Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB09E/47119D00D00B11EBB5890E7BC4F9AE02/D0E99D44FBF411EE80C07F6BC4F9AE02.roa
File: D0E99D44FBF411EE80C07F6BC4F9AE02.roa (raw, json)
Hash identifier: LzHRBFwHNMqoyqX8EEjV5F4NR+GXJ46NKhcjvslEZzI=
Subject key identifier: 03:C7:5C:4D:BA:40:F6:E8:A2:58:71:24:A6:0C:94:13:9E:9E:28:AC
Certificate issuer: /CN=A91CB09E/serialNumber=1760FF71E16BCFEEE7B8D6710D63606799AEF767
Certificate serial: 04EC
Authority key identifier: 17:60:FF:71:E1:6B:CF:EE:E7:B8:D6:71:0D:63:60:67:99:AE:F7:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F2D_ceFrz-7nuNZxDWNgZ5mu92c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB09E/47119D00D00B11EBB5890E7BC4F9AE02/D0E99D44FBF411EE80C07F6BC4F9AE02.roa
Signing time: Wed 15 May 2024 01:36:07 +0000
ROA not before: Wed 15 May 2024 01:36:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 103.136.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 04:23:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1260 (0x4ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB09E/serialNumber=1760FF71E16BCFEEE7B8D6710D63606799AEF767
Validity
Not Before: May 15 01:36:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66441187-ee39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:98:df:7a:75:4b:0c:4f:51:cb:3c:8d:b8:77:
e4:46:8f:a1:d9:d1:fa:e7:b7:38:e7:7d:8b:8f:d0:
71:fe:59:96:f4:32:be:e0:ac:9a:64:da:94:af:90:
f3:df:aa:0f:43:a4:28:b6:bf:00:aa:72:75:07:6e:
d3:b0:cb:db:4d:fe:ef:57:8c:8a:6d:08:29:c9:81:
e8:37:53:e6:84:73:44:7c:37:20:f4:75:d9:a4:1b:
5e:d8:40:a2:a4:86:e5:d3:12:6d:f4:ef:b2:d8:67:
5a:cd:d8:b8:ae:be:11:a5:17:00:1b:36:fb:8a:aa:
e9:3b:9f:09:0f:9f:cc:13:61:18:c4:f5:29:26:67:
c5:05:e6:36:4b:ff:fd:58:56:5f:34:8d:e4:0a:ee:
3b:28:de:67:49:df:37:1e:fd:4a:c7:f1:bc:e6:23:
f7:9e:e1:33:98:15:c6:4f:95:6a:01:32:22:4b:91:
2d:1f:78:54:e4:97:bf:e6:5d:cb:4b:f0:41:56:70:
f5:5a:1f:fb:7e:c2:54:ba:d9:a2:47:9d:7f:4b:1e:
97:00:01:ad:43:3e:e7:54:c8:ee:6a:05:8d:b0:2e:
3b:ba:b7:c9:3c:ab:13:d4:70:22:bf:61:47:75:b1:
52:db:f1:db:f4:f5:e7:ff:fe:c2:55:11:54:33:f3:
8c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:C7:5C:4D:BA:40:F6:E8:A2:58:71:24:A6:0C:94:13:9E:9E:28:AC
X509v3 Authority Key Identifier:
keyid:17:60:FF:71:E1:6B:CF:EE:E7:B8:D6:71:0D:63:60:67:99:AE:F7:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB09E/47119D00D00B11EBB5890E7BC4F9AE02/F2D_ceFrz-7nuNZxDWNgZ5mu92c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F2D_ceFrz-7nuNZxDWNgZ5mu92c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB09E/47119D00D00B11EBB5890E7BC4F9AE02/D0E99D44FBF411EE80C07F6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.149.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:1d:9d:4e:db:3c:4c:cc:3c:55:eb:f8:ae:cd:fb:a7:46:0c:
4b:d5:24:15:e9:f7:68:fa:99:ce:0b:64:52:47:2e:8e:59:aa:
c3:8b:a2:03:c7:28:0d:c4:7f:09:bf:96:ec:eb:59:00:ab:10:
d7:b3:1e:e2:fc:fa:9b:92:4f:53:40:e3:0c:19:98:2f:46:e6:
8e:59:9a:3f:8d:5e:35:31:d0:fa:ee:a9:91:6d:41:f1:39:35:
2a:2c:58:32:a7:c9:4a:63:06:75:f6:80:60:2d:17:27:ce:38:
91:04:ea:7e:5a:c0:e1:54:53:29:1e:60:48:a1:1a:2d:48:5a:
70:bd:29:ff:5a:d4:ff:1d:42:a3:1f:0e:c6:9e:80:13:38:f3:
a8:82:2b:04:a8:0f:ca:c1:e7:16:81:ce:a1:84:36:fc:2f:f9:
09:16:8e:09:f0:c2:57:92:fc:45:8b:78:ed:ea:45:95:c0:b8:
70:ed:8f:90:6a:ad:98:5b:70:87:3b:81:16:d0:03:e7:95:47:
3d:50:1e:c8:9d:96:93:33:b3:6d:32:91:29:8a:a3:ad:1b:51:
54:75:c9:bd:0b:88:bc:71:24:e1:14:03:ec:b7:21:e2:24:2f:
be:02:4f:00:d3:19:b9:82:38:ba:0d:6e:5f:d8:c0:9f:b3:ad:
ff:e0:b4:9c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBOwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0IwOUUxMTAvBgNVBAUTKDE3NjBGRjcxRTE2QkNGRUVFN0I4RDY3MTBENjM2MDY3
OTlBRUY3NjcwHhcNMjQwNTE1MDEzNjA3WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQ0MTE4Ny1lZTM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw5jfenVLDE9RyzyNuHfkRo+h2dH657c4532Lj9Bx/lmW9DK+4KyaZNqUr5Dz
36oPQ6Qotr8AqnJ1B27TsMvbTf7vV4yKbQgpyYHoN1PmhHNEfDcg9HXZpBte2ECi
pIbl0xJt9O+y2Gdazdi4rr4RpRcAGzb7iqrpO58JD5/ME2EYxPUpJmfFBeY2S//9
WFZfNI3kCu47KN5nSd83Hv1Kx/G85iP3nuEzmBXGT5VqATIiS5EtH3hU5Je/5l3L
S/BBVnD1Wh/7fsJUutmiR51/Sx6XAAGtQz7nVMjuagWNsC47urfJPKsT1HAiv2FH
dbFS2/Hb9PXn//7CVRFUM/OMRwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAPHXE26
QPboolhxJKYMlBOeniisMB8GA1UdIwQYMBaAFBdg/3Hha8/u57jWcQ1jYGeZrvdn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjA5RS80NzExOUQwMEQw
MEIxMUVCQjU4OTBFN0JDNEY5QUUwMi9GMkRfY2VGcnotN251Tlp4RFdOZ1o1bXU5
MmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0YyRF9jZUZyei03bnVOWnhEV05nWjVtdTkyYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0IwOUUvNDcxMTlEMDBEMDBCMTFFQkI1ODkwRTdCQzRGOUFFMDIvRDBFOTlENDRG
QkY0MTFFRTgwQzA3RjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABniJUwDQYJKoZIhvcNAQELBQADggEBAC0dnU7bPEzMPFXr
+K7N+6dGDEvVJBXp92j6mc4LZFJHLo5ZqsOLogPHKA3Efwm/luzrWQCrENezHuL8
+puST1NA4wwZmC9G5o5Zmj+NXjUx0PruqZFtQfE5NSosWDKnyUpjBnX2gGAtFyfO
OJEE6n5awOFUUykeYEihGi1IWnC9Kf9a1P8dQqMfDsaegBM486iCKwSoD8rB5xaB
zqGENvwv+QkWjgnwwleS/EWLeO3qRZXAuHDtj5BqrZhbcIc7gRbQA+eVRz1QHsid
lpMzs20ykSmKo60bUVR1yb0LiLxxJOEUA+y3IeIkL74CTwDTGbmCOLoNbl/YwJ+z
rf/gtJw=
-----END CERTIFICATE-----
Generated at Tue Nov 19 06:52:20 2024 by rpki-client on console-ams.rpki-client.org