Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91580D2/EBC1AC2C184F11EDADBC3C65C4F9AE02/D1CEC6A2088E11EF9EF9890BC4F9AE02.roa
File: D1CEC6A2088E11EF9EF9890BC4F9AE02.roa (raw, json)
Hash identifier: q5mQKqFlyG5VNCAfAFTiKZdzfHxg2vttRTN+D3g5P2Y=
Subject key identifier: 7A:C0:9D:40:40:AF:72:44:F8:E6:EF:04:3E:DE:A9:78:6F:17:28:91
Certificate issuer: /CN=A91580D2/serialNumber=CA90D4D2125F0336B5398EE09977296F2E4092B4
Certificate serial: 01C5
Authority key identifier: CA:90:D4:D2:12:5F:03:36:B5:39:8E:E0:99:77:29:6F:2E:40:92:B4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypDU0hJfAza1OY7gmXcpby5AkrQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91580D2/EBC1AC2C184F11EDADBC3C65C4F9AE02/D1CEC6A2088E11EF9EF9890BC4F9AE02.roa
Signing time: Thu 02 May 2024 14:18:17 +0000
ROA not before: Thu 02 May 2024 14:18:17 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 174
IP address blocks: 103.102.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 14:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 453 (0x1c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91580D2/serialNumber=CA90D4D2125F0336B5398EE09977296F2E4092B4
Validity
Not Before: May 2 14:18:17 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6633a0a9-cd15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f9:59:23:c1:f8:54:f7:94:ef:04:41:ec:45:
54:6e:c4:ee:b9:ef:84:a5:c2:86:45:c4:58:0c:fd:
fc:45:a8:f5:01:a5:ea:5e:14:d0:d5:3f:ab:17:45:
b4:5d:33:5b:5f:43:1a:20:af:c6:7d:ce:fe:99:64:
fd:84:b7:90:ac:ea:5e:b6:3a:9a:6b:49:82:c9:e8:
ea:c9:dc:00:f5:19:89:08:f8:1b:48:78:af:a7:c7:
c0:1b:f4:2f:86:a1:3b:63:5e:91:56:7b:12:1b:7a:
f2:77:0b:61:5f:be:51:02:b0:f9:f2:f3:29:20:70:
7d:6f:3d:3a:b2:d1:01:3e:74:d0:9b:28:82:40:51:
74:3c:d8:ec:82:ae:cd:63:9e:be:fe:09:9c:f1:66:
ea:eb:90:6e:67:5f:19:c5:56:f5:86:57:49:d1:7b:
e4:1a:c7:0f:23:36:1a:df:af:6e:3b:91:43:f8:7d:
c7:c2:ce:23:93:23:ca:98:94:72:0a:5e:43:a8:06:
14:c1:ac:e9:3b:a0:de:4f:f6:62:2b:f2:48:08:94:
9d:f5:96:d1:09:4c:99:5c:93:0c:04:5b:9e:01:f6:
45:1f:4d:0b:3f:d8:25:cc:8b:fb:19:3e:fa:94:39:
0a:97:4b:7c:00:5d:df:59:be:d6:9e:62:e9:39:d0:
9a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:C0:9D:40:40:AF:72:44:F8:E6:EF:04:3E:DE:A9:78:6F:17:28:91
X509v3 Authority Key Identifier:
keyid:CA:90:D4:D2:12:5F:03:36:B5:39:8E:E0:99:77:29:6F:2E:40:92:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91580D2/EBC1AC2C184F11EDADBC3C65C4F9AE02/ypDU0hJfAza1OY7gmXcpby5AkrQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypDU0hJfAza1OY7gmXcpby5AkrQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91580D2/EBC1AC2C184F11EDADBC3C65C4F9AE02/D1CEC6A2088E11EF9EF9890BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.102.126.0/24
Signature Algorithm: sha256WithRSAEncryption
57:f1:d2:b3:cb:af:a6:38:84:75:99:a5:12:6c:22:90:09:1d:
a3:9c:83:86:de:c6:93:24:32:2b:41:87:22:96:33:53:00:62:
d5:be:e7:01:80:3b:25:67:45:c3:0c:a3:a9:5e:c7:b1:a7:59:
ea:a8:87:7f:c2:98:f1:a1:d6:36:5b:67:34:44:b1:8e:2e:57:
6b:54:51:ff:83:72:bb:f0:b0:7f:1a:fe:ad:3b:4b:45:2b:73:
f1:6e:1b:2c:e4:08:e9:3a:3e:24:fb:c8:1c:7c:27:0a:cb:45:
a0:36:7f:7b:38:1c:4c:68:0f:ce:9f:8a:07:19:af:7c:9c:28:
c2:dc:63:82:44:2b:35:9b:f4:8e:8d:38:ee:2f:6b:65:f4:32:
0a:88:f7:fa:af:2c:4a:5b:ab:5f:24:41:2e:ae:6c:27:a2:68:
10:98:93:2f:2d:63:19:d0:7c:cc:d0:7b:1d:5d:6a:2b:a1:82:
65:38:e5:99:53:ad:2d:a3:ef:e4:61:5b:6b:e3:02:85:2c:5a:
b5:8a:ed:27:37:3e:6c:ae:04:84:ba:19:7a:c6:fd:c2:07:f4:
3d:c0:01:05:ee:bd:e6:39:c5:45:15:6d:6f:8c:40:3c:27:26:
e1:25:fc:88:dd:60:c3:49:d6:a7:a6:d4:c9:15:91:53:ee:b1:
9c:7b:7f:26
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAcUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTgwRDIxMTAvBgNVBAUTKENBOTBENEQyMTI1RjAzMzZCNTM5OEVFMDk5NzcyOTZG
MkU0MDkyQjQwHhcNMjQwNTAyMTQxODE3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMzYTBhOS1jZDE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt/lZI8H4VPeU7wRB7EVUbsTuue+EpcKGRcRYDP38Raj1AaXqXhTQ1T+rF0W0
XTNbX0MaIK/Gfc7+mWT9hLeQrOpetjqaa0mCyejqydwA9RmJCPgbSHivp8fAG/Qv
hqE7Y16RVnsSG3rydwthX75RArD58vMpIHB9bz06stEBPnTQmyiCQFF0PNjsgq7N
Y56+/gmc8Wbq65BuZ18ZxVb1hldJ0XvkGscPIzYa369uO5FD+H3Hws4jkyPKmJRy
Cl5DqAYUwazpO6DeT/ZiK/JICJSd9ZbRCUyZXJMMBFueAfZFH00LP9glzIv7GT76
lDkKl0t8AF3fWb7WnmLpOdCatwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHrAnUBA
r3JE+ObvBD7eqXhvFyiRMB8GA1UdIwQYMBaAFMqQ1NISXwM2tTmO4Jl3KW8uQJK0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODBEMi9FQkMxQUMyQzE4
NEYxMUVEQURCQzNDNjVDNEY5QUUwMi95cERVMGhKZkF6YTFPWTdnbVhjcGJ5NUFr
clEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lwRFUwaEpmQXphMU9ZN2dtWGNwYnk1QWtyUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTgwRDIvRUJDMUFDMkMxODRGMTFFREFEQkMzQzY1QzRGOUFFMDIvRDFDRUM2QTIw
ODhFMTFFRjlFRjk4OTBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnZn4wDQYJKoZIhvcNAQELBQADggEBAFfx0rPLr6Y4hHWZ
pRJsIpAJHaOcg4bexpMkMitBhyKWM1MAYtW+5wGAOyVnRcMMo6lex7GnWeqoh3/C
mPGh1jZbZzREsY4uV2tUUf+DcrvwsH8a/q07S0Urc/FuGyzkCOk6PiT7yBx8JwrL
RaA2f3s4HExoD86figcZr3ycKMLcY4JEKzWb9I6NOO4va2X0MgqI9/qvLEpbq18k
QS6ubCeiaBCYky8tYxnQfMzQex1daiuhgmU45ZlTrS2j7+RhW2vjAoUsWrWK7Sc3
PmyuBIS6GXrG/cIH9D3AAQXuveY5xUUVbW+MQDwnJuEl/IjdYMNJ1qem1MkVkVPu
sZx7fyY=
-----END CERTIFICATE-----
Generated at Wed Oct 2 17:42:41 2024 by rpki-client on console-fra.rpki-client.org