Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913367F/A2219058128B11EBBFA2C47EC4F9AE02/8A025EB456F511EFA197AF4AC4F9AE02.roa
File: 8A025EB456F511EFA197AF4AC4F9AE02.roa (raw, json)
Hash identifier: AnjAeZVbQe3i72oY0wuHLM9CWicG5eJ+oNRo0hgAZNA=
Subject key identifier: 0F:8B:26:DE:5C:A5:12:8B:A9:E2:CB:44:67:51:4C:B8:C5:DB:01:6A
Certificate issuer: /CN=A913367F/serialNumber=D4EA9464F322B26D7D2128DC3752F228880016DA
Certificate serial: 06F8
Authority key identifier: D4:EA:94:64:F3:22:B2:6D:7D:21:28:DC:37:52:F2:28:88:00:16:DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1OqUZPMism19ISjcN1LyKIgAFto.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913367F/A2219058128B11EBBFA2C47EC4F9AE02/8A025EB456F511EFA197AF4AC4F9AE02.roa
Signing time: Sat 10 Aug 2024 08:55:29 +0000
ROA not before: Sat 10 Aug 2024 08:55:29 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 131471
IP address blocks: 103.104.212.0/24 maxlen: 24
103.104.213.0/24 maxlen: 24
103.104.214.0/24 maxlen: 24
103.104.215.0/24 maxlen: 24
103.153.14.0/24 maxlen: 24
103.153.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 18 Aug 2024 07:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1784 (0x6f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913367F/serialNumber=D4EA9464F322B26D7D2128DC3752F228880016DA
Validity
Not Before: Aug 10 08:55:29 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=66b72b01-13b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c8:a4:7e:99:11:d0:bf:15:00:f0:e8:98:41:
de:7c:d5:6a:5c:c8:db:a3:8e:08:b9:aa:dd:83:ae:
82:ff:b7:13:1f:23:e4:df:a9:4e:65:d4:a0:ea:a4:
8d:34:c6:8c:1d:62:4c:94:00:cf:39:03:45:7d:88:
9c:6a:ff:0e:6c:c8:48:30:ad:b1:af:e5:a5:1e:56:
0e:aa:7b:a3:04:24:75:07:c9:3c:a5:1e:1a:a9:3c:
79:ed:79:09:fb:6f:8d:ad:c9:be:13:14:7f:f8:8e:
f5:65:22:ca:b6:16:b8:eb:1e:44:e3:d1:ef:f8:e0:
2a:9f:42:9e:36:d9:79:07:bc:d5:24:a6:1a:f6:80:
2e:ac:8f:1f:6f:de:99:45:96:7c:18:88:4b:d1:41:
c6:cb:b0:0f:3f:fc:19:26:af:84:73:5e:ba:aa:ac:
fb:c4:4c:00:fb:c9:9c:7b:8d:07:e5:b0:75:e9:60:
32:08:41:5d:56:98:10:48:53:78:2c:f6:02:91:4d:
7a:28:19:99:67:0b:21:27:ad:42:66:3a:b7:20:16:
81:86:81:6e:18:9d:57:5f:65:bc:e1:89:a7:71:f1:
a6:04:84:56:3e:78:d0:df:ed:a1:73:5e:b2:31:86:
28:8e:7e:37:89:21:0e:dc:bb:9b:b0:36:bf:8f:6f:
81:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:8B:26:DE:5C:A5:12:8B:A9:E2:CB:44:67:51:4C:B8:C5:DB:01:6A
X509v3 Authority Key Identifier:
keyid:D4:EA:94:64:F3:22:B2:6D:7D:21:28:DC:37:52:F2:28:88:00:16:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913367F/A2219058128B11EBBFA2C47EC4F9AE02/1OqUZPMism19ISjcN1LyKIgAFto.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1OqUZPMism19ISjcN1LyKIgAFto.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913367F/A2219058128B11EBBFA2C47EC4F9AE02/8A025EB456F511EFA197AF4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.104.212.0/22
103.153.14.0/23
Signature Algorithm: sha256WithRSAEncryption
55:54:87:df:cb:c8:8f:a9:e3:56:b8:bc:38:e6:67:43:35:a8:
6b:19:90:35:6e:10:90:2e:77:bf:2b:d4:63:cf:39:e2:91:93:
6f:60:21:61:d7:95:38:60:a6:da:38:95:84:73:1c:dc:f7:ca:
35:15:97:a6:3f:c8:a8:90:25:38:20:e2:63:2f:2f:0e:f9:ad:
58:96:53:05:cd:59:a4:cd:db:b7:9c:e7:b7:cf:9d:1c:e4:c3:
54:5a:cd:b7:20:65:c4:5c:af:b4:4f:8c:0d:ca:09:43:83:ab:
67:3d:fc:f1:4d:66:98:57:bb:da:c6:49:ab:6d:95:9a:62:22:
c4:ab:1f:89:20:24:38:50:8f:50:c8:d0:d7:66:9f:59:e8:df:
0b:30:8b:18:ce:46:db:9c:ee:de:85:a0:4a:2e:87:ec:33:0c:
e8:25:5b:75:a6:da:ee:e3:34:e2:e7:ec:27:82:dd:6b:1a:12:
4d:a4:9c:e1:3f:c9:a3:11:53:8f:1f:d6:f0:d6:5c:a3:74:90:
b6:9d:ad:2a:8f:f8:24:5d:35:e3:53:41:c4:0d:4d:a0:ab:eb:
64:9c:0f:31:e9:a0:2f:43:dc:7b:ec:dc:c2:bc:28:1d:0f:03:
77:91:93:22:a2:83:75:9f:ed:4d:c7:0e:be:79:f1:fb:66:dd:
1a:14:f9:9e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBvgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzM2N0YxMTAvBgNVBAUTKEQ0RUE5NDY0RjMyMkIyNkQ3RDIxMjhEQzM3NTJGMjI4
ODgwMDE2REEwHhcNMjQwODEwMDg1NTI5WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmI3MmIwMS0xM2I1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2cikfpkR0L8VAPDomEHefNVqXMjbo44Iuardg66C/7cTHyPk36lOZdSg6qSN
NMaMHWJMlADPOQNFfYicav8ObMhIMK2xr+WlHlYOqnujBCR1B8k8pR4aqTx57XkJ
+2+Nrcm+ExR/+I71ZSLKtha46x5E49Hv+OAqn0KeNtl5B7zVJKYa9oAurI8fb96Z
RZZ8GIhL0UHGy7APP/wZJq+Ec166qqz7xEwA+8mce40H5bB16WAyCEFdVpgQSFN4
LPYCkU16KBmZZwshJ61CZjq3IBaBhoFuGJ1XX2W84YmncfGmBIRWPnjQ3+2hc16y
MYYojn43iSEO3LubsDa/j2+B0wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFA+LJt5c
pRKLqeLLRGdRTLjF2wFqMB8GA1UdIwQYMBaAFNTqlGTzIrJtfSEo3DdS8iiIABba
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMzY3Ri9BMjIxOTA1ODEy
OEIxMUVCQkZBMkM0N0VDNEY5QUUwMi8xT3FVWlBNaXNtMTlJU2pjTjFMeUtJZ0FG
dG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFPcVVaUE1pc20xOUlTamNOMUx5S0lnQUZ0by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzM2N0YvQTIyMTkwNTgxMjhCMTFFQkJGQTJDNDdFQzRGOUFFMDIvOEEwMjVFQjQ1
NkY1MTFFRkExOTdBRjRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnaNQDBAFnmQ4wDQYJKoZIhvcNAQELBQADggEBAFVUh9/L
yI+p41a4vDjmZ0M1qGsZkDVuEJAud78r1GPPOeKRk29gIWHXlThgpto4lYRzHNz3
yjUVl6Y/yKiQJTgg4mMvLw75rViWUwXNWaTN27ec57fPnRzkw1RazbcgZcRcr7RP
jA3KCUODq2c9/PFNZphXu9rGSattlZpiIsSrH4kgJDhQj1DI0Ndmn1no3wswixjO
Rtuc7t6FoEouh+wzDOglW3Wm2u7jNOLn7CeC3WsaEk2knOE/yaMRU48f1vDWXKN0
kLadrSqP+CRdNeNTQcQNTaCr62ScDzHpoC9D3Hvs3MK8KB0PA3eRkyKig3Wf7U3H
Dr558ftm3RoU+Z4=
-----END CERTIFICATE-----
Generated at Sun Aug 18 09:35:25 2024 by rpki-client on console-ams.rpki-client.org