Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/4BA1DEEE70F711EF93C3E231C4F9AE02.roa
File: 4BA1DEEE70F711EF93C3E231C4F9AE02.roa (raw, json)
Hash identifier: 3kH0qd/kPhQkthC/ai7fbWNiBH4Vgmq4MFoFFNaFaqQ=
Subject key identifier: 11:3C:75:21:05:F7:E4:B1:C7:0A:25:DE:8C:0D:94:F5:B9:A6:91:63
Certificate issuer: /CN=A9126DA8/serialNumber=BC137C2777E51DE7BD1ACE80D868FD93A1EC7A43
Certificate serial: 0272
Authority key identifier: BC:13:7C:27:77:E5:1D:E7:BD:1A:CE:80:D8:68:FD:93:A1:EC:7A:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vBN8J3flHee9Gs6A2Gj9k6HsekM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/4BA1DEEE70F711EF93C3E231C4F9AE02.roa
Signing time: Thu 12 Sep 2024 11:08:10 +0000
ROA not before: Thu 12 Sep 2024 11:08:10 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 103.25.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Sep 2024 04:23:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 626 (0x272)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9126DA8/serialNumber=BC137C2777E51DE7BD1ACE80D868FD93A1EC7A43
Validity
Not Before: Sep 12 11:08:10 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66e2cb9a-0670
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:78:8f:ee:83:0c:3b:e8:51:61:16:2c:f8:ad:
6b:f6:56:86:bf:67:bc:bd:0a:f9:9a:4d:b1:c1:07:
98:39:0d:1a:08:70:9c:d5:47:4b:b1:7f:8c:cb:d6:
49:24:34:de:2e:33:6a:70:82:2c:fc:38:ee:68:81:
b0:ea:6b:45:7b:75:ac:5c:a2:7e:70:ca:43:1b:d8:
28:87:47:75:97:8e:86:a2:99:d7:5a:10:fa:35:95:
da:92:96:f8:5e:da:6e:d3:4d:a7:cc:12:c7:91:f3:
02:c1:46:e1:89:65:3b:97:5e:c6:8f:b1:1d:8d:45:
bb:ec:d3:f9:15:af:a9:a7:7a:45:1d:ed:cb:ed:25:
7b:00:42:7b:fa:30:e1:0c:59:ac:c7:41:a6:8a:d0:
5b:28:4e:de:f1:ef:bf:86:e1:46:08:f5:1d:21:5c:
e7:e4:11:19:56:00:8b:b0:3c:05:c2:f9:55:7d:2b:
b5:7d:59:ee:06:41:34:27:e4:aa:a3:d0:e2:55:d0:
b3:b0:26:80:b2:80:64:a4:17:0f:85:0c:8e:54:6a:
ef:26:bf:72:7f:62:00:51:0f:f5:30:aa:28:f9:1c:
07:7e:8b:9c:73:28:b4:9c:97:5b:47:bd:1c:4d:ee:
b0:62:94:8c:a9:19:b8:23:eb:d8:ee:98:3c:d2:f3:
e3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:3C:75:21:05:F7:E4:B1:C7:0A:25:DE:8C:0D:94:F5:B9:A6:91:63
X509v3 Authority Key Identifier:
keyid:BC:13:7C:27:77:E5:1D:E7:BD:1A:CE:80:D8:68:FD:93:A1:EC:7A:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/vBN8J3flHee9Gs6A2Gj9k6HsekM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vBN8J3flHee9Gs6A2Gj9k6HsekM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/4BA1DEEE70F711EF93C3E231C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.25.127.0/24
Signature Algorithm: sha256WithRSAEncryption
42:c1:de:5b:13:df:03:ce:c1:44:63:02:e2:5c:b1:62:4a:99:
44:a7:f2:e0:8e:a7:ab:9c:15:da:32:ab:75:84:c1:e4:b3:d5:
d5:55:54:19:e4:7f:b4:d8:f1:db:7d:49:24:7b:0d:d4:d0:26:
32:01:17:08:ba:5d:1c:8e:7b:57:c0:47:26:dd:ce:42:c9:05:
6c:61:f6:02:13:a2:a7:d1:8c:e2:1d:ab:b6:5b:95:98:3b:a4:
36:96:59:be:50:bd:77:6d:71:77:04:86:64:10:c6:a0:ff:20:
37:f7:68:a2:97:b3:b3:f2:50:4e:46:e9:db:74:42:04:f5:8b:
fd:1f:ca:d9:3a:e5:1b:f9:37:56:6c:88:d0:87:cd:7b:e3:7a:
7b:fd:ed:1a:40:37:19:e7:69:6c:5f:ab:a3:65:3c:73:77:2e:
e0:83:f5:eb:39:d9:66:fc:2f:66:4b:5d:ec:7c:22:56:da:2a:
61:c0:b5:56:30:cf:e2:09:d9:17:05:e1:2a:ca:97:0a:23:10:
ea:d3:47:f9:42:9b:10:64:f7:05:32:1f:8d:45:1e:fe:66:0e:
67:60:72:f2:7b:93:e4:df:bd:54:19:56:af:f1:57:a8:e6:40:
73:37:fb:4a:19:07:ad:5b:b6:0e:0a:b4:6b:ca:65:3c:6d:d3:
29:15:1e:55
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAnIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjZEQTgxMTAvBgNVBAUTKEJDMTM3QzI3NzdFNTFERTdCRDFBQ0U4MEQ4NjhGRDkz
QTFFQzdBNDMwHhcNMjQwOTEyMTEwODEwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmUyY2I5YS0wNjcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp3iP7oMMO+hRYRYs+K1r9laGv2e8vQr5mk2xwQeYOQ0aCHCc1UdLsX+My9ZJ
JDTeLjNqcIIs/DjuaIGw6mtFe3WsXKJ+cMpDG9goh0d1l46GopnXWhD6NZXakpb4
Xtpu002nzBLHkfMCwUbhiWU7l17Gj7EdjUW77NP5Fa+pp3pFHe3L7SV7AEJ7+jDh
DFmsx0GmitBbKE7e8e+/huFGCPUdIVzn5BEZVgCLsDwFwvlVfSu1fVnuBkE0J+Sq
o9DiVdCzsCaAsoBkpBcPhQyOVGrvJr9yf2IAUQ/1MKoo+RwHfouccyi0nJdbR70c
Te6wYpSMqRm4I+vY7pg80vPjtQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBE8dSEF
9+Sxxwol3owNlPW5ppFjMB8GA1UdIwQYMBaAFLwTfCd35R3nvRrOgNho/ZOh7HpD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNkRBOC83NkVENDRFRTAx
RUIxMUVEOTlBMzFBMUZDNEY5QUUwMi92Qk44SjNmbEhlZTlHczZBMkdqOWs2SHNl
a00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZCTjhKM2ZsSGVlOUdzNkEyR2o5azZIc2VrTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjZEQTgvNzZFRDQ0RUUwMUVCMTFFRDk5QTMxQTFGQzRGOUFFMDIvNEJBMURFRUU3
MEY3MTFFRjkzQzNFMjMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnGX8wDQYJKoZIhvcNAQELBQADggEBAELB3lsT3wPOwURj
AuJcsWJKmUSn8uCOp6ucFdoyq3WEweSz1dVVVBnkf7TY8dt9SSR7DdTQJjIBFwi6
XRyOe1fARybdzkLJBWxh9gIToqfRjOIdq7ZblZg7pDaWWb5QvXdtcXcEhmQQxqD/
IDf3aKKXs7PyUE5G6dt0QgT1i/0fytk65Rv5N1ZsiNCHzXvjenv97RpANxnnaWxf
q6NlPHN3LuCD9es52Wb8L2ZLXex8IlbaKmHAtVYwz+IJ2RcF4SrKlwojEOrTR/lC
mxBk9wUyH41FHv5mDmdgcvJ7k+TfvVQZVq/xV6jmQHM3+0oZB61btg4KtGvKZTxt
0ykVHlU=
-----END CERTIFICATE-----
Generated at Mon Sep 23 06:26:21 2024 by rpki-client on console-fra.rpki-client.org