Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9160C86/83CC49E099F311ECB58EC70EC4F9AE02/F42964CE432F11EFB28A1C0DC4F9AE02.roa
File: F42964CE432F11EFB28A1C0DC4F9AE02.roa (raw, json)
Hash identifier: 7nI/5R20e7PxZoIBSyCkaqwMUhdDCsvAKE518c0f/fs=
Subject key identifier: D3:68:00:E0:76:02:16:56:71:20:D8:D1:45:49:E2:AC:E0:77:EC:B8
Certificate issuer: /CN=A9160C86/serialNumber=754C7A08920B75DE6E1B37A3B54B8D5325D8DF73
Certificate serial: 031D
Authority key identifier: 75:4C:7A:08:92:0B:75:DE:6E:1B:37:A3:B5:4B:8D:53:25:D8:DF:73
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dUx6CJILdd5uGzejtUuNUyXY33M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9160C86/83CC49E099F311ECB58EC70EC4F9AE02/F42964CE432F11EFB28A1C0DC4F9AE02.roa
Signing time: Sun 25 Aug 2024 02:04:29 +0000
ROA not before: Sun 25 Aug 2024 02:04:29 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 152475
IP address blocks: 103.129.52.0/24 maxlen: 24
103.129.53.0/24 maxlen: 24
103.129.54.0/24 maxlen: 24
103.129.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Oct 2024 05:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 797 (0x31d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9160C86/serialNumber=754C7A08920B75DE6E1B37A3B54B8D5325D8DF73
Validity
Not Before: Aug 25 02:04:29 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66ca912d-a1a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c6:3e:8f:b6:d5:02:bb:22:76:85:12:c8:bd:
75:3c:75:5b:24:69:ee:28:54:fa:43:33:38:ae:82:
74:16:9e:9f:ac:b9:a9:49:94:cc:3e:1c:1d:9e:ec:
32:8a:c7:4e:1e:c5:e5:7b:7b:32:0e:43:c9:6e:ad:
bf:1c:71:76:eb:46:bd:b8:a0:87:34:91:d9:9b:95:
58:1d:73:dc:3b:f5:9b:8f:34:09:c3:b0:4a:4a:d8:
33:51:f9:e8:cd:05:97:11:1b:5e:ed:1e:1e:2d:9e:
e0:c9:7e:f1:d8:a7:5b:56:db:74:d8:5a:c5:0e:91:
b6:c5:80:3e:95:ca:52:30:37:27:ee:13:e9:b8:1e:
47:3e:2b:a0:db:25:9e:20:af:72:6d:37:f1:6e:c7:
82:c8:a6:71:da:4f:f7:2d:fd:31:53:05:e9:37:11:
22:b6:79:ca:86:3c:ed:23:b3:83:be:88:54:db:9b:
5e:31:d3:3e:be:4f:58:e7:5f:19:6c:e4:e3:85:e3:
18:f0:40:71:1a:ed:64:21:80:e9:18:40:64:44:f1:
54:1c:bf:07:21:16:95:dc:81:54:8e:4b:5a:8b:3b:
02:61:7d:ba:3f:da:0a:9f:7b:28:b5:bb:10:8a:2e:
53:62:5f:05:37:69:44:82:d2:6d:65:36:46:4f:0b:
ba:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:68:00:E0:76:02:16:56:71:20:D8:D1:45:49:E2:AC:E0:77:EC:B8
X509v3 Authority Key Identifier:
keyid:75:4C:7A:08:92:0B:75:DE:6E:1B:37:A3:B5:4B:8D:53:25:D8:DF:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9160C86/83CC49E099F311ECB58EC70EC4F9AE02/dUx6CJILdd5uGzejtUuNUyXY33M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dUx6CJILdd5uGzejtUuNUyXY33M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9160C86/83CC49E099F311ECB58EC70EC4F9AE02/F42964CE432F11EFB28A1C0DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.52.0/22
Signature Algorithm: sha256WithRSAEncryption
50:91:44:cd:84:fb:15:71:49:87:0b:0b:63:6d:d8:26:75:a2:
96:b3:c4:e7:fd:35:98:32:5a:58:e4:2f:8b:ca:3d:fa:f6:96:
c9:34:6e:1b:aa:5f:98:0f:c4:e1:84:91:48:cf:76:fc:89:eb:
c2:ce:2a:3f:1b:80:0f:dd:89:5f:cc:ff:5b:96:7c:09:5b:75:
78:e1:57:d2:10:7e:8f:c7:b0:9c:7a:28:9b:7f:ce:ee:ff:ea:
65:92:b4:84:b9:fa:8d:2e:3f:0a:6e:ce:68:58:11:22:6d:dc:
ae:c1:eb:95:c1:d4:77:fb:f9:65:b3:63:b7:d9:57:14:ea:0a:
43:55:c1:b0:6c:6d:24:0c:90:21:bb:e7:1d:78:88:99:d5:82:
2b:90:25:4b:01:5c:91:aa:b7:b0:23:c8:87:d8:86:f8:01:9a:
3a:5b:4d:95:a8:41:2d:b7:bf:0a:f0:7a:a3:2f:64:bc:69:a3:
4d:80:33:79:19:94:47:4c:2e:c4:da:a8:e8:2e:76:5a:5c:8c:
a3:90:37:e5:ba:33:6c:f8:b7:db:48:31:59:8b:bd:ec:77:f5:
1c:df:17:76:d3:a3:ba:06:83:68:fe:1d:6f:d2:9e:3e:16:ae:
06:05:61:13:cf:3d:72:6b:1e:c0:e4:c9:6c:ea:ef:5a:c8:00:
6c:8f:a9:48
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAx0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjBDODYxMTAvBgNVBAUTKDc1NEM3QTA4OTIwQjc1REU2RTFCMzdBM0I1NEI4RDUz
MjVEOERGNzMwHhcNMjQwODI1MDIwNDI5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmNhOTEyZC1hMWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5cY+j7bVArsidoUSyL11PHVbJGnuKFT6QzM4roJ0Fp6frLmpSZTMPhwdnuwy
isdOHsXle3syDkPJbq2/HHF260a9uKCHNJHZm5VYHXPcO/WbjzQJw7BKStgzUfno
zQWXERte7R4eLZ7gyX7x2KdbVtt02FrFDpG2xYA+lcpSMDcn7hPpuB5HPiug2yWe
IK9ybTfxbseCyKZx2k/3Lf0xUwXpNxEitnnKhjztI7ODvohU25teMdM+vk9Y518Z
bOTjheMY8EBxGu1kIYDpGEBkRPFUHL8HIRaV3IFUjktaizsCYX26P9oKn3sotbsQ
ii5TYl8FN2lEgtJtZTZGTwu6EQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNNoAOB2
AhZWcSDY0UVJ4qzgd+y4MB8GA1UdIwQYMBaAFHVMegiSC3Xebhs3o7VLjVMl2N9z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MEM4Ni84M0NDNDlFMDk5
RjMxMUVDQjU4RUM3MEVDNEY5QUUwMi9kVXg2Q0pJTGRkNXVHemVqdFV1TlV5WFkz
M00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RVeDZDSklMZGQ1dUd6ZWp0VXVOVXlYWTMzTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjBDODYvODNDQzQ5RTA5OUYzMTFFQ0I1OEVDNzBFQzRGOUFFMDIvRjQyOTY0Q0U0
MzJGMTFFRkIyOEExQzBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJngTQwDQYJKoZIhvcNAQELBQADggEBAFCRRM2E+xVxSYcL
C2Nt2CZ1opazxOf9NZgyWljkL4vKPfr2lsk0bhuqX5gPxOGEkUjPdvyJ68LOKj8b
gA/diV/M/1uWfAlbdXjhV9IQfo/HsJx6KJt/zu7/6mWStIS5+o0uPwpuzmhYESJt
3K7B65XB1Hf7+WWzY7fZVxTqCkNVwbBsbSQMkCG75x14iJnVgiuQJUsBXJGqt7Aj
yIfYhvgBmjpbTZWoQS23vwrweqMvZLxpo02AM3kZlEdMLsTaqOgudlpcjKOQN+W6
M2z4t9tIMVmLvex39RzfF3bTo7oGg2j+HW/Snj4WrgYFYRPPPXJrHsDkyWzq71rI
AGyPqUg=
-----END CERTIFICATE-----
Generated at Thu Oct 24 07:52:52 2024 by rpki-client on console-ams.rpki-client.org