Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/02D1B64CF3E611ED97DFEF30C4F9AE02.roa
File: 02D1B64CF3E611ED97DFEF30C4F9AE02.roa (raw, json)
Hash identifier: w8xo85qjPbrrvFy6kSKvi7dWKTYBw/5nrJqRQ7rrkO0=
Subject key identifier: 06:CC:70:77:17:5F:0C:D6:95:C6:63:9B:F8:AA:D8:90:46:D6:C1:DA
Certificate issuer: /CN=A91B9C52/serialNumber=7905553FECA59030D51918372F1EE17274949FB5
Certificate serial: 0485
Authority key identifier: 79:05:55:3F:EC:A5:90:30:D5:19:18:37:2F:1E:E1:72:74:94:9F:B5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/02D1B64CF3E611ED97DFEF30C4F9AE02.roa
Signing time: Thu 01 Aug 2024 01:23:08 +0000
ROA not before: Thu 01 Aug 2024 01:23:08 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 140697
IP address blocks: 103.151.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 03:53:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1157 (0x485)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9C52/serialNumber=7905553FECA59030D51918372F1EE17274949FB5
Validity
Not Before: Aug 1 01:23:08 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=66aae37c-1393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:cc:65:28:6d:62:7a:d2:f9:1b:59:7e:99:82:
fe:ea:b9:6b:4d:54:5c:3a:fb:d3:6d:10:a3:6a:8e:
9f:f1:89:b5:b0:71:8d:4b:bd:ce:f1:81:fd:59:bd:
a2:69:36:20:6c:2e:38:3d:43:62:87:10:89:be:df:
70:26:03:04:5a:06:8e:9d:2c:d6:7b:54:68:73:d3:
d0:4d:bb:ec:40:42:52:f6:ac:03:c7:e0:c7:32:63:
58:69:d1:df:57:f4:f4:36:7a:08:68:54:9e:18:90:
f3:87:a3:24:5b:db:6e:c5:89:1a:4b:e6:d8:72:ad:
d9:4c:c4:f0:7c:46:50:3c:3d:41:23:49:aa:dc:a3:
94:30:b6:a0:59:3a:73:f7:16:ab:5e:45:f0:81:85:
f7:45:bb:3e:f3:f3:c3:9b:71:3c:76:51:dc:0b:f0:
5f:24:15:c3:af:58:b7:ad:49:78:25:7d:ba:38:9f:
b6:23:60:b5:61:26:47:af:fd:ee:bc:3e:29:7a:a0:
cb:18:26:40:8f:7f:4d:1a:7a:37:9b:42:10:df:25:
31:02:e3:a9:46:80:5e:c7:dc:0a:07:8a:24:73:e2:
ac:14:8b:72:c9:da:a4:42:af:87:d8:b6:f4:cf:27:
db:37:7d:f1:0c:2a:be:35:25:65:b4:c7:ae:db:cd:
29:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:CC:70:77:17:5F:0C:D6:95:C6:63:9B:F8:AA:D8:90:46:D6:C1:DA
X509v3 Authority Key Identifier:
keyid:79:05:55:3F:EC:A5:90:30:D5:19:18:37:2F:1E:E1:72:74:94:9F:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/02D1B64CF3E611ED97DFEF30C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.237.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:96:70:27:4b:b5:04:8a:95:49:71:ae:dc:5b:8d:64:3d:76:
11:58:c6:b4:2e:c2:d7:b2:50:46:ef:f5:62:37:89:fc:c1:2e:
a5:4b:31:7d:7a:77:8e:b3:00:a8:83:e9:59:a1:e2:4c:15:dc:
3a:44:16:6c:06:04:48:27:0f:e1:5f:53:b7:18:9d:c1:55:74:
00:cb:5f:91:99:70:5d:71:23:a4:7f:db:fc:c0:2a:f4:97:d8:
9f:c4:4d:e9:66:89:18:cd:88:01:25:8a:70:67:4e:99:c2:bc:
5a:ba:fa:3e:c6:10:b6:5f:0b:cc:62:5d:82:56:6b:70:4e:f2:
20:7c:7d:5f:82:69:78:a9:9c:03:eb:a5:f9:79:0d:a8:db:57:
d1:b0:b4:6e:e9:92:c6:2d:2a:17:89:57:8c:36:ed:bb:4c:58:
72:11:b4:f0:22:5c:0d:41:77:12:e4:92:71:93:54:dc:ba:2c:
23:54:6a:ac:5f:7a:d0:55:38:9d:e9:70:0a:24:eb:bd:d6:43:
32:a7:59:19:cb:79:8e:77:ff:a8:60:49:9b:70:0b:fe:18:62:
60:da:3e:fc:f5:0a:44:af:3e:d4:64:b4:5e:e1:66:8b:df:a3:
6f:97:e5:76:d5:4f:59:30:3a:71:9a:d6:28:e3:c6:cc:7d:65:
90:a0:ac:b3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBIUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlDNTIxMTAvBgNVBAUTKDc5MDU1NTNGRUNBNTkwMzBENTE5MTgzNzJGMUVFMTcy
NzQ5NDlGQjUwHhcNMjQwODAxMDEyMzA4WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFhZTM3Yy0xMzkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2MxlKG1ietL5G1l+mYL+6rlrTVRcOvvTbRCjao6f8Ym1sHGNS73O8YH9Wb2i
aTYgbC44PUNihxCJvt9wJgMEWgaOnSzWe1Roc9PQTbvsQEJS9qwDx+DHMmNYadHf
V/T0NnoIaFSeGJDzh6MkW9tuxYkaS+bYcq3ZTMTwfEZQPD1BI0mq3KOUMLagWTpz
9xarXkXwgYX3Rbs+8/PDm3E8dlHcC/BfJBXDr1i3rUl4JX26OJ+2I2C1YSZHr/3u
vD4peqDLGCZAj39NGno3m0IQ3yUxAuOpRoBex9wKB4okc+KsFItyydqkQq+H2Lb0
zyfbN33xDCq+NSVltMeu280pEQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAbMcHcX
XwzWlcZjm/iq2JBG1sHaMB8GA1UdIwQYMBaAFHkFVT/spZAw1RkYNy8e4XJ0lJ+1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUM1Mi82QjcxNTE2MjBE
N0UxMUVDOUMwQjVGNzVDNEY5QUUwMi9lUVZWUC15bGtERFZHUmczTHg3aGNuU1Vu
N1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VRVlZQLXlsa0REVkdSZzNMeDdoY25TVW43VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlDNTIvNkI3MTUxNjIwRDdFMTFFQzlDMEI1Rjc1QzRGOUFFMDIvMDJEMUI2NENG
M0U2MTFFRDk3REZFRjMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnl+0wDQYJKoZIhvcNAQELBQADggEBAG+WcCdLtQSKlUlx
rtxbjWQ9dhFYxrQuwteyUEbv9WI3ifzBLqVLMX16d46zAKiD6Vmh4kwV3DpEFmwG
BEgnD+FfU7cYncFVdADLX5GZcF1xI6R/2/zAKvSX2J/ETelmiRjNiAElinBnTpnC
vFq6+j7GELZfC8xiXYJWa3BO8iB8fV+CaXipnAPrpfl5DajbV9GwtG7pksYtKheJ
V4w27btMWHIRtPAiXA1BdxLkknGTVNy6LCNUaqxfetBVOJ3pcAok673WQzKnWRnL
eY53/6hgSZtwC/4YYmDaPvz1CkSvPtRktF7hZovfo2+X5XbVT1kwOnGa1ijjxsx9
ZZCgrLM=
-----END CERTIFICATE-----
Generated at Tue Sep 17 06:37:42 2024 by rpki-client on console-ams.rpki-client.org