Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/66E10D62195D11EEB884EF56C4F9AE02.roa
File: 66E10D62195D11EEB884EF56C4F9AE02.roa (raw, json)
Hash identifier: xCSaPi14ofbpEjI8LYOoEhzbYZCBfRewHsoxOms4aZc=
Subject key identifier: 1F:B9:B3:18:7C:C8:B8:AB:C5:8B:2C:C3:B5:5E:35:5E:F2:8A:EF:06
Certificate issuer: /CN=A9126DA8/serialNumber=BC137C2777E51DE7BD1ACE80D868FD93A1EC7A43
Certificate serial: 0135
Authority key identifier: BC:13:7C:27:77:E5:1D:E7:BD:1A:CE:80:D8:68:FD:93:A1:EC:7A:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vBN8J3flHee9Gs6A2Gj9k6HsekM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/66E10D62195D11EEB884EF56C4F9AE02.roa
Signing time: Mon 03 Jul 2023 04:52:24 +0000
ROA not before: Mon 03 Jul 2023 04:52:24 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 58925
IP address blocks: 103.25.126.0/24 maxlen: 24
103.25.127.0/24 maxlen: 24
2406:db00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 12 Jul 2023 13:42:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 309 (0x135)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9126DA8/serialNumber=BC137C2777E51DE7BD1ACE80D868FD93A1EC7A43
Validity
Not Before: Jul 3 04:52:24 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64a25408-a087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:92:ff:47:be:7a:67:3d:db:24:a3:5f:1f:5e:
fb:e3:60:b5:73:31:ef:9e:ae:8f:f1:07:1c:66:9a:
10:69:c4:37:af:3b:f3:cf:47:3b:d0:8a:b6:25:a4:
e5:8e:16:10:e2:28:8a:b3:98:62:2a:1e:3e:84:b9:
3a:5c:c2:41:e9:0a:76:98:e0:87:5d:f3:9d:90:ca:
be:0e:60:57:75:b5:d2:b7:ce:5f:24:b3:03:0a:40:
64:b2:ee:ac:4a:32:5c:a9:f1:04:2a:a2:48:61:ab:
27:ac:fd:75:e3:24:d8:06:3f:00:93:72:05:9b:69:
64:1f:7e:f4:30:69:30:a9:2f:a9:33:be:e8:96:39:
bc:91:36:f4:78:3e:e6:81:41:56:5c:05:1f:7a:67:
99:13:f5:15:4a:1a:ec:f5:6c:79:0c:3f:5f:39:9e:
15:47:b8:a9:ee:94:07:d5:3d:4a:31:cf:4b:80:b0:
4c:2c:07:df:5a:03:4d:db:89:9b:c7:20:92:ae:8c:
7d:57:3c:89:fc:fc:af:1b:47:62:56:ab:72:8a:b3:
bd:71:37:70:4d:5a:c6:c7:80:f9:35:c7:3b:81:07:
82:ac:07:fc:0a:63:fd:92:bb:6c:6d:02:3e:5d:b9:
7e:f1:c7:27:49:69:45:a3:37:d3:84:70:d2:9d:51:
13:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:B9:B3:18:7C:C8:B8:AB:C5:8B:2C:C3:B5:5E:35:5E:F2:8A:EF:06
X509v3 Authority Key Identifier:
keyid:BC:13:7C:27:77:E5:1D:E7:BD:1A:CE:80:D8:68:FD:93:A1:EC:7A:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/vBN8J3flHee9Gs6A2Gj9k6HsekM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vBN8J3flHee9Gs6A2Gj9k6HsekM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/66E10D62195D11EEB884EF56C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.25.126.0/23
IPv6:
2406:db00::/32
Signature Algorithm: sha256WithRSAEncryption
99:f0:f7:f4:f9:9b:99:4f:95:33:9b:98:ad:90:94:23:17:bc:
50:9e:74:78:d7:68:4a:b7:6e:2d:ff:8d:81:c2:a1:e1:b3:5e:
68:1d:73:fe:5a:2a:46:97:48:22:e5:56:0b:e9:df:b9:c8:80:
b4:7b:88:97:24:b9:23:70:ef:c0:8f:16:e6:89:1f:c4:8c:7d:
b6:d0:d3:cd:cc:9d:f3:66:4c:aa:89:99:76:d7:c8:65:ba:4c:
10:f2:01:54:5e:48:5c:25:7d:db:6f:0a:ee:75:70:2c:86:7a:
1b:30:cd:a6:2d:ae:9f:3c:38:1c:83:9d:4b:7d:37:00:b0:f6:
85:e2:ed:cc:a7:86:f2:5f:8a:67:ea:a1:05:77:05:46:74:25:
d1:24:88:a6:b9:a6:cc:90:94:d5:9c:33:dc:00:ee:9f:27:28:
02:d1:64:e0:90:9c:72:5c:2f:38:63:f7:17:a8:11:90:a3:09:
90:7c:2f:12:79:01:2f:8e:fd:a1:f2:3d:54:81:56:7e:d7:6d:
00:1d:4f:e7:4d:10:38:d2:fe:f3:cf:60:54:78:3c:59:6f:f2:
83:34:cf:86:c5:a2:4f:f0:c9:ab:04:5e:e8:74:84:77:71:6f:
ac:85:ef:b7:9b:ca:61:68:56:42:6e:33:24:45:ec:e7:c2:6c:
8f:cd:9f:d8
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICATUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjZEQTgxMTAvBgNVBAUTKEJDMTM3QzI3NzdFNTFERTdCRDFBQ0U4MEQ4NjhGRDkz
QTFFQzdBNDMwHhcNMjMwNzAzMDQ1MjI0WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGEyNTQwOC1hMDg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsJL/R756Zz3bJKNfH17742C1czHvnq6P8QccZpoQacQ3rzvzz0c70Iq2JaTl
jhYQ4iiKs5hiKh4+hLk6XMJB6Qp2mOCHXfOdkMq+DmBXdbXSt85fJLMDCkBksu6s
SjJcqfEEKqJIYasnrP114yTYBj8Ak3IFm2lkH370MGkwqS+pM77oljm8kTb0eD7m
gUFWXAUfemeZE/UVShrs9Wx5DD9fOZ4VR7ip7pQH1T1KMc9LgLBMLAffWgNN24mb
xyCSrox9VzyJ/PyvG0diVqtyirO9cTdwTVrGx4D5Ncc7gQeCrAf8CmP9krtsbQI+
Xbl+8ccnSWlFozfThHDSnVETTwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFB+5sxh8
yLirxYssw7VeNV7yiu8GMB8GA1UdIwQYMBaAFLwTfCd35R3nvRrOgNho/ZOh7HpD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNkRBOC83NkVENDRFRTAx
RUIxMUVEOTlBMzFBMUZDNEY5QUUwMi92Qk44SjNmbEhlZTlHczZBMkdqOWs2SHNl
a00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZCTjhKM2ZsSGVlOUdzNkEyR2o5azZIc2VrTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjZEQTgvNzZFRDQ0RUUwMUVCMTFFRDk5QTMxQTFGQzRGOUFFMDIvNjZFMTBENjIx
OTVEMTFFRUI4ODRFRjU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnGX4wDQQCAAIwBwMFACQG2wAwDQYJKoZIhvcNAQELBQAD
ggEBAJnw9/T5m5lPlTObmK2QlCMXvFCedHjXaEq3bi3/jYHCoeGzXmgdc/5aKkaX
SCLlVgvp37nIgLR7iJckuSNw78CPFuaJH8SMfbbQ083MnfNmTKqJmXbXyGW6TBDy
AVReSFwlfdtvCu51cCyGehswzaYtrp88OByDnUt9NwCw9oXi7cynhvJfimfqoQV3
BUZ0JdEkiKa5psyQlNWcM9wA7p8nKALRZOCQnHJcLzhj9xeoEZCjCZB8LxJ5AS+O
/aHyPVSBVn7XbQAdT+dNEDjS/vPPYFR4PFlv8oM0z4bFok/wyasEXuh0hHdxb6yF
77ebymFoVkJuMyRF7OfCbI/Nn9g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org