Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912A471/6FE8A2EE923E11EEB84F562FC4F9AE02/791EC4C8923F11EEAFF7BF30C4F9AE02.roa
File: 791EC4C8923F11EEAFF7BF30C4F9AE02.roa (raw, json)
Hash identifier: Vjn/rXy6icxxNtBSnbPE6Yr5NJFUe8dHiYkkgznjopY=
Subject key identifier: 79:2F:91:51:84:E6:B5:27:B8:19:61:ED:6B:50:13:B7:BD:17:F6:E6
Certificate issuer: /CN=A912A471/serialNumber=A56AE72C66A64E6279C8CC9C0EFE4F3636902780
Certificate serial: 02
Authority key identifier: A5:6A:E7:2C:66:A6:4E:62:79:C8:CC:9C:0E:FE:4F:36:36:90:27:80
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pWrnLGamTmJ5yMycDv5PNjaQJ4A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912A471/6FE8A2EE923E11EEB84F562FC4F9AE02/791EC4C8923F11EEAFF7BF30C4F9AE02.roa
Signing time: Mon 04 Dec 2023 00:53:01 +0000
ROA not before: Mon 04 Dec 2023 00:53:01 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 7575
IP address blocks: 103.249.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Dec 2023 01:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912A471/serialNumber=A56AE72C66A64E6279C8CC9C0EFE4F3636902780
Validity
Not Before: Dec 4 00:53:01 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=656d22ed-991d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e7:e8:42:e7:f1:0a:c3:e8:ee:d2:ef:ea:04:
29:7f:4c:56:09:65:b9:0b:18:4a:55:21:35:51:fb:
65:c9:8a:05:a3:df:7c:81:47:d4:12:08:89:03:06:
cf:de:d5:47:27:41:c0:2b:b6:fd:b9:8c:ce:b2:44:
f6:6e:4a:70:7d:3b:3e:ab:bf:8c:0d:ef:20:05:a1:
20:30:65:b1:de:16:63:2d:29:c7:05:d1:d2:75:09:
cb:8b:9f:ef:51:9e:31:90:b0:e4:79:a6:09:49:6b:
22:d2:af:c7:c7:cf:e8:1e:32:fd:dd:c5:22:9c:d3:
91:a2:ed:2e:82:3b:8f:fd:aa:e4:f4:35:d8:f2:b3:
dd:5a:56:52:c5:67:e0:98:a6:e7:7c:d9:96:d6:e6:
c2:09:79:65:1a:72:f3:43:a0:1d:00:80:6a:d7:5c:
80:68:e3:a9:6a:87:d3:be:35:73:8e:09:87:83:90:
50:5c:00:93:fe:6f:0b:4d:60:e8:82:da:c3:e0:6f:
a4:f1:e5:7e:6a:81:b9:77:05:64:06:c2:29:90:17:
7a:6e:5a:f4:f3:c1:26:94:b1:15:5a:14:55:36:47:
a5:46:d5:f2:e9:77:ae:26:b3:51:55:81:b9:2f:2b:
6d:f0:42:ef:38:0b:1d:09:5f:8f:7c:b5:c3:3d:50:
57:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:2F:91:51:84:E6:B5:27:B8:19:61:ED:6B:50:13:B7:BD:17:F6:E6
X509v3 Authority Key Identifier:
keyid:A5:6A:E7:2C:66:A6:4E:62:79:C8:CC:9C:0E:FE:4F:36:36:90:27:80
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912A471/6FE8A2EE923E11EEB84F562FC4F9AE02/pWrnLGamTmJ5yMycDv5PNjaQJ4A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pWrnLGamTmJ5yMycDv5PNjaQJ4A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912A471/6FE8A2EE923E11EEB84F562FC4F9AE02/791EC4C8923F11EEAFF7BF30C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.249.202.0/24
Signature Algorithm: sha256WithRSAEncryption
72:8f:a8:1d:c2:e1:27:41:ef:56:e3:08:5d:1b:83:a2:a5:f1:
fd:72:45:40:d1:29:e1:ea:3b:69:d9:f1:48:e9:89:33:96:bf:
25:6f:34:e2:70:c3:37:8d:f1:65:10:c3:da:08:c3:00:c5:8e:
33:38:bb:a2:7c:57:b1:85:be:67:b7:26:96:d6:7a:16:6c:b5:
df:d9:7b:7c:6a:8f:4b:3a:1b:1f:d9:4f:9d:17:98:b5:14:b0:
27:51:08:52:11:fa:aa:b8:a1:72:0f:84:38:fc:c2:f5:5c:56:
aa:fe:80:9b:a8:32:6a:98:49:e9:65:7e:d9:b0:12:32:04:ff:
71:d2:30:88:f4:45:3b:ce:57:e8:2b:66:8c:20:b3:99:c9:8a:
30:16:f3:b5:75:26:4c:cf:39:7b:11:5c:9a:07:75:c5:24:97:
02:64:6f:d2:ac:d5:17:25:c4:4c:2c:3d:5f:1c:e2:e2:f8:1c:
dd:1c:40:78:dd:c0:c1:c0:11:14:c0:c2:10:da:46:8c:29:05:
8e:a3:53:24:12:14:0a:b9:9a:6a:dd:36:6a:a9:cf:9b:59:61:
77:d8:cc:6f:07:70:30:c9:90:f2:59:cc:2f:02:cb:a6:38:57:
25:d6:7e:8d:3f:90:94:6a:ae:b6:08:28:a5:b0:9c:20:37:ef:
4e:5b:5b:d9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
QTQ3MTExMC8GA1UEBRMoQTU2QUU3MkM2NkE2NEU2Mjc5QzhDQzlDMEVGRTRGMzYz
NjkwMjc4MDAeFw0yMzEyMDQwMDUzMDFaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NmQyMmVkLTk5MWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC05+hC5/EKw+ju0u/qBCl/TFYJZbkLGEpVITVR+2XJigWj33yBR9QSCIkDBs/e
1UcnQcArtv25jM6yRPZuSnB9Oz6rv4wN7yAFoSAwZbHeFmMtKccF0dJ1CcuLn+9R
njGQsOR5pglJayLSr8fHz+geMv3dxSKc05Gi7S6CO4/9quT0Ndjys91aVlLFZ+CY
pud82ZbW5sIJeWUacvNDoB0AgGrXXIBo46lqh9O+NXOOCYeDkFBcAJP+bwtNYOiC
2sPgb6Tx5X5qgbl3BWQGwimQF3puWvTzwSaUsRVaFFU2R6VG1fLpd64ms1FVgbkv
K23wQu84Cx0JX498tcM9UFcNAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUeS+RUYTm
tSe4GWHta1ATt70X9uYwHwYDVR0jBBgwFoAUpWrnLGamTmJ5yMycDv5PNjaQJ4Aw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJBNDcxLzZGRThBMkVFOTIz
RTExRUVCODRGNTYyRkM0RjlBRTAyL3BXcm5MR2FtVG1KNXlNeWNEdjVQTmphUUo0
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcFdybkxHYW1UbUo1eU15Y0R2NVBOamFRSjRBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
QTQ3MS82RkU4QTJFRTkyM0UxMUVFQjg0RjU2MkZDNEY5QUUwMi83OTFFQzRDODky
M0YxMUVFQUZGN0JGMzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGf5yjANBgkqhkiG9w0BAQsFAAOCAQEAco+oHcLhJ0HvVuMI
XRuDoqXx/XJFQNEp4eo7adnxSOmJM5a/JW804nDDN43xZRDD2gjDAMWOMzi7onxX
sYW+Z7cmltZ6Fmy139l7fGqPSzobH9lPnReYtRSwJ1EIUhH6qrihcg+EOPzC9VxW
qv6Am6gyaphJ6WV+2bASMgT/cdIwiPRFO85X6CtmjCCzmcmKMBbztXUmTM85exFc
mgd1xSSXAmRv0qzVFyXETCw9Xxzi4vgc3RxAeN3AwcARFMDCENpGjCkFjqNTJBIU
Crmaat02aqnPm1lhd9jMbwdwMMmQ8lnMLwLLpjhXJdZ+jT+QlGqutggopbCcIDfv
Tltb2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org