Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9112DEF/18F6987CB3D511ECB3A0A882C4F9AE02/E386F672068711EDA1C2070DC4F9AE02.roa
File: E386F672068711EDA1C2070DC4F9AE02.roa (raw, json)
Hash identifier: CMDKlLTSy2geZVwwTHjEqDOkazF+DiFR+I2jQwUWhQY=
Subject key identifier: C7:47:1F:6E:20:07:28:3B:12:7B:52:A8:D6:9D:15:9B:72:AF:8A:C6
Certificate issuer: /CN=A9112DEF/serialNumber=E3EB954B44721E411AAF0938310CC103EA4C8BB4
Certificate serial: 02F5
Authority key identifier: E3:EB:95:4B:44:72:1E:41:1A:AF:09:38:31:0C:C1:03:EA:4C:8B:B4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4-uVS0RyHkEarwk4MQzBA-pMi7Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9112DEF/18F6987CB3D511ECB3A0A882C4F9AE02/E386F672068711EDA1C2070DC4F9AE02.roa
Signing time: Tue 24 Sep 2024 08:13:33 +0000
ROA not before: Tue 24 Sep 2024 08:13:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 140674
IP address blocks: 103.185.224.0/24 maxlen: 24
103.185.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 09:44:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 757 (0x2f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9112DEF/serialNumber=E3EB954B44721E411AAF0938310CC103EA4C8BB4
Validity
Not Before: Sep 24 08:13:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66f274ad-238e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:52:60:77:17:27:83:45:66:37:4a:8e:74:41:
90:05:cb:4c:da:df:ff:6d:bb:62:b2:74:ca:50:43:
d2:46:bf:26:08:95:c1:a5:25:a2:0e:16:2f:aa:33:
ba:a8:07:18:4d:cb:e9:3f:8a:cf:a3:ed:22:9c:c7:
de:6d:eb:45:c3:a5:6d:82:7e:09:f2:89:6c:25:f5:
14:24:4c:da:88:e0:b6:a6:88:e6:1e:09:82:3b:81:
69:b3:02:0d:61:49:ce:6c:bc:c5:73:8f:34:1d:50:
6c:d9:c1:31:0c:1f:c9:69:63:ea:61:19:5e:ea:29:
44:1f:f9:94:4d:46:49:86:8c:cf:c4:b0:20:f0:1f:
6b:40:31:a4:b9:30:8c:ef:13:15:b3:e6:5f:69:7c:
ad:91:08:46:1c:15:4d:da:55:62:53:1d:83:75:8c:
31:08:97:0f:e3:ba:da:70:93:30:0b:d7:dc:39:3f:
89:a0:b5:6e:12:d2:bd:53:85:88:cd:52:01:b4:27:
7f:c4:87:59:30:05:15:cd:aa:4b:0b:f6:f8:df:2f:
6e:30:45:88:43:33:74:5e:54:32:5c:c0:3a:63:f1:
c8:9b:fb:46:64:72:11:bf:23:04:92:d2:5f:a1:9f:
3d:83:fc:ef:45:8c:d3:f7:64:d0:80:9a:7d:c8:d0:
f0:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:47:1F:6E:20:07:28:3B:12:7B:52:A8:D6:9D:15:9B:72:AF:8A:C6
X509v3 Authority Key Identifier:
keyid:E3:EB:95:4B:44:72:1E:41:1A:AF:09:38:31:0C:C1:03:EA:4C:8B:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9112DEF/18F6987CB3D511ECB3A0A882C4F9AE02/4-uVS0RyHkEarwk4MQzBA-pMi7Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4-uVS0RyHkEarwk4MQzBA-pMi7Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9112DEF/18F6987CB3D511ECB3A0A882C4F9AE02/E386F672068711EDA1C2070DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.185.224.0/23
Signature Algorithm: sha256WithRSAEncryption
c8:d5:8f:5b:b1:3b:19:70:2b:5f:f0:fc:02:d2:72:e3:ca:24:
28:2b:4a:a7:be:68:b9:6c:03:7e:18:55:c1:98:82:b5:0d:f2:
8f:d0:6c:53:13:8a:e4:42:da:a8:21:ec:28:eb:d3:a4:28:e3:
c7:1e:82:1c:d7:0b:97:f4:bf:94:62:52:73:f6:97:88:6c:06:
da:e1:69:2c:1e:a9:4d:7a:07:07:81:46:1a:3f:d7:ac:5a:1d:
11:0d:da:ed:12:ea:5a:a1:c9:04:0b:70:c7:6a:dd:59:b5:fd:
da:20:ad:3a:13:74:48:d6:6e:8a:09:7b:f4:71:f8:e4:f5:7e:
c3:6d:42:2c:18:66:bd:38:71:10:2a:88:9c:d7:39:06:96:a8:
28:7a:af:96:6d:d6:63:7e:bb:07:b0:ce:70:3c:12:29:6d:3d:
df:85:35:64:7a:5a:0f:c0:83:46:af:50:c8:54:7d:33:a5:dd:
14:15:9c:6a:af:10:dc:f7:a9:23:10:04:f1:1c:33:f9:3f:f9:
f0:03:47:c0:4a:56:8e:45:e7:4d:26:c6:a1:2a:62:18:71:51:
3f:72:9a:b7:2e:ed:52:2b:fe:26:19:eb:10:a0:f2:94:16:b7:
5c:47:7c:53:e4:2d:4c:d2:9c:0e:3b:a6:0c:79:9d:cf:dd:97:
06:b1:e6:ad
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAvUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTJERUYxMTAvBgNVBAUTKEUzRUI5NTRCNDQ3MjFFNDExQUFGMDkzODMxMENDMTAz
RUE0QzhCQjQwHhcNMjQwOTI0MDgxMzMzWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYyNzRhZC0yMzhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw1Jgdxcng0VmN0qOdEGQBctM2t//bbtisnTKUEPSRr8mCJXBpSWiDhYvqjO6
qAcYTcvpP4rPo+0inMfebetFw6Vtgn4J8olsJfUUJEzaiOC2pojmHgmCO4FpswIN
YUnObLzFc480HVBs2cExDB/JaWPqYRle6ilEH/mUTUZJhozPxLAg8B9rQDGkuTCM
7xMVs+ZfaXytkQhGHBVN2lViUx2DdYwxCJcP47racJMwC9fcOT+JoLVuEtK9U4WI
zVIBtCd/xIdZMAUVzapLC/b43y9uMEWIQzN0XlQyXMA6Y/HIm/tGZHIRvyMEktJf
oZ89g/zvRYzT92TQgJp9yNDwuwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMdHH24g
Byg7EntSqNadFZtyr4rGMB8GA1UdIwQYMBaAFOPrlUtEch5BGq8JODEMwQPqTIu0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMkRFRi8xOEY2OTg3Q0Iz
RDUxMUVDQjNBMEE4ODJDNEY5QUUwMi80LXVWUzBSeUhrRWFyd2s0TVF6QkEtcE1p
N1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzQtdVZTMFJ5SGtFYXJ3azRNUXpCQS1wTWk3US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTJERUYvMThGNjk4N0NCM0Q1MTFFQ0IzQTBBODgyQzRGOUFFMDIvRTM4NkY2NzIw
Njg3MTFFREExQzIwNzBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnueAwDQYJKoZIhvcNAQELBQADggEBAMjVj1uxOxlwK1/w
/ALScuPKJCgrSqe+aLlsA34YVcGYgrUN8o/QbFMTiuRC2qgh7Cjr06Qo48ceghzX
C5f0v5RiUnP2l4hsBtrhaSweqU16BweBRho/16xaHREN2u0S6lqhyQQLcMdq3Vm1
/dogrToTdEjWbooJe/Rx+OT1fsNtQiwYZr04cRAqiJzXOQaWqCh6r5Zt1mN+uwew
znA8EiltPd+FNWR6Wg/Ag0avUMhUfTOl3RQVnGqvENz3qSMQBPEcM/k/+fADR8BK
Vo5F500mxqEqYhhxUT9ymrcu7VIr/iYZ6xCg8pQWt1xHfFPkLUzSnA47pgx5nc/d
lwax5q0=
-----END CERTIFICATE-----
Generated at Tue Sep 24 12:40:08 2024 by rpki-client on console-fra.rpki-client.org