Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/081062227EB811EEAB85CC1CC4F9AE02.roa
File: 081062227EB811EEAB85CC1CC4F9AE02.roa (raw, json)
Hash identifier: twzggBBTF3UbdJd/O/3CRK03vEOga6pGX2ATkRT0QpQ=
Subject key identifier: D0:F5:75:4C:BF:D5:97:CE:CB:A1:D1:3E:64:88:B1:26:E9:E4:72:C1
Certificate issuer: /CN=A919A7CA/serialNumber=DA1DB2CD31F454F69561D8665DC93EF812F397B0
Certificate serial: 02
Authority key identifier: DA:1D:B2:CD:31:F4:54:F6:95:61:D8:66:5D:C9:3E:F8:12:F3:97:B0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/081062227EB811EEAB85CC1CC4F9AE02.roa
Signing time: Thu 09 Nov 2023 04:25:37 +0000
ROA not before: Thu 09 Nov 2023 04:25:37 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 15353
IP address blocks: 103.186.158.0/24 maxlen: 24
103.186.159.0/24 maxlen: 24
2400:72e0:9f00::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 13 Nov 2023 05:56:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919A7CA/serialNumber=DA1DB2CD31F454F69561D8665DC93EF812F397B0
Validity
Not Before: Nov 9 04:25:37 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=654c5f41-513a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:83:59:f5:cc:0f:63:8a:65:4e:30:23:15:80:
9c:11:a5:33:eb:43:86:03:f8:00:5d:85:91:6a:6d:
50:92:d7:79:b3:36:eb:5c:8f:40:41:95:0e:b1:22:
f4:3c:22:b7:99:70:29:b7:2d:a9:3f:93:26:39:53:
55:71:ea:64:a5:4d:de:24:4e:a6:3c:4b:f8:38:0d:
0f:8b:7c:ff:8a:ff:f0:01:87:2f:f0:de:72:ea:76:
21:f2:ba:31:60:ed:a0:55:c2:4d:43:c7:9e:af:f0:
f8:a8:99:f5:f3:7f:47:e7:17:d8:f8:a5:d5:7e:42:
be:36:84:a1:fa:bf:ee:5e:b7:3d:61:9f:ac:5e:54:
91:74:23:bc:7b:73:b8:b9:38:9a:1d:27:e3:11:0b:
92:9e:ea:af:f7:1b:32:45:42:c7:66:7f:21:3f:6a:
ec:fb:c3:eb:2d:20:73:df:4b:cc:da:44:77:21:f7:
c7:ce:f7:ea:eb:e4:c1:00:3a:95:77:a5:ba:b2:10:
66:de:9c:78:d6:8e:df:bb:80:46:c9:be:b5:28:d6:
47:6b:83:4b:ea:7e:95:6d:95:9c:93:b6:ac:9b:75:
33:b0:7d:52:66:06:fe:9d:f4:60:3b:93:e4:89:e3:
0b:10:6d:6b:b1:5c:a5:f4:2f:77:3e:d4:ab:f7:95:
5b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F5:75:4C:BF:D5:97:CE:CB:A1:D1:3E:64:88:B1:26:E9:E4:72:C1
X509v3 Authority Key Identifier:
keyid:DA:1D:B2:CD:31:F4:54:F6:95:61:D8:66:5D:C9:3E:F8:12:F3:97:B0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/081062227EB811EEAB85CC1CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.186.158.0/23
IPv6:
2400:72e0:9f00::/40
Signature Algorithm: sha256WithRSAEncryption
25:16:41:14:66:01:bb:a5:55:93:cf:46:88:e7:72:5d:44:94:
b5:42:f8:12:c6:40:71:f8:4c:33:8a:1b:70:65:de:6f:73:30:
ee:70:3a:47:90:0c:bd:90:72:41:51:00:d9:db:02:32:dd:79:
52:0d:be:a5:1e:eb:f4:5e:19:a0:2d:90:06:5f:27:03:3f:86:
be:2f:1a:54:67:9d:17:9d:b3:9a:1a:44:57:fe:00:fc:8e:ec:
14:6d:c5:91:a9:61:a4:ee:e3:db:4e:70:0d:15:a7:fe:f0:c3:
aa:46:59:68:ef:29:d5:cf:18:cd:9d:64:4e:b7:c2:bc:18:2f:
fd:0e:5e:5e:63:2c:cc:f5:c6:16:fb:98:65:32:18:c6:7a:45:
60:42:93:01:03:a3:6a:94:67:5e:99:93:19:b1:c3:b2:eb:ee:
e2:ec:eb:19:81:ed:29:17:1a:e6:5e:f8:63:4c:fa:07:f1:46:
5f:53:b5:51:05:06:de:a1:2f:62:fb:7e:6f:c3:8d:25:db:00:
d5:f9:1a:2b:0f:ef:4c:a0:0f:76:57:71:03:fe:7d:31:f0:63:
1d:d9:f3:07:2b:39:0e:1f:e5:85:92:6a:b2:64:19:68:f2:b1:
5d:07:e7:3c:00:a0:34:e5:0d:7a:e9:6a:b2:58:94:42:82:a6:
ae:7a:a1:b0
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
QTdDQTExMC8GA1UEBRMoREExREIyQ0QzMUY0NTRGNjk1NjFEODY2NURDOTNFRjgx
MkYzOTdCMDAeFw0yMzExMDkwNDI1MzdaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NGM1ZjQxLTUxM2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDpg1n1zA9jimVOMCMVgJwRpTPrQ4YD+ABdhZFqbVCS13mzNutcj0BBlQ6xIvQ8
IreZcCm3Lak/kyY5U1Vx6mSlTd4kTqY8S/g4DQ+LfP+K//ABhy/w3nLqdiHyujFg
7aBVwk1Dx56v8PiomfXzf0fnF9j4pdV+Qr42hKH6v+5etz1hn6xeVJF0I7x7c7i5
OJodJ+MRC5Ke6q/3GzJFQsdmfyE/auz7w+stIHPfS8zaRHch98fO9+rr5MEAOpV3
pbqyEGbenHjWjt+7gEbJvrUo1kdrg0vqfpVtlZyTtqybdTOwfVJmBv6d9GA7k+SJ
4wsQbWuxXKX0L3c+1Kv3lVvzAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU0PV1TL/V
l87LodE+ZIixJunkcsEwHwYDVR0jBBgwFoAU2h2yzTH0VPaVYdhmXck++BLzl7Aw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlBN0NBLzRDRjdGMTU4N0VC
NzExRUU5NjIzRTkxQUM0RjlBRTAyLzJoMnl6VEgwVlBhVllkaG1YY2stLUJMemw3
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMmgyeXpUSDBWUGFWWWRobVhjay0tQkx6bDdBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
QTdDQS80Q0Y3RjE1ODdFQjcxMUVFOTYyM0U5MUFDNEY5QUUwMi8wODEwNjIyMjdF
QjgxMUVFQUI4NUNDMUNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAvBggrBgEFBQcBBwEB/wQg
MB4wDAQCAAEwBgMEAWe6njAOBAIAAjAIAwYAJABy4J8wDQYJKoZIhvcNAQELBQAD
ggEBACUWQRRmAbulVZPPRojncl1ElLVC+BLGQHH4TDOKG3Bl3m9zMO5wOkeQDL2Q
ckFRANnbAjLdeVINvqUe6/ReGaAtkAZfJwM/hr4vGlRnnReds5oaRFf+APyO7BRt
xZGpYaTu49tOcA0Vp/7ww6pGWWjvKdXPGM2dZE63wrwYL/0OXl5jLMz1xhb7mGUy
GMZ6RWBCkwEDo2qUZ16Zkxmxw7Lr7uLs6xmB7SkXGuZe+GNM+gfxRl9TtVEFBt6h
L2L7fm/DjSXbANX5GisP70ygD3ZXcQP+fTHwYx3Z8wcrOQ4f5YWSarJkGWjysV0H
5zwAoDTlDXrparJYlEKCpq56obA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:48 2024 by rpki-client on console-ams.rpki-client.org