Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/A2AEDEF4F50E11EEAA2A5A2CC4F9AE02.roa
File: A2AEDEF4F50E11EEAA2A5A2CC4F9AE02.roa (raw, json)
Hash identifier: d0rFnKNi2lfu7sS8IFxklmK375YKiTyMiZTM4A7hzbc=
Subject key identifier: D1:DE:41:DA:08:37:20:5C:14:D8:1F:F2:B8:7D:EF:F2:06:18:7A:8B
Certificate issuer: /CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Certificate serial: 044B
Authority key identifier: 61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/A2AEDEF4F50E11EEAA2A5A2CC4F9AE02.roa
Signing time: Sun 07 Apr 2024 18:42:50 +0000
ROA not before: Sun 07 Apr 2024 18:42:50 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 200239
IP address blocks: 103.101.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Nov 2024 09:26:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1099 (0x44b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Validity
Not Before: Apr 7 18:42:50 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6612e92a-e2b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4b:8e:55:08:04:78:82:da:58:ff:98:ba:96:
68:6f:f7:a1:01:c3:85:91:6f:7a:e1:97:19:ab:a7:
29:e5:2e:29:fe:8e:0a:5e:ed:c8:57:9a:26:4d:5b:
b8:93:c3:c0:8b:00:4c:70:25:2e:62:f0:f5:9b:61:
88:f2:f4:5a:f6:63:2c:34:d6:d1:95:1e:69:df:31:
81:6e:d3:a2:a0:1c:54:1c:6b:20:ed:15:63:fa:41:
03:ae:08:09:0b:88:69:68:38:8f:aa:c2:ef:59:3f:
6b:ba:be:40:5c:e7:12:ed:d2:8c:9c:dc:84:7c:0b:
76:a4:f7:f2:8a:46:34:91:0b:9f:e3:f5:3b:9a:5c:
e9:9b:13:6f:4a:c1:2e:80:8a:b3:09:7c:41:21:59:
04:48:42:25:ac:8b:13:a5:90:df:98:f5:5a:a7:97:
fb:ce:01:1e:d8:7e:bd:fc:22:ea:20:20:f0:f3:e4:
22:e2:a7:62:9e:4c:92:16:c9:71:ba:7b:70:06:a7:
1b:3c:e6:36:1d:67:89:4d:b2:cd:28:e9:8f:06:d9:
3e:55:51:34:5d:ea:b2:c0:ab:7b:f1:14:8f:56:5d:
00:b8:72:8e:c6:a7:ff:4b:94:27:9f:86:c9:cd:33:
df:cb:12:71:0c:51:cf:5a:e3:55:bd:3c:05:3d:d5:
30:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:DE:41:DA:08:37:20:5C:14:D8:1F:F2:B8:7D:EF:F2:06:18:7A:8B
X509v3 Authority Key Identifier:
keyid:61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/YYQdHtq_n_D2AYxhEBevcZYnok0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/A2AEDEF4F50E11EEAA2A5A2CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.101.85.0/24
Signature Algorithm: sha256WithRSAEncryption
78:f5:03:5e:16:22:7e:09:49:22:a6:47:a9:1d:4a:0f:b9:63:
d0:eb:7d:3b:ae:92:3a:3a:22:09:50:3a:c1:c3:bf:33:c9:2f:
9b:09:fe:bc:a6:c1:d4:dd:7a:3b:cb:8a:f8:27:48:69:18:47:
e2:4d:d2:37:4a:b7:3d:a4:9a:1f:99:4f:5b:95:3b:e6:01:43:
66:df:17:1f:14:70:f9:a9:ff:66:34:32:f9:67:c5:fd:59:8e:
48:f2:9c:62:26:0e:21:31:ac:c1:41:af:c2:07:a2:8c:c3:93:
77:2f:46:53:5b:68:57:3c:5a:c8:db:fa:cb:fc:a5:09:9d:38:
9c:d7:3f:bb:e4:12:5f:b4:de:ae:e7:a9:dd:6e:dd:0c:34:8e:
c0:92:73:f6:22:70:9a:85:07:5a:22:91:4b:02:83:49:11:8a:
b7:4e:88:1b:bc:33:86:0d:d2:8c:7f:e7:ba:6d:19:c1:89:57:
61:3d:61:67:e6:ea:d9:cd:d8:32:d9:b8:94:46:52:70:83:fd:
d0:11:30:37:c1:2e:b5:b9:93:27:b1:03:f2:49:2f:26:ae:36:
40:1e:e5:16:e0:e8:b6:ab:1d:2d:6a:98:00:33:0e:00:42:05:
c2:56:97:a6:ef:78:b7:6c:b3:46:a2:c5:d0:93:65:05:bc:c0:
93:ff:40:d0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBEswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTczNzMxMTAvBgNVBAUTKDYxODQxRDFFREFCRjlGRjBGNjAxOEM2MTEwMTdBRjcx
OTYyN0EyNEQwHhcNMjQwNDA3MTg0MjUwWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjEyZTkyYS1lMmI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuEuOVQgEeILaWP+YupZob/ehAcOFkW964ZcZq6cp5S4p/o4KXu3IV5omTVu4
k8PAiwBMcCUuYvD1m2GI8vRa9mMsNNbRlR5p3zGBbtOioBxUHGsg7RVj+kEDrggJ
C4hpaDiPqsLvWT9rur5AXOcS7dKMnNyEfAt2pPfyikY0kQuf4/U7mlzpmxNvSsEu
gIqzCXxBIVkESEIlrIsTpZDfmPVap5f7zgEe2H69/CLqICDw8+Qi4qdinkySFslx
untwBqcbPOY2HWeJTbLNKOmPBtk+VVE0XeqywKt78RSPVl0AuHKOxqf/S5Qnn4bJ
zTPfyxJxDFHPWuNVvTwFPdUwXwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNHeQdoI
NyBcFNgf8rh97/IGGHqLMB8GA1UdIwQYMBaAFGGEHR7av5/w9gGMYRAXr3GWJ6JN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzM3My9CRkE5QzM2MjIz
QUExMUVDQTgxMTZCMjdDNEY5QUUwMi9ZWVFkSHRxX25fRDJBWXhoRUJldmNaWW5v
azAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lZUWRIdHFfbl9EMkFZeGhFQmV2Y1pZbm9rMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTczNzMvQkZBOUMzNjIyM0FBMTFFQ0E4MTE2QjI3QzRGOUFFMDIvQTJBRURFRjRG
NTBFMTFFRUFBMkE1QTJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnZVUwDQYJKoZIhvcNAQELBQADggEBAHj1A14WIn4JSSKm
R6kdSg+5Y9DrfTuukjo6IglQOsHDvzPJL5sJ/rymwdTdejvLivgnSGkYR+JN0jdK
tz2kmh+ZT1uVO+YBQ2bfFx8UcPmp/2Y0Mvlnxf1ZjkjynGImDiExrMFBr8IHoozD
k3cvRlNbaFc8Wsjb+sv8pQmdOJzXP7vkEl+03q7nqd1u3Qw0jsCSc/YicJqFB1oi
kUsCg0kRirdOiBu8M4YN0ox/57ptGcGJV2E9YWfm6tnN2DLZuJRGUnCD/dARMDfB
LrW5kyexA/JJLyauNkAe5Rbg6LarHS1qmAAzDgBCBcJWl6bveLdss0aixdCTZQW8
wJP/QNA=
-----END CERTIFICATE-----
Generated at Mon Nov 11 12:47:37 2024 by rpki-client on console-fra.rpki-client.org