Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA59D/563DE50E0D5611EBA3D15D2CC4F9AE02/9AD7C430E06811EEAC73DC10C4F9AE02.roa
File: 9AD7C430E06811EEAC73DC10C4F9AE02.roa (raw, json)
Hash identifier: I46np0heRAxWH4pBC0g25XsDn4Phyx6zcxFciMyNTf0=
Subject key identifier: C7:9B:05:0E:EF:F6:E2:93:DF:D4:23:54:62:05:74:7A:B4:BA:EA:70
Certificate issuer: /CN=A91DA59D/serialNumber=751FA49E712F88CF844CCD179EBE29B97EA1AACC
Certificate serial: 06EF
Authority key identifier: 75:1F:A4:9E:71:2F:88:CF:84:4C:CD:17:9E:BE:29:B9:7E:A1:AA:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dR-knnEviM-ETM0Xnr4puX6hqsw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA59D/563DE50E0D5611EBA3D15D2CC4F9AE02/9AD7C430E06811EEAC73DC10C4F9AE02.roa
Signing time: Sat 15 Jun 2024 00:01:56 +0000
ROA not before: Sat 15 Jun 2024 00:01:56 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 56110
IP address blocks: 103.138.188.0/24 maxlen: 24
103.138.189.0/24 maxlen: 24
2001:df0:4e80::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jul 2024 12:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1775 (0x6ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA59D/serialNumber=751FA49E712F88CF844CCD179EBE29B97EA1AACC
Validity
Not Before: Jun 15 00:01:56 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=666cd9f4-d57c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d3:a9:09:2e:e2:2e:8e:71:b4:27:26:3f:1f:
43:18:98:14:d8:3f:69:9a:84:4f:a2:ff:98:58:3b:
89:48:13:aa:ff:89:db:64:ec:3c:db:60:18:37:3c:
de:59:f3:4f:a8:6d:45:35:e6:ce:8a:7f:ab:3b:38:
08:49:d2:98:5b:44:01:5d:41:bf:3a:04:5d:bc:ae:
ea:eb:34:06:fd:04:80:8d:bf:a6:78:9c:4f:12:05:
44:52:68:1c:5d:59:6d:d9:97:20:72:4a:82:4a:7b:
ae:bc:3a:f0:56:12:c1:f6:a0:9f:7c:5c:2f:39:34:
b7:f8:d8:1c:4f:8a:d2:80:50:6c:2c:d9:58:b1:cb:
33:fa:df:cf:64:58:18:d4:45:fd:f3:33:be:2a:72:
2f:09:12:40:6d:2d:35:3e:d6:26:80:2b:70:9e:26:
b7:52:d0:65:9c:ca:7e:1f:79:8b:b8:e0:a5:eb:32:
9e:e2:9c:92:ba:52:53:df:20:9f:a1:30:7d:0c:49:
84:81:6c:63:aa:53:9b:a9:c7:64:98:5a:5e:35:e7:
14:e3:3b:d7:95:ca:aa:da:76:de:52:8c:24:ef:11:
31:c6:34:fe:3a:aa:e3:cf:6f:2c:02:bc:53:93:77:
2b:8f:c8:7f:30:81:cb:73:f4:ab:3e:bb:e9:31:3f:
9e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:9B:05:0E:EF:F6:E2:93:DF:D4:23:54:62:05:74:7A:B4:BA:EA:70
X509v3 Authority Key Identifier:
keyid:75:1F:A4:9E:71:2F:88:CF:84:4C:CD:17:9E:BE:29:B9:7E:A1:AA:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA59D/563DE50E0D5611EBA3D15D2CC4F9AE02/dR-knnEviM-ETM0Xnr4puX6hqsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dR-knnEviM-ETM0Xnr4puX6hqsw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA59D/563DE50E0D5611EBA3D15D2CC4F9AE02/9AD7C430E06811EEAC73DC10C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.188.0/23
IPv6:
2001:df0:4e80::/48
Signature Algorithm: sha256WithRSAEncryption
7c:68:c1:36:84:50:24:2d:cb:e1:8a:df:b0:a7:c5:1e:f2:1a:
2c:14:10:c4:3d:f3:31:46:7c:9a:30:bc:38:41:ab:f5:1c:5c:
6b:09:49:80:d0:55:c2:6d:53:6d:6d:46:67:30:95:f5:a4:a2:
e5:33:a6:47:27:52:7f:96:ce:77:07:68:14:13:bc:2f:8c:1b:
80:90:24:69:bc:ae:62:f9:96:1a:88:b4:4a:06:b5:b3:dd:14:
f1:e7:5f:b5:da:25:09:cf:2f:44:af:57:40:62:73:ae:f9:0d:
95:04:8c:61:53:dc:f1:4e:cd:28:02:10:4b:4e:eb:c3:84:a9:
5d:1f:dc:8a:f7:8a:60:88:e1:37:54:83:e3:0b:b0:69:83:5b:
44:ed:ab:95:2a:91:0b:5d:e3:91:00:e9:09:3a:c9:83:29:62:
74:58:10:70:97:a2:06:78:7a:28:43:d8:8a:14:e1:65:d5:f0:
9a:b7:7e:91:b7:1a:fe:1c:4a:20:02:b4:db:dd:a9:71:19:62:
90:79:99:da:61:c0:fc:c3:2f:fd:c4:6d:d8:8c:3c:65:1c:50:
76:92:26:85:ba:4a:3b:31:41:4d:fe:ae:19:2a:c8:6a:11:ac:
2e:b8:f4:b9:af:84:63:5b:b0:e1:d8:23:cb:b1:36:dc:f3:40:
0c:90:df:39
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBu8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REE1OUQxMTAvBgNVBAUTKDc1MUZBNDlFNzEyRjg4Q0Y4NDRDQ0QxNzlFQkUyOUI5
N0VBMUFBQ0MwHhcNMjQwNjE1MDAwMTU2WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjZjZDlmNC1kNTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvtOpCS7iLo5xtCcmPx9DGJgU2D9pmoRPov+YWDuJSBOq/4nbZOw822AYNzze
WfNPqG1FNebOin+rOzgISdKYW0QBXUG/OgRdvK7q6zQG/QSAjb+meJxPEgVEUmgc
XVlt2ZcgckqCSnuuvDrwVhLB9qCffFwvOTS3+NgcT4rSgFBsLNlYscsz+t/PZFgY
1EX98zO+KnIvCRJAbS01PtYmgCtwnia3UtBlnMp+H3mLuOCl6zKe4pySulJT3yCf
oTB9DEmEgWxjqlObqcdkmFpeNecU4zvXlcqq2nbeUowk7xExxjT+Oqrjz28sArxT
k3crj8h/MIHLc/SrPrvpMT+eYQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFMebBQ7v
9uKT39QjVGIFdHq0uupwMB8GA1UdIwQYMBaAFHUfpJ5xL4jPhEzNF56+Kbl+oarM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTU5RC81NjNERTUwRTBE
NTYxMUVCQTNEMTVEMkNDNEY5QUUwMi9kUi1rbm5FdmlNLUVUTTBYbnI0cHVYNmhx
c3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RSLWtubkV2aU0tRVRNMFhucjRwdVg2aHFzdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REE1OUQvNTYzREU1MEUwRDU2MTFFQkEzRDE1RDJDQzRGOUFFMDIvOUFEN0M0MzBF
MDY4MTFFRUFDNzNEQzEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnirwwDwQCAAIwCQMHACABDfBOgDANBgkqhkiG9w0BAQsF
AAOCAQEAfGjBNoRQJC3L4YrfsKfFHvIaLBQQxD3zMUZ8mjC8OEGr9RxcawlJgNBV
wm1TbW1GZzCV9aSi5TOmRydSf5bOdwdoFBO8L4wbgJAkabyuYvmWGoi0Sga1s90U
8edftdolCc8vRK9XQGJzrvkNlQSMYVPc8U7NKAIQS07rw4SpXR/civeKYIjhN1SD
4wuwaYNbRO2rlSqRC13jkQDpCTrJgylidFgQcJeiBnh6KEPYihThZdXwmrd+kbca
/hxKIAK0292pcRlikHmZ2mHA/MMv/cRt2Iw8ZRxQdpImhbpKOzFBTf6uGSrIahGs
Lrj0ua+EY1uw4dgjy7E23PNADJDfOQ==
-----END CERTIFICATE-----
Generated at Mon Jul 1 14:21:11 2024 by rpki-client on console-ams.rpki-client.org