Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91279C4/8B89A42AD8C411EBBBD9AE7DC4F9AE02/859FFE90D9B111EBA2B24243C4F9AE02.roa
File: 859FFE90D9B111EBA2B24243C4F9AE02.roa (raw, json)
Hash identifier: x/45IdLTT8FWnuxauqgZI8tL537ActGzMYEfwyy8cik=
Subject key identifier: 5B:7A:F1:02:E2:AC:44:8A:B7:21:94:01:5E:31:B8:D0:6A:B5:AA:03
Certificate issuer: /CN=A91279C4/serialNumber=26EF6C79BB0FEB84DAFCEB740F396E573CFBF4DF
Certificate serial: 04E5
Authority key identifier: 26:EF:6C:79:BB:0F:EB:84:DA:FC:EB:74:0F:39:6E:57:3C:FB:F4:DF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ju9sebsP64Ta_Ot0DzluVzz79N8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91279C4/8B89A42AD8C411EBBBD9AE7DC4F9AE02/859FFE90D9B111EBA2B24243C4F9AE02.roa
Signing time: Fri 05 Jul 2024 00:42:21 +0000
ROA not before: Fri 05 Jul 2024 00:42:21 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 131341
IP address blocks: 103.69.124.0/22 maxlen: 22
103.69.124.0/23 maxlen: 23
103.69.126.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 03 Sep 2024 06:30:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1253 (0x4e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91279C4/serialNumber=26EF6C79BB0FEB84DAFCEB740F396E573CFBF4DF
Validity
Not Before: Jul 5 00:42:21 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6687416c-de5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fd:a2:85:5a:4a:21:af:e7:c5:59:e7:41:66:
74:71:c5:8e:fc:4e:9e:5e:4e:38:c6:e0:64:86:3e:
fa:65:9f:67:23:68:a2:74:c8:40:a6:91:75:40:fe:
a2:b3:9e:86:b5:90:68:46:7a:bb:f8:63:a5:c5:0a:
38:94:ce:a9:60:44:49:dc:a3:fc:27:61:f4:f2:0a:
43:9d:c7:0d:3c:b8:f5:7c:92:81:6b:f5:0b:ff:7d:
b3:38:d3:19:9d:82:53:85:2f:6e:2c:25:1c:60:01:
b8:e6:50:81:3f:ec:74:38:d4:40:17:8e:57:2c:c0:
a5:d7:71:4b:27:db:6c:20:11:16:b3:85:8f:81:bb:
ca:59:c4:d8:3c:4a:a7:ca:bf:0a:23:7f:26:80:f9:
ef:c0:a5:3b:23:7e:83:87:d2:f5:e8:d1:29:54:81:
79:4a:a7:16:81:e1:6d:53:b8:0b:c4:32:21:cb:c2:
63:b7:4b:95:e0:00:6a:19:60:3d:51:bf:b9:72:ee:
2f:36:84:eb:ca:34:f4:17:bc:50:e6:7c:b0:17:e8:
73:c3:ac:70:62:e7:bb:ed:74:36:08:83:89:ef:9f:
fd:3e:46:78:24:2a:e9:94:63:56:db:41:0e:f1:fb:
f1:86:de:4c:6f:6a:3a:b7:76:34:f4:37:15:36:20:
74:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:7A:F1:02:E2:AC:44:8A:B7:21:94:01:5E:31:B8:D0:6A:B5:AA:03
X509v3 Authority Key Identifier:
keyid:26:EF:6C:79:BB:0F:EB:84:DA:FC:EB:74:0F:39:6E:57:3C:FB:F4:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91279C4/8B89A42AD8C411EBBBD9AE7DC4F9AE02/Ju9sebsP64Ta_Ot0DzluVzz79N8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ju9sebsP64Ta_Ot0DzluVzz79N8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91279C4/8B89A42AD8C411EBBBD9AE7DC4F9AE02/859FFE90D9B111EBA2B24243C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.69.124.0/22
Signature Algorithm: sha256WithRSAEncryption
22:d2:58:5e:00:89:0a:d7:b2:14:05:a9:74:e0:f4:b6:d2:b0:
90:22:e2:88:23:2c:a2:ee:b8:11:39:fd:87:98:a2:c1:68:67:
7c:84:de:75:92:f1:e2:9b:a1:7a:a7:e9:1b:3f:ec:02:90:e7:
da:52:58:44:9f:c8:8b:8c:8f:d7:bb:d1:d6:8b:ff:9b:54:1e:
8d:7a:89:0f:06:fc:e1:56:c7:3d:88:a8:c6:a1:ce:3c:dd:9d:
e3:e5:23:80:12:1f:b7:d2:0b:75:81:9d:52:d9:1a:cf:a5:39:
6f:1f:0e:ea:17:a9:49:2c:07:79:4d:81:22:de:1c:79:50:2a:
5c:42:41:7d:82:62:c9:38:e2:4e:f4:4b:a8:95:7d:6b:d0:94:
30:e5:09:b0:5a:30:74:8d:2c:3c:0d:3f:f4:ce:66:98:58:88:
ec:82:2d:74:b6:b1:e4:4e:e2:cb:0b:40:a2:af:60:0e:ca:b2:
1e:c4:04:60:e9:d4:58:69:30:81:be:cd:65:5f:e8:2b:76:7b:
54:53:bd:a0:4f:ac:4e:85:bf:4e:1c:c7:43:1a:1f:03:aa:7a:
a8:82:95:d6:a1:6a:00:20:7d:85:71:6a:ce:11:aa:7b:17:0a:
63:0b:ae:04:81:5c:ee:16:cf:a8:20:fe:1a:14:37:81:b2:36:
a5:c1:fe:0b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBOUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjc5QzQxMTAvBgNVBAUTKDI2RUY2Qzc5QkIwRkVCODREQUZDRUI3NDBGMzk2RTU3
M0NGQkY0REYwHhcNMjQwNzA1MDA0MjIxWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg3NDE2Yy1kZTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsf2ihVpKIa/nxVnnQWZ0ccWO/E6eXk44xuBkhj76ZZ9nI2iidMhAppF1QP6i
s56GtZBoRnq7+GOlxQo4lM6pYERJ3KP8J2H08gpDnccNPLj1fJKBa/UL/32zONMZ
nYJThS9uLCUcYAG45lCBP+x0ONRAF45XLMCl13FLJ9tsIBEWs4WPgbvKWcTYPEqn
yr8KI38mgPnvwKU7I36Dh9L16NEpVIF5SqcWgeFtU7gLxDIhy8Jjt0uV4ABqGWA9
Ub+5cu4vNoTryjT0F7xQ5nywF+hzw6xwYue77XQ2CIOJ75/9PkZ4JCrplGNW20EO
8fvxht5Mb2o6t3Y09DcVNiB0fwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFt68QLi
rESKtyGUAV4xuNBqtaoDMB8GA1UdIwQYMBaAFCbvbHm7D+uE2vzrdA85blc8+/Tf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzlDNC84Qjg5QTQyQUQ4
QzQxMUVCQkJEOUFFN0RDNEY5QUUwMi9KdTlzZWJzUDY0VGFfT3QwRHpsdVZ6ejc5
TjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0p1OXNlYnNQNjRUYV9PdDBEemx1Vnp6NzlOOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjc5QzQvOEI4OUE0MkFEOEM0MTFFQkJCRDlBRTdEQzRGOUFFMDIvODU5RkZFOTBE
OUIxMTFFQkEyQjI0MjQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnRXwwDQYJKoZIhvcNAQELBQADggEBACLSWF4AiQrXshQF
qXTg9LbSsJAi4ogjLKLuuBE5/YeYosFoZ3yE3nWS8eKboXqn6Rs/7AKQ59pSWESf
yIuMj9e70daL/5tUHo16iQ8G/OFWxz2IqMahzjzdnePlI4ASH7fSC3WBnVLZGs+l
OW8fDuoXqUksB3lNgSLeHHlQKlxCQX2CYsk44k70S6iVfWvQlDDlCbBaMHSNLDwN
P/TOZphYiOyCLXS2seRO4ssLQKKvYA7Ksh7EBGDp1FhpMIG+zWVf6Ct2e1RTvaBP
rE6Fv04cx0MaHwOqeqiCldahagAgfYVxas4RqnsXCmMLrgSBXO4Wz6gg/hoUN4Gy
NqXB/gs=
-----END CERTIFICATE-----
Generated at Tue Sep 3 08:22:49 2024 by rpki-client on console-ams.rpki-client.org