Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/C25C625853AF11EF9C14C60FC4F9AE02.roa
File: C25C625853AF11EF9C14C60FC4F9AE02.roa (raw, json)
Hash identifier: mmiCw5PvAaZaAkqUGTtq2R5hJIpvcdFFSG6c/KUk0Tc=
Subject key identifier: 62:9C:E1:45:B6:84:8F:86:71:D4:17:E7:F7:04:08:78:44:59:C0:B3
Certificate issuer: /CN=A9126DA8/serialNumber=BC137C2777E51DE7BD1ACE80D868FD93A1EC7A43
Certificate serial: 024F
Authority key identifier: BC:13:7C:27:77:E5:1D:E7:BD:1A:CE:80:D8:68:FD:93:A1:EC:7A:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vBN8J3flHee9Gs6A2Gj9k6HsekM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/C25C625853AF11EF9C14C60FC4F9AE02.roa
Signing time: Tue 06 Aug 2024 04:53:02 +0000
ROA not before: Tue 06 Aug 2024 04:53:02 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 103.25.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 08:51:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 591 (0x24f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9126DA8/serialNumber=BC137C2777E51DE7BD1ACE80D868FD93A1EC7A43
Validity
Not Before: Aug 6 04:53:02 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66b1ac2d-9cdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0b:53:22:67:06:1c:4f:04:78:61:91:a5:91:
91:0c:cc:24:9a:17:31:76:29:71:b7:1b:bd:f4:5a:
01:ea:23:07:3f:d7:96:47:3e:e1:51:1a:02:78:e1:
cf:34:1b:88:38:90:f2:80:e7:27:9d:cf:d1:1f:48:
ba:23:14:d2:e4:d6:50:5d:a7:c6:e6:20:80:b0:eb:
58:6e:09:6e:b1:0d:d5:6a:77:57:39:83:1b:bb:0d:
a3:c8:a0:de:5e:73:f9:af:3b:be:41:fa:45:9a:0a:
44:3c:d8:45:09:3a:a2:33:9d:83:99:b3:e6:3e:c5:
39:96:52:07:00:a9:aa:bb:c1:92:57:12:5f:01:40:
99:fa:ef:30:88:06:b4:d1:4e:b3:fb:cd:88:76:53:
cc:2d:84:45:d8:33:13:29:51:5b:97:19:18:d5:6f:
98:92:f5:3a:a5:fe:87:00:f4:ce:2d:80:69:d5:b8:
a6:1d:04:46:76:7b:dc:7c:78:8d:1e:88:ca:e8:df:
d9:29:df:04:d1:a5:f8:2d:87:2c:a7:1a:e7:9f:4a:
35:aa:36:f4:c1:1d:e8:ca:af:85:cb:9c:df:0b:24:
b3:f4:1f:91:1d:8f:8c:b7:61:2b:31:93:83:63:ba:
a8:8b:e9:a5:f5:51:4c:9a:66:6b:28:4e:8e:86:2e:
61:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:9C:E1:45:B6:84:8F:86:71:D4:17:E7:F7:04:08:78:44:59:C0:B3
X509v3 Authority Key Identifier:
keyid:BC:13:7C:27:77:E5:1D:E7:BD:1A:CE:80:D8:68:FD:93:A1:EC:7A:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/vBN8J3flHee9Gs6A2Gj9k6HsekM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vBN8J3flHee9Gs6A2Gj9k6HsekM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/C25C625853AF11EF9C14C60FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.25.124.0/24
Signature Algorithm: sha256WithRSAEncryption
48:ba:03:ae:58:2b:b2:5d:ee:f7:57:db:bf:f3:92:a8:15:b5:
cc:82:92:69:37:53:01:97:69:1c:59:52:37:e7:a1:44:0f:e4:
cc:99:b6:8d:d8:76:e8:8c:91:9c:87:7c:21:42:3d:41:84:93:
98:08:0f:fa:d3:80:38:00:0b:11:00:4e:b1:a4:ee:0c:1a:28:
15:e5:2c:9d:c8:48:b5:54:5c:95:97:1b:47:e6:3b:dc:de:a1:
21:53:e0:44:a3:7f:75:a8:31:76:04:e5:b4:6c:91:53:f0:5b:
90:cf:bd:f3:16:e3:1c:4e:40:d8:40:79:7f:9a:67:0f:a9:3b:
9f:db:27:56:bd:e3:c0:bb:51:74:f1:6e:ac:b4:68:74:9b:90:
f6:b9:c9:2e:ef:b5:89:96:68:7e:3a:34:cc:ad:1e:4f:d6:81:
62:9d:bd:fc:9b:64:b2:d7:54:34:75:c6:62:a8:c7:bc:f0:1f:
91:43:11:49:39:5c:75:bd:26:bf:66:75:c8:61:d5:2f:20:a3:
89:a9:b1:d4:5c:77:a7:67:bf:8f:83:b5:76:f3:2b:da:11:e8:
a0:cd:08:5e:2f:ed:e4:c5:07:ba:31:6b:9b:a7:71:12:05:2c:
4e:f6:f1:d3:dc:5a:98:ee:62:b0:40:c1:ff:d7:15:42:bf:1f:
aa:fd:8c:c9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAk8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjZEQTgxMTAvBgNVBAUTKEJDMTM3QzI3NzdFNTFERTdCRDFBQ0U4MEQ4NjhGRDkz
QTFFQzdBNDMwHhcNMjQwODA2MDQ1MzAyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmIxYWMyZC05Y2RkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3AtTImcGHE8EeGGRpZGRDMwkmhcxdilxtxu99FoB6iMHP9eWRz7hURoCeOHP
NBuIOJDygOcnnc/RH0i6IxTS5NZQXafG5iCAsOtYbglusQ3VandXOYMbuw2jyKDe
XnP5rzu+QfpFmgpEPNhFCTqiM52DmbPmPsU5llIHAKmqu8GSVxJfAUCZ+u8wiAa0
0U6z+82IdlPMLYRF2DMTKVFblxkY1W+YkvU6pf6HAPTOLYBp1bimHQRGdnvcfHiN
HojK6N/ZKd8E0aX4LYcspxrnn0o1qjb0wR3oyq+Fy5zfCySz9B+RHY+Mt2ErMZOD
Y7qoi+ml9VFMmmZrKE6Ohi5hBQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGKc4UW2
hI+GcdQX5/cECHhEWcCzMB8GA1UdIwQYMBaAFLwTfCd35R3nvRrOgNho/ZOh7HpD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNkRBOC83NkVENDRFRTAx
RUIxMUVEOTlBMzFBMUZDNEY5QUUwMi92Qk44SjNmbEhlZTlHczZBMkdqOWs2SHNl
a00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZCTjhKM2ZsSGVlOUdzNkEyR2o5azZIc2VrTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjZEQTgvNzZFRDQ0RUUwMUVCMTFFRDk5QTMxQTFGQzRGOUFFMDIvQzI1QzYyNTg1
M0FGMTFFRjlDMTRDNjBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnGXwwDQYJKoZIhvcNAQELBQADggEBAEi6A65YK7Jd7vdX
27/zkqgVtcyCkmk3UwGXaRxZUjfnoUQP5MyZto3YduiMkZyHfCFCPUGEk5gID/rT
gDgACxEATrGk7gwaKBXlLJ3ISLVUXJWXG0fmO9zeoSFT4ESjf3WoMXYE5bRskVPw
W5DPvfMW4xxOQNhAeX+aZw+pO5/bJ1a948C7UXTxbqy0aHSbkPa5yS7vtYmWaH46
NMytHk/WgWKdvfybZLLXVDR1xmKox7zwH5FDEUk5XHW9Jr9mdchh1S8go4mpsdRc
d6dnv4+DtXbzK9oR6KDNCF4v7eTFB7oxa5uncRIFLE728dPcWpjuYrBAwf/XFUK/
H6r9jMk=
-----END CERTIFICATE-----
Generated at Thu Nov 7 10:45:00 2024 by rpki-client on console-ams.rpki-client.org