Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB09E/47119D00D00B11EBB5890E7BC4F9AE02/D05B0C5AFBF411EE80C07F6BC4F9AE02.roa
File: D05B0C5AFBF411EE80C07F6BC4F9AE02.roa (raw, json)
Hash identifier: eoQQcNEMzAZDQPI33PYM4D3oxb13IG85U6gKb4hywOA=
Subject key identifier: D8:B4:08:65:22:2D:65:64:79:F9:85:76:8A:C3:DD:D8:F5:6C:58:F6
Certificate issuer: /CN=A91CB09E/serialNumber=1760FF71E16BCFEEE7B8D6710D63606799AEF767
Certificate serial: 04EA
Authority key identifier: 17:60:FF:71:E1:6B:CF:EE:E7:B8:D6:71:0D:63:60:67:99:AE:F7:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F2D_ceFrz-7nuNZxDWNgZ5mu92c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB09E/47119D00D00B11EBB5890E7BC4F9AE02/D05B0C5AFBF411EE80C07F6BC4F9AE02.roa
Signing time: Wed 15 May 2024 01:36:06 +0000
ROA not before: Wed 15 May 2024 01:36:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 103.136.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 04:23:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1258 (0x4ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB09E/serialNumber=1760FF71E16BCFEEE7B8D6710D63606799AEF767
Validity
Not Before: May 15 01:36:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66441185-9715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:0a:2b:8b:d7:9a:44:53:40:4d:23:03:53:f4:
7b:17:1f:e6:cf:c3:91:60:08:70:af:4b:df:a3:37:
0d:69:a4:0c:ed:37:bd:c8:81:37:85:20:ec:94:29:
f4:54:e8:a5:66:45:2a:c5:78:26:4b:5b:45:45:45:
f6:ac:39:be:a7:62:41:d9:c1:ba:54:ee:7e:8c:86:
84:84:4e:bc:22:a7:11:9f:4b:d9:f1:70:1f:3d:eb:
49:bf:2e:b6:55:31:67:27:aa:7e:65:b6:30:4a:51:
27:a8:18:1a:b7:a3:6f:3a:9d:f6:5d:90:d5:59:78:
c8:e8:55:d4:58:ae:9b:86:6f:60:25:c4:43:65:0f:
8a:93:d7:42:a4:55:40:7a:fb:39:dc:9f:7e:4f:ff:
27:9d:5b:17:c9:9a:fb:34:88:15:4f:37:02:47:9d:
45:20:91:56:de:d2:a4:f8:22:0f:f1:e7:36:fa:86:
d7:c5:a2:4e:6c:1b:4f:33:b2:a7:10:c9:92:48:60:
6b:04:f7:6d:2a:cb:f4:3d:cf:0b:1b:99:f7:29:08:
0f:b4:87:f4:ef:b8:34:7d:7e:fc:92:6a:a8:c5:c6:
43:4a:bd:1d:83:bf:15:7e:0e:3e:a7:09:af:29:51:
80:4b:34:0b:c3:bb:70:75:c7:e0:78:83:da:f0:30:
df:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B4:08:65:22:2D:65:64:79:F9:85:76:8A:C3:DD:D8:F5:6C:58:F6
X509v3 Authority Key Identifier:
keyid:17:60:FF:71:E1:6B:CF:EE:E7:B8:D6:71:0D:63:60:67:99:AE:F7:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB09E/47119D00D00B11EBB5890E7BC4F9AE02/F2D_ceFrz-7nuNZxDWNgZ5mu92c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F2D_ceFrz-7nuNZxDWNgZ5mu92c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB09E/47119D00D00B11EBB5890E7BC4F9AE02/D05B0C5AFBF411EE80C07F6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.149.0/24
Signature Algorithm: sha256WithRSAEncryption
44:8f:86:59:d7:d0:2e:4f:29:71:ca:94:a9:1a:d7:ad:52:15:
68:18:47:95:fa:9c:dd:df:6b:c7:7d:37:ba:9b:04:cb:b4:cf:
97:27:46:4e:c0:dc:97:bf:10:02:13:74:f4:f1:16:fc:15:7e:
9a:f3:7d:36:52:73:42:cf:77:ca:d5:16:41:1b:fc:b0:06:e5:
01:87:e7:1c:27:c8:25:59:7a:f3:a4:3b:c6:c7:3b:1d:b9:6b:
65:dd:9b:c7:b0:1e:f2:21:7d:3f:b2:fe:01:81:9f:42:c3:2b:
89:61:89:ed:6e:dc:60:4e:13:8f:76:50:c0:47:71:b0:3a:e2:
6b:0d:70:3d:e8:d2:59:7c:59:21:19:a4:67:01:0a:81:eb:3e:
80:bb:e5:1b:ba:83:5e:97:e5:f6:7e:bd:75:bd:d3:87:2a:9f:
aa:fb:8c:7a:f5:24:be:9b:30:ca:82:c9:63:63:db:c9:e4:73:
8d:12:c8:3b:a5:99:b8:53:13:5d:58:34:d3:0c:24:61:70:95:
32:e5:21:29:97:91:bc:14:cb:0d:82:bb:03:c2:7e:1f:2a:d7:
18:04:a8:42:83:a2:94:65:25:27:d2:c2:c6:d0:a2:f6:bd:1b:
de:51:37:fc:48:75:0e:f8:a0:ab:00:fc:56:62:7a:40:26:5c:
f7:53:0f:ec
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBOowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0IwOUUxMTAvBgNVBAUTKDE3NjBGRjcxRTE2QkNGRUVFN0I4RDY3MTBENjM2MDY3
OTlBRUY3NjcwHhcNMjQwNTE1MDEzNjA2WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQ0MTE4NS05NzE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzgori9eaRFNATSMDU/R7Fx/mz8ORYAhwr0vfozcNaaQM7Te9yIE3hSDslCn0
VOilZkUqxXgmS1tFRUX2rDm+p2JB2cG6VO5+jIaEhE68IqcRn0vZ8XAfPetJvy62
VTFnJ6p+ZbYwSlEnqBgat6NvOp32XZDVWXjI6FXUWK6bhm9gJcRDZQ+Kk9dCpFVA
evs53J9+T/8nnVsXyZr7NIgVTzcCR51FIJFW3tKk+CIP8ec2+obXxaJObBtPM7Kn
EMmSSGBrBPdtKsv0Pc8LG5n3KQgPtIf077g0fX78kmqoxcZDSr0dg78Vfg4+pwmv
KVGASzQLw7twdcfgeIPa8DDfxwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNi0CGUi
LWVkefmFdorD3dj1bFj2MB8GA1UdIwQYMBaAFBdg/3Hha8/u57jWcQ1jYGeZrvdn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjA5RS80NzExOUQwMEQw
MEIxMUVCQjU4OTBFN0JDNEY5QUUwMi9GMkRfY2VGcnotN251Tlp4RFdOZ1o1bXU5
MmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0YyRF9jZUZyei03bnVOWnhEV05nWjVtdTkyYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0IwOUUvNDcxMTlEMDBEMDBCMTFFQkI1ODkwRTdCQzRGOUFFMDIvRDA1QjBDNUFG
QkY0MTFFRTgwQzA3RjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABniJUwDQYJKoZIhvcNAQELBQADggEBAESPhlnX0C5PKXHK
lKka161SFWgYR5X6nN3fa8d9N7qbBMu0z5cnRk7A3Je/EAITdPTxFvwVfprzfTZS
c0LPd8rVFkEb/LAG5QGH5xwnyCVZevOkO8bHOx25a2Xdm8ewHvIhfT+y/gGBn0LD
K4lhie1u3GBOE492UMBHcbA64msNcD3o0ll8WSEZpGcBCoHrPoC75Ru6g16X5fZ+
vXW904cqn6r7jHr1JL6bMMqCyWNj28nkc40SyDulmbhTE11YNNMMJGFwlTLlISmX
kbwUyw2CuwPCfh8q1xgEqEKDopRlJSfSwsbQova9G95RN/xIdQ74oKsA/FZiekAm
XPdTD+w=
-----END CERTIFICATE-----
Generated at Tue Nov 19 06:55:14 2024 by rpki-client on console-fra.rpki-client.org