Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914E93F/2ED775DAA36C11E891405926C4F9AE02/BF1CFAE8F1A411EE9B04F15FC4F9AE02.roa
File: BF1CFAE8F1A411EE9B04F15FC4F9AE02.roa (raw, json)
Hash identifier: mZlixRuWtAAahvFvW6gAULovbshtKDueMnp1QeNGWa4=
Subject key identifier: 9A:84:C4:4D:AF:54:D7:08:92:D1:80:74:E1:60:6E:FE:C8:DE:97:3D
Certificate issuer: /CN=A914E93F/serialNumber=B2F8AB00D57464DD5D05A45A47C420F5F896B8FC
Certificate serial: 131A
Authority key identifier: B2:F8:AB:00:D5:74:64:DD:5D:05:A4:5A:47:C4:20:F5:F8:96:B8:FC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/svirANV0ZN1dBaRaR8Qg9fiWuPw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914E93F/2ED775DAA36C11E891405926C4F9AE02/BF1CFAE8F1A411EE9B04F15FC4F9AE02.roa
Signing time: Wed 26 Jun 2024 17:47:31 +0000
ROA not before: Wed 26 Jun 2024 17:47:31 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 137877
IP address blocks: 103.64.12.0/24 maxlen: 24
103.78.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Aug 2024 10:40:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4890 (0x131a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914E93F/serialNumber=B2F8AB00D57464DD5D05A45A47C420F5F896B8FC
Validity
Not Before: Jun 26 17:47:31 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=667c5433-0fb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:92:1b:87:7e:89:b7:e2:9d:6d:74:b3:fe:d5:
2d:2c:c3:45:e8:c6:cb:05:7f:ae:1f:28:87:e8:58:
b9:07:4b:0f:14:86:c0:7c:d8:4c:0e:29:2d:4a:6f:
d4:61:df:de:86:6a:52:08:2c:b8:2a:6f:1a:fb:24:
4c:0d:de:28:1f:f4:af:84:ae:10:43:b0:d3:fb:aa:
80:04:20:9c:1d:06:4e:69:dc:eb:8a:4e:b3:32:81:
1f:76:fe:28:84:aa:ad:7c:44:6b:69:d7:0f:36:82:
ba:ae:c3:83:2a:cd:c5:b4:bd:43:75:7d:dd:5f:34:
6c:9e:e1:06:57:51:e5:e2:ab:67:42:5c:ac:0d:a1:
5e:90:66:f7:a5:66:a7:67:ab:6b:63:c3:06:2e:55:
04:fd:f8:9d:79:70:37:75:b8:4c:ee:38:1d:ab:5e:
ae:8e:97:08:42:02:2e:d2:1a:f2:1d:8e:85:0f:9e:
fc:e1:3b:af:8d:ba:6d:15:76:0e:14:a1:ff:8c:c0:
d5:29:1b:60:a8:44:b9:e1:43:50:1e:ff:c3:a8:73:
d2:8c:37:66:68:a3:f1:e0:84:e2:48:32:41:5c:45:
ae:08:eb:b5:03:86:55:a0:eb:6b:fe:3c:92:ad:e1:
1d:e4:5a:16:8b:54:6d:64:53:3d:dd:bd:b2:4a:30:
16:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:84:C4:4D:AF:54:D7:08:92:D1:80:74:E1:60:6E:FE:C8:DE:97:3D
X509v3 Authority Key Identifier:
keyid:B2:F8:AB:00:D5:74:64:DD:5D:05:A4:5A:47:C4:20:F5:F8:96:B8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914E93F/2ED775DAA36C11E891405926C4F9AE02/svirANV0ZN1dBaRaR8Qg9fiWuPw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/svirANV0ZN1dBaRaR8Qg9fiWuPw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E93F/2ED775DAA36C11E891405926C4F9AE02/BF1CFAE8F1A411EE9B04F15FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.64.12.0/24
103.78.243.0/24
Signature Algorithm: sha256WithRSAEncryption
53:64:11:fb:1f:59:0b:48:a5:0e:90:a7:49:d1:b4:23:3d:b7:
27:9e:a9:a1:9e:fd:01:24:59:f1:f0:f0:ff:36:e8:37:ff:bc:
a6:78:7e:38:1c:c3:67:f9:00:43:35:6d:45:23:dd:78:10:75:
fd:c1:b5:27:2d:9c:f2:9e:73:4d:40:29:aa:0e:d3:40:0b:ec:
bb:8e:e1:03:13:4c:df:07:b6:97:24:4a:c1:a4:b5:4b:55:40:
d4:4b:e4:f5:c6:44:27:06:d3:3c:d4:8a:f8:6d:68:7b:6a:b4:
d8:13:76:db:0d:ec:16:ca:b6:9b:51:5b:1a:20:30:f7:91:88:
88:94:e6:3d:68:aa:31:55:b5:86:ae:bc:8c:71:87:b9:b7:e9:
23:9b:73:3b:6b:1e:14:f4:b0:97:22:48:3e:3e:01:1c:77:af:
e7:64:30:ba:0d:d6:20:ad:7f:01:20:54:a8:33:18:88:83:f7:
f5:8a:33:47:52:db:ff:7c:a4:49:fc:b2:76:7c:d1:9d:f8:83:
4b:10:45:5c:93:fe:c7:20:c4:b8:0e:be:7b:f9:bb:36:13:63:
94:cd:bf:91:8c:fa:36:9c:4c:22:4a:5b:d8:c6:a5:c2:e6:e5:
ba:fe:43:58:c6:3c:95:80:c7:02:0b:a3:53:81:95:35:53:a7:
50:6a:58:3e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICExowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEU5M0YxMTAvBgNVBAUTKEIyRjhBQjAwRDU3NDY0REQ1RDA1QTQ1QTQ3QzQyMEY1
Rjg5NkI4RkMwHhcNMjQwNjI2MTc0NzMxWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjdjNTQzMy0wZmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA45Ibh36Jt+KdbXSz/tUtLMNF6MbLBX+uHyiH6Fi5B0sPFIbAfNhMDiktSm/U
Yd/ehmpSCCy4Km8a+yRMDd4oH/SvhK4QQ7DT+6qABCCcHQZOadzrik6zMoEfdv4o
hKqtfERradcPNoK6rsODKs3FtL1DdX3dXzRsnuEGV1Hl4qtnQlysDaFekGb3pWan
Z6trY8MGLlUE/fideXA3dbhM7jgdq16ujpcIQgIu0hryHY6FD5784TuvjbptFXYO
FKH/jMDVKRtgqES54UNQHv/DqHPSjDdmaKPx4ITiSDJBXEWuCOu1A4ZVoOtr/jyS
reEd5FoWi1RtZFM93b2ySjAWzwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJqExE2v
VNcIktGAdOFgbv7I3pc9MB8GA1UdIwQYMBaAFLL4qwDVdGTdXQWkWkfEIPX4lrj8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTkzRi8yRUQ3NzVEQUEz
NkMxMUU4OTE0MDU5MjZDNEY5QUUwMi9zdmlyQU5WMFpOMWRCYVJhUjhRZzlmaVd1
UHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3N2aXJBTlYwWk4xZEJhUmFSOFFnOWZpV3VQdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEU5M0YvMkVENzc1REFBMzZDMTFFODkxNDA1OTI2QzRGOUFFMDIvQkYxQ0ZBRThG
MUE0MTFFRTlCMDRGMTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnQAwDBABnTvMwDQYJKoZIhvcNAQELBQADggEBAFNkEfsf
WQtIpQ6Qp0nRtCM9tyeeqaGe/QEkWfHw8P826Df/vKZ4fjgcw2f5AEM1bUUj3XgQ
df3BtSctnPKec01AKaoO00AL7LuO4QMTTN8HtpckSsGktUtVQNRL5PXGRCcG0zzU
ivhtaHtqtNgTdtsN7BbKtptRWxogMPeRiIiU5j1oqjFVtYauvIxxh7m36SObcztr
HhT0sJciSD4+ARx3r+dkMLoN1iCtfwEgVKgzGIiD9/WKM0dS2/98pEn8snZ80Z34
g0sQRVyT/scgxLgOvnv5uzYTY5TNv5GM+jacTCJKW9jGpcLm5br+Q1jGPJWAxwIL
o1OBlTVTp1BqWD4=
-----END CERTIFICATE-----
Generated at Thu Aug 22 16:53:01 2024 by rpki-client on console-ams.rpki-client.org