Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9128C33/956CB086981B11EEAB0FC922C4F9AE02/B99447D6C19111EE9DE49041C4F9AE02.roa
File: B99447D6C19111EE9DE49041C4F9AE02.roa (raw, json)
Hash identifier: YK+h5PkjsH6w2Ng9JAVkNSAYPM0qnsKDErot9XuiiVQ=
Subject key identifier: 90:8B:54:A3:75:C4:60:EF:A4:13:3C:69:01:C1:EF:74:4E:67:DE:59
Certificate issuer: /CN=A9128C33/serialNumber=AF2EE04412356ABFD8E19AE2C1B22A737CDF5E9E
Certificate serial: 24
Authority key identifier: AF:2E:E0:44:12:35:6A:BF:D8:E1:9A:E2:C1:B2:2A:73:7C:DF:5E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ry7gRBI1ar_Y4ZriwbIqc3zfXp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9128C33/956CB086981B11EEAB0FC922C4F9AE02/B99447D6C19111EE9DE49041C4F9AE02.roa
Signing time: Fri 02 Feb 2024 06:10:12 +0000
ROA not before: Fri 02 Feb 2024 06:10:12 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 151671
IP address blocks: 103.255.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 12:11:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36 (0x24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9128C33/serialNumber=AF2EE04412356ABFD8E19AE2C1B22A737CDF5E9E
Validity
Not Before: Feb 2 06:10:12 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65bc8744-9d99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b1:17:65:e6:38:b4:11:2e:72:7c:49:ee:d3:
34:cc:00:d0:c3:ed:2d:c8:de:13:05:62:e9:f1:83:
35:77:af:75:5d:e1:63:7c:16:96:28:d9:6c:c2:0a:
36:82:ef:06:74:95:01:56:6e:92:a8:d3:c0:0b:18:
fd:34:ad:03:aa:16:df:90:90:14:d1:75:5d:ac:88:
32:5a:b8:9b:6f:89:c9:4c:70:52:e8:c0:8b:7e:4f:
1b:a0:48:d1:4d:03:f9:f6:42:dc:10:c0:5f:a0:9f:
c4:9e:b8:a3:9d:59:1e:42:12:2a:8b:41:b8:63:f7:
86:6f:c4:45:f2:a9:05:64:3d:48:53:3b:9f:2b:c1:
cb:0a:b8:47:3a:1e:2e:28:9e:9b:4e:09:16:b2:3c:
fb:6a:61:48:14:89:b2:63:c8:2c:da:bd:a2:d7:12:
91:4c:44:da:bd:5b:20:61:f6:86:f9:37:98:b0:5d:
99:64:06:77:f4:96:1e:1b:94:42:fa:93:7c:87:e5:
2c:d2:9b:20:7f:a9:8d:0d:4f:4f:e1:98:b5:3d:3b:
9f:f2:d5:fc:64:f9:d1:13:a5:74:d9:ee:48:69:39:
ae:eb:ed:69:fd:ef:a0:8a:42:15:fd:50:71:ad:34:
ad:db:35:51:e3:1c:10:f8:0d:b6:85:72:d6:74:16:
4b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:8B:54:A3:75:C4:60:EF:A4:13:3C:69:01:C1:EF:74:4E:67:DE:59
X509v3 Authority Key Identifier:
keyid:AF:2E:E0:44:12:35:6A:BF:D8:E1:9A:E2:C1:B2:2A:73:7C:DF:5E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9128C33/956CB086981B11EEAB0FC922C4F9AE02/ry7gRBI1ar_Y4ZriwbIqc3zfXp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ry7gRBI1ar_Y4ZriwbIqc3zfXp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128C33/956CB086981B11EEAB0FC922C4F9AE02/B99447D6C19111EE9DE49041C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.255.96.0/24
Signature Algorithm: sha256WithRSAEncryption
47:99:4b:88:17:fa:06:97:19:e0:17:d0:8e:02:c5:0e:e4:c9:
49:c8:ee:00:65:39:58:2d:fd:f8:29:fd:3e:29:60:36:ff:93:
85:88:f7:68:95:50:1b:a4:94:a5:19:55:d7:b8:76:1d:8d:81:
2d:0b:95:fa:90:f3:43:62:ce:50:01:dd:bd:28:c0:63:d2:b4:
25:fa:09:11:94:8d:29:28:d0:06:44:ca:6e:fc:6c:75:cb:1f:
82:32:b9:76:78:cc:ed:fd:1b:fc:8f:07:bb:45:16:2c:c3:88:
5d:db:e8:48:41:73:2e:ed:bf:17:fb:8e:a5:a0:5f:d6:16:95:
07:9c:e5:86:e8:00:0d:f5:8d:a5:37:12:9f:ca:5d:11:96:0d:
dd:aa:ba:83:a4:82:45:7c:9f:ad:e2:fb:a8:93:bd:07:7e:5e:
6a:0f:4f:f5:89:17:9b:e7:c4:3d:90:7f:85:27:e8:d7:31:90:
51:06:c4:c9:56:f6:c8:af:71:ba:a5:f0:dd:8a:11:2c:7c:38:
56:80:5a:e2:20:bf:5d:a0:8f:55:f1:e6:1e:cc:b9:a2:e7:44:
f8:70:58:74:74:e6:b4:33:dd:4c:52:fa:92:f3:ca:32:eb:06:
fa:2e:f0:db:fd:3a:19:b5:2c:79:80:82:24:2d:5f:2f:e1:82:
28:6b:93:8c
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBJDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
OEMzMzExMC8GA1UEBRMoQUYyRUUwNDQxMjM1NkFCRkQ4RTE5QUUyQzFCMjJBNzM3
Q0RGNUU5RTAeFw0yNDAyMDIwNjEwMTJaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YmM4NzQ0LTlkOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCxsRdl5ji0ES5yfEnu0zTMANDD7S3I3hMFYunxgzV3r3Vd4WN8FpYo2WzCCjaC
7wZ0lQFWbpKo08ALGP00rQOqFt+QkBTRdV2siDJauJtviclMcFLowIt+TxugSNFN
A/n2QtwQwF+gn8SeuKOdWR5CEiqLQbhj94ZvxEXyqQVkPUhTO58rwcsKuEc6Hi4o
nptOCRayPPtqYUgUibJjyCzavaLXEpFMRNq9WyBh9ob5N5iwXZlkBnf0lh4blEL6
k3yH5SzSmyB/qY0NT0/hmLU9O5/y1fxk+dETpXTZ7khpOa7r7Wn976CKQhX9UHGt
NK3bNVHjHBD4DbaFctZ0FktfAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUkItUo3XE
YO+kEzxpAcHvdE5n3lkwHwYDVR0jBBgwFoAUry7gRBI1ar/Y4ZriwbIqc3zfXp4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI4QzMzLzk1NkNCMDg2OTgx
QjExRUVBQjBGQzkyMkM0RjlBRTAyL3J5N2dSQkkxYXJfWTRacml3YklxYzN6Zlhw
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcnk3Z1JCSTFhcl9ZNFpyaXdiSXFjM3pmWHA0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
OEMzMy85NTZDQjA4Njk4MUIxMUVFQUIwRkM5MjJDNEY5QUUwMi9COTk0NDdENkMx
OTExMUVFOURFNDkwNDFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGf/YDANBgkqhkiG9w0BAQsFAAOCAQEAR5lLiBf6BpcZ4BfQ
jgLFDuTJScjuAGU5WC39+Cn9PilgNv+ThYj3aJVQG6SUpRlV17h2HY2BLQuV+pDz
Q2LOUAHdvSjAY9K0JfoJEZSNKSjQBkTKbvxsdcsfgjK5dnjM7f0b/I8Hu0UWLMOI
XdvoSEFzLu2/F/uOpaBf1haVB5zlhugADfWNpTcSn8pdEZYN3aq6g6SCRXyfreL7
qJO9B35eag9P9YkXm+fEPZB/hSfo1zGQUQbEyVb2yK9xuqXw3YoRLHw4VoBa4iC/
XaCPVfHmHsy5oudE+HBYdHTmtDPdTFL6kvPKMusG+i7w2/06GbUseYCCJC1fL+GC
KGuTjA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org