Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91728B4/7C8AF838EF5511EA9C6FDB7EC4F9AE02/EC79A65C3C2811EF90913F6AC4F9AE02.roa
File: EC79A65C3C2811EF90913F6AC4F9AE02.roa (raw, json)
Hash identifier: 2YYKM6VS2gfJteWNcw6pYPNnBQnUVeU157FpcCn7uZA=
Subject key identifier: 20:94:88:11:44:69:8D:AE:5D:29:B9:3A:FA:80:5C:27:9E:83:9C:3D
Certificate issuer: /CN=A91728B4/serialNumber=A81980A36E629CA011ED43C28CE5B0FBD265DE63
Certificate serial: 0744
Authority key identifier: A8:19:80:A3:6E:62:9C:A0:11:ED:43:C2:8C:E5:B0:FB:D2:65:DE:63
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qBmAo25inKAR7UPCjOWw-9Jl3mM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91728B4/7C8AF838EF5511EA9C6FDB7EC4F9AE02/EC79A65C3C2811EF90913F6AC4F9AE02.roa
Signing time: Sun 07 Jul 2024 06:19:54 +0000
ROA not before: Sun 07 Jul 2024 06:19:54 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 137209
IP address blocks: 103.104.232.0/22 maxlen: 22
2402:1dc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 09 Jul 2024 04:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1860 (0x744)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91728B4/serialNumber=A81980A36E629CA011ED43C28CE5B0FBD265DE63
Validity
Not Before: Jul 7 06:19:54 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=668a3389-ee1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:0f:31:1c:d8:f3:03:b0:02:83:5b:c0:6c:32:
63:3e:df:6d:28:12:d6:70:17:f9:c0:b0:8f:3d:ac:
4f:e4:a8:a9:19:b5:5a:5b:d7:37:d7:57:2d:e3:53:
70:b9:43:5d:30:30:06:e7:3b:fd:43:87:97:7d:39:
ae:eb:ea:54:a4:96:f6:6b:37:43:d6:9a:d8:d4:d9:
f2:ea:6e:8a:70:d7:49:bd:a4:86:d7:48:67:f1:6a:
31:01:cd:c3:d0:e5:bb:94:86:bc:fb:60:8b:26:12:
a4:f5:64:a3:0e:3b:c4:f1:fb:2c:31:a9:44:02:89:
a2:45:10:65:5b:c3:bb:68:46:e5:d0:66:43:72:84:
a5:22:d6:98:99:b8:28:26:b5:3e:35:2d:d1:bc:14:
81:83:e8:be:6c:9f:58:57:93:32:6d:0c:a9:74:76:
84:8c:3a:c4:11:be:7b:1a:f0:81:5d:28:d8:8a:50:
e9:ca:24:0a:89:96:07:a4:56:c6:9c:c5:f1:50:1f:
c4:c3:b7:0d:e2:55:34:e7:45:70:66:47:d3:2f:1f:
5c:3c:f8:6c:77:95:b7:7c:29:21:2e:85:0f:57:6b:
1c:e4:8d:1c:ad:2e:a5:a9:d6:f9:bd:24:75:d2:35:
99:1d:c2:b0:15:cf:81:db:e7:5c:84:ea:22:4b:c7:
99:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:94:88:11:44:69:8D:AE:5D:29:B9:3A:FA:80:5C:27:9E:83:9C:3D
X509v3 Authority Key Identifier:
keyid:A8:19:80:A3:6E:62:9C:A0:11:ED:43:C2:8C:E5:B0:FB:D2:65:DE:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91728B4/7C8AF838EF5511EA9C6FDB7EC4F9AE02/qBmAo25inKAR7UPCjOWw-9Jl3mM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qBmAo25inKAR7UPCjOWw-9Jl3mM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91728B4/7C8AF838EF5511EA9C6FDB7EC4F9AE02/EC79A65C3C2811EF90913F6AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.104.232.0/22
IPv6:
2402:1dc0::/32
Signature Algorithm: sha256WithRSAEncryption
62:56:b8:ed:77:7f:15:c2:19:d1:20:67:ed:1c:67:3f:29:4f:
72:74:9c:ad:5a:f1:1c:06:e1:ae:a6:2b:df:6d:d7:a5:ee:e1:
16:b5:54:9e:7a:82:25:f4:cf:23:a0:12:3e:e8:e4:b4:0f:99:
e6:3f:cf:d5:c8:f9:07:7b:d0:df:5d:2c:02:5a:c2:73:bf:48:
c1:bb:df:c5:83:9d:d7:d4:96:b8:1d:83:10:80:48:5f:66:d3:
e6:cc:43:06:ad:f8:4e:56:f3:aa:01:68:09:f7:c2:9d:5b:9c:
59:15:db:f1:10:07:b4:74:69:71:42:0d:76:c6:26:f4:48:ff:
9b:20:71:48:c2:03:0e:57:d3:c9:cc:7c:ea:05:d8:85:ca:96:
9a:0f:12:3e:d2:69:18:42:ae:2e:4e:8e:7a:bb:7d:e0:6d:47:
bd:00:8d:99:d9:22:e5:5d:bc:a0:3d:db:6e:b8:36:94:d7:32:
97:c1:98:9a:87:1a:ca:4a:6c:d1:73:2a:6f:fa:92:c9:20:23:
e9:5b:f3:7c:91:e8:9c:67:8a:33:ea:a8:1a:14:9f:28:28:11:
8f:45:25:e1:35:3d:88:f2:3b:9f:05:ba:38:88:50:b1:9b:5d:
71:a2:3c:30:7c:cc:a6:b9:2d:96:50:b3:06:a4:f2:e1:90:72:
d6:71:ff:88
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICB0QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzI4QjQxMTAvBgNVBAUTKEE4MTk4MEEzNkU2MjlDQTAxMUVENDNDMjhDRTVCMEZC
RDI2NURFNjMwHhcNMjQwNzA3MDYxOTU0WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjhhMzM4OS1lZTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7g8xHNjzA7ACg1vAbDJjPt9tKBLWcBf5wLCPPaxP5KipGbVaW9c311ct41Nw
uUNdMDAG5zv9Q4eXfTmu6+pUpJb2azdD1prY1Nny6m6KcNdJvaSG10hn8WoxAc3D
0OW7lIa8+2CLJhKk9WSjDjvE8fssMalEAomiRRBlW8O7aEbl0GZDcoSlItaYmbgo
JrU+NS3RvBSBg+i+bJ9YV5MybQypdHaEjDrEEb57GvCBXSjYilDpyiQKiZYHpFbG
nMXxUB/Ew7cN4lU050VwZkfTLx9cPPhsd5W3fCkhLoUPV2sc5I0crS6lqdb5vSR1
0jWZHcKwFc+B2+dchOoiS8eZ7QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFCCUiBFE
aY2uXSm5OvqAXCeeg5w9MB8GA1UdIwQYMBaAFKgZgKNuYpygEe1DwozlsPvSZd5j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MjhCNC83QzhBRjgzOEVG
NTUxMUVBOUM2RkRCN0VDNEY5QUUwMi9xQm1BbzI1aW5LQVI3VVBDak9Xdy05Smwz
bU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FCbUFvMjVpbktBUjdVUENqT1d3LTlKbDNtTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzI4QjQvN0M4QUY4MzhFRjU1MTFFQTlDNkZEQjdFQzRGOUFFMDIvRUM3OUE2NUMz
QzI4MTFFRjkwOTEzRjZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnaOgwDQQCAAIwBwMFACQCHcAwDQYJKoZIhvcNAQELBQAD
ggEBAGJWuO13fxXCGdEgZ+0cZz8pT3J0nK1a8RwG4a6mK99t16Xu4Ra1VJ56giX0
zyOgEj7o5LQPmeY/z9XI+Qd70N9dLAJawnO/SMG738WDndfUlrgdgxCASF9m0+bM
Qwat+E5W86oBaAn3wp1bnFkV2/EQB7R0aXFCDXbGJvRI/5sgcUjCAw5X08nMfOoF
2IXKlpoPEj7SaRhCri5Ojnq7feBtR70AjZnZIuVdvKA92264NpTXMpfBmJqHGspK
bNFzKm/6kskgI+lb83yR6JxnijPqqBoUnygoEY9FJeE1PYjyO58FujiIULGbXXGi
PDB8zKa5LZZQswak8uGQctZx/4g=
-----END CERTIFICATE-----
Generated at Tue Jul 9 05:29:37 2024 by rpki-client on console-fra.rpki-client.org