Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914D249/76CE8456E02511ECB2FB0E27C4F9AE02/A77AF65E806811EEBC08242BC4F9AE02.roa
File: A77AF65E806811EEBC08242BC4F9AE02.roa (raw, json)
Hash identifier: c/b8rl6VJp9BHv0Gl6iwBQfqpoaH6J38E0jO/aErxTo=
Subject key identifier: 43:88:59:CA:6A:0E:0A:79:02:26:37:C2:FA:1F:09:26:FF:65:3F:D3
Certificate issuer: /CN=A914D249/serialNumber=CD0CAC0E7E84E3E81E4876174E2C214085094269
Certificate serial: 0295
Authority key identifier: CD:0C:AC:0E:7E:84:E3:E8:1E:48:76:17:4E:2C:21:40:85:09:42:69
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zQysDn6E4-geSHYXTiwhQIUJQmk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914D249/76CE8456E02511ECB2FB0E27C4F9AE02/A77AF65E806811EEBC08242BC4F9AE02.roa
Signing time: Wed 23 Oct 2024 02:05:56 +0000
ROA not before: Wed 23 Oct 2024 02:05:56 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 134529
IP address blocks: 103.35.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 11:16:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 661 (0x295)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914D249/serialNumber=CD0CAC0E7E84E3E81E4876174E2C214085094269
Validity
Not Before: Oct 23 02:05:56 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67185a03-7a64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:1a:36:b0:4a:d1:39:db:d6:86:5c:b9:79:68:
ab:39:6b:c8:07:57:79:cc:68:3a:11:98:a3:fb:10:
de:bf:c5:15:f2:c9:b6:9d:8c:1d:cb:32:3c:05:6a:
a0:64:83:b7:01:19:9c:f5:0c:91:2e:af:2b:b8:5f:
0f:a6:ad:72:7b:d0:00:20:6c:09:24:af:4d:78:93:
57:a5:0a:5e:51:ab:a8:2f:5f:ad:75:32:7d:76:47:
76:f6:86:e0:c3:34:a6:ad:d4:c2:d8:b8:fb:a5:5b:
14:18:bf:9b:18:83:08:84:98:4f:38:39:c3:a4:04:
9f:39:0a:96:af:76:70:29:c2:22:1c:27:47:ca:47:
96:2e:6a:83:35:42:e3:34:dc:4d:57:c7:f8:83:e6:
6c:87:8e:43:15:86:1b:76:1d:8f:0b:f7:04:c0:a8:
c6:69:83:28:d0:7e:89:71:c1:92:21:75:a8:05:d3:
be:d3:ff:88:3f:7e:50:43:06:2b:12:53:eb:d2:e1:
32:0a:e9:fe:8e:85:e6:d1:60:f6:aa:98:ec:fd:c6:
ff:f2:bd:d2:de:9f:66:66:fb:ea:de:7b:35:6e:e5:
aa:9a:f3:3d:ac:74:f7:17:1b:98:1a:f2:27:32:39:
f4:61:15:09:c0:27:89:97:b6:49:b3:61:28:1c:b6:
d9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:88:59:CA:6A:0E:0A:79:02:26:37:C2:FA:1F:09:26:FF:65:3F:D3
X509v3 Authority Key Identifier:
keyid:CD:0C:AC:0E:7E:84:E3:E8:1E:48:76:17:4E:2C:21:40:85:09:42:69
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914D249/76CE8456E02511ECB2FB0E27C4F9AE02/zQysDn6E4-geSHYXTiwhQIUJQmk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zQysDn6E4-geSHYXTiwhQIUJQmk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914D249/76CE8456E02511ECB2FB0E27C4F9AE02/A77AF65E806811EEBC08242BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.35.158.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:7e:f4:ab:df:9c:0c:37:ab:e7:bd:26:c8:4d:c2:86:6d:81:
61:11:1f:40:6e:3a:f5:a9:17:b7:64:97:12:ec:74:6f:7c:01:
08:03:21:b2:fe:d1:7e:45:5e:95:70:ba:0b:46:18:36:08:bd:
10:6a:89:c7:b8:71:37:66:e6:00:37:9e:08:48:7f:df:59:aa:
5a:cb:88:5a:34:00:68:d5:c0:24:bb:5b:03:05:b4:6f:28:fe:
f3:94:c4:f4:a9:85:4b:d8:5b:74:09:74:13:1e:7d:2d:ec:64:
a4:0c:63:3a:f3:f3:3d:ae:cb:89:23:55:fd:fc:a7:a4:e6:64:
13:16:9f:69:5b:3e:20:4a:c0:b8:95:41:f6:1b:43:e8:1d:c9:
b6:80:22:a8:12:5e:a6:40:68:64:72:06:73:78:45:19:48:67:
6f:ac:5e:85:bd:17:a5:25:af:d6:82:b6:aa:1b:d3:cb:ed:99:
bb:12:90:8e:a0:db:8d:6d:6f:74:b1:e1:1b:85:f4:d7:1c:7a:
aa:f9:c8:7a:88:90:17:cb:59:ab:9c:6e:ba:fe:45:73:b2:68:
9c:ad:2c:35:8d:a3:18:ce:a4:e6:88:47:9a:f8:06:6d:d2:47:
f9:60:6d:e5:ec:12:ce:81:2d:57:70:df:af:56:d1:5a:dd:42:
eb:db:16:53
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICApUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEQyNDkxMTAvBgNVBAUTKENEMENBQzBFN0U4NEUzRTgxRTQ4NzYxNzRFMkMyMTQw
ODUwOTQyNjkwHhcNMjQxMDIzMDIwNTU2WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzE4NWEwMy03YTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3Ro2sErROdvWhly5eWirOWvIB1d5zGg6EZij+xDev8UV8sm2nYwdyzI8BWqg
ZIO3ARmc9QyRLq8ruF8Ppq1ye9AAIGwJJK9NeJNXpQpeUauoL1+tdTJ9dkd29obg
wzSmrdTC2Lj7pVsUGL+bGIMIhJhPODnDpASfOQqWr3ZwKcIiHCdHykeWLmqDNULj
NNxNV8f4g+Zsh45DFYYbdh2PC/cEwKjGaYMo0H6JccGSIXWoBdO+0/+IP35QQwYr
ElPr0uEyCun+joXm0WD2qpjs/cb/8r3S3p9mZvvq3ns1buWqmvM9rHT3FxuYGvIn
Mjn0YRUJwCeJl7ZJs2EoHLbZYwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEOIWcpq
Dgp5AiY3wvofCSb/ZT/TMB8GA1UdIwQYMBaAFM0MrA5+hOPoHkh2F04sIUCFCUJp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RDI0OS83NkNFODQ1NkUw
MjUxMUVDQjJGQjBFMjdDNEY5QUUwMi96UXlzRG42RTQtZ2VTSFlYVGl3aFFJVUpR
bWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pReXNEbjZFNC1nZVNIWVhUaXdoUUlVSlFtay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEQyNDkvNzZDRTg0NTZFMDI1MTFFQ0IyRkIwRTI3QzRGOUFFMDIvQTc3QUY2NUU4
MDY4MTFFRUJDMDgyNDJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnI54wDQYJKoZIhvcNAQELBQADggEBAB5+9KvfnAw3q+e9
JshNwoZtgWERH0BuOvWpF7dklxLsdG98AQgDIbL+0X5FXpVwugtGGDYIvRBqice4
cTdm5gA3nghIf99ZqlrLiFo0AGjVwCS7WwMFtG8o/vOUxPSphUvYW3QJdBMefS3s
ZKQMYzrz8z2uy4kjVf38p6TmZBMWn2lbPiBKwLiVQfYbQ+gdybaAIqgSXqZAaGRy
BnN4RRlIZ2+sXoW9F6Ulr9aCtqob08vtmbsSkI6g241tb3Sx4RuF9Ncceqr5yHqI
kBfLWaucbrr+RXOyaJytLDWNoxjOpOaIR5r4Bm3SR/lgbeXsEs6BLVdw369W0Vrd
QuvbFlM=
-----END CERTIFICATE-----
Generated at Mon Oct 28 14:24:42 2024 by rpki-client on console-ams.rpki-client.org