Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/7326ABDA685E11EFBA690C0CC4F9AE02.roa
File: 7326ABDA685E11EFBA690C0CC4F9AE02.roa (raw, json)
Hash identifier: z1LDji2rPGWlC3lryPBEzHcBcXoV10myyTQDIuHRtQU=
Subject key identifier: 4D:C7:6F:71:62:52:77:16:11:F8:3F:6F:EF:D0:6B:C1:4A:6E:AE:23
Certificate issuer: /CN=A91DA0AA/serialNumber=ED8F5D6C9BFC148F7ABB708C5291D384781C61FD
Certificate serial: F7
Authority key identifier: ED:8F:5D:6C:9B:FC:14:8F:7A:BB:70:8C:52:91:D3:84:78:1C:61:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Y9dbJv8FI96u3CMUpHThHgcYf0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/7326ABDA685E11EFBA690C0CC4F9AE02.roa
Signing time: Sun 01 Sep 2024 12:33:54 +0000
ROA not before: Sun 01 Sep 2024 12:33:54 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 135571
IP address blocks: 103.20.76.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Sep 2024 23:49:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 247 (0xf7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA0AA/serialNumber=ED8F5D6C9BFC148F7ABB708C5291D384781C61FD
Validity
Not Before: Sep 1 12:33:54 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66d45f32-20b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:31:eb:9b:f3:62:de:40:2e:a1:83:50:0a:f1:
73:34:e8:31:32:0f:77:df:3c:33:f0:97:cc:9b:0b:
15:cb:a7:5d:ee:1c:d4:28:02:0c:66:f6:4a:ad:28:
49:a3:9a:1e:4c:86:2e:fc:e4:df:c9:aa:65:3e:6f:
46:90:10:70:03:d8:8c:63:11:d1:2d:f9:0b:f3:7e:
8a:c3:d2:ff:73:d3:b2:ba:dd:e2:f0:d0:b2:0b:f7:
a8:2d:9f:15:f2:6a:1a:b6:59:8c:cf:98:d1:49:d0:
75:96:9d:ac:43:6e:ee:31:68:9d:2a:29:81:e4:5a:
24:59:e5:63:a1:7d:f4:c3:b9:08:ae:51:ab:94:2d:
b1:86:f8:d3:d8:49:82:a2:bf:4e:36:27:93:c1:76:
8d:79:d1:ef:1b:88:b9:bb:bd:e4:a7:3e:e9:59:c4:
37:7c:7e:c0:15:10:c7:5b:eb:92:21:5e:d8:c7:71:
0b:de:89:0e:4e:f1:a4:c6:d7:3b:73:46:88:8d:11:
a5:98:9f:7a:27:0d:aa:7a:96:60:5c:ca:de:f5:0e:
32:d5:60:ae:ea:1c:ef:ee:5e:2b:6e:4a:18:86:a6:
cd:6e:0c:83:ce:fa:a0:a3:f0:da:63:a8:dd:22:d4:
ab:de:fe:89:bd:64:d4:c9:d5:4e:75:66:9a:cd:a8:
3a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C7:6F:71:62:52:77:16:11:F8:3F:6F:EF:D0:6B:C1:4A:6E:AE:23
X509v3 Authority Key Identifier:
keyid:ED:8F:5D:6C:9B:FC:14:8F:7A:BB:70:8C:52:91:D3:84:78:1C:61:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/7Y9dbJv8FI96u3CMUpHThHgcYf0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Y9dbJv8FI96u3CMUpHThHgcYf0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/7326ABDA685E11EFBA690C0CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.76.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:69:77:3c:2d:b3:6a:a1:7f:d4:51:dc:b3:8a:66:8a:40:9e:
de:b6:9e:7d:14:8b:7d:f5:af:ea:e2:9d:a6:77:14:7b:a7:cf:
ed:ea:2d:e8:93:50:cc:3b:75:eb:08:7e:f4:80:7c:ec:05:01:
05:95:96:e3:2b:23:98:c0:c4:06:60:99:61:66:35:67:b8:65:
e2:7e:ef:52:8f:70:ab:bd:c1:e3:71:9c:e9:49:52:e6:04:d3:
de:1a:8a:8a:90:14:08:29:1d:66:e3:10:ca:de:06:b3:b4:7a:
ae:ac:37:2c:ab:76:cc:de:98:31:7d:d5:3c:ad:55:3b:ca:66:
b0:ef:40:54:c7:f1:bb:0f:b5:6f:62:2d:94:b4:c7:28:83:97:
98:73:5f:18:8c:f4:1f:b6:09:aa:b9:3e:10:90:10:8c:0b:e0:
48:43:8a:86:f9:dc:e7:eb:0f:af:1a:bc:a1:48:3f:fc:b6:14:
73:5b:d9:04:b8:7f:fd:70:d0:21:b7:59:ac:65:45:01:cc:a5:
ec:1a:7a:c5:f7:1d:05:1a:17:64:85:22:bf:28:fe:22:41:c2:
39:50:23:e6:dd:bd:e6:0a:f0:d6:80:80:50:96:66:f8:63:5a:
7b:d7:df:f1:a5:c9:63:91:6a:bd:88:ad:7e:4b:b6:2a:99:d9:
ed:f8:12:a9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAPcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REEwQUExMTAvBgNVBAUTKEVEOEY1RDZDOUJGQzE0OEY3QUJCNzA4QzUyOTFEMzg0
NzgxQzYxRkQwHhcNMjQwOTAxMTIzMzU0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ0NWYzMi0yMGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwzHrm/Ni3kAuoYNQCvFzNOgxMg933zwz8JfMmwsVy6dd7hzUKAIMZvZKrShJ
o5oeTIYu/OTfyaplPm9GkBBwA9iMYxHRLfkL836Kw9L/c9Oyut3i8NCyC/eoLZ8V
8moatlmMz5jRSdB1lp2sQ27uMWidKimB5FokWeVjoX30w7kIrlGrlC2xhvjT2EmC
or9ONieTwXaNedHvG4i5u73kpz7pWcQ3fH7AFRDHW+uSIV7Yx3EL3okOTvGkxtc7
c0aIjRGlmJ96Jw2qepZgXMre9Q4y1WCu6hzv7l4rbkoYhqbNbgyDzvqgo/DaY6jd
ItSr3v6JvWTUydVOdWaazag6DwIDAQABo4IClTCCApEwHQYDVR0OBBYEFE3Hb3Fi
UncWEfg/b+/Qa8FKbq4jMB8GA1UdIwQYMBaAFO2PXWyb/BSPertwjFKR04R4HGH9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTBBQS84MkJCQjU1MjAw
M0QxMUVFOTYwOEYxNDdDNEY5QUUwMi83WTlkYkp2OEZJOTZ1M0NNVXBIVGhIZ2NZ
ZjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdZOWRiSnY4Rkk5NnUzQ01VcEhUaEhnY1lmMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REEwQUEvODJCQkI1NTIwMDNEMTFFRTk2MDhGMTQ3QzRGOUFFMDIvNzMyNkFCREE2
ODVFMTFFRkJBNjkwQzBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnFEwwDQYJKoZIhvcNAQELBQADggEBAI5pdzwts2qhf9RR
3LOKZopAnt62nn0Ui331r+rinaZ3FHunz+3qLeiTUMw7desIfvSAfOwFAQWVluMr
I5jAxAZgmWFmNWe4ZeJ+71KPcKu9weNxnOlJUuYE094aioqQFAgpHWbjEMreBrO0
eq6sNyyrdszemDF91TytVTvKZrDvQFTH8bsPtW9iLZS0xyiDl5hzXxiM9B+2Caq5
PhCQEIwL4EhDiob53OfrD68avKFIP/y2FHNb2QS4f/1w0CG3WaxlRQHMpewaesX3
HQUaF2SFIr8o/iJBwjlQI+bdveYK8NaAgFCWZvhjWnvX3/GlyWORar2IrX5LtiqZ
2e34Eqk=
-----END CERTIFICATE-----
Generated at Mon Sep 2 02:58:31 2024 by rpki-client on console-ams.rpki-client.org