Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9187000/067D6FA2478911E889D5DB49C4F9AE02/D4AB4008379B11EFA43C8465C4F9AE02.roa
File: D4AB4008379B11EFA43C8465C4F9AE02.roa (raw, json)
Hash identifier: SdHwSjmKMw9rFdCnfCIrGnjtSEkoYzE+90t3jysVhA4=
Subject key identifier: A7:4E:EB:25:9F:FE:A2:A5:AB:1E:20:5F:EC:D5:7D:40:E1:FD:1A:0D
Certificate issuer: /CN=A9187000/serialNumber=9E92826CF47DAEC885C99810287DB86E695768EA
Certificate serial: 14A7
Authority key identifier: 9E:92:82:6C:F4:7D:AE:C8:85:C9:98:10:28:7D:B8:6E:69:57:68:EA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/npKCbPR9rsiFyZgQKH24bmlXaOo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9187000/067D6FA2478911E889D5DB49C4F9AE02/D4AB4008379B11EFA43C8465C4F9AE02.roa
Signing time: Mon 01 Jul 2024 11:19:50 +0000
ROA not before: Mon 01 Jul 2024 11:19:50 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138454
IP address blocks: 103.114.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 12:50:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5287 (0x14a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9187000/serialNumber=9E92826CF47DAEC885C99810287DB86E695768EA
Validity
Not Before: Jul 1 11:19:50 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=668290d6-2153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:08:9c:f7:0a:fa:68:b5:45:66:8c:0b:63:bb:
42:99:2b:55:0f:30:3d:8b:f0:29:85:0b:87:f9:54:
77:2c:f6:59:8a:a3:b2:7a:31:48:25:bf:c8:22:60:
e5:2b:f4:85:00:72:36:23:eb:17:97:33:ae:3a:4b:
2d:90:4e:90:04:84:47:2e:d4:24:67:77:45:52:2b:
22:4d:d3:c9:8b:82:f6:00:8b:ac:40:d5:aa:25:6c:
d0:f1:e1:5f:a5:79:4e:6a:bf:3f:05:5d:a5:b7:6b:
67:f8:34:db:43:b7:0a:b5:67:b2:80:ec:1f:4e:f9:
62:43:43:ce:d5:5d:08:2e:0c:28:55:a1:f6:ee:1a:
03:d2:d2:f5:2d:c5:18:13:3c:40:3d:45:e5:79:64:
30:d1:8a:89:c5:cc:d2:31:da:c6:ca:d7:a2:99:d8:
1a:23:7c:64:6b:8b:8d:21:20:14:3e:e5:40:7b:6d:
77:e4:19:af:41:12:19:ca:df:5d:56:0c:93:ef:78:
2a:b6:2d:08:18:f2:df:ea:fc:05:0b:62:e5:99:4e:
1e:c2:3d:62:4e:57:6b:16:ad:45:f0:3b:e5:b5:56:
9d:78:e6:f5:c2:ed:1f:22:43:44:a5:c9:82:38:90:
06:65:ca:40:72:b3:d6:8b:2c:71:c1:f6:2c:31:7b:
df:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:4E:EB:25:9F:FE:A2:A5:AB:1E:20:5F:EC:D5:7D:40:E1:FD:1A:0D
X509v3 Authority Key Identifier:
keyid:9E:92:82:6C:F4:7D:AE:C8:85:C9:98:10:28:7D:B8:6E:69:57:68:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9187000/067D6FA2478911E889D5DB49C4F9AE02/npKCbPR9rsiFyZgQKH24bmlXaOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/npKCbPR9rsiFyZgQKH24bmlXaOo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9187000/067D6FA2478911E889D5DB49C4F9AE02/D4AB4008379B11EFA43C8465C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.114.39.0/24
Signature Algorithm: sha256WithRSAEncryption
71:ea:d7:1f:e3:bf:82:70:48:0c:b2:aa:8e:2a:fe:3f:76:87:
d2:03:7a:28:6b:c6:5d:2d:5e:14:9a:7f:d5:0f:b6:b7:c8:3d:
6a:df:80:47:66:a2:9d:1e:8c:e7:6b:db:ad:bc:69:d9:d0:ea:
8b:5e:9b:6c:92:8b:b8:b7:6e:62:a0:40:21:1d:3e:f1:61:f6:
9c:64:2d:e3:81:6d:c0:0d:84:e4:98:57:5f:b2:63:b3:02:8a:
64:4d:3a:ab:a1:58:32:58:5f:5c:31:95:7a:06:ac:54:f5:5d:
fe:60:48:0e:82:d4:09:dd:be:63:41:29:c1:5e:f3:e0:72:be:
99:7b:20:21:79:57:cb:f1:d6:98:a8:be:8a:ba:e3:70:0f:52:
86:04:75:f2:ab:2b:ee:85:a8:87:19:f8:2a:7f:97:7e:b0:21:
66:85:54:aa:1e:9b:27:0e:ca:30:3a:04:31:b5:af:3e:80:a9:
71:60:72:6f:1f:fe:09:cf:4c:bd:6f:a4:7e:83:78:a4:4f:d6:
61:db:d6:b0:19:c2:58:9b:3d:17:a2:5e:62:5c:fe:63:bc:bc:
28:e6:ab:01:5e:e2:07:0f:bc:04:a6:6c:55:9d:7f:95:79:18:
fb:76:58:e3:a5:8f:d2:24:60:d8:51:a5:e0:ef:7b:f4:43:fe:
17:5e:69:0a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICFKcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODcwMDAxMTAvBgNVBAUTKDlFOTI4MjZDRjQ3REFFQzg4NUM5OTgxMDI4N0RCODZF
Njk1NzY4RUEwHhcNMjQwNzAxMTExOTUwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjgyOTBkNi0yMTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5Qic9wr6aLVFZowLY7tCmStVDzA9i/AphQuH+VR3LPZZiqOyejFIJb/IImDl
K/SFAHI2I+sXlzOuOkstkE6QBIRHLtQkZ3dFUisiTdPJi4L2AIusQNWqJWzQ8eFf
pXlOar8/BV2lt2tn+DTbQ7cKtWeygOwfTvliQ0PO1V0ILgwoVaH27hoD0tL1LcUY
EzxAPUXleWQw0YqJxczSMdrGyteimdgaI3xka4uNISAUPuVAe2135BmvQRIZyt9d
VgyT73gqti0IGPLf6vwFC2LlmU4ewj1iTldrFq1F8DvltVadeOb1wu0fIkNEpcmC
OJAGZcpAcrPWiyxxwfYsMXvf9wIDAQABo4IClTCCApEwHQYDVR0OBBYEFKdO6yWf
/qKlqx4gX+zVfUDh/RoNMB8GA1UdIwQYMBaAFJ6Sgmz0fa7IhcmYECh9uG5pV2jq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NzAwMC8wNjdENkZBMjQ3
ODkxMUU4ODlENURCNDlDNEY5QUUwMi9ucEtDYlBSOXJzaUZ5WmdRS0gyNGJtbFhh
T28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25wS0NiUFI5cnNpRnlaZ1FLSDI0Ym1sWGFPby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODcwMDAvMDY3RDZGQTI0Nzg5MTFFODg5RDVEQjQ5QzRGOUFFMDIvRDRBQjQwMDgz
NzlCMTFFRkE0M0M4NDY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABncicwDQYJKoZIhvcNAQELBQADggEBAHHq1x/jv4JwSAyy
qo4q/j92h9IDeihrxl0tXhSaf9UPtrfIPWrfgEdmop0ejOdr2628adnQ6otem2yS
i7i3bmKgQCEdPvFh9pxkLeOBbcANhOSYV1+yY7MCimRNOquhWDJYX1wxlXoGrFT1
Xf5gSA6C1AndvmNBKcFe8+Byvpl7ICF5V8vx1piovoq643APUoYEdfKrK+6FqIcZ
+Cp/l36wIWaFVKoemycOyjA6BDG1rz6AqXFgcm8f/gnPTL1vpH6DeKRP1mHb1rAZ
wlibPReiXmJc/mO8vCjmqwFe4gcPvASmbFWdf5V5GPt2WOOlj9IkYNhRpeDve/RD
/hdeaQo=
-----END CERTIFICATE-----
Generated at Mon Aug 26 15:20:52 2024 by rpki-client on console-ams.rpki-client.org