Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9179BF7/4B66F12CF2C711EC8B819687C4F9AE02/0B02EE20023C11EF9AF7B734C4F9AE02.roa
File: 0B02EE20023C11EF9AF7B734C4F9AE02.roa (raw, json)
Hash identifier: jNhQrEON7Z9G3dBAPJfZV5YvkLmEFswRCYSBAAOx30w=
Subject key identifier: 0D:D8:56:F4:E4:93:AB:10:E9:8B:D0:48:0B:BF:49:27:96:E4:9A:EE
Certificate issuer: /CN=A9179BF7/serialNumber=7FCDEC31FAFA7E527DA7A9703932040F84558159
Certificate serial: 0261
Authority key identifier: 7F:CD:EC:31:FA:FA:7E:52:7D:A7:A9:70:39:32:04:0F:84:55:81:59
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f83sMfr6flJ9p6lwOTIED4RVgVk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9179BF7/4B66F12CF2C711EC8B819687C4F9AE02/0B02EE20023C11EF9AF7B734C4F9AE02.roa
Signing time: Tue 01 Oct 2024 16:29:39 +0000
ROA not before: Tue 01 Oct 2024 16:29:39 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 140934
IP address blocks: 103.190.16.0/23 maxlen: 24
2401:c8a0::/32 maxlen: 36
Validation: Failed, certificate revoked on Tue 01 Oct 2024 17:06:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 609 (0x261)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9179BF7/serialNumber=7FCDEC31FAFA7E527DA7A9703932040F84558159
Validity
Not Before: Oct 1 16:29:39 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66fc2373-9d54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:5e:96:4e:7a:58:97:67:63:7e:ae:ce:55:db:
e6:12:04:d1:7a:ee:54:d6:cf:fc:6c:cb:2a:a4:ee:
db:69:86:54:46:c1:68:28:18:94:70:00:16:a2:ac:
a0:3e:c0:a8:dd:4a:8a:e8:00:b5:27:a3:dd:7d:aa:
50:60:ec:29:f9:b3:03:47:d4:d0:15:65:57:93:d2:
f4:80:c1:0e:ea:55:6c:a2:93:7b:28:12:ab:1b:a5:
1e:87:b1:45:ab:be:7e:01:e8:49:2f:b3:93:8a:ef:
71:b7:d3:8c:03:a9:41:df:cc:ab:a7:e1:6f:0c:51:
33:0f:ee:bd:d0:1e:18:6a:3e:36:e6:2f:aa:1a:85:
da:36:c5:2d:c9:00:03:4f:62:e5:f6:68:e4:46:75:
7c:5e:11:34:97:0e:86:1b:93:41:49:b1:3d:7a:97:
98:43:25:30:a8:6d:38:62:9c:96:9d:f1:89:44:ac:
1a:51:f7:70:6b:af:c0:b1:d7:b2:1b:4c:cc:e9:96:
8d:f9:4e:05:6b:4c:f3:d0:72:b7:72:d6:4b:c6:6b:
99:4f:66:e9:c1:48:5f:c2:a9:a6:f1:4b:69:24:1f:
1f:e1:bf:ee:43:3b:e3:40:5f:32:02:35:ba:bd:5b:
a6:d4:99:b7:9c:1c:e5:06:f7:c3:2a:57:9e:7a:62:
56:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D8:56:F4:E4:93:AB:10:E9:8B:D0:48:0B:BF:49:27:96:E4:9A:EE
X509v3 Authority Key Identifier:
keyid:7F:CD:EC:31:FA:FA:7E:52:7D:A7:A9:70:39:32:04:0F:84:55:81:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9179BF7/4B66F12CF2C711EC8B819687C4F9AE02/f83sMfr6flJ9p6lwOTIED4RVgVk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f83sMfr6flJ9p6lwOTIED4RVgVk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9179BF7/4B66F12CF2C711EC8B819687C4F9AE02/0B02EE20023C11EF9AF7B734C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.190.16.0/23
IPv6:
2401:c8a0::/32
Signature Algorithm: sha256WithRSAEncryption
8d:6a:1b:b2:65:de:af:c6:cb:1f:07:ba:90:2d:c8:fc:86:ba:
5a:0c:f2:6b:73:ad:83:37:05:7a:50:99:6f:98:cb:9a:47:62:
cf:74:32:6e:79:ec:11:e7:69:6b:04:6e:a7:58:01:a8:49:54:
7a:4f:fa:5f:68:c9:93:93:28:77:8a:97:9a:36:9f:ca:c3:14:
b5:be:84:83:2a:91:bc:cd:91:50:bb:fd:ce:b2:7e:6a:18:9c:
c0:fa:08:99:2e:5d:94:c3:d8:99:48:d1:01:70:4f:1b:58:6d:
3b:8f:ee:73:5e:cc:a3:e5:1e:f5:64:20:c2:37:78:84:c6:fb:
ca:39:0e:80:08:81:1c:34:b1:1d:6a:99:52:49:8f:ff:a2:07:
01:f6:f1:07:7c:1b:74:69:c2:2f:60:e8:02:b6:21:2b:4b:71:
16:42:92:9b:d7:d3:f5:3a:2b:8d:96:bd:9d:52:79:fa:23:7b:
cc:fc:ef:66:f7:2c:70:a1:f0:e4:06:46:ce:cb:89:6a:1e:1b:
12:13:12:79:12:11:3d:67:f1:ae:60:83:88:6a:28:ce:4a:0f:
4f:c7:9e:65:f2:d1:1d:a5:5d:4d:88:2b:3b:9c:07:c0:e9:88:
fc:9e:7c:e2:9d:33:76:86:9f:b6:62:7b:b4:db:95:60:02:8a:
ce:d8:91:0e
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAmEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzlCRjcxMTAvBgNVBAUTKDdGQ0RFQzMxRkFGQTdFNTI3REE3QTk3MDM5MzIwNDBG
ODQ1NTgxNTkwHhcNMjQxMDAxMTYyOTM5WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZjMjM3My05ZDU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3l6WTnpYl2djfq7OVdvmEgTReu5U1s/8bMsqpO7baYZURsFoKBiUcAAWoqyg
PsCo3UqK6AC1J6PdfapQYOwp+bMDR9TQFWVXk9L0gMEO6lVsopN7KBKrG6Ueh7FF
q75+AehJL7OTiu9xt9OMA6lB38yrp+FvDFEzD+690B4Yaj425i+qGoXaNsUtyQAD
T2Ll9mjkRnV8XhE0lw6GG5NBSbE9epeYQyUwqG04YpyWnfGJRKwaUfdwa6/Asdey
G0zM6ZaN+U4Fa0zz0HK3ctZLxmuZT2bpwUhfwqmm8UtpJB8f4b/uQzvjQF8yAjW6
vVum1Jm3nBzlBvfDKleeemJWKwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFA3YVvTk
k6sQ6YvQSAu/SSeW5JruMB8GA1UdIwQYMBaAFH/N7DH6+n5SfaepcDkyBA+EVYFZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OUJGNy80QjY2RjEyQ0Yy
QzcxMUVDOEI4MTk2ODdDNEY5QUUwMi9mODNzTWZyNmZsSjlwNmx3T1RJRUQ0UlZn
VmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Y4M3NNZnI2ZmxKOXA2bHdPVElFRDRSVmdWay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzlCRjcvNEI2NkYxMkNGMkM3MTFFQzhCODE5Njg3QzRGOUFFMDIvMEIwMkVFMjAw
MjNDMTFFRjlBRjdCNzM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnvhAwDQQCAAIwBwMFACQByKAwDQYJKoZIhvcNAQELBQAD
ggEBAI1qG7Jl3q/Gyx8HupAtyPyGuloM8mtzrYM3BXpQmW+Yy5pHYs90Mm557BHn
aWsEbqdYAahJVHpP+l9oyZOTKHeKl5o2n8rDFLW+hIMqkbzNkVC7/c6yfmoYnMD6
CJkuXZTD2JlI0QFwTxtYbTuP7nNezKPlHvVkIMI3eITG+8o5DoAIgRw0sR1qmVJJ
j/+iBwH28Qd8G3Rpwi9g6AK2IStLcRZCkpvX0/U6K42WvZ1Sefoje8z872b3LHCh
8OQGRs7LiWoeGxITEnkSET1n8a5gg4hqKM5KD0/HnmXy0R2lXU2IKzucB8DpiPye
fOKdM3aGn7Zie7TblWACis7YkQ4=
-----END CERTIFICATE-----
Generated at Tue Oct 1 20:01:19 2024 by rpki-client on console-fra.rpki-client.org