Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916DA3F/04FF89D8B6CD11EB8E108026C4F9AE02/99BB0B14A16311EE85DF497CC4F9AE02.roa
File: 99BB0B14A16311EE85DF497CC4F9AE02.roa (raw, json)
Hash identifier: VABNadXOHwxMg9NKZc1qOwPb2mqyc3BzjUsgz+sIVH4=
Subject key identifier: 18:05:C6:B2:03:55:D9:0F:7E:6B:DA:1A:D1:12:01:DC:49:54:C8:A6
Certificate issuer: /CN=A916DA3F/serialNumber=7FF3EA9AC083251F5D30B01D056BCBCDE1A7EE2D
Certificate serial: 0533
Authority key identifier: 7F:F3:EA:9A:C0:83:25:1F:5D:30:B0:1D:05:6B:CB:CD:E1:A7:EE:2D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f_PqmsCDJR9dMLAdBWvLzeGn7i0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916DA3F/04FF89D8B6CD11EB8E108026C4F9AE02/99BB0B14A16311EE85DF497CC4F9AE02.roa
Signing time: Mon 03 Jun 2024 01:56:14 +0000
ROA not before: Mon 03 Jun 2024 01:56:14 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 136897
IP address blocks: 103.116.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Nov 2024 07:59:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1331 (0x533)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916DA3F/serialNumber=7FF3EA9AC083251F5D30B01D056BCBCDE1A7EE2D
Validity
Not Before: Jun 3 01:56:14 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=665d22be-5977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:7d:71:33:9e:b7:60:79:8e:4c:f0:ea:fb:b1:
a3:3a:9d:4d:81:38:ca:26:b8:e0:26:ab:9c:0e:b8:
2e:7e:28:d8:bb:ec:1a:ec:02:34:0b:cd:90:0f:06:
01:a2:22:9b:02:9e:fb:e2:1c:96:c2:d2:0e:7b:20:
e1:4e:4e:bd:43:97:7d:0f:e7:0f:6d:76:f9:cb:f6:
6e:d7:91:b7:b2:05:db:cd:73:5c:37:f6:e8:79:9b:
24:e4:4d:2b:93:c8:b5:0b:0d:24:5d:e5:96:43:92:
0e:ed:aa:f2:9f:65:3d:33:de:bc:c0:b5:d4:94:ae:
b9:15:40:49:6e:01:de:c9:bf:da:79:30:43:3c:51:
db:94:81:92:e9:81:0b:39:09:28:7e:17:54:bd:2e:
da:e2:9f:02:49:d9:3c:4f:88:b0:e7:0b:5d:ff:36:
a1:ee:7e:f4:14:48:43:a5:3f:fb:7b:c7:22:8c:92:
a6:6d:50:51:dd:36:f7:d6:c2:57:25:ee:e3:84:f9:
26:fa:cb:2c:ba:41:25:75:10:63:02:a4:46:4e:50:
c9:be:6d:c3:38:72:6b:88:32:cc:de:28:f2:81:e6:
3a:bb:f4:e6:85:37:a6:2b:50:01:a5:dc:62:95:3a:
d5:60:77:63:b2:d8:1a:fc:59:bc:11:6a:71:9a:e9:
35:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:05:C6:B2:03:55:D9:0F:7E:6B:DA:1A:D1:12:01:DC:49:54:C8:A6
X509v3 Authority Key Identifier:
keyid:7F:F3:EA:9A:C0:83:25:1F:5D:30:B0:1D:05:6B:CB:CD:E1:A7:EE:2D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916DA3F/04FF89D8B6CD11EB8E108026C4F9AE02/f_PqmsCDJR9dMLAdBWvLzeGn7i0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f_PqmsCDJR9dMLAdBWvLzeGn7i0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916DA3F/04FF89D8B6CD11EB8E108026C4F9AE02/99BB0B14A16311EE85DF497CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.116.64.0/22
Signature Algorithm: sha256WithRSAEncryption
ca:0b:81:3a:83:cd:69:12:aa:62:50:ea:f1:9e:c9:f9:11:c8:
ea:c9:91:7b:c5:2a:cd:e6:e7:77:7a:86:1a:9f:0c:1c:d4:38:
e0:0e:13:9b:7e:c0:30:26:35:41:3c:eb:23:20:1c:64:88:71:
d1:a1:c2:da:6b:eb:4c:ab:5c:d5:96:2d:59:d0:d1:2a:69:91:
b9:14:82:97:1a:09:75:85:08:09:7b:55:83:1f:43:62:26:f9:
8b:59:eb:40:5d:4b:83:81:c5:68:d5:db:cc:ea:19:a8:35:b0:
8d:56:2a:27:eb:5e:36:de:9c:d7:52:a8:26:22:8a:e0:00:0e:
a2:79:41:f4:75:92:9d:f7:4d:c2:60:23:9b:39:b3:6d:2b:0f:
08:a2:c3:f9:3d:0f:81:0f:82:6e:da:15:3e:e4:33:1e:44:3f:
f8:be:e0:13:39:88:2c:2f:d1:61:15:c8:66:5c:8c:90:7a:d1:
65:a5:90:07:ec:52:1c:75:05:3b:83:a1:34:fa:aa:53:f5:80:
b6:f3:eb:bf:5a:67:6c:8b:de:6d:40:0a:76:d3:73:62:de:59:
2f:a6:d5:85:ec:8a:2a:d4:06:f2:6a:34:ce:ba:70:ca:81:f9:
ae:e0:52:dc:e8:8e:aa:2d:51:b0:92:b7:4a:d2:d1:ec:62:8c:
a9:c9:20:e9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBTMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkRBM0YxMTAvBgNVBAUTKDdGRjNFQTlBQzA4MzI1MUY1RDMwQjAxRDA1NkJDQkNE
RTFBN0VFMkQwHhcNMjQwNjAzMDE1NjE0WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVkMjJiZS01OTc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA631xM563YHmOTPDq+7GjOp1NgTjKJrjgJqucDrgufijYu+wa7AI0C82QDwYB
oiKbAp774hyWwtIOeyDhTk69Q5d9D+cPbXb5y/Zu15G3sgXbzXNcN/boeZsk5E0r
k8i1Cw0kXeWWQ5IO7aryn2U9M968wLXUlK65FUBJbgHeyb/aeTBDPFHblIGS6YEL
OQkofhdUvS7a4p8CSdk8T4iw5wtd/zah7n70FEhDpT/7e8cijJKmbVBR3Tb31sJX
Je7jhPkm+sssukEldRBjAqRGTlDJvm3DOHJriDLM3ijygeY6u/TmhTemK1ABpdxi
lTrVYHdjstga/Fm8EWpxmuk1KQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBgFxrID
VdkPfmvaGtESAdxJVMimMB8GA1UdIwQYMBaAFH/z6prAgyUfXTCwHQVry83hp+4t
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2REEzRi8wNEZGODlEOEI2
Q0QxMUVCOEUxMDgwMjZDNEY5QUUwMi9mX1BxbXNDREpSOWRNTEFkQld2THplR243
aTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZfUHFtc0NESlI5ZE1MQWRCV3ZMemVHbjdpMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkRBM0YvMDRGRjg5RDhCNkNEMTFFQjhFMTA4MDI2QzRGOUFFMDIvOTlCQjBCMTRB
MTYzMTFFRTg1REY0OTdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJndEAwDQYJKoZIhvcNAQELBQADggEBAMoLgTqDzWkSqmJQ
6vGeyfkRyOrJkXvFKs3m53d6hhqfDBzUOOAOE5t+wDAmNUE86yMgHGSIcdGhwtpr
60yrXNWWLVnQ0SppkbkUgpcaCXWFCAl7VYMfQ2Im+YtZ60BdS4OBxWjV28zqGag1
sI1WKifrXjbenNdSqCYiiuAADqJ5QfR1kp33TcJgI5s5s20rDwiiw/k9D4EPgm7a
FT7kMx5EP/i+4BM5iCwv0WEVyGZcjJB60WWlkAfsUhx1BTuDoTT6qlP1gLbz679a
Z2yL3m1ACnbTc2LeWS+m1YXsiirUBvJqNM66cMqB+a7gUtzojqotUbCSt0rS0exi
jKnJIOk=
-----END CERTIFICATE-----
Generated at Sat Nov 9 09:32:56 2024 by rpki-client on console-fra.rpki-client.org