Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C67F9/EAE12E448DAD11EDB2DCC487C4F9AE02/8A2806985C8411EFBE7FAC3EC4F9AE02.roa
File: 8A2806985C8411EFBE7FAC3EC4F9AE02.roa (raw, json)
Hash identifier: yAl+B1kJtwdfSfxkMgRs9W5Ioam3rmWPhE6MSNMxk+M=
Subject key identifier: 7A:FF:13:74:A4:9A:43:8F:7C:1A:A9:4B:9D:32:71:43:19:64:7F:CD
Certificate issuer: /CN=A91C67F9/serialNumber=BD4C441F02C7ADD42FA6242E8331D93F59E5183A
Certificate serial: 0136
Authority key identifier: BD:4C:44:1F:02:C7:AD:D4:2F:A6:24:2E:83:31:D9:3F:59:E5:18:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vUxEHwLHrdQvpiQugzHZP1nlGDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C67F9/EAE12E448DAD11EDB2DCC487C4F9AE02/8A2806985C8411EFBE7FAC3EC4F9AE02.roa
Signing time: Sat 17 Aug 2024 10:36:20 +0000
ROA not before: Sat 17 Aug 2024 10:36:20 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 65530
IP address blocks: 103.65.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 17 Aug 2024 13:37:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 310 (0x136)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C67F9/serialNumber=BD4C441F02C7ADD42FA6242E8331D93F59E5183A
Validity
Not Before: Aug 17 10:36:20 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66c07d23-3cfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:40:6e:84:14:a6:92:ef:d3:d2:d0:e5:05:f5:
30:45:28:8d:5c:23:8b:48:14:30:cd:4b:94:29:b3:
a9:11:3b:e4:5c:a4:75:02:8c:ea:5d:80:2a:56:49:
61:aa:f5:fa:03:04:0f:18:49:48:0f:54:06:ee:bf:
6e:77:2c:3b:f8:c9:04:b4:1e:4d:e1:15:e1:1f:c5:
38:2b:92:99:72:9d:1b:12:50:88:44:98:3a:cd:99:
c7:9b:d7:4a:27:25:2e:a1:3d:bc:fa:e2:fd:98:f9:
92:7b:ec:51:32:55:17:87:ba:9a:4e:e0:53:14:15:
79:6e:33:e3:fd:e2:dd:df:23:49:7c:bb:40:ae:6e:
97:42:76:c0:c8:c9:f3:8e:d5:98:59:a4:bd:73:af:
7d:2d:09:3e:4d:d2:2d:ab:f0:9c:9d:29:93:de:48:
72:4c:f7:b9:87:6c:38:99:09:81:60:c0:1c:19:76:
83:97:2d:4d:76:3b:6d:da:9b:4f:d5:69:73:2a:28:
4e:bc:8f:81:d1:61:65:2e:0a:da:85:4d:02:c4:38:
a9:07:2d:50:e7:03:c7:ee:0e:81:8d:08:47:f0:54:
7d:36:f0:8a:51:c2:21:d1:4e:58:a7:bb:ce:8b:1f:
e6:78:c5:9d:33:01:94:b0:22:0c:70:b4:2f:84:ea:
a5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:FF:13:74:A4:9A:43:8F:7C:1A:A9:4B:9D:32:71:43:19:64:7F:CD
X509v3 Authority Key Identifier:
keyid:BD:4C:44:1F:02:C7:AD:D4:2F:A6:24:2E:83:31:D9:3F:59:E5:18:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C67F9/EAE12E448DAD11EDB2DCC487C4F9AE02/vUxEHwLHrdQvpiQugzHZP1nlGDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vUxEHwLHrdQvpiQugzHZP1nlGDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C67F9/EAE12E448DAD11EDB2DCC487C4F9AE02/8A2806985C8411EFBE7FAC3EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.65.226.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:94:78:7e:42:f2:f9:f8:61:26:87:80:79:18:57:d9:94:9e:
2a:78:45:07:e1:53:e0:34:30:39:a5:88:4b:59:c2:5f:4c:26:
e4:02:23:46:d0:48:88:65:fb:d1:b0:4a:91:9d:37:99:81:94:
dd:ad:c7:67:47:87:42:b7:93:e8:b2:cf:27:8f:bd:dd:b0:95:
fb:f5:c2:d5:be:81:a2:f8:4e:93:d9:22:5e:24:97:9e:7e:56:
fa:c6:93:04:4b:b2:f9:c0:2e:c1:05:a4:29:2f:25:e3:1e:a9:
81:dc:90:5e:db:4e:11:9c:a1:6f:b5:61:de:07:bf:ba:f5:78:
d0:b2:b5:d6:a9:45:f8:2f:d0:02:6b:ee:a4:0a:46:4e:11:ee:
aa:d6:2e:b4:ae:73:9f:10:1d:58:ef:0c:dd:95:89:86:b9:39:
b0:13:02:b3:e1:1e:e7:11:b7:a5:9a:a9:b1:1b:91:ea:1b:6c:
5e:37:cd:22:29:95:95:0a:c7:5f:42:c9:cc:89:35:f8:84:19:
90:3b:f6:a5:e1:7d:ba:c3:11:2a:e1:f8:28:5b:65:b6:03:00:
87:c7:3b:45:4f:e0:e7:66:b1:0a:5e:bc:6b:5d:d6:b0:d5:4a:
cc:9d:b5:60:7a:44:5b:16:3c:db:fe:dc:d8:71:ac:63:ee:5a:
9d:b8:89:c6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICATYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzY3RjkxMTAvBgNVBAUTKEJENEM0NDFGMDJDN0FERDQyRkE2MjQyRTgzMzFEOTNG
NTlFNTE4M0EwHhcNMjQwODE3MTAzNjIwWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmMwN2QyMy0zY2ZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxUBuhBSmku/T0tDlBfUwRSiNXCOLSBQwzUuUKbOpETvkXKR1AozqXYAqVklh
qvX6AwQPGElID1QG7r9udyw7+MkEtB5N4RXhH8U4K5KZcp0bElCIRJg6zZnHm9dK
JyUuoT28+uL9mPmSe+xRMlUXh7qaTuBTFBV5bjPj/eLd3yNJfLtArm6XQnbAyMnz
jtWYWaS9c699LQk+TdItq/CcnSmT3khyTPe5h2w4mQmBYMAcGXaDly1Ndjtt2ptP
1WlzKihOvI+B0WFlLgrahU0CxDipBy1Q5wPH7g6BjQhH8FR9NvCKUcIh0U5Yp7vO
ix/meMWdMwGUsCIMcLQvhOqlsQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHr/E3Sk
mkOPfBqpS50ycUMZZH/NMB8GA1UdIwQYMBaAFL1MRB8Cx63UL6YkLoMx2T9Z5Rg6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjdGOS9FQUUxMkU0NDhE
QUQxMUVEQjJEQ0M0ODdDNEY5QUUwMi92VXhFSHdMSHJkUXZwaVF1Z3pIWlAxbmxH
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZVeEVId0xIcmRRdnBpUXVnekhaUDFubEdEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzY3RjkvRUFFMTJFNDQ4REFEMTFFREIyRENDNDg3QzRGOUFFMDIvOEEyODA2OTg1
Qzg0MTFFRkJFN0ZBQzNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnQeIwDQYJKoZIhvcNAQELBQADggEBANKUeH5C8vn4YSaH
gHkYV9mUnip4RQfhU+A0MDmliEtZwl9MJuQCI0bQSIhl+9GwSpGdN5mBlN2tx2dH
h0K3k+iyzyePvd2wlfv1wtW+gaL4TpPZIl4kl55+VvrGkwRLsvnALsEFpCkvJeMe
qYHckF7bThGcoW+1Yd4Hv7r1eNCytdapRfgv0AJr7qQKRk4R7qrWLrSuc58QHVjv
DN2ViYa5ObATArPhHucRt6WaqbEbkeobbF43zSIplZUKx19CycyJNfiEGZA79qXh
fbrDESrh+ChbZbYDAIfHO0VP4OdmsQpevGtd1rDVSsydtWB6RFsWPNv+3NhxrGPu
Wp24icY=
-----END CERTIFICATE-----
Generated at Sat Aug 17 18:29:51 2024 by rpki-client on console-ams.rpki-client.org