Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2252/C58F8B7AF63A11EAB70A361FC4F9AE02/9EB9FB2A678811EF8EAEC96EC4F9AE02.roa
File: 9EB9FB2A678811EF8EAEC96EC4F9AE02.roa (raw, json)
Hash identifier: LbBDRXnC0LmBqYYUWUMOWrGYDzk0YtXnRZrDGBj+4z8=
Subject key identifier: 49:A1:14:CE:69:93:92:DD:AF:33:7E:B7:A9:01:CE:AC:CD:C9:C0:0C
Certificate issuer: /CN=A91B2252/serialNumber=308A0F042371D744E4CB62AB51E904F70CACD37A
Certificate serial: 0745
Authority key identifier: 30:8A:0F:04:23:71:D7:44:E4:CB:62:AB:51:E9:04:F7:0C:AC:D3:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MIoPBCNx10Tky2KrUekE9wys03o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B2252/C58F8B7AF63A11EAB70A361FC4F9AE02/9EB9FB2A678811EF8EAEC96EC4F9AE02.roa
Signing time: Sat 31 Aug 2024 11:03:15 +0000
ROA not before: Sat 31 Aug 2024 11:03:15 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 137080
IP address blocks: 103.153.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Nov 2024 15:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1861 (0x745)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B2252/serialNumber=308A0F042371D744E4CB62AB51E904F70CACD37A
Validity
Not Before: Aug 31 11:03:15 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66d2f873-782b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:57:14:7e:72:11:6c:3c:e0:51:c7:b1:62:9d:
e6:08:d5:10:29:23:f6:df:70:4c:28:cb:75:26:3e:
72:1e:f3:b3:1c:09:70:de:bc:80:88:04:7f:b2:10:
fe:bc:ce:b0:6a:a4:a9:98:15:8a:df:9f:14:95:dd:
56:94:4d:ee:e3:d2:b9:43:99:17:d4:40:f3:8e:a8:
74:69:20:70:a8:38:04:0f:66:b1:00:42:3f:7b:02:
6e:80:25:e7:19:7d:90:a7:67:8e:63:23:9e:28:b2:
c8:15:f3:60:5d:a7:58:c4:0b:c6:62:be:85:f3:4f:
28:35:84:b8:84:84:b5:28:b5:e6:6f:22:57:a3:3b:
59:b3:98:4e:55:a2:80:0d:7b:a6:a3:d7:83:a9:8e:
5e:f8:1a:9d:c1:b3:df:34:93:13:74:fc:5c:a1:c8:
2f:f4:9b:bc:8d:ea:e4:f7:ba:4a:5b:63:22:3a:a6:
90:97:c6:e1:5d:cb:a4:a5:6d:2e:e9:77:c5:2c:fd:
55:b4:31:bc:88:88:98:ed:11:db:0a:62:74:7c:e3:
bb:84:85:c9:0c:ca:d0:26:e6:71:69:0c:e1:5c:95:
92:d1:bb:f8:ab:34:f5:9e:91:fd:8d:33:1a:39:3c:
9b:72:a4:7e:02:69:f6:db:f9:56:82:50:78:f6:6d:
6d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:A1:14:CE:69:93:92:DD:AF:33:7E:B7:A9:01:CE:AC:CD:C9:C0:0C
X509v3 Authority Key Identifier:
keyid:30:8A:0F:04:23:71:D7:44:E4:CB:62:AB:51:E9:04:F7:0C:AC:D3:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B2252/C58F8B7AF63A11EAB70A361FC4F9AE02/MIoPBCNx10Tky2KrUekE9wys03o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MIoPBCNx10Tky2KrUekE9wys03o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2252/C58F8B7AF63A11EAB70A361FC4F9AE02/9EB9FB2A678811EF8EAEC96EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.153.197.0/24
Signature Algorithm: sha256WithRSAEncryption
98:27:6d:dc:be:a5:ce:f1:ed:c3:f5:c6:30:26:89:d4:e4:39:
ca:cc:a1:8a:94:d6:4a:63:2f:8a:cd:23:99:5c:73:28:ef:62:
46:08:ab:87:4a:5a:b0:7b:47:9f:bf:d6:5f:3d:f8:96:fc:d9:
ae:e6:16:8f:85:38:17:c9:d3:64:76:d3:6c:85:e5:16:cf:13:
1c:ff:4b:72:a2:6c:73:0f:07:f5:75:60:dc:4d:1b:5a:75:5f:
d6:30:99:11:af:b5:2f:81:aa:23:84:3f:0e:1c:f2:20:18:3d:
b2:e8:c5:e6:5d:55:c8:8c:2f:bd:9a:9b:32:eb:07:97:f0:3d:
76:64:5f:41:f1:2b:5e:b0:b4:8c:cf:21:25:da:ae:08:79:aa:
25:96:bf:14:0e:c5:b3:b9:fd:99:fc:f8:b6:d2:58:d5:75:c1:
20:cf:3f:d3:4f:ce:d9:6e:d8:f6:7c:f8:8b:e1:d6:58:71:59:
b6:6e:b3:26:68:3a:36:6f:d3:86:67:c9:6a:dc:5c:1b:67:89:
f1:71:ae:48:96:49:06:85:5a:07:8d:c1:4d:c6:3f:19:07:b8:
0e:b1:09:20:13:fe:1b:87:8d:60:85:d7:98:a5:56:81:b9:9b:
6f:c1:d1:74:e5:62:19:ba:c3:0d:29:96:dd:73:27:02:6e:c9:
bc:7f:79:d5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB0UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjIyNTIxMTAvBgNVBAUTKDMwOEEwRjA0MjM3MUQ3NDRFNENCNjJBQjUxRTkwNEY3
MENBQ0QzN0EwHhcNMjQwODMxMTEwMzE1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQyZjg3My03ODJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuFcUfnIRbDzgUcexYp3mCNUQKSP233BMKMt1Jj5yHvOzHAlw3ryAiAR/shD+
vM6waqSpmBWK358Uld1WlE3u49K5Q5kX1EDzjqh0aSBwqDgED2axAEI/ewJugCXn
GX2Qp2eOYyOeKLLIFfNgXadYxAvGYr6F808oNYS4hIS1KLXmbyJXoztZs5hOVaKA
DXumo9eDqY5e+BqdwbPfNJMTdPxcocgv9Ju8jerk97pKW2MiOqaQl8bhXcukpW0u
6XfFLP1VtDG8iIiY7RHbCmJ0fOO7hIXJDMrQJuZxaQzhXJWS0bv4qzT1npH9jTMa
OTybcqR+Amn22/lWglB49m1t/QIDAQABo4IClTCCApEwHQYDVR0OBBYEFEmhFM5p
k5LdrzN+t6kBzqzNycAMMB8GA1UdIwQYMBaAFDCKDwQjcddE5Mtiq1HpBPcMrNN6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjI1Mi9DNThGOEI3QUY2
M0ExMUVBQjcwQTM2MUZDNEY5QUUwMi9NSW9QQkNOeDEwVGt5MktyVWVrRTl3eXMw
M28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01Jb1BCQ054MTBUa3kyS3JVZWtFOXd5czAzby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjIyNTIvQzU4RjhCN0FGNjNBMTFFQUI3MEEzNjFGQzRGOUFFMDIvOUVCOUZCMkE2
Nzg4MTFFRjhFQUVDOTZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnmcUwDQYJKoZIhvcNAQELBQADggEBAJgnbdy+pc7x7cP1
xjAmidTkOcrMoYqU1kpjL4rNI5lccyjvYkYIq4dKWrB7R5+/1l89+Jb82a7mFo+F
OBfJ02R202yF5RbPExz/S3KibHMPB/V1YNxNG1p1X9YwmRGvtS+BqiOEPw4c8iAY
PbLoxeZdVciML72amzLrB5fwPXZkX0HxK16wtIzPISXargh5qiWWvxQOxbO5/Zn8
+LbSWNV1wSDPP9NPztlu2PZ8+Ivh1lhxWbZusyZoOjZv04ZnyWrcXBtnifFxrkiW
SQaFWgeNwU3GPxkHuA6xCSAT/huHjWCF15ilVoG5m2/B0XTlYhm6ww0plt1zJwJu
ybx/edU=
-----END CERTIFICATE-----
Generated at Wed Nov 6 18:35:51 2024 by rpki-client on console-fra.rpki-client.org