Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9163BEF/8AAFE28C25CF11EC8B4A992EC4F9AE02/65303DE225D211ECB2CCF633C4F9AE02.roa
File: 65303DE225D211ECB2CCF633C4F9AE02.roa (raw, json)
Hash identifier: k/JIEhmuRK6l38HASe7arTLSe3idf6UqT4HrabL+QIM=
Subject key identifier: E2:D5:93:E1:3F:9A:BB:E2:54:FA:69:F1:9B:64:C3:DB:85:65:20:9B
Certificate issuer: /CN=A9163BEF/serialNumber=0CBED27AB7B681BC9966ACE244FCBF297E65CA19
Certificate serial: 0438
Authority key identifier: 0C:BE:D2:7A:B7:B6:81:BC:99:66:AC:E2:44:FC:BF:29:7E:65:CA:19
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DL7Sere2gbyZZqziRPy_KX5lyhk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9163BEF/8AAFE28C25CF11EC8B4A992EC4F9AE02/65303DE225D211ECB2CCF633C4F9AE02.roa
Signing time: Wed 21 Aug 2024 01:14:02 +0000
ROA not before: Wed 21 Aug 2024 01:14:02 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 146993
IP address blocks: 103.67.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Sep 2024 11:58:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1080 (0x438)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9163BEF/serialNumber=0CBED27AB7B681BC9966ACE244FCBF297E65CA19
Validity
Not Before: Aug 21 01:14:02 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66c53f5a-4501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d8:04:39:09:7b:e0:ee:2b:08:d5:da:92:91:
e0:24:ad:35:4e:bb:de:57:28:f0:41:50:8c:60:22:
46:44:55:9b:12:38:b1:14:54:3b:7d:e2:33:34:34:
f2:fd:1f:77:5b:f6:d7:78:04:92:f4:55:67:f3:23:
f4:45:d1:52:56:3c:64:92:7b:ea:df:70:7b:96:54:
05:25:c8:95:76:50:b2:64:32:3f:a5:cd:37:64:61:
8c:d5:1a:ad:c2:4b:60:0b:25:86:ea:c1:ac:7a:01:
67:fc:dc:97:38:63:9f:48:0f:da:b3:ea:42:22:ff:
f1:7e:10:25:a1:60:30:2a:60:28:14:1a:b9:e5:d3:
3b:0e:67:f0:1f:75:d1:02:88:f4:23:69:5c:20:1c:
b9:d3:5f:ac:34:91:51:5f:8c:e2:7b:b5:6f:f8:65:
c6:45:41:d9:b7:a6:dd:b9:76:73:63:a5:81:a0:bc:
87:c5:43:57:bd:5e:b9:76:2d:d2:b0:b6:17:79:02:
24:7b:58:0a:d9:78:8d:cf:6a:29:fa:27:34:c4:c7:
20:2f:bd:1c:04:b5:29:d5:6c:68:03:be:a4:70:ed:
6f:ba:4f:74:ae:ac:9b:3b:d9:1b:81:0a:a9:a2:ff:
53:de:82:e0:3e:73:95:36:b9:95:b4:39:ee:b2:0a:
90:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D5:93:E1:3F:9A:BB:E2:54:FA:69:F1:9B:64:C3:DB:85:65:20:9B
X509v3 Authority Key Identifier:
keyid:0C:BE:D2:7A:B7:B6:81:BC:99:66:AC:E2:44:FC:BF:29:7E:65:CA:19
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9163BEF/8AAFE28C25CF11EC8B4A992EC4F9AE02/DL7Sere2gbyZZqziRPy_KX5lyhk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DL7Sere2gbyZZqziRPy_KX5lyhk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9163BEF/8AAFE28C25CF11EC8B4A992EC4F9AE02/65303DE225D211ECB2CCF633C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.67.252.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:b6:5d:c5:cd:b6:6c:5d:20:0f:4d:10:1d:09:ca:3e:ee:21:
0d:13:e0:2c:a2:ce:8f:35:1c:41:d9:10:e6:a8:fc:56:e7:d6:
ea:51:a7:ec:6b:74:89:33:9a:5a:e7:85:c3:9a:c3:58:ba:86:
a4:32:f8:43:30:fc:1e:d6:c2:e6:c0:3b:26:ef:23:1d:aa:86:
d3:8d:36:6d:d3:45:0d:d8:ba:88:a8:ff:95:b2:40:46:20:56:
2d:f4:12:8e:4f:ec:44:44:bc:21:64:9d:9b:8c:16:ac:5e:4f:
67:9e:12:0f:d3:1d:64:87:54:52:7f:e6:01:20:9d:13:b1:f6:
fa:d2:96:0a:20:73:24:3c:07:81:e2:5c:55:81:b9:a3:41:24:
0a:22:4a:a2:2f:d8:bc:14:6c:e6:e5:44:43:6d:31:fd:a4:85:
08:fc:96:fa:3a:40:96:f0:6b:aa:cc:e1:0c:9d:ee:36:e3:2f:
f8:41:ec:e2:19:01:6f:a7:2d:c6:83:6d:d0:59:96:3d:f0:96:
35:c4:2f:c7:c9:75:2e:d7:4b:27:a2:c7:3b:c5:2a:87:65:d6:
79:91:46:11:14:6d:f9:cd:97:13:aa:54:8c:7d:cc:cc:51:3d:
82:ff:8d:76:d7:70:ea:db:40:90:4e:c8:db:17:c8:9f:10:08:
9e:9b:fa:19
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBDgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjNCRUYxMTAvBgNVBAUTKDBDQkVEMjdBQjdCNjgxQkM5OTY2QUNFMjQ0RkNCRjI5
N0U2NUNBMTkwHhcNMjQwODIxMDExNDAyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM1M2Y1YS00NTAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2NgEOQl74O4rCNXakpHgJK01TrveVyjwQVCMYCJGRFWbEjixFFQ7feIzNDTy
/R93W/bXeASS9FVn8yP0RdFSVjxkknvq33B7llQFJciVdlCyZDI/pc03ZGGM1Rqt
wktgCyWG6sGsegFn/NyXOGOfSA/as+pCIv/xfhAloWAwKmAoFBq55dM7DmfwH3XR
Aoj0I2lcIBy501+sNJFRX4zie7Vv+GXGRUHZt6bduXZzY6WBoLyHxUNXvV65di3S
sLYXeQIke1gK2XiNz2op+ic0xMcgL70cBLUp1WxoA76kcO1vuk90rqybO9kbgQqp
ov9T3oLgPnOVNrmVtDnusgqQywIDAQABo4IClTCCApEwHQYDVR0OBBYEFOLVk+E/
mrviVPpp8Ztkw9uFZSCbMB8GA1UdIwQYMBaAFAy+0nq3toG8mWas4kT8vyl+ZcoZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2M0JFRi84QUFGRTI4QzI1
Q0YxMUVDOEI0QTk5MkVDNEY5QUUwMi9ETDdTZXJlMmdieVpacXppUlB5X0tYNWx5
aGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RMN1NlcmUyZ2J5WlpxemlSUHlfS1g1bHloay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjNCRUYvOEFBRkUyOEMyNUNGMTFFQzhCNEE5OTJFQzRGOUFFMDIvNjUzMDNERTIy
NUQyMTFFQ0IyQ0NGNjMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnQ/wwDQYJKoZIhvcNAQELBQADggEBAA62XcXNtmxdIA9N
EB0Jyj7uIQ0T4Cyizo81HEHZEOao/Fbn1upRp+xrdIkzmlrnhcOaw1i6hqQy+EMw
/B7WwubAOybvIx2qhtONNm3TRQ3Yuoio/5WyQEYgVi30Eo5P7EREvCFknZuMFqxe
T2eeEg/THWSHVFJ/5gEgnROx9vrSlgogcyQ8B4HiXFWBuaNBJAoiSqIv2LwUbObl
RENtMf2khQj8lvo6QJbwa6rM4Qyd7jbjL/hB7OIZAW+nLcaDbdBZlj3wljXEL8fJ
dS7XSyeixzvFKodl1nmRRhEUbfnNlxOqVIx9zMxRPYL/jXbXcOrbQJBOyNsXyJ8Q
CJ6b+hk=
-----END CERTIFICATE-----
Generated at Sat Sep 7 14:00:36 2024 by rpki-client on console-fra.rpki-client.org