Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/D109C9B8B44E11EEBE99D619C4F9AE02.roa
File: D109C9B8B44E11EEBE99D619C4F9AE02.roa (raw, json)
Hash identifier: i5Ykh/5hMbtnS1sASl/l40TB/jbHt/nO0RDq5bWSxKo=
Subject key identifier: 50:C4:74:99:8E:9B:20:90:B8:74:D3:F2:10:05:05:31:A5:C7:9E:C7
Certificate issuer: /CN=A916D8D9/serialNumber=031C9C26E5BAB1B01AF18A0BB1B970AB5773456B
Certificate serial: 050C
Authority key identifier: 03:1C:9C:26:E5:BA:B1:B0:1A:F1:8A:0B:B1:B9:70:AB:57:73:45:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AxycJuW6sbAa8YoLsblwq1dzRWs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/D109C9B8B44E11EEBE99D619C4F9AE02.roa
Signing time: Tue 06 Feb 2024 07:48:01 +0000
ROA not before: Tue 06 Feb 2024 07:48:01 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 9387
IP address blocks: 103.79.18.0/24 maxlen: 24
122.50.0.0/24 maxlen: 24
122.50.1.0/24 maxlen: 24
122.50.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 15:43:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1292 (0x50c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916D8D9/serialNumber=031C9C26E5BAB1B01AF18A0BB1B970AB5773456B
Validity
Not Before: Feb 6 07:48:01 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65c1e431-d2bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:03:fc:43:92:91:9a:50:23:24:a2:d3:3e:78:
a5:5e:5c:e1:a8:40:0d:3f:e1:09:47:24:f2:fd:98:
45:15:62:0b:8f:8e:2a:f8:8d:03:f5:16:4b:e4:7c:
23:50:f2:39:65:8f:6d:c9:86:42:b4:b2:c9:fa:7b:
fe:c6:28:18:24:d6:44:47:09:76:9f:64:f1:36:68:
c1:0e:4a:5d:4c:02:02:39:b5:80:5f:42:3f:e2:2d:
74:fe:cb:1e:f0:6d:b2:11:e3:aa:ea:3b:51:83:e1:
49:45:d1:a9:57:cf:47:77:5f:d7:4f:f9:a9:9b:f5:
9c:c3:78:cc:b7:b4:51:40:03:03:f4:7b:57:fa:ed:
ef:c9:97:5b:13:1e:ca:50:19:fa:7c:86:3e:ee:80:
75:5c:1d:33:87:85:3b:43:31:d5:db:6d:1f:37:01:
97:74:fe:2c:33:39:a0:57:30:15:fa:06:8a:11:6e:
ef:8f:88:70:d5:ab:3e:90:31:3d:6b:3d:c2:50:5f:
01:e6:26:05:e0:47:0f:e7:7e:a5:72:f1:3b:bf:95:
79:b8:69:55:63:be:e7:ab:6d:e5:6d:e9:ba:42:63:
35:c2:e3:19:ce:e0:af:ba:3a:fc:a3:24:eb:95:9d:
0f:23:98:2a:8f:ec:35:01:01:cf:8d:c3:c5:8e:63:
7c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:C4:74:99:8E:9B:20:90:B8:74:D3:F2:10:05:05:31:A5:C7:9E:C7
X509v3 Authority Key Identifier:
keyid:03:1C:9C:26:E5:BA:B1:B0:1A:F1:8A:0B:B1:B9:70:AB:57:73:45:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/AxycJuW6sbAa8YoLsblwq1dzRWs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AxycJuW6sbAa8YoLsblwq1dzRWs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/D109C9B8B44E11EEBE99D619C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.79.18.0/24
122.50.0.0-122.50.2.255
Signature Algorithm: sha256WithRSAEncryption
35:0f:05:80:bb:9d:e3:12:f1:a0:2a:df:af:2f:fb:95:d6:bd:
e1:9a:f9:d1:dd:cd:b5:86:25:11:0e:94:09:e7:dc:96:4b:e2:
8a:20:13:56:70:7f:35:95:47:11:46:d9:a8:b5:00:ae:22:c1:
ab:d3:a7:75:33:c8:09:d8:18:e6:26:a7:12:e3:2a:7e:91:34:
c3:85:1a:c4:76:55:3a:17:57:0e:c2:1d:51:df:d8:0b:83:b6:
61:0b:98:dc:1d:81:6d:b1:cc:e3:1e:e1:1b:07:3d:0d:40:0e:
8a:99:43:9a:6c:8d:b2:97:15:99:99:2d:c5:bc:5f:f9:96:d3:
c2:36:41:b7:7c:ee:30:7a:f7:e8:0b:4c:45:c2:8a:35:87:ab:
fc:6f:7c:1c:51:26:fc:1d:85:0d:f1:b1:5f:ad:6f:ba:8c:82:
9e:ac:ab:29:1b:ec:88:d3:29:7a:ed:dc:bc:b4:30:c8:65:ba:
23:a3:59:d8:a6:d8:d4:55:c8:f1:07:6a:d0:53:58:bf:53:82:
8d:c2:34:d2:69:78:49:7c:60:31:af:87:c7:c3:da:68:32:ec:
ae:61:85:bd:ed:1b:b0:c1:29:80:d0:57:0c:37:85:20:bd:df:
77:a7:f2:87:5f:ef:5f:ca:3b:a9:f6:a0:8a:dc:d2:06:f7:a5:
f4:97:5e:65
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgICBQwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQ4RDkxMTAvBgNVBAUTKDAzMUM5QzI2RTVCQUIxQjAxQUYxOEEwQkIxQjk3MEFC
NTc3MzQ1NkIwHhcNMjQwMjA2MDc0ODAxWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWMxZTQzMS1kMmJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtQP8Q5KRmlAjJKLTPnilXlzhqEANP+EJRyTy/ZhFFWILj44q+I0D9RZL5Hwj
UPI5ZY9tyYZCtLLJ+nv+xigYJNZERwl2n2TxNmjBDkpdTAICObWAX0I/4i10/sse
8G2yEeOq6jtRg+FJRdGpV89Hd1/XT/mpm/Wcw3jMt7RRQAMD9HtX+u3vyZdbEx7K
UBn6fIY+7oB1XB0zh4U7QzHV220fNwGXdP4sMzmgVzAV+gaKEW7vj4hw1as+kDE9
az3CUF8B5iYF4EcP536lcvE7v5V5uGlVY77nq23lbem6QmM1wuMZzuCvujr8oyTr
lZ0PI5gqj+w1AQHPjcPFjmN86QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFDEdJmO
myCQuHTT8hAFBTGlx57HMB8GA1UdIwQYMBaAFAMcnCblurGwGvGKC7G5cKtXc0Vr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDhEOS81NDgzQkZCNkM4
RkIxMUVCQkE1QkFFNTFDNEY5QUUwMi9BeHljSnVXNnNiQWE4WW9Mc2Jsd3ExZHpS
V3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0F4eWNKdVc2c2JBYThZb0xzYmx3cTFkelJXcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQ4RDkvNTQ4M0JGQjZDOEZCMTFFQkJBNUJBRTUxQzRGOUFFMDIvRDEwOUM5QjhC
NDRFMTFFRUJFOTlENjE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLAYIKwYBBQUHAQcBAf8E
HTAbMBkEAgABMBMDBABnTxIwCwMDAXoyAwQAejICMA0GCSqGSIb3DQEBCwUAA4IB
AQA1DwWAu53jEvGgKt+vL/uV1r3hmvnR3c21hiURDpQJ59yWS+KKIBNWcH81lUcR
RtmotQCuIsGr06d1M8gJ2BjmJqcS4yp+kTTDhRrEdlU6F1cOwh1R39gLg7ZhC5jc
HYFtsczjHuEbBz0NQA6KmUOabI2ylxWZmS3FvF/5ltPCNkG3fO4wevfoC0xFwoo1
h6v8b3wcUSb8HYUN8bFfrW+6jIKerKspG+yI0yl67dy8tDDIZbojo1nYptjUVcjx
B2rQU1i/U4KNwjTSaXhJfGAxr4fHw9poMuyuYYW97RuwwSmA0FcMN4Ugvd93p/KH
X+9fyjup9qCK3NIG96X0l15l
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:11 2024 by rpki-client on console-fra.rpki-client.org