Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/4D67D62A0BDD11EC99F6A975C4F9AE02.roa
File: 4D67D62A0BDD11EC99F6A975C4F9AE02.roa (raw, json)
Hash identifier: 7KM1QoEugSk+Qdbnd/N3xOEyC2QPHcse8Y1xJ7rS4ac=
Subject key identifier: 0B:42:D4:D2:D3:D0:BD:6A:DD:3E:06:77:66:A1:5D:93:AE:C0:C0:5D
Certificate issuer: /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Certificate serial: 264E
Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/4D67D62A0BDD11EC99F6A975C4F9AE02.roa
Signing time: Sun 06 Aug 2023 16:13:26 +0000
ROA not before: Sun 06 Aug 2023 16:13:26 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 58879
IP address blocks: 103.196.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Mar 2024 15:05:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9806 (0x264e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Validity
Not Before: Aug 6 16:13:26 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64cfc6a6-1a1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:da:3a:af:b0:ce:eb:4a:4c:fa:cb:4f:4e:6d:
5b:8a:8f:59:91:b5:c4:1a:2a:2d:0a:16:93:85:23:
ab:72:a4:a6:9a:74:83:b7:e7:72:f9:47:43:bd:a9:
46:7e:10:18:95:8b:d6:b7:59:e7:d9:63:c4:f7:d6:
9f:dc:ae:48:ce:67:89:62:52:78:a1:b1:e0:51:01:
d8:31:49:c8:5f:c3:07:0d:6f:8c:31:e2:3c:7c:98:
f1:77:03:e6:d3:c9:f7:7d:59:07:30:62:1f:cc:20:
e2:9d:f2:0b:ea:6d:48:97:82:d2:f4:57:19:b6:c6:
fd:8f:01:b8:31:2e:1c:38:61:48:8c:7d:c4:19:66:
8a:d3:9a:e0:55:26:f7:21:d3:3f:d3:95:b2:aa:7e:
ed:1f:e2:ca:2b:b0:94:37:dc:26:e9:60:14:06:11:
9a:82:10:e2:7a:a9:0b:c4:53:7b:da:55:93:c3:81:
32:62:4b:f0:7a:f2:1f:75:10:9f:fe:87:fe:af:97:
8d:1f:fd:d4:bf:66:01:a9:dc:35:1d:d6:b3:8d:ff:
82:61:50:7a:91:62:73:81:ed:83:da:7e:3e:d9:ac:
1f:71:f2:d6:1f:e3:68:eb:dc:1a:96:f3:7b:68:7f:
96:4c:d6:bf:16:e2:bd:53:17:2b:f3:3f:4a:14:9a:
5e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:42:D4:D2:D3:D0:BD:6A:DD:3E:06:77:66:A1:5D:93:AE:C0:C0:5D
X509v3 Authority Key Identifier:
keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/4D67D62A0BDD11EC99F6A975C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.196.22.0/24
Signature Algorithm: sha256WithRSAEncryption
87:90:07:e8:f1:2c:80:90:56:f0:38:76:4e:5f:4d:16:96:78:
7b:fc:28:ad:8f:b6:8e:1e:48:97:ea:a8:f4:94:49:d5:b2:ac:
f9:5d:bd:93:b0:24:89:4c:e3:8b:de:13:e4:35:4f:71:cf:d5:
28:e8:bf:93:33:48:c1:46:13:ce:19:0f:6a:ef:2c:94:6d:77:
10:0f:26:1f:bd:39:eb:8a:7a:b4:10:5c:9f:23:ae:7b:91:10:
05:35:d7:01:9c:2b:17:14:35:d2:46:e6:0f:83:15:36:bb:08:
84:1b:ad:4d:85:0a:ca:33:69:3c:1a:0e:86:aa:a6:58:2a:6b:
90:6f:58:f5:63:f1:ec:43:fc:c6:3a:7d:f8:b5:20:37:7d:20:
04:cb:a8:c2:d6:17:2f:95:f2:c7:21:53:1b:9d:96:b3:58:b4:
70:88:85:89:c2:d0:3d:a8:43:b3:76:8b:fa:de:95:79:5d:89:
3c:96:34:e1:47:af:d6:d6:d1:60:f1:d9:ff:d3:af:d2:64:90:
0c:a1:94:ac:f2:44:62:45:9e:a1:2f:6e:e6:ed:7a:86:bf:3e:
7a:35:56:31:0a:51:da:62:36:8f:21:63:4c:13:e4:9d:3c:46:
60:24:8c:ea:24:71:51:db:88:1d:0f:f3:79:be:d5:09:6b:af:
d9:e0:e7:39
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJk4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw
ODYzRDNEOTMwHhcNMjMwODA2MTYxMzI2WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNmYzZhNi0xYTFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzNo6r7DO60pM+stPTm1bio9ZkbXEGiotChaThSOrcqSmmnSDt+dy+UdDvalG
fhAYlYvWt1nn2WPE99af3K5IzmeJYlJ4obHgUQHYMUnIX8MHDW+MMeI8fJjxdwPm
08n3fVkHMGIfzCDinfIL6m1Il4LS9FcZtsb9jwG4MS4cOGFIjH3EGWaK05rgVSb3
IdM/05Wyqn7tH+LKK7CUN9wm6WAUBhGaghDieqkLxFN72lWTw4EyYkvwevIfdRCf
/of+r5eNH/3Uv2YBqdw1Hdazjf+CYVB6kWJzge2D2n4+2awfcfLWH+No69walvN7
aH+WTNa/FuK9Uxcr8z9KFJpeeQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAtC1NLT
0L1q3T4Gd2ahXZOuwMBdMB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB
ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvNEQ2N0Q2MkEw
QkREMTFFQzk5RjZBOTc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnxBYwDQYJKoZIhvcNAQELBQADggEBAIeQB+jxLICQVvA4
dk5fTRaWeHv8KK2Pto4eSJfqqPSUSdWyrPldvZOwJIlM44veE+Q1T3HP1Sjov5Mz
SMFGE84ZD2rvLJRtdxAPJh+9OeuKerQQXJ8jrnuREAU11wGcKxcUNdJG5g+DFTa7
CIQbrU2FCsozaTwaDoaqplgqa5BvWPVj8exD/MY6ffi1IDd9IATLqMLWFy+V8sch
UxudlrNYtHCIhYnC0D2oQ7N2i/relXldiTyWNOFHr9bW0WDx2f/Tr9JkkAyhlKzy
RGJFnqEvbubteoa/Pno1VjEKUdpiNo8hY0wT5J08RmAkjOokcVHbiB0P83m+1Qlr
r9ng5zk=
-----END CERTIFICATE-----
Generated at Tue Mar 19 17:35:24 2024 by rpki-client on console-fra.rpki-client.org