Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0DAC/0CE1964E4FCA11E9B38BA22BC4F9AE02/BD1534BA46D211ECAF5C2743C4F9AE02.roa
File: BD1534BA46D211ECAF5C2743C4F9AE02.roa (raw, json)
Hash identifier: xF3fHzk9DYd6EdsAu+WdSTL9IPm2n5TpZO4+qLqe2Lw=
Subject key identifier: 58:38:9F:BE:B4:98:E0:13:A6:F9:F5:45:6F:B2:C7:36:7E:C2:89:DB
Certificate issuer: /CN=A91F0DAC/serialNumber=C9277F029C15B337953666F74B9C7E6CB3907F44
Certificate serial: 0F3E
Authority key identifier: C9:27:7F:02:9C:15:B3:37:95:36:66:F7:4B:9C:7E:6C:B3:90:7F:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ySd_ApwVszeVNmb3S5x-bLOQf0Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F0DAC/0CE1964E4FCA11E9B38BA22BC4F9AE02/BD1534BA46D211ECAF5C2743C4F9AE02.roa
Signing time: Tue 16 Apr 2024 18:26:28 +0000
ROA not before: Tue 16 Apr 2024 18:26:27 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 147026
IP address blocks: 103.137.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 10:06:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3902 (0xf3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F0DAC/serialNumber=C9277F029C15B337953666F74B9C7E6CB3907F44
Validity
Not Before: Apr 16 18:26:27 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=661ec2d3-c53a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e1:ed:af:0f:07:e1:78:a3:3e:36:31:e2:7d:
ea:6b:b4:08:ed:a4:07:4b:c7:6b:d9:11:2f:9e:7d:
e2:10:ed:a2:ed:71:4f:77:2f:ec:bc:58:16:d7:c8:
0b:15:63:2c:2a:52:7a:4f:2a:0d:8c:7a:92:e8:40:
73:19:33:7b:c9:d7:0d:47:08:de:da:12:af:c0:ca:
52:68:15:32:cd:96:40:22:27:a0:45:3d:a2:08:77:
92:ae:c3:e7:dc:60:81:83:74:ac:6a:b9:77:90:73:
f5:fb:db:8f:8e:f6:98:2c:9d:6d:68:36:69:fd:20:
93:41:46:ae:20:18:be:c7:01:3a:4a:8d:1d:a7:ef:
71:8d:6e:38:30:64:3d:f0:7b:20:ad:b8:0b:61:21:
f7:18:bd:cd:8d:18:30:02:da:e1:3c:55:4c:01:44:
bd:60:ed:44:cb:01:af:4e:89:a7:dc:72:b4:e2:d2:
4c:8d:53:1f:a3:26:3f:12:b4:dd:df:f9:c8:dd:d6:
29:5b:76:0b:72:ee:db:cc:ae:6b:be:2d:5d:b5:12:
42:9e:51:d7:17:ac:36:34:44:d5:6c:8f:97:ca:6a:
73:00:26:1a:61:d3:3d:66:71:12:fc:12:ed:4b:2a:
9a:9b:fe:d3:52:9c:56:41:68:28:05:5c:08:ec:64:
79:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:38:9F:BE:B4:98:E0:13:A6:F9:F5:45:6F:B2:C7:36:7E:C2:89:DB
X509v3 Authority Key Identifier:
keyid:C9:27:7F:02:9C:15:B3:37:95:36:66:F7:4B:9C:7E:6C:B3:90:7F:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F0DAC/0CE1964E4FCA11E9B38BA22BC4F9AE02/ySd_ApwVszeVNmb3S5x-bLOQf0Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ySd_ApwVszeVNmb3S5x-bLOQf0Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0DAC/0CE1964E4FCA11E9B38BA22BC4F9AE02/BD1534BA46D211ECAF5C2743C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.69.0/24
Signature Algorithm: sha256WithRSAEncryption
68:e3:c5:1d:13:74:09:e3:cf:37:40:37:4a:0b:07:27:c5:f4:
35:6f:a8:ac:72:17:dd:f0:19:62:9e:11:12:4f:0f:ae:84:69:
90:e2:a0:6f:b6:ce:5a:79:42:8f:7f:58:ee:87:d7:3d:2c:2e:
c4:f9:8a:45:2f:51:87:18:95:4a:a2:7d:e6:83:90:dc:5c:11:
d6:e6:5a:a9:f8:46:40:8c:2b:1f:97:25:a0:f3:ac:74:2a:21:
6f:c2:88:da:87:ca:a9:a2:c5:b0:21:63:67:ce:54:c2:7c:30:
4c:a9:b9:59:12:47:70:47:24:34:40:88:67:f6:b7:79:42:ae:
21:2c:dd:c1:a9:54:b7:79:97:95:ce:e9:06:21:ce:1a:51:e8:
2e:56:75:92:54:d5:a1:86:48:e5:26:38:79:4c:9a:d3:09:5d:
fc:82:1d:b9:75:c9:f2:a6:2e:1e:05:d1:e7:20:39:86:cd:65:
7b:de:2b:ac:63:21:fb:a2:e8:e3:5b:79:d4:ed:93:67:bf:03:
04:16:b8:10:6b:fa:6b:34:38:52:16:d5:73:94:98:df:cb:4b:
06:13:e8:3b:09:88:3d:f6:c6:45:7e:36:80:d3:5c:e7:67:cb:
88:40:4e:3d:c1:0e:69:2f:bd:7a:e8:89:7a:68:bc:c9:3b:79:
e8:68:e2:27
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDz4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjBEQUMxMTAvBgNVBAUTKEM5Mjc3RjAyOUMxNUIzMzc5NTM2NjZGNzRCOUM3RTZD
QjM5MDdGNDQwHhcNMjQwNDE2MTgyNjI3WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjFlYzJkMy1jNTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3OHtrw8H4XijPjYx4n3qa7QI7aQHS8dr2REvnn3iEO2i7XFPdy/svFgW18gL
FWMsKlJ6TyoNjHqS6EBzGTN7ydcNRwje2hKvwMpSaBUyzZZAIiegRT2iCHeSrsPn
3GCBg3Ssarl3kHP1+9uPjvaYLJ1taDZp/SCTQUauIBi+xwE6So0dp+9xjW44MGQ9
8HsgrbgLYSH3GL3NjRgwAtrhPFVMAUS9YO1EywGvTomn3HK04tJMjVMfoyY/ErTd
3/nI3dYpW3YLcu7bzK5rvi1dtRJCnlHXF6w2NETVbI+XympzACYaYdM9ZnES/BLt
Syqam/7TUpxWQWgoBVwI7GR5HwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFg4n760
mOATpvn1RW+yxzZ+wonbMB8GA1UdIwQYMBaAFMknfwKcFbM3lTZm90ucfmyzkH9E
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMERBQy8wQ0UxOTY0RTRG
Q0ExMUU5QjM4QkEyMkJDNEY5QUUwMi95U2RfQXB3VnN6ZVZObWIzUzV4LWJMT1Fm
MFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lTZF9BcHdWc3plVk5tYjNTNXgtYkxPUWYwUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjBEQUMvMENFMTk2NEU0RkNBMTFFOUIzOEJBMjJCQzRGOUFFMDIvQkQxNTM0QkE0
NkQyMTFFQ0FGNUMyNzQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABniUUwDQYJKoZIhvcNAQELBQADggEBAGjjxR0TdAnjzzdA
N0oLByfF9DVvqKxyF93wGWKeERJPD66EaZDioG+2zlp5Qo9/WO6H1z0sLsT5ikUv
UYcYlUqifeaDkNxcEdbmWqn4RkCMKx+XJaDzrHQqIW/CiNqHyqmixbAhY2fOVMJ8
MEypuVkSR3BHJDRAiGf2t3lCriEs3cGpVLd5l5XO6QYhzhpR6C5WdZJU1aGGSOUm
OHlMmtMJXfyCHbl1yfKmLh4F0ecgOYbNZXveK6xjIfui6ONbedTtk2e/AwQWuBBr
+ms0OFIW1XOUmN/LSwYT6DsJiD32xkV+NoDTXOdny4hATj3BDmkvvXroiXpovMk7
eeho4ic=
-----END CERTIFICATE-----
Generated at Mon Oct 7 13:25:51 2024 by rpki-client on console-fra.rpki-client.org