Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912BE9D/D305E4EE990E11EB89B76D68C4F9AE02/AA11E440020E11EF8AF8EF66C4F9AE02.roa
File: AA11E440020E11EF8AF8EF66C4F9AE02.roa (raw, json)
Hash identifier: 6A8V1WUbm+qF+n+ZBY6rf4XfiiRtW/9ZYrpMOXjkJeg=
Subject key identifier: 9B:42:AC:4A:97:92:6E:FA:E3:69:35:96:03:2D:08:51:14:AD:57:D5
Certificate issuer: /CN=A912BE9D/serialNumber=BF6AD1ABC9D91619A09287FB6C64F4647B9FD31C
Certificate serial: 05D7
Authority key identifier: BF:6A:D1:AB:C9:D9:16:19:A0:92:87:FB:6C:64:F4:64:7B:9F:D3:1C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v2rRq8nZFhmgkof7bGT0ZHuf0xw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912BE9D/D305E4EE990E11EB89B76D68C4F9AE02/AA11E440020E11EF8AF8EF66C4F9AE02.roa
Signing time: Wed 24 Apr 2024 07:45:48 +0000
ROA not before: Wed 24 Apr 2024 07:45:48 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 137076
IP address blocks: 103.8.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Apr 2024 10:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1495 (0x5d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912BE9D/serialNumber=BF6AD1ABC9D91619A09287FB6C64F4647B9FD31C
Validity
Not Before: Apr 24 07:45:48 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=6628b8ac-9acb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f2:58:07:b1:2e:f9:09:6c:91:32:99:c0:8d:
52:d3:85:d0:68:ea:17:84:75:43:85:4e:c3:3e:9f:
16:ac:e9:c6:a5:05:d5:9a:85:67:8b:49:0a:3e:ef:
5d:d0:47:18:fa:b6:f2:f5:5e:95:ea:a1:2f:5c:87:
5d:e8:ac:3a:ab:93:b3:a3:15:4c:6f:a5:93:a8:00:
90:39:1c:3a:3b:b8:a0:ce:27:4f:47:14:b3:24:d5:
5c:48:9f:de:5a:34:d9:16:f1:50:e4:91:ef:fb:f1:
00:6f:94:1e:9c:e9:26:e1:cb:43:3c:c9:e4:9a:c3:
ad:3e:90:7d:54:d8:7e:0e:da:80:ea:29:89:71:1b:
a0:e3:cc:b9:58:1e:05:43:d5:60:37:65:9c:b2:db:
79:51:61:07:f5:3a:e5:ae:f6:60:12:56:be:65:ad:
a8:e5:90:f0:01:25:61:3e:28:8b:3e:8a:63:bb:eb:
f5:df:96:11:2f:b0:96:83:4e:71:c6:75:57:06:2b:
d8:48:08:19:8d:77:e7:b9:9e:b0:1f:9c:c2:51:cd:
65:c0:73:a3:34:ca:7b:36:33:47:99:4d:32:d8:4a:
5b:bc:9b:d1:e6:d6:16:7d:9c:66:7a:97:e4:f5:43:
27:66:f2:7d:5a:06:d0:b3:cd:9c:74:d1:86:08:54:
9c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:42:AC:4A:97:92:6E:FA:E3:69:35:96:03:2D:08:51:14:AD:57:D5
X509v3 Authority Key Identifier:
keyid:BF:6A:D1:AB:C9:D9:16:19:A0:92:87:FB:6C:64:F4:64:7B:9F:D3:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912BE9D/D305E4EE990E11EB89B76D68C4F9AE02/v2rRq8nZFhmgkof7bGT0ZHuf0xw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v2rRq8nZFhmgkof7bGT0ZHuf0xw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BE9D/D305E4EE990E11EB89B76D68C4F9AE02/AA11E440020E11EF8AF8EF66C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.8.47.0/24
Signature Algorithm: sha256WithRSAEncryption
41:a0:63:ca:a2:6d:7a:9e:7b:a5:09:90:96:d1:a8:f7:ce:16:
a0:a5:ff:5b:3d:32:56:20:8b:a3:f9:54:4b:00:2d:1d:0f:7a:
d3:8c:16:8e:a6:c8:c6:e6:21:62:2e:51:36:c5:47:74:87:76:
65:44:a4:55:1d:10:60:d0:f8:c7:c0:29:6e:18:b5:47:8c:80:
d5:5d:9d:11:75:95:39:9a:a8:60:cd:71:4e:a1:47:a6:d4:dc:
90:45:31:c3:48:6c:7d:76:5b:29:a0:88:1d:07:b1:48:c1:3e:
39:a9:01:9e:0f:43:cf:ff:b0:57:18:3d:94:34:a2:58:af:7b:
22:74:2f:81:43:f0:35:a9:62:91:af:52:78:bf:61:2f:7f:6e:
0a:f0:10:39:83:92:7d:3d:dc:65:38:de:e6:53:b6:8f:89:7c:
18:1a:12:46:4b:1c:82:29:9d:8a:5b:20:ba:98:68:72:4f:f0:
26:93:f7:4c:dd:e0:60:ec:50:34:c1:02:0a:18:86:f4:d0:3c:
3a:6f:74:aa:f5:52:2e:0f:9b:c5:f7:c1:e2:a7:42:fb:31:92:
16:a5:70:3a:a9:ef:a8:31:b7:c9:38:7c:ca:36:a1:7d:fb:8f:
13:22:78:a5:b5:2e:d7:2b:96:81:11:37:02:b0:37:54:90:e0:
25:c7:c5:ac
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBdcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkJFOUQxMTAvBgNVBAUTKEJGNkFEMUFCQzlEOTE2MTlBMDkyODdGQjZDNjRGNDY0
N0I5RkQzMUMwHhcNMjQwNDI0MDc0NTQ4WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjI4YjhhYy05YWNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3vJYB7Eu+QlskTKZwI1S04XQaOoXhHVDhU7DPp8WrOnGpQXVmoVni0kKPu9d
0EcY+rby9V6V6qEvXIdd6Kw6q5OzoxVMb6WTqACQORw6O7igzidPRxSzJNVcSJ/e
WjTZFvFQ5JHv+/EAb5QenOkm4ctDPMnkmsOtPpB9VNh+DtqA6imJcRug48y5WB4F
Q9VgN2Wcstt5UWEH9TrlrvZgEla+Za2o5ZDwASVhPiiLPopju+v135YRL7CWg05x
xnVXBivYSAgZjXfnuZ6wH5zCUc1lwHOjNMp7NjNHmU0y2EpbvJvR5tYWfZxmepfk
9UMnZvJ9WgbQs82cdNGGCFSctwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJtCrEqX
km7642k1lgMtCFEUrVfVMB8GA1UdIwQYMBaAFL9q0avJ2RYZoJKH+2xk9GR7n9Mc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkU5RC9EMzA1RTRFRTk5
MEUxMUVCODlCNzZENjhDNEY5QUUwMi92MnJScThuWkZobWdrb2Y3YkdUMFpIdWYw
eHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3YyclJxOG5aRmhtZ2tvZjdiR1QwWkh1ZjB4dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkJFOUQvRDMwNUU0RUU5OTBFMTFFQjg5Qjc2RDY4QzRGOUFFMDIvQUExMUU0NDAw
MjBFMTFFRjhBRjhFRjY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnCC8wDQYJKoZIhvcNAQELBQADggEBAEGgY8qibXqee6UJ
kJbRqPfOFqCl/1s9MlYgi6P5VEsALR0PetOMFo6myMbmIWIuUTbFR3SHdmVEpFUd
EGDQ+MfAKW4YtUeMgNVdnRF1lTmaqGDNcU6hR6bU3JBFMcNIbH12WymgiB0HsUjB
PjmpAZ4PQ8//sFcYPZQ0oliveyJ0L4FD8DWpYpGvUni/YS9/bgrwEDmDkn093GU4
3uZTto+JfBgaEkZLHIIpnYpbILqYaHJP8CaT90zd4GDsUDTBAgoYhvTQPDpvdKr1
Ui4Pm8X3weKnQvsxkhalcDqp76gxt8k4fMo2oX37jxMieKW1LtcrloERNwKwN1SQ
4CXHxaw=
-----END CERTIFICATE-----
Generated at Wed Apr 24 12:34:44 2024 by rpki-client on console-ams.rpki-client.org