Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/41B3C97657EB11EFA926D11FC4F9AE02.roa
File: 41B3C97657EB11EFA926D11FC4F9AE02.roa (raw, json)
Hash identifier: sQv8A/Wu3GVd4YR8llMqdiY0eICD+BQXEJ/FCmp38EQ=
Subject key identifier: D0:E0:F3:AA:F0:4F:B0:91:B5:E1:E6:84:53:70:FD:6A:AC:71:CD:A8
Certificate issuer: /CN=A9126DA8/serialNumber=BC137C2777E51DE7BD1ACE80D868FD93A1EC7A43
Certificate serial: 0259
Authority key identifier: BC:13:7C:27:77:E5:1D:E7:BD:1A:CE:80:D8:68:FD:93:A1:EC:7A:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vBN8J3flHee9Gs6A2Gj9k6HsekM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/41B3C97657EB11EFA926D11FC4F9AE02.roa
Signing time: Sun 11 Aug 2024 14:09:00 +0000
ROA not before: Sun 11 Aug 2024 14:09:00 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 103.25.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Aug 2024 05:03:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 601 (0x259)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9126DA8/serialNumber=BC137C2777E51DE7BD1ACE80D868FD93A1EC7A43
Validity
Not Before: Aug 11 14:09:00 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66b8c5fc-4c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fa:19:16:02:83:be:fa:be:d4:7a:b7:dc:d4:
ff:48:6d:65:b4:6c:52:f2:4b:26:5e:ac:de:79:ee:
fc:8b:dc:de:3b:17:44:98:f1:65:f9:44:12:02:37:
c9:9f:e0:79:5b:4e:8b:5f:91:14:9c:f7:0a:c7:82:
7a:41:45:0b:96:4f:e0:53:c6:dd:89:62:61:f0:73:
9d:f2:40:5d:70:f4:cd:ab:57:98:21:b8:ab:c3:9e:
3e:43:ea:38:4a:cf:40:05:2c:3e:f7:62:97:f9:8c:
27:df:ae:b6:d0:73:46:92:12:41:e9:2c:ce:31:61:
c1:59:33:c9:24:07:55:17:b5:1f:77:28:20:ff:a9:
a2:b4:24:ab:27:34:73:29:d7:a3:24:8e:80:84:5b:
a1:14:b6:27:3f:2c:85:26:a3:8f:04:df:1a:3e:56:
ef:9f:8d:ef:3b:32:3b:57:9c:7e:ac:f5:34:53:36:
10:48:1d:b4:d0:24:b4:f0:32:35:0e:11:08:8b:41:
7f:b2:47:51:54:b3:28:12:37:74:fb:06:48:d8:e4:
d6:3e:bd:e6:88:e9:e1:91:f3:26:d1:3e:9e:bf:ec:
8d:db:b9:43:15:be:42:68:da:28:af:81:f6:9e:62:
f9:1d:41:2e:b1:bc:39:8c:c6:05:84:0d:5f:a9:76:
3d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:E0:F3:AA:F0:4F:B0:91:B5:E1:E6:84:53:70:FD:6A:AC:71:CD:A8
X509v3 Authority Key Identifier:
keyid:BC:13:7C:27:77:E5:1D:E7:BD:1A:CE:80:D8:68:FD:93:A1:EC:7A:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/vBN8J3flHee9Gs6A2Gj9k6HsekM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vBN8J3flHee9Gs6A2Gj9k6HsekM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/41B3C97657EB11EFA926D11FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.25.127.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:1b:12:71:a4:4a:6c:10:04:4e:0e:a6:b3:09:3e:c1:5d:5d:
c5:44:fd:b7:eb:91:77:52:8b:53:16:af:15:f8:1e:f8:1c:72:
2b:2e:6f:2c:fd:8d:8c:a9:c8:55:4d:53:40:a3:3f:b5:cd:7f:
d8:d9:2b:2b:a7:40:57:52:d2:9b:d9:36:21:fe:4c:fd:89:4a:
7a:b6:ae:6a:8b:58:9c:62:ec:20:f1:7c:07:4a:71:ab:06:31:
2d:03:ab:5b:9a:10:a4:1b:91:61:26:6b:8f:74:eb:41:91:6c:
af:e6:df:a7:3f:64:62:1e:61:e0:2d:a7:e6:b8:9b:60:0b:bf:
72:6c:ff:43:76:0e:04:05:91:07:64:b5:b6:16:a2:97:ee:0e:
2a:08:26:d4:98:13:05:81:b0:26:91:92:9b:36:20:70:f3:87:
f4:8d:8a:4c:a6:bc:1b:21:d5:db:33:cf:0d:83:6f:ad:c6:7f:
94:a6:06:ed:22:a2:84:2b:a0:62:8c:9a:a7:a8:5a:fb:6b:e4:
6e:3c:e1:2a:45:7c:e1:8f:3c:af:db:7c:28:f6:f4:c6:bc:21:
c5:15:43:3f:99:74:51:ae:cc:ce:d0:4f:ba:23:60:7d:e2:f1:
04:0d:8a:15:89:16:e4:94:92:eb:e8:85:51:8b:88:58:c7:e4:
63:13:64:d4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAlkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjZEQTgxMTAvBgNVBAUTKEJDMTM3QzI3NzdFNTFERTdCRDFBQ0U4MEQ4NjhGRDkz
QTFFQzdBNDMwHhcNMjQwODExMTQwOTAwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmI4YzVmYy00YzcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArfoZFgKDvvq+1Hq33NT/SG1ltGxS8ksmXqzeee78i9zeOxdEmPFl+UQSAjfJ
n+B5W06LX5EUnPcKx4J6QUULlk/gU8bdiWJh8HOd8kBdcPTNq1eYIbirw54+Q+o4
Ss9ABSw+92KX+Ywn36620HNGkhJB6SzOMWHBWTPJJAdVF7Ufdygg/6mitCSrJzRz
KdejJI6AhFuhFLYnPyyFJqOPBN8aPlbvn43vOzI7V5x+rPU0UzYQSB200CS08DI1
DhEIi0F/skdRVLMoEjd0+wZI2OTWPr3miOnhkfMm0T6ev+yN27lDFb5CaNoor4H2
nmL5HUEusbw5jMYFhA1fqXY9CQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNDg86rw
T7CRteHmhFNw/Wqscc2oMB8GA1UdIwQYMBaAFLwTfCd35R3nvRrOgNho/ZOh7HpD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNkRBOC83NkVENDRFRTAx
RUIxMUVEOTlBMzFBMUZDNEY5QUUwMi92Qk44SjNmbEhlZTlHczZBMkdqOWs2SHNl
a00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZCTjhKM2ZsSGVlOUdzNkEyR2o5azZIc2VrTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjZEQTgvNzZFRDQ0RUUwMUVCMTFFRDk5QTMxQTFGQzRGOUFFMDIvNDFCM0M5NzY1
N0VCMTFFRkE5MjZEMTFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnGX8wDQYJKoZIhvcNAQELBQADggEBAG4bEnGkSmwQBE4O
prMJPsFdXcVE/bfrkXdSi1MWrxX4Hvgccisubyz9jYypyFVNU0CjP7XNf9jZKyun
QFdS0pvZNiH+TP2JSnq2rmqLWJxi7CDxfAdKcasGMS0Dq1uaEKQbkWEma49060GR
bK/m36c/ZGIeYeAtp+a4m2ALv3Js/0N2DgQFkQdktbYWopfuDioIJtSYEwWBsCaR
kps2IHDzh/SNikymvBsh1dszzw2Db63Gf5SmBu0iooQroGKMmqeoWvtr5G484SpF
fOGPPK/bfCj29Ma8IcUVQz+ZdFGuzM7QT7ojYH3i8QQNihWJFuSUkuvohVGLiFjH
5GMTZNQ=
-----END CERTIFICATE-----
Generated at Wed Aug 14 07:13:16 2024 by rpki-client on console-fra.rpki-client.org