Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9122039/FB70DF6AFF2011EB8160AC51C4F9AE02/06184FEC07C411EC8F79EC2FC4F9AE02.roa
File: 06184FEC07C411EC8F79EC2FC4F9AE02.roa (raw, json)
Hash identifier: bca54/5qR+TVCLUtK+VCwWv/WkSyH7iLxpQmsqrJz6c=
Subject key identifier: 98:C7:38:BF:15:21:E4:DE:1C:87:AB:62:C8:7D:E9:29:52:4E:0A:80
Certificate issuer: /CN=A9122039/serialNumber=374D9A2C832F2344BDD8CA406311793F66D4C735
Certificate serial: 0471
Authority key identifier: 37:4D:9A:2C:83:2F:23:44:BD:D8:CA:40:63:11:79:3F:66:D4:C7:35
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/N02aLIMvI0S92MpAYxF5P2bUxzU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9122039/FB70DF6AFF2011EB8160AC51C4F9AE02/06184FEC07C411EC8F79EC2FC4F9AE02.roa
Signing time: Fri 31 May 2024 02:38:12 +0000
ROA not before: Fri 31 May 2024 02:38:12 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 33011
IP address blocks: 103.116.4.0/22 maxlen: 24
2402:f2c0::/32 maxlen: 40
Validation: Failed, certificate revoked on Wed 10 Jul 2024 16:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1137 (0x471)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9122039/serialNumber=374D9A2C832F2344BDD8CA406311793F66D4C735
Validity
Not Before: May 31 02:38:12 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66593814-f236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4f:9c:97:36:f6:52:54:df:bd:ad:00:c7:58:
51:a5:47:83:c2:3c:41:a0:78:70:ba:b4:90:5a:80:
8c:71:f1:be:92:74:81:4f:03:ac:78:d4:da:72:74:
c9:f0:c2:ba:3f:e0:73:38:c2:9d:38:35:2c:23:55:
0b:76:fc:f6:d5:17:95:e6:25:45:c2:64:2e:45:99:
bd:2c:a8:1f:54:d7:b3:95:9d:9a:fb:56:3c:38:72:
45:b1:5b:e2:30:ed:a7:04:ac:27:8d:66:9e:cd:bf:
f4:35:eb:88:89:4e:9b:79:fe:26:eb:04:32:98:5c:
26:41:6a:33:b9:c1:92:e0:fc:20:8d:10:88:52:f0:
8e:37:90:e7:a8:87:dd:23:5e:0c:1e:b4:9a:17:72:
f3:40:d2:bb:b9:eb:ef:9b:73:c0:98:e2:02:b7:61:
22:f7:64:60:09:e3:d3:c6:0e:f0:c7:8f:6b:e9:17:
fa:74:c0:fa:a9:d4:f2:11:c1:e8:69:10:9b:dd:28:
8a:04:94:d4:15:fc:1f:6f:58:6b:47:e0:4e:0e:a1:
08:1c:fd:0f:79:39:bc:7e:9c:7b:48:54:dd:4f:7f:
a0:ce:18:e0:51:1e:d3:25:49:27:18:ab:a9:f1:bd:
d9:be:87:37:5a:04:04:bc:54:cd:5c:de:1f:29:8e:
27:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C7:38:BF:15:21:E4:DE:1C:87:AB:62:C8:7D:E9:29:52:4E:0A:80
X509v3 Authority Key Identifier:
keyid:37:4D:9A:2C:83:2F:23:44:BD:D8:CA:40:63:11:79:3F:66:D4:C7:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9122039/FB70DF6AFF2011EB8160AC51C4F9AE02/N02aLIMvI0S92MpAYxF5P2bUxzU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/N02aLIMvI0S92MpAYxF5P2bUxzU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122039/FB70DF6AFF2011EB8160AC51C4F9AE02/06184FEC07C411EC8F79EC2FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.116.4.0/22
IPv6:
2402:f2c0::/32
Signature Algorithm: sha256WithRSAEncryption
13:eb:83:cc:f5:a7:64:cc:a3:00:78:47:60:95:2c:ac:c4:ad:
fd:b3:ad:7f:3e:95:20:d3:b4:51:ec:59:33:1a:2b:e2:d8:fc:
67:cf:55:9b:5e:68:2e:78:f2:5a:e3:11:5b:d4:e8:88:da:79:
ff:37:ab:21:6a:d3:34:f3:6a:c6:31:60:f1:d9:25:0d:b1:25:
b7:94:b9:e6:0a:b5:de:3e:db:57:f4:25:b9:8d:5c:f3:14:7f:
38:22:f0:1d:8e:2d:dd:7f:b2:0d:63:96:0f:ba:77:0f:2d:2d:
95:ce:e1:a4:82:49:e2:b1:c7:2d:66:44:29:b6:3f:31:d7:98:
d8:02:04:8a:d5:21:38:6a:6b:d0:fc:63:c9:fd:1b:9c:8e:12:
5a:1c:ba:5f:6e:d8:35:73:57:ec:f1:f5:95:dc:c8:84:3b:1c:
d9:67:6b:bf:92:77:ce:69:a2:26:65:e2:70:75:de:88:84:5c:
84:f1:12:43:7a:36:14:2e:11:78:56:47:15:5b:34:9c:b0:dd:
9c:00:ac:99:f6:c2:fc:d1:7d:17:5c:5d:d5:9a:53:de:14:01:
bf:c6:83:89:2f:9f:23:fc:f7:97:50:70:65:e7:a5:28:a8:b0:
7d:0f:6d:4e:1d:97:d1:d5:63:e7:02:bb:48:2f:25:e3:00:15:
b4:82:37:92
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBHEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjIwMzkxMTAvBgNVBAUTKDM3NEQ5QTJDODMyRjIzNDRCREQ4Q0E0MDYzMTE3OTNG
NjZENEM3MzUwHhcNMjQwNTMxMDIzODEyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU5MzgxNC1mMjM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt0+clzb2UlTfva0Ax1hRpUeDwjxBoHhwurSQWoCMcfG+knSBTwOseNTacnTJ
8MK6P+BzOMKdODUsI1ULdvz21ReV5iVFwmQuRZm9LKgfVNezlZ2a+1Y8OHJFsVvi
MO2nBKwnjWaezb/0NeuIiU6bef4m6wQymFwmQWozucGS4PwgjRCIUvCON5DnqIfd
I14MHrSaF3LzQNK7uevvm3PAmOICt2Ei92RgCePTxg7wx49r6Rf6dMD6qdTyEcHo
aRCb3SiKBJTUFfwfb1hrR+BODqEIHP0PeTm8fpx7SFTdT3+gzhjgUR7TJUknGKup
8b3Zvoc3WgQEvFTNXN4fKY4njwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFJjHOL8V
IeTeHIerYsh96SlSTgqAMB8GA1UdIwQYMBaAFDdNmiyDLyNEvdjKQGMReT9m1Mc1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMjAzOS9GQjcwREY2QUZG
MjAxMUVCODE2MEFDNTFDNEY5QUUwMi9OMDJhTElNdkkwUzkyTXBBWXhGNVAyYlV4
elUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL04wMmFMSU12STBTOTJNcEFZeEY1UDJiVXh6VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjIwMzkvRkI3MERGNkFGRjIwMTFFQjgxNjBBQzUxQzRGOUFFMDIvMDYxODRGRUMw
N0M0MTFFQzhGNzlFQzJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJndAQwDQQCAAIwBwMFACQC8sAwDQYJKoZIhvcNAQELBQAD
ggEBABPrg8z1p2TMowB4R2CVLKzErf2zrX8+lSDTtFHsWTMaK+LY/GfPVZteaC54
8lrjEVvU6Ijaef83qyFq0zTzasYxYPHZJQ2xJbeUueYKtd4+21f0JbmNXPMUfzgi
8B2OLd1/sg1jlg+6dw8tLZXO4aSCSeKxxy1mRCm2PzHXmNgCBIrVIThqa9D8Y8n9
G5yOElocul9u2DVzV+zx9ZXcyIQ7HNlna7+Sd85poiZl4nB13oiEXITxEkN6NhQu
EXhWRxVbNJyw3ZwArJn2wvzRfRdcXdWaU94UAb/Gg4kvnyP895dQcGXnpSiosH0P
bU4dl9HVY+cCu0gvJeMAFbSCN5I=
-----END CERTIFICATE-----
Generated at Wed Jul 10 18:12:56 2024 by rpki-client on console-fra.rpki-client.org