Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/D82FC1F653AF11EFA9830510C4F9AE02.roa
File: D82FC1F653AF11EFA9830510C4F9AE02.roa (raw, json)
Hash identifier: PnogWMJct2Mwv4xJ9Git4K0XLuD3FulTGTZoImwebn0=
Subject key identifier: 73:EE:87:E3:59:2A:FE:04:12:6C:FC:60:88:66:AF:1D:99:6D:A7:66
Certificate issuer: /CN=A9126DA8/serialNumber=BC137C2777E51DE7BD1ACE80D868FD93A1EC7A43
Certificate serial: 0251
Authority key identifier: BC:13:7C:27:77:E5:1D:E7:BD:1A:CE:80:D8:68:FD:93:A1:EC:7A:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vBN8J3flHee9Gs6A2Gj9k6HsekM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/D82FC1F653AF11EFA9830510C4F9AE02.roa
Signing time: Tue 06 Aug 2024 04:53:38 +0000
ROA not before: Tue 06 Aug 2024 04:53:38 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 103.25.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Aug 2024 12:10:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 593 (0x251)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9126DA8/serialNumber=BC137C2777E51DE7BD1ACE80D868FD93A1EC7A43
Validity
Not Before: Aug 6 04:53:38 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66b1ac52-79a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8f:c6:c3:32:09:f4:4e:3a:71:aa:a3:74:1c:
63:dd:4b:b6:9d:f0:a9:43:08:28:98:db:09:88:b1:
0d:a5:e5:82:19:07:73:9e:a2:ee:d8:6d:9f:cd:68:
9d:b2:87:a9:02:c5:cd:4c:c4:7a:91:34:98:60:59:
17:75:dc:51:3a:34:bd:0d:cd:6c:5d:11:f4:1d:6d:
8f:85:b7:ac:86:67:7b:f1:61:02:79:9a:77:96:fe:
34:41:42:40:f2:6f:b7:3e:2c:29:21:c7:62:05:54:
4a:0f:dd:4c:6a:d1:99:e8:1a:18:a2:a4:f6:f3:b7:
38:40:b1:82:cb:de:83:7c:85:e0:1c:33:76:87:19:
60:43:fa:77:54:b9:39:4d:79:26:ec:db:e4:b6:1c:
2f:21:6e:81:5b:0c:9f:cd:92:4c:38:11:1b:bd:57:
87:d3:79:26:68:54:9d:73:eb:fd:ae:9f:b4:0d:db:
b5:12:a9:ab:4e:6f:21:02:39:85:3b:3b:89:fe:ae:
46:a5:26:e9:68:66:0a:48:76:2f:72:01:c5:f5:df:
8b:b1:c5:e1:88:6a:8e:f6:19:07:f9:44:7c:9a:48:
78:95:85:29:3e:fe:15:f0:fa:a6:9f:bf:55:d4:33:
b6:86:58:f0:0d:ca:43:54:e3:c5:b6:7a:8c:d6:63:
99:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:EE:87:E3:59:2A:FE:04:12:6C:FC:60:88:66:AF:1D:99:6D:A7:66
X509v3 Authority Key Identifier:
keyid:BC:13:7C:27:77:E5:1D:E7:BD:1A:CE:80:D8:68:FD:93:A1:EC:7A:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/vBN8J3flHee9Gs6A2Gj9k6HsekM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vBN8J3flHee9Gs6A2Gj9k6HsekM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/D82FC1F653AF11EFA9830510C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.25.126.0/24
Signature Algorithm: sha256WithRSAEncryption
32:03:0c:a7:d1:1c:b3:9f:6b:e6:02:cd:5d:a3:80:de:f2:57:
0e:52:46:4d:c4:e3:ea:87:91:1f:01:7b:b1:f5:63:17:35:56:
40:ed:be:e3:be:5c:ef:80:be:81:e9:91:c3:32:24:be:bc:90:
6a:75:ba:08:32:b7:65:57:b0:26:db:2d:31:1c:ae:16:7a:25:
52:a6:b4:ce:7b:a8:7b:4b:dd:f9:7f:31:53:20:b7:f5:d3:7f:
c5:71:1a:ef:2e:fa:09:c0:e4:e7:80:72:e5:af:6d:2f:5c:32:
ff:85:db:2e:5f:4a:d5:ab:44:22:a4:82:ea:66:e0:dd:9d:28:
57:cb:a6:f1:ab:4a:11:66:7b:6c:56:6d:6a:20:c8:c3:43:89:
5b:33:c5:44:70:ee:6f:e4:88:c4:d3:21:68:8d:32:d7:f3:3f:
ad:50:44:d8:30:85:a7:1b:e7:00:5f:25:7b:48:2e:d0:a5:79:
6c:a6:7e:eb:47:c8:18:48:84:ba:dc:25:5a:61:50:32:f5:d0:
30:54:f9:d8:6a:ac:bb:9e:cf:45:b7:80:73:2f:ab:41:50:31:
2c:da:78:3f:d8:0f:fd:14:d8:c2:74:46:2f:1a:50:eb:c6:02:
b4:e8:4e:cd:87:1b:fc:6e:e5:b3:ca:6b:a0:29:95:1a:a4:c5:
c6:99:44:e5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAlEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjZEQTgxMTAvBgNVBAUTKEJDMTM3QzI3NzdFNTFERTdCRDFBQ0U4MEQ4NjhGRDkz
QTFFQzdBNDMwHhcNMjQwODA2MDQ1MzM4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmIxYWM1Mi03OWEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuY/GwzIJ9E46caqjdBxj3Uu2nfCpQwgomNsJiLENpeWCGQdznqLu2G2fzWid
soepAsXNTMR6kTSYYFkXddxROjS9Dc1sXRH0HW2Phbeshmd78WECeZp3lv40QUJA
8m+3PiwpIcdiBVRKD91MatGZ6BoYoqT287c4QLGCy96DfIXgHDN2hxlgQ/p3VLk5
TXkm7NvkthwvIW6BWwyfzZJMOBEbvVeH03kmaFSdc+v9rp+0Ddu1EqmrTm8hAjmF
OzuJ/q5GpSbpaGYKSHYvcgHF9d+LscXhiGqO9hkH+UR8mkh4lYUpPv4V8Pqmn79V
1DO2hljwDcpDVOPFtnqM1mOZ2QIDAQABo4IClTCCApEwHQYDVR0OBBYEFHPuh+NZ
Kv4EEmz8YIhmrx2ZbadmMB8GA1UdIwQYMBaAFLwTfCd35R3nvRrOgNho/ZOh7HpD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNkRBOC83NkVENDRFRTAx
RUIxMUVEOTlBMzFBMUZDNEY5QUUwMi92Qk44SjNmbEhlZTlHczZBMkdqOWs2SHNl
a00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZCTjhKM2ZsSGVlOUdzNkEyR2o5azZIc2VrTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjZEQTgvNzZFRDQ0RUUwMUVCMTFFRDk5QTMxQTFGQzRGOUFFMDIvRDgyRkMxRjY1
M0FGMTFFRkE5ODMwNTEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnGX4wDQYJKoZIhvcNAQELBQADggEBADIDDKfRHLOfa+YC
zV2jgN7yVw5SRk3E4+qHkR8Be7H1Yxc1VkDtvuO+XO+AvoHpkcMyJL68kGp1uggy
t2VXsCbbLTEcrhZ6JVKmtM57qHtL3fl/MVMgt/XTf8VxGu8u+gnA5OeAcuWvbS9c
Mv+F2y5fStWrRCKkgupm4N2dKFfLpvGrShFme2xWbWogyMNDiVszxURw7m/kiMTT
IWiNMtfzP61QRNgwhacb5wBfJXtILtCleWymfutHyBhIhLrcJVphUDL10DBU+dhq
rLuez0W3gHMvq0FQMSzaeD/YD/0U2MJ0Ri8aUOvGArToTs2HG/xu5bPKa6AplRqk
xcaZROU=
-----END CERTIFICATE-----
Generated at Fri Aug 9 15:43:32 2024 by rpki-client on console-ams.rpki-client.org