Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0E6A/4C281BBE11A611EEB3346926C4F9AE02/5F687D664B4A11EF98B6F77CC4F9AE02.roa
File: 5F687D664B4A11EF98B6F77CC4F9AE02.roa (raw, json)
Hash identifier: v1Q86GkvAAj9AAzbuQzWHd1iUruWsYfng+ku0Nj/pkQ=
Subject key identifier: AA:C6:8F:E0:60:D7:57:D2:82:10:93:A8:57:6A:44:00:6A:D5:A0:5B
Certificate issuer: /CN=A91C0E6A/serialNumber=F5459CBA31F933F9073B514C9CBBEC34F6ED2E4A
Certificate serial: E8
Authority key identifier: F5:45:9C:BA:31:F9:33:F9:07:3B:51:4C:9C:BB:EC:34:F6:ED:2E:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9UWcujH5M_kHO1FMnLvsNPbtLko.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C0E6A/4C281BBE11A611EEB3346926C4F9AE02/5F687D664B4A11EF98B6F77CC4F9AE02.roa
Signing time: Fri 26 Jul 2024 12:27:07 +0000
ROA not before: Fri 26 Jul 2024 12:27:07 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 138655
IP address blocks: 103.130.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jul 2024 23:33:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 232 (0xe8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C0E6A/serialNumber=F5459CBA31F933F9073B514C9CBBEC34F6ED2E4A
Validity
Not Before: Jul 26 12:27:07 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66a3961b-69f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:77:57:c8:50:f4:bd:39:8a:e5:35:2d:a3:f8:
38:9b:99:be:20:04:d9:1f:f0:96:4b:be:54:d4:d5:
54:42:a0:bd:7b:76:02:6c:4a:40:fc:d2:63:06:13:
ef:05:1b:13:45:9a:34:99:21:76:81:23:e8:e5:4b:
99:a4:30:aa:23:f9:4e:0d:88:67:6d:e0:34:7f:ff:
8b:6e:a6:cc:b1:1e:1e:78:a4:38:4d:b3:81:b0:24:
0b:7a:91:45:50:0e:64:5b:2e:22:6c:f1:2a:79:b9:
4c:a7:34:e5:c3:39:70:7d:0b:28:33:df:e7:cf:c3:
1a:6d:81:18:97:5c:33:48:d9:f0:f4:62:a9:a6:48:
19:62:25:13:d7:89:40:3e:f4:7f:21:7a:3d:bb:8a:
74:97:c9:d2:a3:60:de:61:ec:3b:b4:68:61:4c:79:
59:4e:76:20:0b:ef:bb:30:27:fa:a8:82:b2:91:27:
46:bf:ec:c2:46:ba:49:32:41:b0:00:80:cc:cd:93:
b3:eb:62:c9:2c:4d:f0:82:1a:a2:4b:1f:bd:44:5e:
ea:99:22:c6:47:5a:47:bc:e9:a7:38:90:a1:f6:83:
1e:54:37:ae:34:60:c5:da:86:27:be:0e:bd:9f:82:
46:a0:8f:85:4d:31:f2:b8:a2:e5:fe:8e:e7:4e:52:
95:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:C6:8F:E0:60:D7:57:D2:82:10:93:A8:57:6A:44:00:6A:D5:A0:5B
X509v3 Authority Key Identifier:
keyid:F5:45:9C:BA:31:F9:33:F9:07:3B:51:4C:9C:BB:EC:34:F6:ED:2E:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C0E6A/4C281BBE11A611EEB3346926C4F9AE02/9UWcujH5M_kHO1FMnLvsNPbtLko.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9UWcujH5M_kHO1FMnLvsNPbtLko.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0E6A/4C281BBE11A611EEB3346926C4F9AE02/5F687D664B4A11EF98B6F77CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.239.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:a7:5b:04:d0:02:ed:80:10:66:e1:74:d4:47:60:98:b5:27:
83:a7:e0:7d:f3:04:63:83:ac:8c:a0:f9:89:fc:cf:a2:3d:fe:
bc:6a:f0:f3:8d:18:fb:93:18:d9:c4:1c:b1:54:be:18:24:a5:
5b:3a:73:78:4b:5d:38:21:66:ff:2c:89:b0:3b:10:5f:bd:6b:
17:78:97:b5:61:3e:7a:dd:44:97:fa:73:e6:5e:be:fb:55:2a:
de:e3:5b:a5:10:4d:db:f1:01:4a:e1:f2:69:87:1e:9e:9e:71:
a8:50:8c:9d:82:f6:39:9d:ba:6c:0d:71:b3:62:ef:53:89:33:
f0:ee:e3:a8:8f:52:bc:f1:20:33:71:29:a7:53:cf:a5:99:c0:
aa:81:70:9c:5a:44:26:78:09:96:4b:19:13:09:0f:4e:70:8c:
81:0e:e1:54:f2:02:bb:0a:d8:22:32:e9:6f:53:a0:a9:13:d7:
f3:34:d8:62:5e:22:99:ea:37:15:28:80:fd:b3:20:09:8a:5b:
82:1a:1f:0c:22:87:6b:1b:0a:2e:12:12:32:dc:67:19:f7:2d:
c3:77:2c:e5:ad:8c:85:da:15:eb:b4:60:9b:8b:af:93:1e:51:
2a:c6:19:73:de:4b:d4:f9:ac:e4:49:55:50:cd:12:95:a5:d7:
b5:be:35:7e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAOgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzBFNkExMTAvBgNVBAUTKEY1NDU5Q0JBMzFGOTMzRjkwNzNCNTE0QzlDQkJFQzM0
RjZFRDJFNEEwHhcNMjQwNzI2MTIyNzA3WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmEzOTYxYi02OWY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0XdXyFD0vTmK5TUto/g4m5m+IATZH/CWS75U1NVUQqC9e3YCbEpA/NJjBhPv
BRsTRZo0mSF2gSPo5UuZpDCqI/lODYhnbeA0f/+LbqbMsR4eeKQ4TbOBsCQLepFF
UA5kWy4ibPEqeblMpzTlwzlwfQsoM9/nz8MabYEYl1wzSNnw9GKppkgZYiUT14lA
PvR/IXo9u4p0l8nSo2DeYew7tGhhTHlZTnYgC++7MCf6qIKykSdGv+zCRrpJMkGw
AIDMzZOz62LJLE3wghqiSx+9RF7qmSLGR1pHvOmnOJCh9oMeVDeuNGDF2oYnvg69
n4JGoI+FTTHyuKLl/o7nTlKVtwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKrGj+Bg
11fSghCTqFdqRABq1aBbMB8GA1UdIwQYMBaAFPVFnLox+TP5BztRTJy77DT27S5K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEU2QS80QzI4MUJCRTEx
QTYxMUVFQjMzNDY5MjZDNEY5QUUwMi85VVdjdWpINU1fa0hPMUZNbkx2c05QYnRM
a28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlVV2N1akg1TV9rSE8xRk1uTHZzTlBidExrby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzBFNkEvNEMyODFCQkUxMUE2MTFFRUIzMzQ2OTI2QzRGOUFFMDIvNUY2ODdENjY0
QjRBMTFFRjk4QjZGNzdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABngu8wDQYJKoZIhvcNAQELBQADggEBAHunWwTQAu2AEGbh
dNRHYJi1J4On4H3zBGODrIyg+Yn8z6I9/rxq8PONGPuTGNnEHLFUvhgkpVs6c3hL
XTghZv8sibA7EF+9axd4l7VhPnrdRJf6c+ZevvtVKt7jW6UQTdvxAUrh8mmHHp6e
cahQjJ2C9jmdumwNcbNi71OJM/Du46iPUrzxIDNxKadTz6WZwKqBcJxaRCZ4CZZL
GRMJD05wjIEO4VTyArsK2CIy6W9ToKkT1/M02GJeIpnqNxUogP2zIAmKW4IaHwwi
h2sbCi4SEjLcZxn3LcN3LOWtjIXaFeu0YJuLr5MeUSrGGXPeS9T5rORJVVDNEpWl
17W+NX4=
-----END CERTIFICATE-----
Generated at Wed Jul 31 01:13:19 2024 by rpki-client on console-fra.rpki-client.org