Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/6AF0994C59FB11EFBF2C595AC4F9AE02.roa
File: 6AF0994C59FB11EFBF2C595AC4F9AE02.roa (raw, json)
Hash identifier: /yG8XLLGMFjbwLNMOMH0+cfJCGBQdboBEK2AtagfqQM=
Subject key identifier: 06:44:AB:44:9A:A1:74:FE:91:C1:BA:1B:36:51:74:8F:4B:34:E5:2D
Certificate issuer: /CN=A9126DA8/serialNumber=BC137C2777E51DE7BD1ACE80D868FD93A1EC7A43
Certificate serial: 025D
Authority key identifier: BC:13:7C:27:77:E5:1D:E7:BD:1A:CE:80:D8:68:FD:93:A1:EC:7A:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vBN8J3flHee9Gs6A2Gj9k6HsekM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/6AF0994C59FB11EFBF2C595AC4F9AE02.roa
Signing time: Wed 14 Aug 2024 05:09:44 +0000
ROA not before: Wed 14 Aug 2024 05:09:44 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 103.25.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Aug 2024 07:08:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 605 (0x25d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9126DA8/serialNumber=BC137C2777E51DE7BD1ACE80D868FD93A1EC7A43
Validity
Not Before: Aug 14 05:09:44 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66bc3c18-0a02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b7:d4:8f:b4:7f:ff:9f:58:ee:8d:92:c7:c6:
93:ff:79:d3:8e:fe:1c:60:85:3f:99:bd:20:2d:b9:
bd:48:4a:bd:ec:53:bf:d3:91:f8:57:e6:c8:14:c8:
71:7f:8b:ca:37:63:3c:b4:8e:86:9a:ce:11:cd:c6:
77:eb:d9:db:32:0f:41:38:a3:e1:70:45:2b:4f:65:
63:d6:15:3d:0b:88:a8:67:a4:43:17:34:4b:b8:80:
11:66:26:31:af:f9:bf:7f:19:41:d0:19:61:5d:6a:
78:52:2d:e5:17:e1:c2:a7:6c:d0:2b:56:1c:82:d5:
d7:fd:66:6b:de:76:a4:30:ec:99:c1:c7:fe:56:ec:
0c:05:a5:70:75:f3:67:3d:cb:d8:66:e3:0f:ba:31:
49:79:1b:c8:7b:64:8f:78:d4:c3:3a:b3:0b:77:2e:
cb:3b:5d:73:5c:ce:ea:71:77:6a:e6:d3:e2:cc:d4:
d3:5a:95:e5:fd:b7:5e:eb:12:29:e5:0b:8c:01:16:
4a:b1:cf:4d:31:7f:21:62:94:2d:6d:e5:ce:57:3f:
fb:86:5d:e5:52:98:e5:e2:82:22:e0:6c:44:30:0f:
45:fe:17:ab:9f:7e:68:d5:20:02:72:4e:d1:4e:ab:
03:2a:a3:f1:39:79:95:73:2d:3f:33:ff:be:29:4c:
0b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:44:AB:44:9A:A1:74:FE:91:C1:BA:1B:36:51:74:8F:4B:34:E5:2D
X509v3 Authority Key Identifier:
keyid:BC:13:7C:27:77:E5:1D:E7:BD:1A:CE:80:D8:68:FD:93:A1:EC:7A:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/vBN8J3flHee9Gs6A2Gj9k6HsekM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vBN8J3flHee9Gs6A2Gj9k6HsekM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/6AF0994C59FB11EFBF2C595AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.25.127.0/24
Signature Algorithm: sha256WithRSAEncryption
88:f2:f7:c7:16:cc:5d:21:5d:1e:32:88:b2:26:14:a4:11:a4:
9f:f5:77:e1:10:bc:23:06:4d:00:7c:b7:13:50:d1:99:2f:90:
6e:8a:5d:5e:c8:69:bb:c9:ef:7e:ea:15:e7:c1:1f:a7:f2:d9:
dc:47:73:64:17:c5:60:bc:6a:03:b5:d6:d6:94:6e:cb:d8:9b:
71:aa:04:87:ff:72:3e:bb:ef:cd:82:29:25:28:83:b8:9f:25:
da:2d:d5:4a:82:fa:d2:17:26:d4:7d:72:41:f5:a9:65:44:8e:
3c:ac:67:58:b5:5f:c8:99:7f:66:ac:55:82:8c:96:f9:90:47:
be:ba:3b:bd:6e:c4:3b:31:e3:7c:15:44:81:6e:f3:d9:df:80:
66:5f:3a:f7:60:87:47:88:a9:c1:6f:c5:19:0c:b2:3d:01:6a:
ff:eb:b5:47:38:71:00:31:2f:a4:7a:7e:1d:f1:bb:9c:58:6b:
70:59:9f:a1:51:35:1c:1c:30:a1:4f:ef:5d:d9:77:8e:39:eb:
7c:9b:57:15:dc:01:d2:a9:7b:da:43:c4:41:80:54:cf:d0:eb:
9a:88:60:a4:90:8b:63:5c:86:82:02:55:aa:c6:6c:d1:90:ab:
3f:9a:9b:11:10:af:f3:65:d8:ed:e8:d3:38:62:75:36:ec:c4:
67:a7:e1:ce
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAl0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjZEQTgxMTAvBgNVBAUTKEJDMTM3QzI3NzdFNTFERTdCRDFBQ0U4MEQ4NjhGRDkz
QTFFQzdBNDMwHhcNMjQwODE0MDUwOTQ0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmJjM2MxOC0wYTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxbfUj7R//59Y7o2Sx8aT/3nTjv4cYIU/mb0gLbm9SEq97FO/05H4V+bIFMhx
f4vKN2M8tI6Gms4RzcZ369nbMg9BOKPhcEUrT2Vj1hU9C4ioZ6RDFzRLuIARZiYx
r/m/fxlB0BlhXWp4Ui3lF+HCp2zQK1YcgtXX/WZr3nakMOyZwcf+VuwMBaVwdfNn
PcvYZuMPujFJeRvIe2SPeNTDOrMLdy7LO11zXM7qcXdq5tPizNTTWpXl/bde6xIp
5QuMARZKsc9NMX8hYpQtbeXOVz/7hl3lUpjl4oIi4GxEMA9F/hern35o1SACck7R
TqsDKqPxOXmVcy0/M/++KUwLkwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAZEq0Sa
oXT+kcG6GzZRdI9LNOUtMB8GA1UdIwQYMBaAFLwTfCd35R3nvRrOgNho/ZOh7HpD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNkRBOC83NkVENDRFRTAx
RUIxMUVEOTlBMzFBMUZDNEY5QUUwMi92Qk44SjNmbEhlZTlHczZBMkdqOWs2SHNl
a00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZCTjhKM2ZsSGVlOUdzNkEyR2o5azZIc2VrTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjZEQTgvNzZFRDQ0RUUwMUVCMTFFRDk5QTMxQTFGQzRGOUFFMDIvNkFGMDk5NEM1
OUZCMTFFRkJGMkM1OTVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnGX8wDQYJKoZIhvcNAQELBQADggEBAIjy98cWzF0hXR4y
iLImFKQRpJ/1d+EQvCMGTQB8txNQ0ZkvkG6KXV7IabvJ737qFefBH6fy2dxHc2QX
xWC8agO11taUbsvYm3GqBIf/cj67782CKSUog7ifJdot1UqC+tIXJtR9ckH1qWVE
jjysZ1i1X8iZf2asVYKMlvmQR766O71uxDsx43wVRIFu89nfgGZfOvdgh0eIqcFv
xRkMsj0Bav/rtUc4cQAxL6R6fh3xu5xYa3BZn6FRNRwcMKFP713Zd44563ybVxXc
AdKpe9pDxEGAVM/Q65qIYKSQi2NchoICVarGbNGQqz+amxEQr/Nl2O3o0zhidTbs
xGen4c4=
-----END CERTIFICATE-----
Generated at Fri Aug 16 09:53:35 2024 by rpki-client on console-ams.rpki-client.org