Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2252/C58F8B7AF63A11EAB70A361FC4F9AE02/0C86DB20F63E11EA9FF7B134C4F9AE02.roa
File: 0C86DB20F63E11EA9FF7B134C4F9AE02.roa (raw, json)
Hash identifier: LGdPY3ckWRDElcPnJ+n8ifJt0d/gfnwfqo7UOkQY9Ro=
Subject key identifier: D9:2C:8A:40:96:09:28:A6:85:7A:83:43:6A:72:FC:4B:6E:A5:A8:32
Certificate issuer: /CN=A91B2252/serialNumber=308A0F042371D744E4CB62AB51E904F70CACD37A
Certificate serial: 0737
Authority key identifier: 30:8A:0F:04:23:71:D7:44:E4:CB:62:AB:51:E9:04:F7:0C:AC:D3:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MIoPBCNx10Tky2KrUekE9wys03o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B2252/C58F8B7AF63A11EAB70A361FC4F9AE02/0C86DB20F63E11EA9FF7B134C4F9AE02.roa
Signing time: Sat 10 Aug 2024 21:49:26 +0000
ROA not before: Sat 10 Aug 2024 21:49:26 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 140948
IP address blocks: 103.153.196.0/23 maxlen: 23
103.153.196.0/24 maxlen: 24
103.153.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 31 Aug 2024 11:02:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1847 (0x737)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B2252/serialNumber=308A0F042371D744E4CB62AB51E904F70CACD37A
Validity
Not Before: Aug 10 21:49:26 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66b7e065-7eba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:15:60:51:a8:a0:fd:2b:e3:4f:dc:d4:74:81:
03:17:b2:0b:9f:ed:7b:34:dd:45:dd:c9:03:9e:cf:
22:87:17:a4:a6:ed:7c:25:e1:3c:71:73:fe:0a:65:
31:7a:0b:2c:ab:0e:bc:da:c0:cf:8e:04:df:ae:8e:
2d:03:ac:6a:20:f9:a0:e5:63:1c:ae:19:9f:ac:6c:
58:6b:18:53:cc:63:bf:d4:03:03:82:67:dd:24:88:
3f:12:8b:6a:b6:0b:e1:c0:6a:03:fb:e1:74:5c:04:
cc:4f:25:3d:7b:98:3e:3c:55:c6:f8:59:c5:fc:93:
20:89:69:6a:18:f0:f3:07:78:7e:c2:72:f9:47:3e:
be:d6:03:0f:27:a5:84:d6:fc:fa:8a:7e:2f:8d:57:
d3:da:31:e9:d2:b7:1a:8f:48:73:fc:71:6b:b1:19:
29:be:21:e8:0a:1b:c0:63:d8:3e:bc:08:cb:f4:2f:
d8:22:47:6c:ed:23:0a:48:f5:9b:aa:bd:6d:4e:13:
74:4c:75:9e:4e:07:98:06:2c:22:e7:02:6d:42:e7:
35:cd:83:8c:8e:54:d7:7b:0b:03:82:aa:e9:b7:b2:
ef:02:08:96:1f:d0:a8:3b:23:0f:14:a7:68:a9:10:
a8:cf:6a:74:e2:72:99:6e:f7:fd:ce:56:fa:a6:43:
d6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:2C:8A:40:96:09:28:A6:85:7A:83:43:6A:72:FC:4B:6E:A5:A8:32
X509v3 Authority Key Identifier:
keyid:30:8A:0F:04:23:71:D7:44:E4:CB:62:AB:51:E9:04:F7:0C:AC:D3:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B2252/C58F8B7AF63A11EAB70A361FC4F9AE02/MIoPBCNx10Tky2KrUekE9wys03o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MIoPBCNx10Tky2KrUekE9wys03o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2252/C58F8B7AF63A11EAB70A361FC4F9AE02/0C86DB20F63E11EA9FF7B134C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.153.196.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:f9:60:ac:0f:a3:c0:b0:bd:7c:94:eb:ef:a4:f5:d1:d0:23:
25:8e:5e:25:30:fe:73:45:17:4d:4d:cc:21:63:0a:61:f3:9c:
88:75:52:09:b1:a7:80:2d:f8:90:36:de:61:c6:59:5f:b5:38:
04:fc:92:54:52:cb:ce:b3:68:ee:15:ca:9c:55:b8:a3:dd:db:
16:7f:49:a9:2b:91:7e:ac:c4:55:1f:95:11:87:ea:41:69:84:
29:7c:5d:db:0c:d7:53:b3:4d:a3:68:08:ec:15:fd:11:2c:9c:
7d:86:e3:84:29:48:af:a4:ed:bd:63:8e:ca:e1:f5:12:c7:e4:
cc:bd:60:c1:78:bb:54:5c:c7:1a:97:62:af:10:1f:39:53:a2:
ef:7d:57:a6:be:4e:d9:a2:a3:6e:dc:5e:a3:32:ef:b9:a7:c9:
97:2d:17:95:8a:18:05:20:a3:83:63:57:be:64:70:e1:29:97:
c7:48:c4:d1:16:60:47:a5:21:84:69:eb:83:f2:36:83:a3:80:
f4:5d:46:51:45:1b:63:2b:b4:93:68:aa:fd:d9:3c:f7:84:6a:
a9:5f:69:02:73:7a:01:48:d0:96:36:19:46:25:20:c2:cd:23:
17:41:54:1a:a3:cb:a8:59:e5:d1:fa:56:6a:1d:04:b1:c7:f4:
14:c9:bc:51
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBzcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjIyNTIxMTAvBgNVBAUTKDMwOEEwRjA0MjM3MUQ3NDRFNENCNjJBQjUxRTkwNEY3
MENBQ0QzN0EwHhcNMjQwODEwMjE0OTI2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmI3ZTA2NS03ZWJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqBVgUaig/SvjT9zUdIEDF7ILn+17NN1F3ckDns8ihxekpu18JeE8cXP+CmUx
egssqw682sDPjgTfro4tA6xqIPmg5WMcrhmfrGxYaxhTzGO/1AMDgmfdJIg/Eotq
tgvhwGoD++F0XATMTyU9e5g+PFXG+FnF/JMgiWlqGPDzB3h+wnL5Rz6+1gMPJ6WE
1vz6in4vjVfT2jHp0rcaj0hz/HFrsRkpviHoChvAY9g+vAjL9C/YIkds7SMKSPWb
qr1tThN0THWeTgeYBiwi5wJtQuc1zYOMjlTXewsDgqrpt7LvAgiWH9CoOyMPFKdo
qRCoz2p04nKZbvf9zlb6pkPWNQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNksikCW
CSimhXqDQ2py/EtupagyMB8GA1UdIwQYMBaAFDCKDwQjcddE5Mtiq1HpBPcMrNN6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjI1Mi9DNThGOEI3QUY2
M0ExMUVBQjcwQTM2MUZDNEY5QUUwMi9NSW9QQkNOeDEwVGt5MktyVWVrRTl3eXMw
M28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01Jb1BCQ054MTBUa3kyS3JVZWtFOXd5czAzby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjIyNTIvQzU4RjhCN0FGNjNBMTFFQUI3MEEzNjFGQzRGOUFFMDIvMEM4NkRCMjBG
NjNFMTFFQTlGRjdCMTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmcQwDQYJKoZIhvcNAQELBQADggEBAH/5YKwPo8CwvXyU
6++k9dHQIyWOXiUw/nNFF01NzCFjCmHznIh1Ugmxp4At+JA23mHGWV+1OAT8klRS
y86zaO4VypxVuKPd2xZ/SakrkX6sxFUflRGH6kFphCl8XdsM11OzTaNoCOwV/REs
nH2G44QpSK+k7b1jjsrh9RLH5My9YMF4u1RcxxqXYq8QHzlTou99V6a+Ttmio27c
XqMy77mnyZctF5WKGAUgo4NjV75kcOEpl8dIxNEWYEelIYRp64PyNoOjgPRdRlFF
G2MrtJNoqv3ZPPeEaqlfaQJzegFI0JY2GUYlIMLNIxdBVBqjy6hZ5dH6VmodBLHH
9BTJvFE=
-----END CERTIFICATE-----
Generated at Sat Aug 31 12:13:34 2024 by rpki-client on console-fra.rpki-client.org