxsgX9X6vN9NuWUlW3Mh1x6APD97ZlFxzhNa
zUGc9/DsnJQLknPBmkkzf17gNF9nswd9iZ8oqyz+X5FnEHj/P5xOaR02CNRmooZR
sHcWGEU3s+o2JtLFjveHMPaInhRnC9RLvBsDoEslbGU5qBKdtp6Wq0Nic3cJ82Q+
4BxTIg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org