Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919BC76/F1AD3E3EE8BB11ED8538DA1FC4F9AE02/554B65DEE8C011EDADA54A23C4F9AE02.roa
File: 554B65DEE8C011EDADA54A23C4F9AE02.roa (raw, json)
Hash identifier: oY4b6sG3+w3/fTRfukBEi4QnAg+DsXzexCN7+m+nk0E=
Subject key identifier: 36:BE:AC:7B:47:2B:BC:5B:AA:15:27:79:90:64:17:86:C1:DA:80:C7
Certificate issuer: /CN=A919BC76/serialNumber=87A12E75149B3D8A4D272A13093EF6AC9B252CF3
Certificate serial: 02
Authority key identifier: 87:A1:2E:75:14:9B:3D:8A:4D:27:2A:13:09:3E:F6:AC:9B:25:2C:F3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h6EudRSbPYpNJyoTCT72rJslLPM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919BC76/F1AD3E3EE8BB11ED8538DA1FC4F9AE02/554B65DEE8C011EDADA54A23C4F9AE02.roa
Signing time: Tue 02 May 2023 08:07:08 +0000
ROA not before: Tue 02 May 2023 08:07:08 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 151200
IP address blocks: 103.69.76.0/23 maxlen: 23
103.69.76.0/24 maxlen: 24
103.69.77.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 08:14:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919BC76/serialNumber=87A12E75149B3D8A4D272A13093EF6AC9B252CF3
Validity
Not Before: May 2 08:07:08 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6450c4ac-1979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:28:3a:4f:42:aa:9c:98:fb:3c:e3:7c:b4:4e:
0b:7e:5c:ae:b5:33:8d:47:30:4a:1a:fb:48:32:0f:
f8:cc:21:db:20:ac:97:da:77:8c:4f:0a:e6:69:c5:
ba:47:17:f8:b5:c5:d5:72:31:c4:1a:7a:89:63:50:
3e:ee:28:98:9d:05:4b:d9:df:63:d3:02:78:fe:eb:
51:c2:07:9d:be:05:22:2b:33:e9:b2:52:92:94:e4:
b1:a6:81:eb:27:b1:bc:b9:49:cd:39:25:4a:74:3f:
7d:b2:28:55:a6:dc:67:f3:31:51:76:b5:e3:2f:3f:
15:e7:e9:e3:64:ff:d3:c2:0c:35:54:e9:dd:a0:60:
e1:68:25:ac:e7:ee:05:7e:6f:e3:ce:51:8e:71:d7:
46:56:48:1f:ba:62:57:be:e4:81:81:9e:a3:0d:19:
b8:36:22:c9:30:07:3d:aa:84:c0:e0:4c:38:85:0e:
c6:4f:30:51:0b:57:02:52:fd:14:74:bf:8a:e5:53:
84:1d:e9:98:02:89:a6:83:f2:db:96:9e:95:b5:ca:
56:18:e2:5a:d5:0e:de:f2:5b:ae:fe:bf:97:7e:39:
5e:2a:91:e4:d0:ca:36:da:18:39:31:22:7c:37:15:
06:08:21:41:bc:fb:12:aa:02:29:57:b1:af:f4:e9:
a3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:BE:AC:7B:47:2B:BC:5B:AA:15:27:79:90:64:17:86:C1:DA:80:C7
X509v3 Authority Key Identifier:
keyid:87:A1:2E:75:14:9B:3D:8A:4D:27:2A:13:09:3E:F6:AC:9B:25:2C:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919BC76/F1AD3E3EE8BB11ED8538DA1FC4F9AE02/h6EudRSbPYpNJyoTCT72rJslLPM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h6EudRSbPYpNJyoTCT72rJslLPM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919BC76/F1AD3E3EE8BB11ED8538DA1FC4F9AE02/554B65DEE8C011EDADA54A23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.69.76.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:a0:d7:e7:0a:9d:99:1f:95:c7:68:d4:12:80:a9:aa:5d:00:
29:04:6d:14:a2:76:a8:72:d0:9e:9e:f7:5e:66:c9:a8:6c:c5:
cb:fc:42:9f:b8:fb:da:0f:02:e3:8a:26:0d:57:a6:7f:af:81:
41:ee:77:f2:b5:d7:a8:b9:1c:1f:f6:97:ed:20:7b:e5:16:5a:
cb:9f:31:a2:7c:5d:01:70:c6:fa:52:4f:4a:52:ec:4d:ae:28:
aa:20:e5:1e:3d:b5:50:04:31:92:7a:48:a0:f3:f0:f9:d5:19:
73:53:32:bb:c3:20:3c:d8:ff:10:c2:32:16:1f:f1:5d:0a:41:
cf:aa:e8:60:ab:0d:0a:4c:fc:e0:c6:c5:ca:71:ee:1a:ed:60:
0d:ea:d8:7b:29:14:60:fa:e0:2a:42:09:37:21:68:84:1a:d9:
51:5e:f8:f3:5d:0f:6c:de:d3:44:3e:ea:10:5c:e1:d0:ad:2a:
6d:2d:97:0f:56:c6:45:f6:30:34:97:81:4a:f5:b4:93:c5:61:
6b:96:c0:d7:08:ee:83:06:36:af:c7:30:f8:b6:83:28:96:7e:
a2:e7:e4:9b:c5:cc:72:a7:3c:dd:ec:5c:e3:bb:94:93:14:ae:
a7:04:06:43:bf:e9:c5:1b:4d:a3:23:b0:a4:9c:fc:fe:10:42:
74:af:ae:4b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
QkM3NjExMC8GA1UEBRMoODdBMTJFNzUxNDlCM0Q4QTREMjcyQTEzMDkzRUY2QUM5
QjI1MkNGMzAeFw0yMzA1MDIwODA3MDhaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NTBjNGFjLTE5NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCjKDpPQqqcmPs843y0Tgt+XK61M41HMEoa+0gyD/jMIdsgrJfad4xPCuZpxbpH
F/i1xdVyMcQaeoljUD7uKJidBUvZ32PTAnj+61HCB52+BSIrM+myUpKU5LGmgesn
sby5Sc05JUp0P32yKFWm3GfzMVF2teMvPxXn6eNk/9PCDDVU6d2gYOFoJazn7gV+
b+POUY5x10ZWSB+6Yle+5IGBnqMNGbg2IskwBz2qhMDgTDiFDsZPMFELVwJS/RR0
v4rlU4Qd6ZgCiaaD8tuWnpW1ylYY4lrVDt7yW67+v5d+OV4qkeTQyjbaGDkxInw3
FQYIIUG8+xKqAilXsa/06aOlAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUNr6se0cr
vFuqFSd5kGQXhsHagMcwHwYDVR0jBBgwFoAUh6EudRSbPYpNJyoTCT72rJslLPMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlCQzc2L0YxQUQzRTNFRThC
QjExRUQ4NTM4REExRkM0RjlBRTAyL2g2RXVkUlNiUFlwTkp5b1RDVDcyckpzbExQ
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaDZFdWRSU2JQWXBOSnlvVENUNzJySnNsTFBNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
QkM3Ni9GMUFEM0UzRUU4QkIxMUVEODUzOERBMUZDNEY5QUUwMi81NTRCNjVERUU4
QzAxMUVEQURBNTRBMjNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWdFTDANBgkqhkiG9w0BAQsFAAOCAQEAsaDX5wqdmR+Vx2jU
EoCpql0AKQRtFKJ2qHLQnp73XmbJqGzFy/xCn7j72g8C44omDVemf6+BQe538rXX
qLkcH/aX7SB75RZay58xonxdAXDG+lJPSlLsTa4oqiDlHj21UAQxknpIoPPw+dUZ
c1Myu8MgPNj/EMIyFh/xXQpBz6roYKsNCkz84MbFynHuGu1gDerYeykUYPrgKkIJ
NyFohBrZUV74810PbN7TRD7qEFzh0K0qbS2XD1bGRfYwNJeBSvW0k8Vha5bA1wju
gwY2r8cw+LaDKJZ+oufkm8XMcqc83exc47uUkxSupwQGQ7/pxRtNoyOwpJz8/hBC
dK+uSw==
-----END CERTIFICATE-----
Generated at Wed Feb 21 08:49:08 2024 by rpki-client on console-ams.rpki-client.org