Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/702A8A7A343111EF9A89B60FC4F9AE02.roa
File: 702A8A7A343111EF9A89B60FC4F9AE02.roa (raw, json)
Hash identifier: tLz9QdkfIfGrHlKJ4tlXr484/WK0CQykoGdHz3KJguM=
Subject key identifier: 89:11:70:92:FD:4D:30:FC:51:78:DA:25:42:8D:64:85:36:B0:25:A8
Certificate issuer: /CN=A911DFB8/serialNumber=AEBB93EA7A2FC69E2C19CCE782EEF5DDB1CA32BD
Certificate serial: 0662
Authority key identifier: AE:BB:93:EA:7A:2F:C6:9E:2C:19:CC:E7:82:EE:F5:DD:B1:CA:32:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rruT6novxp4sGczngu713bHKMr0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/702A8A7A343111EF9A89B60FC4F9AE02.roa
Signing time: Thu 27 Jun 2024 03:00:41 +0000
ROA not before: Thu 27 Jun 2024 03:00:41 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 133448
IP address blocks: 103.116.132.0/24 maxlen: 24
103.116.133.0/24 maxlen: 24
2001:df4:1500::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jul 2024 07:59:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1634 (0x662)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911DFB8/serialNumber=AEBB93EA7A2FC69E2C19CCE782EEF5DDB1CA32BD
Validity
Not Before: Jun 27 03:00:41 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=667cd5d9-5ec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:17:0c:f2:da:56:f8:1b:b7:a7:e9:08:37:18:
ee:41:72:5c:e1:7c:22:76:71:71:1d:c2:6e:45:be:
f1:34:84:f6:91:d2:43:d5:74:1a:9d:22:7c:c0:97:
85:0d:f2:15:08:eb:87:56:98:8e:27:7a:00:8d:90:
e0:6c:4b:09:40:76:7f:e1:57:ec:4c:b9:84:b6:d4:
38:e2:54:05:4e:fb:82:bb:9d:f9:df:2e:15:bf:3a:
65:03:77:06:62:9d:24:44:05:84:8a:d4:56:21:e8:
ff:1b:bc:6c:2c:c6:b5:b3:73:6c:82:fc:24:37:be:
2c:4e:b1:90:64:6b:a1:a2:fd:7a:e0:6e:89:f0:7f:
d4:19:5b:87:4b:31:41:6b:c3:e5:de:16:01:56:4c:
09:52:ae:36:b6:0d:d0:d0:dc:f9:cb:f4:14:87:68:
64:e0:9f:c3:18:19:68:19:4b:2a:79:01:ba:aa:f0:
fd:20:fc:55:ed:21:77:e5:a5:a1:10:b7:67:11:92:
9f:f6:f8:8a:02:aa:70:1a:ea:72:a4:d0:c8:b8:b8:
96:6f:4b:b4:37:fd:b9:98:51:20:72:dc:c1:5b:22:
7a:01:e9:61:cd:09:de:6f:e3:a8:28:2a:d3:70:55:
fa:c7:82:cf:f8:3f:7f:fa:04:01:fc:83:27:a2:5f:
37:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:11:70:92:FD:4D:30:FC:51:78:DA:25:42:8D:64:85:36:B0:25:A8
X509v3 Authority Key Identifier:
keyid:AE:BB:93:EA:7A:2F:C6:9E:2C:19:CC:E7:82:EE:F5:DD:B1:CA:32:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/rruT6novxp4sGczngu713bHKMr0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rruT6novxp4sGczngu713bHKMr0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/702A8A7A343111EF9A89B60FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.116.132.0/23
IPv6:
2001:df4:1500::/48
Signature Algorithm: sha256WithRSAEncryption
83:c5:41:96:b1:bf:c0:e9:f0:94:37:d3:46:dc:0d:b6:22:99:
89:e5:15:80:3a:b6:26:16:99:14:80:cd:1d:3b:c2:69:8d:52:
95:32:52:5e:c5:01:6a:7d:e9:0d:bf:1e:09:23:14:0e:04:dc:
6e:88:fc:bd:e0:8d:51:e7:31:40:4a:19:02:ea:ac:d7:00:59:
fb:96:bf:f0:d9:9b:de:8a:c4:47:a2:89:de:e9:62:18:c6:5e:
3d:0c:c3:cf:5f:4d:f3:f1:b8:2c:a3:ef:ec:cd:bd:ac:f3:c3:
a6:e1:09:ec:10:76:f8:0f:9f:1a:c9:02:e7:b6:61:12:82:ee:
a1:39:3b:35:06:02:23:28:51:a5:c9:c4:20:e9:14:3c:e5:c1:
8d:a8:db:3e:f1:80:d1:71:2f:6c:cd:a6:bc:13:1a:1a:03:49:
94:8f:3c:54:e7:c6:4c:2b:0a:0d:70:8a:55:f2:c9:b3:e0:ad:
c0:20:19:01:ca:10:52:1f:17:7c:43:0c:a5:a4:f6:a4:30:61:
df:9e:6a:70:d0:68:01:df:b6:29:18:a5:37:77:67:b9:38:19:
58:57:b0:37:8c:21:bc:26:9e:0a:aa:84:81:a7:5e:92:7e:55:
d4:40:0b:c5:ba:47:1f:82:57:ce:f8:36:e0:f6:6a:2b:53:5f:
6b:e2:fc:87
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBmIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MURGQjgxMTAvBgNVBAUTKEFFQkI5M0VBN0EyRkM2OUUyQzE5Q0NFNzgyRUVGNURE
QjFDQTMyQkQwHhcNMjQwNjI3MDMwMDQxWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjdjZDVkOS01ZWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArRcM8tpW+Bu3p+kINxjuQXJc4XwidnFxHcJuRb7xNIT2kdJD1XQanSJ8wJeF
DfIVCOuHVpiOJ3oAjZDgbEsJQHZ/4VfsTLmEttQ44lQFTvuCu5353y4VvzplA3cG
Yp0kRAWEitRWIej/G7xsLMa1s3NsgvwkN74sTrGQZGuhov164G6J8H/UGVuHSzFB
a8Pl3hYBVkwJUq42tg3Q0Nz5y/QUh2hk4J/DGBloGUsqeQG6qvD9IPxV7SF35aWh
ELdnEZKf9viKAqpwGupypNDIuLiWb0u0N/25mFEgctzBWyJ6AelhzQneb+OoKCrT
cFX6x4LP+D9/+gQB/IMnol83XQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFIkRcJL9
TTD8UXjaJUKNZIU2sCWoMB8GA1UdIwQYMBaAFK67k+p6L8aeLBnM54Lu9d2xyjK9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExREZCOC85MDBFQUM1NDQ1
M0QxMUVCQjU1QTYyMjVDNEY5QUUwMi9ycnVUNm5vdnhwNHNHY3puZ3U3MTNiSEtN
cjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JydVQ2bm92eHA0c0djem5ndTcxM2JIS01yMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MURGQjgvOTAwRUFDNTQ0NTNEMTFFQkI1NUE2MjI1QzRGOUFFMDIvNzAyQThBN0Ez
NDMxMTFFRjlBODlCNjBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFndIQwDwQCAAIwCQMHACABDfQVADANBgkqhkiG9w0BAQsF
AAOCAQEAg8VBlrG/wOnwlDfTRtwNtiKZieUVgDq2JhaZFIDNHTvCaY1SlTJSXsUB
an3pDb8eCSMUDgTcboj8veCNUecxQEoZAuqs1wBZ+5a/8Nmb3orER6KJ3uliGMZe
PQzDz19N8/G4LKPv7M29rPPDpuEJ7BB2+A+fGskC57ZhEoLuoTk7NQYCIyhRpcnE
IOkUPOXBjajbPvGA0XEvbM2mvBMaGgNJlI88VOfGTCsKDXCKVfLJs+CtwCAZAcoQ
Uh8XfEMMpaT2pDBh355qcNBoAd+2KRilN3dnuTgZWFewN4whvCaeCqqEgadekn5V
1EALxbpHH4JXzvg24PZqK1Nfa+L8hw==
-----END CERTIFICATE-----
Generated at Tue Jul 9 09:50:22 2024 by rpki-client on console-ams.rpki-client.org