Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9185FD0/3833447809CF11EEA5E82532C4F9AE02/9D9BF74260E111EEBD81AD43C4F9AE02.roa
File: 9D9BF74260E111EEBD81AD43C4F9AE02.roa (raw, json)
Hash identifier: L+shClk2VhcHECdoltloc2uAnj8/QlQSAkEDzKquz3M=
Subject key identifier: F4:95:04:45:0B:71:8D:85:56:A4:2C:97:C7:1F:08:A5:0A:5C:98:9F
Certificate issuer: /CN=A9185FD0/serialNumber=59B6D6CD7305F2DEEC2B8E613C5D8F49425E0039
Certificate serial: 3C
Authority key identifier: 59:B6:D6:CD:73:05:F2:DE:EC:2B:8E:61:3C:5D:8F:49:42:5E:00:39
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WbbWzXMF8t7sK45hPF2PSUJeADk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9185FD0/3833447809CF11EEA5E82532C4F9AE02/9D9BF74260E111EEBD81AD43C4F9AE02.roa
Signing time: Mon 02 Oct 2023 05:07:42 +0000
ROA not before: Mon 02 Oct 2023 05:07:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135607
IP address blocks: 103.129.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Oct 2023 02:07:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60 (0x3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9185FD0/serialNumber=59B6D6CD7305F2DEEC2B8E613C5D8F49425E0039
Validity
Not Before: Oct 2 05:07:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=651a501e-ec44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:47:df:19:f7:b0:43:3c:10:67:d3:1c:3a:37:
c2:2e:57:46:f4:36:1d:4d:45:9b:c0:2b:9a:66:47:
07:a4:8b:49:be:40:3a:e1:86:51:99:ea:40:ee:fc:
d1:60:07:b8:7d:b1:8c:99:2f:00:5a:d9:50:78:9d:
3f:31:4e:1b:de:1e:c9:a4:24:1f:d0:c4:88:b7:c1:
b4:c8:a8:7f:62:c1:56:a2:90:b5:ef:6e:e2:b7:b8:
dd:0c:02:23:4d:70:52:28:9f:81:df:d7:b2:3d:7e:
e7:d2:2b:be:ad:45:bb:f7:6f:a5:54:1a:61:2d:43:
07:69:02:fe:29:0e:4e:74:02:44:69:75:9f:da:4e:
dc:e2:27:f2:4c:d7:6c:cf:f8:2e:0e:f7:c8:11:98:
23:9f:e3:fb:4a:d1:0e:1b:8f:03:fb:cd:25:de:8e:
f3:23:23:4d:4c:d3:06:5f:b4:bb:b5:5a:52:17:59:
30:bf:be:f3:e1:de:8b:54:f0:e6:7e:78:7f:c9:9f:
b5:b2:3a:6f:63:ad:3c:d3:1c:8a:56:5b:59:8e:4a:
c3:82:25:c4:d0:20:f8:91:c6:c8:41:38:d7:68:a0:
b2:c9:d8:fe:e8:ba:00:02:d6:1f:f6:d3:66:35:fb:
6e:40:b4:8b:fb:61:15:6e:56:24:00:7a:81:8e:e3:
3d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:95:04:45:0B:71:8D:85:56:A4:2C:97:C7:1F:08:A5:0A:5C:98:9F
X509v3 Authority Key Identifier:
keyid:59:B6:D6:CD:73:05:F2:DE:EC:2B:8E:61:3C:5D:8F:49:42:5E:00:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9185FD0/3833447809CF11EEA5E82532C4F9AE02/WbbWzXMF8t7sK45hPF2PSUJeADk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WbbWzXMF8t7sK45hPF2PSUJeADk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185FD0/3833447809CF11EEA5E82532C4F9AE02/9D9BF74260E111EEBD81AD43C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.124.0/24
Signature Algorithm: sha256WithRSAEncryption
93:d4:fa:7d:88:42:15:17:37:29:a1:a4:ba:11:eb:68:ba:a1:
69:9c:d0:ca:84:01:72:23:c7:44:fa:eb:97:23:03:5e:ff:3b:
b0:ca:43:81:df:8e:99:2f:b0:79:d0:0b:79:44:7c:72:06:99:
c4:1d:47:f1:af:29:59:73:eb:56:e6:32:2f:a7:5a:e5:35:7e:
c2:e1:45:b0:e5:13:6a:7e:4a:9c:45:89:e6:a8:91:fa:a0:66:
11:2f:7e:55:fb:cf:e4:69:eb:e7:84:12:ad:2a:67:1b:aa:64:
8a:87:c7:cc:cd:41:09:87:27:b4:b4:06:bc:65:8e:82:1b:c7:
2c:12:23:c6:2c:a7:b7:3b:4c:8a:cc:a9:fc:f3:ea:c2:98:8d:
ee:4c:02:74:89:0e:bb:0f:1b:80:f6:88:30:fe:17:1f:5e:75:
13:96:75:b3:d3:a2:18:2c:2f:44:71:5f:28:7a:5a:c8:c9:11:
a1:b0:fb:20:cb:29:5c:b5:a7:96:f9:56:1b:33:19:5d:eb:05:
a5:d8:8a:b3:1f:4a:a9:f4:a4:0c:34:2a:80:4e:47:3e:77:99:
c5:ff:f5:d8:c6:0c:28:19:e5:51:55:d1:0d:c3:45:ce:ad:48:
bd:33:f5:5c:d1:67:40:5d:17:c9:8f:bf:88:aa:c8:72:20:cf:
86:02:37:cd
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBPDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
NUZEMDExMC8GA1UEBRMoNTlCNkQ2Q0Q3MzA1RjJERUVDMkI4RTYxM0M1RDhGNDk0
MjVFMDAzOTAeFw0yMzEwMDIwNTA3NDJaFw0yNDA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MWE1MDFlLWVjNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCfR98Z97BDPBBn0xw6N8IuV0b0Nh1NRZvAK5pmRweki0m+QDrhhlGZ6kDu/NFg
B7h9sYyZLwBa2VB4nT8xThveHsmkJB/QxIi3wbTIqH9iwVaikLXvbuK3uN0MAiNN
cFIon4Hf17I9fufSK76tRbv3b6VUGmEtQwdpAv4pDk50AkRpdZ/aTtziJ/JM12zP
+C4O98gRmCOf4/tK0Q4bjwP7zSXejvMjI01M0wZftLu1WlIXWTC/vvPh3otU8OZ+
eH/Jn7WyOm9jrTzTHIpWW1mOSsOCJcTQIPiRxshBONdooLLJ2P7ougAC1h/202Y1
+25AtIv7YRVuViQAeoGO4z0dAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU9JUERQtx
jYVWpCyXxx8IpQpcmJ8wHwYDVR0jBBgwFoAUWbbWzXMF8t7sK45hPF2PSUJeADkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg1RkQwLzM4MzM0NDc4MDlD
RjExRUVBNUU4MjUzMkM0RjlBRTAyL1diYld6WE1GOHQ3c0s0NWhQRjJQU1VKZUFE
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvV2JiV3pYTUY4dDdzSzQ1aFBGMlBTVUplQURrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NUZEMC8zODMzNDQ3ODA5Q0YxMUVFQTVFODI1MzJDNEY5QUUwMi85RDlCRjc0MjYw
RTExMUVFQkQ4MUFENDNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGeBfDANBgkqhkiG9w0BAQsFAAOCAQEAk9T6fYhCFRc3KaGk
uhHraLqhaZzQyoQBciPHRPrrlyMDXv87sMpDgd+OmS+wedALeUR8cgaZxB1H8a8p
WXPrVuYyL6da5TV+wuFFsOUTan5KnEWJ5qiR+qBmES9+VfvP5Gnr54QSrSpnG6pk
iofHzM1BCYcntLQGvGWOghvHLBIjxiyntztMisyp/PPqwpiN7kwCdIkOuw8bgPaI
MP4XH151E5Z1s9OiGCwvRHFfKHpayMkRobD7IMspXLWnlvlWGzMZXesFpdiKsx9K
qfSkDDQqgE5HPneZxf/12MYMKBnlUVXRDcNFzq1IvTP1XNFnQF0XyY+/iKrIciDP
hgI3zQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:14 2024 by rpki-client on console-fra.rpki-client.org