Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916DA3F/04FF89D8B6CD11EB8E108026C4F9AE02/A3B796E09E7011EFB63EC661C4F9AE02.roa
File: A3B796E09E7011EFB63EC661C4F9AE02.roa (raw, json)
Hash identifier: c66vgOJbT9EGMfuB1a0vXdR8CKigkW74f7Og+Qspcxo=
Subject key identifier: 1C:04:50:FF:A3:BF:91:CE:52:78:E4:92:81:6F:40:27:40:13:5B:96
Certificate issuer: /CN=A916DA3F/serialNumber=7FF3EA9AC083251F5D30B01D056BCBCDE1A7EE2D
Certificate serial: 0587
Authority key identifier: 7F:F3:EA:9A:C0:83:25:1F:5D:30:B0:1D:05:6B:CB:CD:E1:A7:EE:2D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f_PqmsCDJR9dMLAdBWvLzeGn7i0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916DA3F/04FF89D8B6CD11EB8E108026C4F9AE02/A3B796E09E7011EFB63EC661C4F9AE02.roa
Signing time: Sat 09 Nov 2024 08:00:09 +0000
ROA not before: Sat 09 Nov 2024 08:00:09 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 5065
IP address blocks: 103.116.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Nov 2024 11:16:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1415 (0x587)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916DA3F/serialNumber=7FF3EA9AC083251F5D30B01D056BCBCDE1A7EE2D
Validity
Not Before: Nov 9 08:00:09 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=672f1689-a478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b5:3f:a7:c3:a6:6f:55:de:e4:5f:94:74:51:
21:73:28:4e:df:9a:91:8d:3b:1f:00:12:2f:37:4f:
dc:90:4f:fb:99:98:b8:40:e5:16:4c:98:22:90:2a:
08:3f:50:69:58:15:e5:c1:6b:59:86:b9:9e:31:46:
b3:8d:7f:b1:20:4e:b0:67:d8:68:f1:f6:c1:3c:97:
4f:d2:06:ab:34:37:6b:a0:63:71:1e:72:a9:1b:d6:
64:61:f6:2c:c2:e0:d2:62:fc:e0:19:9c:01:48:cb:
8d:9a:f6:30:c3:58:5f:9a:03:06:dc:e8:38:85:54:
a6:04:eb:45:d0:eb:ec:36:5a:e3:ac:f6:f3:ec:79:
29:82:89:fc:7e:b3:a7:65:40:07:9e:46:5d:44:6d:
f1:97:0f:26:53:10:bb:0b:56:52:07:57:44:67:0b:
8e:bc:d4:f5:95:e1:f3:7b:0a:3b:dc:7e:fe:aa:34:
c2:08:37:e0:18:dc:7b:f5:39:60:58:23:3b:b4:e3:
6b:4d:23:67:87:79:f8:36:59:31:9a:f3:07:f8:8c:
75:ca:8c:e7:2b:ea:df:50:9d:b6:f5:da:8d:b2:8d:
97:3a:31:40:0c:cf:b8:a6:44:32:ed:71:d2:1a:3c:
23:07:05:22:44:66:d4:74:35:ce:63:9a:3a:fc:6c:
bc:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:04:50:FF:A3:BF:91:CE:52:78:E4:92:81:6F:40:27:40:13:5B:96
X509v3 Authority Key Identifier:
keyid:7F:F3:EA:9A:C0:83:25:1F:5D:30:B0:1D:05:6B:CB:CD:E1:A7:EE:2D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916DA3F/04FF89D8B6CD11EB8E108026C4F9AE02/f_PqmsCDJR9dMLAdBWvLzeGn7i0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f_PqmsCDJR9dMLAdBWvLzeGn7i0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916DA3F/04FF89D8B6CD11EB8E108026C4F9AE02/A3B796E09E7011EFB63EC661C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.116.64.0/22
Signature Algorithm: sha256WithRSAEncryption
af:aa:d3:be:ab:89:c8:db:77:1d:ce:14:51:3f:8b:e7:80:58:
2c:20:d1:86:96:ad:04:ac:db:ee:56:a7:cb:28:ac:b5:40:06:
18:a7:0a:a1:65:cc:48:25:02:18:d5:d5:32:18:ba:b5:df:e1:
83:6b:f0:6d:83:01:4d:a5:0e:91:0c:2c:f5:3e:e4:27:04:a4:
3f:b0:75:8d:05:2a:8f:94:6a:1a:fa:70:45:a9:6c:1f:0b:a1:
c5:87:0d:47:f3:ed:23:0c:a9:68:0b:95:ad:5e:b1:20:ec:88:
d3:df:18:89:ae:da:cd:72:48:aa:a4:07:fd:05:b8:84:0f:e6:
08:33:4c:8c:ac:fc:e9:d4:84:3e:96:5e:ce:c2:9b:2f:1a:02:
6d:7e:95:5b:d4:9b:4f:65:01:32:5b:ee:e0:6d:e7:a9:40:b6:
f4:e5:99:2a:00:d8:8e:85:4f:ac:fd:e4:a9:c3:e9:53:30:ac:
dc:71:29:6f:94:1f:97:ea:96:6c:86:e7:6f:a3:0c:3f:5b:c6:
cf:12:e1:51:6e:d6:16:eb:72:c2:c2:42:1d:9a:c7:60:9f:10:
fa:86:89:29:c8:d2:15:ba:a7:66:42:c8:14:29:0a:f0:91:09:
09:ba:a4:d7:d5:df:03:cc:db:95:f7:61:b7:b8:c4:ae:2e:6f:
2a:1f:6c:67
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBYcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkRBM0YxMTAvBgNVBAUTKDdGRjNFQTlBQzA4MzI1MUY1RDMwQjAxRDA1NkJDQkNE
RTFBN0VFMkQwHhcNMjQxMTA5MDgwMDA5WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJmMTY4OS1hNDc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq7U/p8Omb1Xe5F+UdFEhcyhO35qRjTsfABIvN0/ckE/7mZi4QOUWTJgikCoI
P1BpWBXlwWtZhrmeMUazjX+xIE6wZ9ho8fbBPJdP0garNDdroGNxHnKpG9ZkYfYs
wuDSYvzgGZwBSMuNmvYww1hfmgMG3Og4hVSmBOtF0OvsNlrjrPbz7Hkpgon8frOn
ZUAHnkZdRG3xlw8mUxC7C1ZSB1dEZwuOvNT1leHzewo73H7+qjTCCDfgGNx79Tlg
WCM7tONrTSNnh3n4NlkxmvMH+Ix1yoznK+rfUJ229dqNso2XOjFADM+4pkQy7XHS
GjwjBwUiRGbUdDXOY5o6/Gy8ZwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBwEUP+j
v5HOUnjkkoFvQCdAE1uWMB8GA1UdIwQYMBaAFH/z6prAgyUfXTCwHQVry83hp+4t
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2REEzRi8wNEZGODlEOEI2
Q0QxMUVCOEUxMDgwMjZDNEY5QUUwMi9mX1BxbXNDREpSOWRNTEFkQld2THplR243
aTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZfUHFtc0NESlI5ZE1MQWRCV3ZMemVHbjdpMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkRBM0YvMDRGRjg5RDhCNkNEMTFFQjhFMTA4MDI2QzRGOUFFMDIvQTNCNzk2RTA5
RTcwMTFFRkI2M0VDNjYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJndEAwDQYJKoZIhvcNAQELBQADggEBAK+q076ricjbdx3O
FFE/i+eAWCwg0YaWrQSs2+5Wp8sorLVABhinCqFlzEglAhjV1TIYurXf4YNr8G2D
AU2lDpEMLPU+5CcEpD+wdY0FKo+Uahr6cEWpbB8LocWHDUfz7SMMqWgLla1esSDs
iNPfGImu2s1ySKqkB/0FuIQP5ggzTIys/OnUhD6WXs7Cmy8aAm1+lVvUm09lATJb
7uBt56lAtvTlmSoA2I6FT6z95KnD6VMwrNxxKW+UH5fqlmyG52+jDD9bxs8S4VFu
1hbrcsLCQh2ax2CfEPqGiSnI0hW6p2ZCyBQpCvCRCQm6pNfV3wPM25X3Ybe4xK4u
byofbGc=
-----END CERTIFICATE-----
Generated at Sat Nov 9 17:00:39 2024 by rpki-client on console-fra.rpki-client.org