Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9116748/572BD65801C211ED9A243C4BC4F9AE02/A5F5AA7C01C511EDA71F2B4FC4F9AE02.roa
File: A5F5AA7C01C511EDA71F2B4FC4F9AE02.roa (raw, json)
Hash identifier: v8yI83zUoA1co38QJExv0EWZHZ+0TiLqOvhxslIZjvk=
Subject key identifier: CC:A9:30:CC:BD:26:65:9E:66:93:07:73:DE:EE:F1:76:D6:36:D9:C6
Certificate issuer: /CN=A9116748/serialNumber=B0ED061D13BEFFC7941EAA68CFCDCE0031661490
Certificate serial: 0150
Authority key identifier: B0:ED:06:1D:13:BE:FF:C7:94:1E:AA:68:CF:CD:CE:00:31:66:14:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sO0GHRO-_8eUHqpoz83OADFmFJA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9116748/572BD65801C211ED9A243C4BC4F9AE02/A5F5AA7C01C511EDA71F2B4FC4F9AE02.roa
Signing time: Tue 29 Aug 2023 03:23:08 +0000
ROA not before: Tue 29 Aug 2023 03:23:08 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 58984
IP address blocks: 103.251.28.0/24 maxlen: 24
103.251.29.0/24 maxlen: 24
103.251.30.0/24 maxlen: 24
103.251.31.0/24 maxlen: 24
2001:df0:5000::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 30 Jul 2024 06:54:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 336 (0x150)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9116748/serialNumber=B0ED061D13BEFFC7941EAA68CFCDCE0031661490
Validity
Not Before: Aug 29 03:23:08 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64ed649c-2a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:61:83:94:93:65:85:e9:ea:68:61:38:a6:45:
dc:94:29:3a:31:82:71:03:85:07:d0:8d:5b:fb:fa:
2a:12:db:36:7a:17:fc:20:91:22:be:8d:9d:25:ac:
eb:b2:a9:13:48:51:62:c3:ee:3e:45:d6:7e:82:f5:
f6:86:f9:fc:ae:8b:61:15:d3:19:7d:d2:5a:c3:48:
01:1d:d6:3a:78:72:23:4c:f6:48:1a:b9:d6:f2:45:
af:28:d7:21:b4:b0:20:9d:59:19:cf:ec:5a:93:d5:
08:98:cc:e9:7a:7c:c2:a8:b4:7b:2e:51:9c:c4:79:
96:af:10:1e:60:fd:62:a5:30:f2:5f:cc:81:13:a1:
90:fd:8b:ab:3f:c9:f4:6a:d5:2a:3d:e7:4f:50:cc:
a0:8f:40:c9:ff:e5:06:78:c2:af:b4:64:b5:5d:d2:
98:86:6e:67:66:ab:65:7a:7f:26:8a:72:95:b7:39:
29:5c:9e:8d:be:76:8c:64:6b:db:f8:3e:51:58:0d:
85:13:73:fe:f0:77:0f:3e:72:d9:c1:a1:aa:a4:98:
d2:06:3b:37:f9:12:c8:9b:32:91:e6:4d:6e:dc:13:
b3:a6:b0:b7:8e:e1:4b:e0:e3:98:05:9d:62:c6:5b:
5d:80:c1:06:69:58:2f:03:c8:66:ba:d8:9d:74:6b:
06:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:A9:30:CC:BD:26:65:9E:66:93:07:73:DE:EE:F1:76:D6:36:D9:C6
X509v3 Authority Key Identifier:
keyid:B0:ED:06:1D:13:BE:FF:C7:94:1E:AA:68:CF:CD:CE:00:31:66:14:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9116748/572BD65801C211ED9A243C4BC4F9AE02/sO0GHRO-_8eUHqpoz83OADFmFJA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sO0GHRO-_8eUHqpoz83OADFmFJA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9116748/572BD65801C211ED9A243C4BC4F9AE02/A5F5AA7C01C511EDA71F2B4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.251.28.0/22
IPv6:
2001:df0:5000::/48
Signature Algorithm: sha256WithRSAEncryption
87:a2:07:00:86:04:e3:03:80:ea:38:c3:46:ce:0e:82:96:c0:
26:0e:41:b4:29:16:4b:a3:36:c3:18:68:c1:5d:07:74:29:af:
2c:6e:85:73:7a:af:3e:8d:c0:7b:19:21:41:4f:ff:97:78:03:
20:c1:fd:b8:6c:7b:df:13:d1:ef:f0:e2:2f:27:e3:be:01:99:
e2:b4:9e:6c:90:14:f2:08:47:06:5c:ce:5d:59:af:81:96:9f:
ad:06:77:5c:7a:27:78:53:01:0f:76:3d:6a:37:ee:1b:45:8d:
c2:6a:81:3a:05:90:94:82:5c:49:34:07:9a:71:b3:f9:f9:23:
ca:18:be:22:57:71:0f:a3:30:23:58:4b:d1:8d:b5:da:74:cd:
4d:eb:46:08:d9:bb:70:19:d9:55:32:91:8e:f1:fb:75:74:f8:
90:5d:23:05:ee:a9:e3:dc:aa:6e:42:d8:64:2c:52:68:25:60:
f1:3e:f1:d2:d5:03:19:87:cd:2c:8d:1d:90:12:2f:e3:6e:b0:
36:44:72:42:28:a3:dc:5e:f4:7a:42:ed:1e:bc:7c:e1:90:70:
1a:ee:f4:4e:2c:5c:31:43:b1:79:f2:65:53:37:4e:4d:0f:06:
70:2e:47:bf:00:9e:7d:88:f4:27:3c:ec:80:ea:d8:cf:c4:9a:
30:38:93:f0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAVAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTY3NDgxMTAvBgNVBAUTKEIwRUQwNjFEMTNCRUZGQzc5NDFFQUE2OENGQ0RDRTAw
MzE2NjE0OTAwHhcNMjMwODI5MDMyMzA4WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVkNjQ5Yy0yYTM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqWGDlJNlhenqaGE4pkXclCk6MYJxA4UH0I1b+/oqEts2ehf8IJEivo2dJazr
sqkTSFFiw+4+RdZ+gvX2hvn8rothFdMZfdJaw0gBHdY6eHIjTPZIGrnW8kWvKNch
tLAgnVkZz+xak9UImMzpenzCqLR7LlGcxHmWrxAeYP1ipTDyX8yBE6GQ/YurP8n0
atUqPedPUMygj0DJ/+UGeMKvtGS1XdKYhm5nZqtlen8minKVtzkpXJ6NvnaMZGvb
+D5RWA2FE3P+8HcPPnLZwaGqpJjSBjs3+RLImzKR5k1u3BOzprC3juFL4OOYBZ1i
xltdgMEGaVgvA8hmutiddGsGsQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFMypMMy9
JmWeZpMHc97u8XbWNtnGMB8GA1UdIwQYMBaAFLDtBh0Tvv/HlB6qaM/NzgAxZhSQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjc0OC81NzJCRDY1ODAx
QzIxMUVEOUEyNDNDNEJDNEY5QUUwMi9zTzBHSFJPLV84ZVVIcXBvejgzT0FERm1G
SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NPMEdIUk8tXzhlVUhxcG96ODNPQURGbUZKQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY3NDgvNTcyQkQ2NTgwMUMyMTFFRDlBMjQzQzRCQzRGOUFFMDIvQTVGNUFBN0Mw
MUM1MTFFREE3MUYyQjRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAJn+xwwDwQCAAIwCQMHACABDfBQADANBgkqhkiG9w0BAQsF
AAOCAQEAh6IHAIYE4wOA6jjDRs4OgpbAJg5BtCkWS6M2wxhowV0HdCmvLG6Fc3qv
Po3AexkhQU//l3gDIMH9uGx73xPR7/DiLyfjvgGZ4rSebJAU8ghHBlzOXVmvgZaf
rQZ3XHoneFMBD3Y9ajfuG0WNwmqBOgWQlIJcSTQHmnGz+fkjyhi+IldxD6MwI1hL
0Y212nTNTetGCNm7cBnZVTKRjvH7dXT4kF0jBe6p49yqbkLYZCxSaCVg8T7x0tUD
GYfNLI0dkBIv426wNkRyQiij3F70ekLtHrx84ZBwGu70TixcMUOxefJlUzdOTQ8G
cC5HvwCefYj0JzzsgOrYz8SaMDiT8A==
-----END CERTIFICATE-----
Generated at Tue Jul 30 08:08:27 2024 by rpki-client on console-ams.rpki-client.org