Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/A7CFD2B04AC511EE8B5A9C70C4F9AE02.roa
File: A7CFD2B04AC511EE8B5A9C70C4F9AE02.roa (raw, json)
Hash identifier: HWOQvz2rxVgvKzII375q6f+EZOq2QdL6Vaz2JnjWd6s=
Subject key identifier: 52:F1:9A:1E:A5:5A:B4:EA:56:06:9E:D8:0A:AF:B3:09:F0:23:F3:FC
Certificate issuer: /CN=A91BB07D/serialNumber=D4310690DCEB7EE4A18DA3579ACAD174818646A3
Certificate serial: 02
Authority key identifier: D4:31:06:90:DC:EB:7E:E4:A1:8D:A3:57:9A:CA:D1:74:81:86:46:A3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1DEGkNzrfuShjaNXmsrRdIGGRqM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/A7CFD2B04AC511EE8B5A9C70C4F9AE02.roa
Signing time: Mon 04 Sep 2023 01:52:08 +0000
ROA not before: Mon 04 Sep 2023 01:52:08 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 136156
IP address blocks: 103.117.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Oct 2023 02:57:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BB07D/serialNumber=D4310690DCEB7EE4A18DA3579ACAD174818646A3
Validity
Not Before: Sep 4 01:52:08 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64f53848-0c4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a8:22:bb:51:02:f1:21:56:5e:6d:f1:2b:d1:
a1:23:13:ae:f9:13:c2:fe:4e:fc:04:db:a7:27:c9:
28:e4:23:ca:ec:8e:26:1a:89:ff:7d:7d:44:3e:35:
cc:3d:62:b8:05:55:18:de:24:01:a2:68:88:2d:28:
0c:80:4c:24:48:b2:9f:77:47:6d:0b:af:f0:d3:04:
ae:1e:76:c5:66:99:fa:74:04:cc:47:18:89:fa:4c:
e1:b3:89:b8:89:91:d7:cc:01:9c:9a:e5:9d:8b:42:
15:47:6d:cf:c0:73:55:3b:4e:ee:05:f2:39:8a:2f:
4e:0e:2a:97:27:4c:07:79:82:7a:fc:4a:6c:d1:34:
ed:24:c5:ae:0e:18:bd:c1:59:8c:d1:ae:82:60:44:
86:0f:e7:84:cf:b1:c0:41:f4:ca:11:00:b9:27:eb:
4e:f5:4e:0b:5e:ff:1e:12:de:8d:8f:97:65:f8:c5:
1e:10:84:fc:44:08:a7:b7:ad:e1:31:10:2e:10:0a:
3b:ba:e8:fc:b0:76:3f:8a:48:ed:46:f0:9b:0b:85:
ed:cc:09:de:fa:cd:9c:b6:23:ac:9e:7c:d0:b5:e2:
4b:7e:21:7f:a9:7a:e1:1a:0d:05:35:73:b7:2f:6b:
a4:13:44:ab:fa:f4:f9:f4:c0:37:8b:76:ea:09:3a:
e4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:F1:9A:1E:A5:5A:B4:EA:56:06:9E:D8:0A:AF:B3:09:F0:23:F3:FC
X509v3 Authority Key Identifier:
keyid:D4:31:06:90:DC:EB:7E:E4:A1:8D:A3:57:9A:CA:D1:74:81:86:46:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/1DEGkNzrfuShjaNXmsrRdIGGRqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1DEGkNzrfuShjaNXmsrRdIGGRqM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/A7CFD2B04AC511EE8B5A9C70C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.117.139.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:91:20:d6:83:dd:2e:dc:a1:24:a3:ad:57:aa:4e:46:21:4e:
30:2d:bd:fa:d4:57:6a:91:e9:e3:a8:4c:cb:b4:29:ca:e4:84:
a5:8b:a7:d8:35:75:80:9f:5c:3e:b3:7b:2f:8f:b9:98:e6:00:
fa:69:7c:8e:00:79:ef:1f:91:c2:1c:76:a3:17:b5:69:74:24:
86:3b:b5:81:7a:80:08:d4:f9:93:23:5d:ac:5b:23:8c:88:b0:
8d:3f:5f:1e:76:76:99:73:f0:cf:8b:2d:fb:53:64:54:3e:bb:
4a:55:97:3f:3b:fd:f4:d7:fc:90:4f:01:e7:f1:32:66:c3:0d:
21:9e:95:e9:33:98:67:61:82:89:ca:0d:9d:a7:5b:0b:73:f4:
38:b3:66:71:a7:4c:94:f3:27:43:02:da:f7:b0:0f:a7:24:cc:
03:b7:3a:e7:32:66:9a:03:17:d8:d7:9b:3b:69:9e:a3:5e:3c:
df:d1:79:b5:ea:1d:17:98:b3:85:e7:f0:46:b3:81:d2:a6:45:
8f:a5:43:ad:18:0c:0d:bb:ea:78:6f:ef:f0:57:e4:b9:e6:55:
0d:89:6f:a6:ab:86:10:eb:ac:b2:ee:ac:f1:33:c7:f5:3d:7e:
8b:b7:ad:11:9b:30:8d:f8:5a:2f:39:a7:f5:b6:c9:de:bc:26:
7f:c1:d8:2f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
QjA3RDExMC8GA1UEBRMoRDQzMTA2OTBEQ0VCN0VFNEExOERBMzU3OUFDQUQxNzQ4
MTg2NDZBMzAeFw0yMzA5MDQwMTUyMDhaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZjUzODQ4LTBjNGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQqCK7UQLxIVZebfEr0aEjE675E8L+TvwE26cnySjkI8rsjiYaif99fUQ+Ncw9
YrgFVRjeJAGiaIgtKAyATCRIsp93R20Lr/DTBK4edsVmmfp0BMxHGIn6TOGzibiJ
kdfMAZya5Z2LQhVHbc/Ac1U7Tu4F8jmKL04OKpcnTAd5gnr8SmzRNO0kxa4OGL3B
WYzRroJgRIYP54TPscBB9MoRALkn6071Tgte/x4S3o2Pl2X4xR4QhPxECKe3reEx
EC4QCju66Pywdj+KSO1G8JsLhe3MCd76zZy2I6yefNC14kt+IX+peuEaDQU1c7cv
a6QTRKv69Pn0wDeLduoJOuQVAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUUvGaHqVa
tOpWBp7YCq+zCfAj8/wwHwYDVR0jBBgwFoAU1DEGkNzrfuShjaNXmsrRdIGGRqMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJCMDdEL0U5QjQ4NTNDNEFD
NDExRUU5ODM5Mzg2RkM0RjlBRTAyLzFERUdrTnpyZnVTaGphTlhtc3JSZElHR1Jx
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMURFR2tOenJmdVNoamFOWG1zclJkSUdHUnFNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
QjA3RC9FOUI0ODUzQzRBQzQxMUVFOTgzOTM4NkZDNEY5QUUwMi9BN0NGRDJCMDRB
QzUxMUVFOEI1QTlDNzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGd1izANBgkqhkiG9w0BAQsFAAOCAQEAX5Eg1oPdLtyhJKOt
V6pORiFOMC29+tRXapHp46hMy7QpyuSEpYun2DV1gJ9cPrN7L4+5mOYA+ml8jgB5
7x+Rwhx2oxe1aXQkhju1gXqACNT5kyNdrFsjjIiwjT9fHnZ2mXPwz4st+1NkVD67
SlWXPzv99Nf8kE8B5/EyZsMNIZ6V6TOYZ2GCicoNnadbC3P0OLNmcadMlPMnQwLa
97APpyTMA7c65zJmmgMX2NebO2meo14839F5teodF5izhefwRrOB0qZFj6VDrRgM
DbvqeG/v8FfkueZVDYlvpquGEOussu6s8TPH9T1+i7etEZswjfhaLzmn9bbJ3rwm
f8HYLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:58 2024 by rpki-client on console-ams.rpki-client.org