Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9187E80/D278CA649E7711EB8C25DB6CC4F9AE02/D48509F04CE211EEA2FAB01CC4F9AE02.roa
File: D48509F04CE211EEA2FAB01CC4F9AE02.roa (raw, json)
Hash identifier: gSLOr9xBgte+UB8xw0cb5yhsxrU1p6zzHIulmaA8CuY=
Subject key identifier: 02:A9:7B:80:DB:09:CF:99:8A:92:4D:27:6B:2C:E1:1D:28:72:B0:A8
Certificate issuer: /CN=A9187E80/serialNumber=7CB0E5825101C665443F2CFAB19E84D1A7797597
Certificate serial: 04E0
Authority key identifier: 7C:B0:E5:82:51:01:C6:65:44:3F:2C:FA:B1:9E:84:D1:A7:79:75:97
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fLDlglEBxmVEPyz6sZ6E0ad5dZc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9187E80/D278CA649E7711EB8C25DB6CC4F9AE02/D48509F04CE211EEA2FAB01CC4F9AE02.roa
Signing time: Wed 06 Sep 2023 18:26:01 +0000
ROA not before: Wed 06 Sep 2023 18:26:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 18464
IP address blocks: 103.136.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 18 Sep 2023 15:50:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1248 (0x4e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9187E80/serialNumber=7CB0E5825101C665443F2CFAB19E84D1A7797597
Validity
Not Before: Sep 6 18:26:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64f8c438-a408
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f5:03:b7:a0:1b:8a:0d:91:65:0e:47:98:d1:
46:c1:2e:e1:f8:a0:49:33:40:cb:4a:d8:18:e4:51:
fd:78:cf:42:9f:e7:6e:12:34:51:d7:9b:9f:fc:e0:
d2:90:4c:d7:11:04:1a:27:15:15:26:f9:a3:dc:97:
3e:35:fa:66:ca:c2:ed:e7:0f:f7:0a:0f:e1:25:ed:
4a:f5:e5:3b:bc:66:e8:db:fb:d2:ba:4d:5a:ca:e0:
81:be:c3:69:8c:2b:86:45:8a:d0:bd:62:6f:b6:e4:
86:a0:03:06:1e:a1:e2:25:01:eb:12:be:1a:12:ad:
1d:a3:1a:ff:d0:44:bd:80:ef:1b:36:fa:a4:50:4d:
68:8f:d4:06:85:07:82:d7:75:6d:2f:c5:f6:58:9b:
fc:89:b5:fd:ab:e1:74:f9:dd:0e:6a:1e:5d:fc:00:
64:e4:29:27:1e:05:2a:c7:5e:27:e1:ce:9f:b8:6d:
04:7d:3e:e2:85:65:ab:1a:ec:2c:0b:36:f6:b1:8e:
26:91:91:f0:69:bc:de:d1:4a:25:97:9a:4a:6c:4e:
2f:9e:4c:eb:22:f9:80:28:53:b2:f8:80:b9:90:7c:
90:95:31:77:25:3b:cd:e8:19:40:c8:03:6d:be:a0:
2d:26:c7:bb:89:33:51:87:72:7d:6b:bc:bc:d8:13:
10:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A9:7B:80:DB:09:CF:99:8A:92:4D:27:6B:2C:E1:1D:28:72:B0:A8
X509v3 Authority Key Identifier:
keyid:7C:B0:E5:82:51:01:C6:65:44:3F:2C:FA:B1:9E:84:D1:A7:79:75:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9187E80/D278CA649E7711EB8C25DB6CC4F9AE02/fLDlglEBxmVEPyz6sZ6E0ad5dZc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fLDlglEBxmVEPyz6sZ6E0ad5dZc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9187E80/D278CA649E7711EB8C25DB6CC4F9AE02/D48509F04CE211EEA2FAB01CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.124.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:85:87:a6:6e:dc:4e:84:8a:56:00:52:6f:17:13:df:31:23:
33:bf:c2:ab:00:25:b5:3f:4e:10:e3:14:d6:21:d6:b6:2c:3e:
45:d4:29:02:b1:8a:89:7e:a0:fb:1c:ee:da:3a:b8:77:7d:17:
6d:ca:e0:7f:99:0e:45:64:a9:c8:70:b6:53:73:da:af:bd:fa:
68:4e:b3:da:e7:7c:99:be:be:ab:db:9d:e8:12:e9:38:1b:97:
6e:c0:17:1f:ad:35:4b:5c:1f:e0:f3:43:48:77:cc:40:68:55:
87:a0:2d:fc:7f:c2:29:54:b8:da:24:75:a4:63:1f:ed:67:30:
f3:0b:f8:8b:39:5f:2a:29:48:b8:cb:c6:04:9e:b2:92:84:fe:
2e:2d:a4:c6:bf:fd:33:e8:70:a5:e3:5a:aa:7b:65:68:53:23:
0f:42:13:43:6b:a7:e4:a5:fa:32:c9:f9:0d:db:38:f1:b3:02:
89:67:82:fa:2e:a3:5e:af:30:1b:26:8e:a2:14:fa:bd:7a:f8:
c9:0a:a5:fb:73:b1:8b:70:eb:2e:0d:f5:81:d8:ee:86:a9:c8:
2e:00:fa:8a:14:11:49:3d:6e:73:fb:f4:2e:62:a0:c4:5a:ab:
be:b1:59:a3:04:cf:31:49:6b:cf:bc:12:48:61:56:cb:4e:44:
2a:7c:44:c6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODdFODAxMTAvBgNVBAUTKDdDQjBFNTgyNTEwMUM2NjU0NDNGMkNGQUIxOUU4NEQx
QTc3OTc1OTcwHhcNMjMwOTA2MTgyNjAxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY4YzQzOC1hNDA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5fUDt6Abig2RZQ5HmNFGwS7h+KBJM0DLStgY5FH9eM9Cn+duEjRR15uf/ODS
kEzXEQQaJxUVJvmj3Jc+NfpmysLt5w/3Cg/hJe1K9eU7vGbo2/vSuk1ayuCBvsNp
jCuGRYrQvWJvtuSGoAMGHqHiJQHrEr4aEq0doxr/0ES9gO8bNvqkUE1oj9QGhQeC
13VtL8X2WJv8ibX9q+F0+d0Oah5d/ABk5CknHgUqx14n4c6fuG0EfT7ihWWrGuws
Czb2sY4mkZHwabze0Uoll5pKbE4vnkzrIvmAKFOy+IC5kHyQlTF3JTvN6BlAyANt
vqAtJse7iTNRh3J9a7y82BMQPwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAKpe4Db
Cc+ZipJNJ2ss4R0ocrCoMB8GA1UdIwQYMBaAFHyw5YJRAcZlRD8s+rGehNGneXWX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4N0U4MC9EMjc4Q0E2NDlF
NzcxMUVCOEMyNURCNkNDNEY5QUUwMi9mTERsZ2xFQnhtVkVQeXo2c1o2RTBhZDVk
WmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZMRGxnbEVCeG1WRVB5ejZzWjZFMGFkNWRaYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODdFODAvRDI3OENBNjQ5RTc3MTFFQjhDMjVEQjZDQzRGOUFFMDIvRDQ4NTA5RjA0
Q0UyMTFFRUEyRkFCMDFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJniHwwDQYJKoZIhvcNAQELBQADggEBADuFh6Zu3E6EilYA
Um8XE98xIzO/wqsAJbU/ThDjFNYh1rYsPkXUKQKxiol+oPsc7to6uHd9F23K4H+Z
DkVkqchwtlNz2q+9+mhOs9rnfJm+vqvbnegS6Tgbl27AFx+tNUtcH+DzQ0h3zEBo
VYegLfx/wilUuNokdaRjH+1nMPML+Is5XyopSLjLxgSespKE/i4tpMa//TPocKXj
Wqp7ZWhTIw9CE0Nrp+Sl+jLJ+Q3bOPGzAolngvouo16vMBsmjqIU+r16+MkKpftz
sYtw6y4N9YHY7oapyC4A+ooUEUk9bnP79C5ioMRaq76xWaMEzzFJa8+8EkhhVstO
RCp8RMY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:14 2024 by rpki-client on console-fra.rpki-client.org