Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CFCE/E0BE36AC023F11EF8E5C1E58C4F9AE02/5A2117421CD211EF8B7FFC13C4F9AE02.roa
File: 5A2117421CD211EF8B7FFC13C4F9AE02.roa (raw, json)
Hash identifier: S3LIKI0qAK1zVXE4OwQziJGCtFWoDIK87ZoNwB06tTo=
Subject key identifier: F8:35:5F:7C:52:AF:A0:D9:2C:04:90:9B:0F:3A:A8:7D:38:02:22:B7
Certificate issuer: /CN=A911CFCE/serialNumber=866E78D1A45E8FD126808AFF7CEA4FC08E7D92A8
Certificate serial: 18
Authority key identifier: 86:6E:78:D1:A4:5E:8F:D1:26:80:8A:FF:7C:EA:4F:C0:8E:7D:92:A8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hm540aRej9EmgIr_fOpPwI59kqg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CFCE/E0BE36AC023F11EF8E5C1E58C4F9AE02/5A2117421CD211EF8B7FFC13C4F9AE02.roa
Signing time: Tue 28 May 2024 09:12:06 +0000
ROA not before: Tue 28 May 2024 09:12:06 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 103.40.52.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jul 2024 00:50:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24 (0x18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CFCE/serialNumber=866E78D1A45E8FD126808AFF7CEA4FC08E7D92A8
Validity
Not Before: May 28 09:12:06 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66559fe5-9c3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ab:b7:ea:b3:d6:05:52:94:d5:34:c0:e5:a6:
2e:a9:06:06:5a:90:03:40:e5:44:6b:91:54:5e:03:
ed:6c:19:1b:da:28:1c:3e:5a:fb:29:3d:5d:7a:ed:
85:52:63:b0:8c:22:c0:74:9f:f9:46:0d:d9:1b:e1:
fc:4a:5a:45:95:19:d8:b4:18:b5:bc:21:39:82:27:
40:ea:a5:dd:85:5f:ee:f1:ee:c1:fe:fb:d6:69:cb:
fe:16:cd:6a:9f:54:16:1e:82:3c:bf:01:c1:dd:e4:
03:d4:52:6b:cb:b3:d5:fd:7c:c8:4f:97:b8:01:34:
fe:8d:bf:f5:0b:0f:92:b0:38:b3:dd:ae:f1:00:3e:
b7:69:2e:24:9e:d0:d4:66:b6:7d:b5:ed:18:fd:2c:
dc:66:64:90:d1:65:fc:e4:86:f0:8e:8a:01:42:64:
b3:5d:2f:d5:94:9c:34:eb:4a:23:01:39:d5:e0:19:
7c:5f:7d:60:dd:fd:f3:6e:68:9e:f8:85:72:68:e7:
41:ee:4c:bb:cb:27:bf:9b:ac:d5:2b:20:a0:7f:e1:
49:0d:f5:1c:e9:9b:31:30:60:35:ba:45:07:1b:53:
39:28:11:c3:18:8d:8d:1d:63:f9:ab:63:37:2b:d4:
0b:a6:ee:27:34:5b:9c:79:5b:b2:c8:36:f6:49:4a:
e4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:35:5F:7C:52:AF:A0:D9:2C:04:90:9B:0F:3A:A8:7D:38:02:22:B7
X509v3 Authority Key Identifier:
keyid:86:6E:78:D1:A4:5E:8F:D1:26:80:8A:FF:7C:EA:4F:C0:8E:7D:92:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CFCE/E0BE36AC023F11EF8E5C1E58C4F9AE02/hm540aRej9EmgIr_fOpPwI59kqg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hm540aRej9EmgIr_fOpPwI59kqg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CFCE/E0BE36AC023F11EF8E5C1E58C4F9AE02/5A2117421CD211EF8B7FFC13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.40.52.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:3c:f1:ab:67:f0:23:22:c5:af:bb:35:af:ab:b5:ac:9e:40:
93:30:b6:9f:3c:d1:4c:9e:8e:ae:6f:d2:54:a0:09:33:35:c3:
ab:10:b6:9a:48:3d:e8:5f:ad:dc:68:bd:a0:c8:19:9c:89:9d:
fb:30:e5:b1:0b:09:95:5e:bf:f5:1b:05:72:14:74:bd:35:af:
f3:19:2f:ca:e1:bc:62:1b:18:95:0b:1f:c1:1e:a5:68:5a:19:
ab:91:5e:cc:77:db:d6:a2:47:4a:51:f3:ad:e1:fe:b1:4d:0f:
24:f8:ed:94:b1:84:d3:08:90:af:79:4a:ff:71:d2:1c:d2:f8:
e7:29:c7:50:15:27:ef:be:fc:2b:e2:1d:0f:f2:85:aa:68:09:
b3:b4:1a:ca:1e:33:05:02:ed:47:8a:c9:54:0f:ec:d7:15:b4:
dd:a5:fa:6b:20:ec:92:1d:bd:88:e0:66:6b:0e:27:b7:40:0b:
ae:8f:d2:58:4f:ed:a4:72:80:13:1e:e5:05:0d:b1:37:90:4e:
a3:6c:f4:61:13:ac:70:86:81:08:d7:bd:33:89:14:5b:a1:3c:
69:a4:5a:c3:f0:99:ab:f9:6e:45:38:d9:6e:12:69:50:2a:41:
52:39:84:67:dd:20:00:54:ac:9d:6e:4c:c2:53:f0:18:dd:b3:
08:21:fe:fb
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBGDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
Q0ZDRTExMC8GA1UEBRMoODY2RTc4RDFBNDVFOEZEMTI2ODA4QUZGN0NFQTRGQzA4
RTdEOTJBODAeFw0yNDA1MjgwOTEyMDZaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NTU5ZmU1LTljM2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+q7fqs9YFUpTVNMDlpi6pBgZakANA5URrkVReA+1sGRvaKBw+WvspPV167YVS
Y7CMIsB0n/lGDdkb4fxKWkWVGdi0GLW8ITmCJ0Dqpd2FX+7x7sH++9Zpy/4WzWqf
VBYegjy/AcHd5APUUmvLs9X9fMhPl7gBNP6Nv/ULD5KwOLPdrvEAPrdpLiSe0NRm
tn217Rj9LNxmZJDRZfzkhvCOigFCZLNdL9WUnDTrSiMBOdXgGXxffWDd/fNuaJ74
hXJo50HuTLvLJ7+brNUrIKB/4UkN9RzpmzEwYDW6RQcbUzkoEcMYjY0dY/mrYzcr
1Aum7ic0W5x5W7LINvZJSuS/AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU+DVffFKv
oNksBJCbDzqofTgCIrcwHwYDVR0jBBgwFoAUhm540aRej9EmgIr/fOpPwI59kqgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFDRkNFL0UwQkUzNkFDMDIz
RjExRUY4RTVDMUU1OEM0RjlBRTAyL2htNTQwYVJlajlFbWdJcl9mT3BQd0k1OWtx
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaG01NDBhUmVqOUVtZ0lyX2ZPcFB3STU5a3FnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
Q0ZDRS9FMEJFMzZBQzAyM0YxMUVGOEU1QzFFNThDNEY5QUUwMi81QTIxMTc0MjFD
RDIxMUVGOEI3RkZDMTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcoNDANBgkqhkiG9w0BAQsFAAOCAQEACjzxq2fwIyLFr7s1
r6u1rJ5AkzC2nzzRTJ6Orm/SVKAJMzXDqxC2mkg96F+t3Gi9oMgZnImd+zDlsQsJ
lV6/9RsFchR0vTWv8xkvyuG8YhsYlQsfwR6laFoZq5FezHfb1qJHSlHzreH+sU0P
JPjtlLGE0wiQr3lK/3HSHNL45ynHUBUn7778K+IdD/KFqmgJs7Qayh4zBQLtR4rJ
VA/s1xW03aX6ayDskh29iOBmaw4nt0ALro/SWE/tpHKAEx7lBQ2xN5BOo2z0YROs
cIaBCNe9M4kUW6E8aaRaw/CZq/luRTjZbhJpUCpBUjmEZ90gAFSsnW5MwlPwGN2z
CCH++w==
-----END CERTIFICATE-----
Generated at Tue Jul 2 02:37:43 2024 by rpki-client on console-ams.rpki-client.org