Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB002/E24F8234022E11EF856F5132C4F9AE02/B2B956DA3A0011EF96B6833AC4F9AE02.roa
File: B2B956DA3A0011EF96B6833AC4F9AE02.roa (raw, json)
Hash identifier: uIyF9spBBT2FHHP67idm5a0wa3EBDlgtZmLZ3mNayHc=
Subject key identifier: 72:1C:EA:AD:F9:A7:78:93:0C:83:65:27:6C:EC:45:19:40:BA:2F:B1
Certificate issuer: /CN=A91EB002/serialNumber=9EF3E604A63F2CEF4BDDE37DCA890D0451967AEC
Certificate serial: 2A
Authority key identifier: 9E:F3:E6:04:A6:3F:2C:EF:4B:DD:E3:7D:CA:89:0D:04:51:96:7A:EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvPmBKY_LO9L3eN9yokNBFGWeuw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EB002/E24F8234022E11EF856F5132C4F9AE02/B2B956DA3A0011EF96B6833AC4F9AE02.roa
Signing time: Thu 04 Jul 2024 12:26:54 +0000
ROA not before: Thu 04 Jul 2024 12:26:54 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 131243
IP address blocks: 103.40.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Sep 2024 08:43:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42 (0x2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EB002/serialNumber=9EF3E604A63F2CEF4BDDE37DCA890D0451967AEC
Validity
Not Before: Jul 4 12:26:54 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6686950e-141f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c8:16:9c:46:b0:ab:a0:16:32:66:2c:42:9f:
f0:a9:b6:ad:45:28:3f:2b:84:a5:62:23:af:a4:51:
34:5a:2c:6b:b3:06:ae:d2:6a:d5:b5:da:30:39:7c:
f0:3a:24:56:26:70:67:ed:7d:f9:2d:a4:60:ac:17:
5b:b5:e9:dc:96:0d:91:b7:da:ae:e1:8f:79:8c:c4:
b7:cf:db:0a:91:1a:83:b9:40:c0:26:31:9a:02:f6:
bc:9a:9a:4c:f6:a0:73:46:0f:cd:d3:32:fd:d0:46:
11:18:e2:87:6c:b1:ca:f0:38:21:ad:a3:7e:79:1c:
c3:b0:a5:6a:ed:aa:bb:a8:7d:6d:14:94:cc:56:82:
e7:42:08:70:d0:a5:d9:45:12:32:d5:4e:36:dc:ed:
15:54:00:75:3e:05:1a:60:67:0a:07:00:43:dd:26:
e2:0d:e1:3f:98:7e:19:d6:b4:a3:57:67:68:db:67:
95:ee:61:6b:6c:0c:11:94:3b:f9:22:f9:5c:7e:61:
60:70:a4:42:90:17:9f:e1:3f:f6:ce:ee:5f:05:45:
06:07:bd:f7:69:eb:6f:60:a7:cc:fd:ff:29:89:44:
c7:b0:0b:63:d7:8c:f3:c3:ff:1a:64:75:5d:7f:62:
a1:59:ce:4d:be:e4:22:0c:71:3c:96:30:8f:75:57:
c6:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:1C:EA:AD:F9:A7:78:93:0C:83:65:27:6C:EC:45:19:40:BA:2F:B1
X509v3 Authority Key Identifier:
keyid:9E:F3:E6:04:A6:3F:2C:EF:4B:DD:E3:7D:CA:89:0D:04:51:96:7A:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EB002/E24F8234022E11EF856F5132C4F9AE02/nvPmBKY_LO9L3eN9yokNBFGWeuw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvPmBKY_LO9L3eN9yokNBFGWeuw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB002/E24F8234022E11EF856F5132C4F9AE02/B2B956DA3A0011EF96B6833AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.40.166.0/24
Signature Algorithm: sha256WithRSAEncryption
79:84:b2:11:5a:33:81:9d:dd:72:f5:ee:63:f1:46:17:ee:82:
c7:16:e4:18:40:24:3a:84:46:3f:b6:b7:af:6e:ca:9a:d1:c5:
49:91:31:16:5a:a0:78:1d:d6:78:f0:b1:a7:b2:57:fe:5c:8e:
42:80:a8:f9:56:22:23:f8:65:f6:72:16:28:dc:c4:28:f4:da:
9f:cc:6b:89:74:aa:a5:93:33:a6:d5:3f:1f:cd:59:42:73:f6:
fe:3c:7e:ad:cb:6e:22:7a:ed:d9:38:ca:99:9f:6e:e4:b8:e1:
cb:4e:a0:5a:a9:ad:31:2c:6a:d5:44:67:76:7e:43:8f:6a:bc:
63:d0:31:72:a9:22:52:17:ac:6c:18:2e:92:5e:9b:a0:b3:dd:
4a:05:7c:cc:a2:af:72:b1:60:44:d5:70:c0:a0:2a:9d:21:0e:
9b:84:0b:07:96:df:d6:6d:e0:08:f0:9d:11:20:3c:83:4e:e6:
3a:1d:92:21:fe:d2:38:35:02:5a:98:12:7f:02:15:d0:25:d7:
fc:13:1b:82:83:b8:20:9b:97:dc:b7:17:6a:53:ae:9f:c2:ac:
ec:6d:e2:b4:f8:fc:4d:3a:b3:08:af:c2:37:57:22:10:71:d8:
fa:c3:b8:a6:ee:87:8a:68:06:c6:1d:43:c5:3c:66:af:c2:e2:
d8:06:88:0c
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBKjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
QjAwMjExMC8GA1UEBRMoOUVGM0U2MDRBNjNGMkNFRjRCRERFMzdEQ0E4OTBEMDQ1
MTk2N0FFQzAeFw0yNDA3MDQxMjI2NTRaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ODY5NTBlLTE0MWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC4yBacRrCroBYyZixCn/Cptq1FKD8rhKViI6+kUTRaLGuzBq7SatW12jA5fPA6
JFYmcGftffktpGCsF1u16dyWDZG32q7hj3mMxLfP2wqRGoO5QMAmMZoC9ryamkz2
oHNGD83TMv3QRhEY4odsscrwOCGto355HMOwpWrtqruofW0UlMxWgudCCHDQpdlF
EjLVTjbc7RVUAHU+BRpgZwoHAEPdJuIN4T+YfhnWtKNXZ2jbZ5XuYWtsDBGUO/ki
+Vx+YWBwpEKQF5/hP/bO7l8FRQYHvfdp629gp8z9/ymJRMewC2PXjPPD/xpkdV1/
YqFZzk2+5CIMcTyWMI91V8a1AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUchzqrfmn
eJMMg2UnbOxFGUC6L7EwHwYDVR0jBBgwFoAUnvPmBKY/LO9L3eN9yokNBFGWeuww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVCMDAyL0UyNEY4MjM0MDIy
RTExRUY4NTZGNTEzMkM0RjlBRTAyL252UG1CS1lfTE85TDNlTjl5b2tOQkZHV2V1
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbnZQbUJLWV9MTzlMM2VOOXlva05CRkdXZXV3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
QjAwMi9FMjRGODIzNDAyMkUxMUVGODU2RjUxMzJDNEY5QUUwMi9CMkI5NTZEQTNB
MDAxMUVGOTZCNjgzM0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGcopjANBgkqhkiG9w0BAQsFAAOCAQEAeYSyEVozgZ3dcvXu
Y/FGF+6CxxbkGEAkOoRGP7a3r27KmtHFSZExFlqgeB3WePCxp7JX/lyOQoCo+VYi
I/hl9nIWKNzEKPTan8xriXSqpZMzptU/H81ZQnP2/jx+rctuInrt2TjKmZ9u5Ljh
y06gWqmtMSxq1URndn5Dj2q8Y9AxcqkiUhesbBgukl6boLPdSgV8zKKvcrFgRNVw
wKAqnSEOm4QLB5bf1m3gCPCdESA8g07mOh2SIf7SODUCWpgSfwIV0CXX/BMbgoO4
IJuX3LcXalOun8Ks7G3itPj8TTqzCK/CN1ciEHHY+sO4pu6HimgGxh1DxTxmr8Li
2AaIDA==
-----END CERTIFICATE-----
Generated at Wed Sep 18 11:04:07 2024 by rpki-client on console-ams.rpki-client.org