Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9121836/F1DB1D44F4FB11ED938F9447C4F9AE02/74A7DECAC40311EEB43EFC49C4F9AE02.roa
File: 74A7DECAC40311EEB43EFC49C4F9AE02.roa (raw, json)
Hash identifier: cbvqZ9iGaMHi6ZgeuC/c9IpOonXMACSaHbR7C4I0ksw=
Subject key identifier: 3B:77:35:A4:0A:BE:E9:F1:11:5B:FE:60:C5:C1:0E:CA:2D:43:2C:8E
Certificate issuer: /CN=A9121836/serialNumber=66B214D11C7F961A95C4256703428E93CBA72986
Certificate serial: 97
Authority key identifier: 66:B2:14:D1:1C:7F:96:1A:95:C4:25:67:03:42:8E:93:CB:A7:29:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZrIU0Rx_lhqVxCVnA0KOk8unKYY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9121836/F1DB1D44F4FB11ED938F9447C4F9AE02/74A7DECAC40311EEB43EFC49C4F9AE02.roa
Signing time: Mon 05 Feb 2024 08:49:22 +0000
ROA not before: Mon 05 Feb 2024 08:49:22 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 9268
IP address blocks: 103.25.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 09:27:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 151 (0x97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9121836/serialNumber=66B214D11C7F961A95C4256703428E93CBA72986
Validity
Not Before: Feb 5 08:49:22 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65c0a111-663a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:81:9e:26:66:52:80:b6:68:ed:3a:81:3a:81:
db:cc:a5:8b:7e:f2:9b:00:55:5a:ef:4b:5c:02:51:
77:6a:b7:6e:7f:2a:ae:e1:bf:14:2a:68:28:05:0a:
4d:c9:2b:65:07:33:f0:b2:91:d1:a4:84:26:2b:52:
f4:be:2c:6a:d0:56:08:84:e1:b2:d0:8f:a0:0e:f3:
13:6f:03:f4:a9:4a:3a:45:7b:ee:44:96:25:96:f2:
4d:8d:26:95:98:ab:70:c9:aa:71:f1:20:34:3d:07:
5e:35:7d:4e:fe:6a:44:b8:67:0a:ea:a2:70:f1:3c:
ef:11:1e:3d:7b:2e:31:6f:38:aa:62:b1:d9:d9:d3:
35:ac:7f:b4:59:30:d1:ab:45:d1:c6:4a:95:9a:77:
fc:7c:98:29:7b:4d:72:9f:42:4a:25:ea:8f:56:bd:
bd:f4:65:a3:8c:71:b3:2d:af:4c:90:4e:bb:b4:fb:
8b:99:4b:9d:2a:81:24:1e:c2:78:26:aa:3c:80:33:
80:a9:1a:1c:42:c6:7e:76:9d:4f:d9:b0:23:26:e0:
93:d8:ae:fb:93:14:6b:4f:88:16:d9:55:0b:66:27:
df:94:ab:bb:52:6f:bd:97:e6:85:0e:ee:82:f4:05:
9c:f0:f6:be:bf:08:2f:20:dd:70:50:e5:2b:ac:69:
28:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:77:35:A4:0A:BE:E9:F1:11:5B:FE:60:C5:C1:0E:CA:2D:43:2C:8E
X509v3 Authority Key Identifier:
keyid:66:B2:14:D1:1C:7F:96:1A:95:C4:25:67:03:42:8E:93:CB:A7:29:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9121836/F1DB1D44F4FB11ED938F9447C4F9AE02/ZrIU0Rx_lhqVxCVnA0KOk8unKYY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZrIU0Rx_lhqVxCVnA0KOk8unKYY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9121836/F1DB1D44F4FB11ED938F9447C4F9AE02/74A7DECAC40311EEB43EFC49C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.25.115.0/24
Signature Algorithm: sha256WithRSAEncryption
18:aa:59:a9:f7:11:fe:6b:ef:1d:ba:41:d1:95:b0:8d:80:bd:
13:80:67:af:c5:11:d2:60:87:63:c7:f8:b2:d9:25:d9:33:60:
14:10:ff:bd:55:36:22:45:7e:02:d9:9f:8d:49:f7:f8:82:9e:
5c:37:95:a3:59:17:df:a5:e9:70:16:2b:85:60:79:30:89:4d:
a9:b7:83:10:60:f0:77:28:a2:02:18:03:be:48:85:6e:29:e6:
56:cb:cf:5f:7a:9c:2f:8d:f0:45:b8:8b:db:60:97:47:39:02:
6c:22:5c:b3:1b:5a:1b:de:80:8a:e4:f9:a5:95:0c:8d:71:86:
7b:6d:16:d7:d7:05:d0:06:f3:60:f3:77:b9:3d:e7:9e:ea:53:
ad:1f:8e:eb:d6:39:6e:de:1a:8e:a8:2d:b3:7c:b1:b0:21:6d:
06:e8:ba:cf:54:7c:73:65:4d:26:bf:4e:63:f4:42:dd:5e:5e:
8f:ca:a8:74:ec:43:6e:91:5c:71:b9:26:e6:61:2d:f9:b1:98:
5d:53:cf:40:2f:05:b9:36:92:d1:9b:fa:2b:93:d4:c1:be:dc:
73:47:80:f7:aa:bb:6c:74:d7:8f:4e:7c:3a:f6:d4:7a:f1:87:
45:42:a1:1d:0d:9f:9f:45:3e:d3:07:ca:9c:45:d4:4b:eb:f1:
40:43:19:f0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAJcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjE4MzYxMTAvBgNVBAUTKDY2QjIxNEQxMUM3Rjk2MUE5NUM0MjU2NzAzNDI4RTkz
Q0JBNzI5ODYwHhcNMjQwMjA1MDg0OTIyWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWMwYTExMS02NjNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu4GeJmZSgLZo7TqBOoHbzKWLfvKbAFVa70tcAlF3ardufyqu4b8UKmgoBQpN
yStlBzPwspHRpIQmK1L0vixq0FYIhOGy0I+gDvMTbwP0qUo6RXvuRJYllvJNjSaV
mKtwyapx8SA0PQdeNX1O/mpEuGcK6qJw8TzvER49ey4xbziqYrHZ2dM1rH+0WTDR
q0XRxkqVmnf8fJgpe01yn0JKJeqPVr299GWjjHGzLa9MkE67tPuLmUudKoEkHsJ4
Jqo8gDOAqRocQsZ+dp1P2bAjJuCT2K77kxRrT4gW2VULZifflKu7Um+9l+aFDu6C
9AWc8Pa+vwgvIN1wUOUrrGkoTQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDt3NaQK
vunxEVv+YMXBDsotQyyOMB8GA1UdIwQYMBaAFGayFNEcf5YalcQlZwNCjpPLpymG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMTgzNi9GMURCMUQ0NEY0
RkIxMUVEOTM4Rjk0NDdDNEY5QUUwMi9acklVMFJ4X2xocVZ4Q1ZuQTBLT2s4dW5L
WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pySVUwUnhfbGhxVnhDVm5BMEtPazh1bktZWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjE4MzYvRjFEQjFENDRGNEZCMTFFRDkzOEY5NDQ3QzRGOUFFMDIvNzRBN0RFQ0FD
NDAzMTFFRUI0M0VGQzQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnGXMwDQYJKoZIhvcNAQELBQADggEBABiqWan3Ef5r7x26
QdGVsI2AvROAZ6/FEdJgh2PH+LLZJdkzYBQQ/71VNiJFfgLZn41J9/iCnlw3laNZ
F9+l6XAWK4VgeTCJTam3gxBg8HcoogIYA75IhW4p5lbLz196nC+N8EW4i9tgl0c5
AmwiXLMbWhvegIrk+aWVDI1xhnttFtfXBdAG82Dzd7k9557qU60fjuvWOW7eGo6o
LbN8sbAhbQbous9UfHNlTSa/TmP0Qt1eXo/KqHTsQ26RXHG5JuZhLfmxmF1Tz0Av
Bbk2ktGb+iuT1MG+3HNHgPequ2x0149OfDr21Hrxh0VCoR0Nn59FPtMHypxF1Evr
8UBDGfA=
-----END CERTIFICATE-----
Generated at Wed Feb 7 14:43:10 2024 by rpki-client on console-fra.rpki-client.org