Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9196F7C/86F9161CFC5B11EEA3FF9D47C4F9AE02/50ECDB30561A11EFA0D34345C4F9AE02.roa
File: 50ECDB30561A11EFA0D34345C4F9AE02.roa (raw, json)
Hash identifier: RjAGHOX/S0KfcBW14+qeVHGd+Tcd33CeR+AyAX3pz+U=
Subject key identifier: 1B:7B:A6:E0:AF:7A:D8:DD:F6:2C:83:B6:A1:6E:BD:25:46:7C:F4:B8
Certificate issuer: /CN=A9196F7C/serialNumber=C0E31B5F45CFE52BAC5CEDB8DCC6A1A322F4705D
Certificate serial: 42
Authority key identifier: C0:E3:1B:5F:45:CF:E5:2B:AC:5C:ED:B8:DC:C6:A1:A3:22:F4:70:5D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wOMbX0XP5SusXO243MahoyL0cF0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9196F7C/86F9161CFC5B11EEA3FF9D47C4F9AE02/50ECDB30561A11EFA0D34345C4F9AE02.roa
Signing time: Fri 09 Aug 2024 06:40:50 +0000
ROA not before: Fri 09 Aug 2024 06:40:50 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 152699
IP address blocks: 103.15.236.0/23 maxlen: 23
2001:df3:aec0::/48 maxlen: 48
2401:b820:1000::/48 maxlen: 48
2401:b820:1001::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 13 Sep 2024 04:37:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66 (0x42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9196F7C/serialNumber=C0E31B5F45CFE52BAC5CEDB8DCC6A1A322F4705D
Validity
Not Before: Aug 9 06:40:50 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66b5b9f2-e932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:25:6b:64:56:a8:f1:a3:d5:81:ae:40:7f:e4:
57:a4:7e:a6:c8:c1:5e:33:3e:86:3a:83:8e:7d:8a:
ad:2e:6c:55:c0:98:be:d8:d3:25:41:9e:ec:67:6f:
4e:e7:a0:1f:55:d6:2c:31:ea:ef:3b:f2:a4:6b:4a:
67:89:3e:70:a6:cd:33:7b:00:3b:95:10:c2:75:d0:
2a:cb:55:25:6d:92:b7:ec:81:b9:02:7f:0b:00:29:
58:b6:82:34:2c:c6:88:bb:cf:eb:cb:14:66:7a:76:
6d:e4:df:05:e8:ff:a5:8a:85:30:bb:18:d1:e5:5a:
9b:ce:bf:96:52:db:9c:71:aa:0b:ca:3b:60:78:26:
af:f6:c3:e0:eb:e5:98:be:f9:da:bb:0e:46:3e:d4:
e8:7c:d7:4d:5d:b0:7b:f0:3e:16:f4:b2:53:49:c0:
bc:67:f6:2a:dc:36:42:7f:f1:7a:15:2c:c2:fd:3d:
b7:c3:31:d5:26:2c:78:e0:90:8d:fe:fc:ea:43:f2:
13:97:de:b7:ff:70:8d:b5:e8:d2:d3:55:8e:ce:24:
68:be:3d:e4:e5:1e:a2:dd:a9:c3:69:c2:dd:19:80:
ac:ab:c2:bd:d3:07:e8:63:25:53:24:2e:e6:fc:30:
e7:ad:f6:30:f3:bc:8e:1f:c2:0a:40:c5:d5:71:37:
e5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:7B:A6:E0:AF:7A:D8:DD:F6:2C:83:B6:A1:6E:BD:25:46:7C:F4:B8
X509v3 Authority Key Identifier:
keyid:C0:E3:1B:5F:45:CF:E5:2B:AC:5C:ED:B8:DC:C6:A1:A3:22:F4:70:5D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9196F7C/86F9161CFC5B11EEA3FF9D47C4F9AE02/wOMbX0XP5SusXO243MahoyL0cF0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wOMbX0XP5SusXO243MahoyL0cF0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9196F7C/86F9161CFC5B11EEA3FF9D47C4F9AE02/50ECDB30561A11EFA0D34345C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.15.236.0/23
IPv6:
2001:df3:aec0::/48
2401:b820:1000::/47
Signature Algorithm: sha256WithRSAEncryption
45:2a:d2:a1:bc:75:86:45:e0:5e:42:ef:bd:12:d0:e8:0e:70:
d4:ae:3f:5e:b7:59:00:a3:64:8b:35:d7:e7:12:f0:3a:31:20:
7a:8c:7f:3f:ec:45:13:5a:fe:e7:63:e7:65:2c:ef:a3:ea:3c:
3b:cf:12:6d:6e:06:21:43:24:cf:64:65:ba:cd:92:10:92:ae:
50:60:dd:03:56:04:36:2c:78:4e:27:b8:99:62:ae:9b:21:7d:
b2:0a:84:5f:e3:f0:34:14:0b:0e:59:d9:87:f4:31:51:21:e4:
c1:10:d0:42:5c:0d:93:c4:c8:d9:3e:7a:96:a7:38:e0:f5:93:
ca:83:8a:bd:d6:9b:44:9a:59:4e:77:ce:fe:9a:22:99:b3:4a:
b7:f5:b2:b9:5f:8e:31:c9:e6:7a:d4:94:2b:26:ca:f4:b4:e2:
44:7c:8d:e5:e2:17:09:e8:11:1d:af:fb:38:36:ff:e8:b3:cc:
a1:53:fb:d3:a8:5c:41:6d:7a:44:8b:53:f1:67:3d:5d:77:66:
f9:4f:b5:db:b9:63:2f:78:65:19:09:87:ee:05:4d:d1:72:e4:
97:43:1c:1a:16:9e:db:9b:1d:ab:b3:7e:34:a2:5a:99:39:e4:
a3:28:29:4a:2b:f1:8a:7c:fc:49:6a:af:e5:36:59:c4:1c:ce:
97:da:24:b8
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIBQjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NkY3QzExMC8GA1UEBRMoQzBFMzFCNUY0NUNGRTUyQkFDNUNFREI4RENDNkExQTMy
MkY0NzA1RDAeFw0yNDA4MDkwNjQwNTBaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YjViOWYyLWU5MzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD6JWtkVqjxo9WBrkB/5FekfqbIwV4zPoY6g459iq0ubFXAmL7Y0yVBnuxnb07n
oB9V1iwx6u878qRrSmeJPnCmzTN7ADuVEMJ10CrLVSVtkrfsgbkCfwsAKVi2gjQs
xoi7z+vLFGZ6dm3k3wXo/6WKhTC7GNHlWpvOv5ZS25xxqgvKO2B4Jq/2w+Dr5Zi+
+dq7DkY+1Oh8101dsHvwPhb0slNJwLxn9ircNkJ/8XoVLML9PbfDMdUmLHjgkI3+
/OpD8hOX3rf/cI216NLTVY7OJGi+PeTlHqLdqcNpwt0ZgKyrwr3TB+hjJVMkLub8
MOet9jDzvI4fwgpAxdVxN+WRAgMBAAGjggKvMIICqzAdBgNVHQ4EFgQUG3um4K96
2N32LIO2oW69JUZ89LgwHwYDVR0jBBgwFoAUwOMbX0XP5SusXO243MahoyL0cF0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk2RjdDLzg2RjkxNjFDRkM1
QjExRUVBM0ZGOUQ0N0M0RjlBRTAyL3dPTWJYMFhQNVN1c1hPMjQzTWFob3lMMGNG
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvd09NYlgwWFA1U3VzWE8yNDNNYWhveUwwY0YwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NkY3Qy84NkY5MTYxQ0ZDNUIxMUVFQTNGRjlENDdDNEY5QUUwMi81MEVDREIzMDU2
MUExMUVGQTBEMzQzNDVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA5BggrBgEFBQcBBwEB/wQq
MCgwDAQCAAEwBgMEAWcP7DAYBAIAAjASAwcAIAEN867AAwcBJAG4IBAAMA0GCSqG
SIb3DQEBCwUAA4IBAQBFKtKhvHWGReBeQu+9EtDoDnDUrj9et1kAo2SLNdfnEvA6
MSB6jH8/7EUTWv7nY+dlLO+j6jw7zxJtbgYhQyTPZGW6zZIQkq5QYN0DVgQ2LHhO
J7iZYq6bIX2yCoRf4/A0FAsOWdmH9DFRIeTBENBCXA2TxMjZPnqWpzjg9ZPKg4q9
1ptEmllOd87+miKZs0q39bK5X44xyeZ61JQrJsr0tOJEfI3l4hcJ6BEdr/s4Nv/o
s8yhU/vTqFxBbXpEi1PxZz1dd2b5T7XbuWMveGUZCYfuBU3RcuSXQxwaFp7bmx2r
s340olqZOeSjKClKK/GKfPxJaq/lNlnEHM6X2iS4
-----END CERTIFICATE-----
Generated at Fri Sep 13 06:20:12 2024 by rpki-client on console-fra.rpki-client.org