Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DDCD9/410BBC144E6C11EA89049747C4F9AE02/D825A42E4E6D11EAA3D8784AC4F9AE02.roa
File: D825A42E4E6D11EAA3D8784AC4F9AE02.roa (raw, json)
Hash identifier: GpIse/DxParnHEDJ/NEzQCdBiM7b48QTndFsX8lOmV4=
Subject key identifier: D1:5B:F4:4C:D5:90:81:59:41:8C:32:72:8A:11:0D:29:90:EF:09:C2
Certificate issuer: /CN=A91DDCD9/serialNumber=1679EA066683F2A1550DE70F458432DD1A83270F
Certificate serial: 0A2F
Authority key identifier: 16:79:EA:06:66:83:F2:A1:55:0D:E7:0F:45:84:32:DD:1A:83:27:0F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FnnqBmaD8qFVDecPRYQy3RqDJw8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DDCD9/410BBC144E6C11EA89049747C4F9AE02/D825A42E4E6D11EAA3D8784AC4F9AE02.roa
Signing time: Wed 10 Jul 2024 20:18:23 +0000
ROA not before: Wed 10 Jul 2024 20:18:23 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 139223
IP address blocks: 103.139.253.0/24 maxlen: 24
103.175.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jul 2024 08:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2607 (0xa2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DDCD9/serialNumber=1679EA066683F2A1550DE70F458432DD1A83270F
Validity
Not Before: Jul 10 20:18:23 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=668eec8f-5445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f0:81:96:09:2f:9e:b9:1c:cf:f4:d6:d0:6d:
dd:13:d4:6a:36:ba:14:41:5c:1d:54:06:c5:a6:d2:
d6:01:e5:7b:78:89:7a:88:9c:85:35:bf:eb:74:f3:
c3:40:0c:67:e1:65:62:e5:d2:9d:8c:5b:c7:ba:c7:
a8:16:e5:bd:cb:e9:b9:3a:ce:dc:b8:91:22:63:07:
34:81:f7:18:0f:71:59:a8:91:e1:23:fb:cd:d5:5d:
74:33:f1:32:ec:0e:bb:c1:b8:fd:43:c1:3d:07:2f:
f8:b1:ec:fc:66:76:55:6b:20:7a:93:1b:90:08:ef:
1b:83:85:fd:70:3e:f1:4d:77:ce:1c:7f:2e:e7:dd:
ed:7e:a3:ec:30:88:90:a9:2a:f5:05:5f:c6:0a:29:
11:38:56:12:27:5b:39:25:dd:f8:7e:c8:a0:8c:62:
77:6e:f4:5d:5d:33:9d:9f:50:e8:25:d4:21:1c:d4:
f5:8b:86:09:dd:26:75:b1:d0:ce:97:34:95:6a:10:
34:33:af:0a:af:3d:82:1c:99:a7:0d:54:37:14:b7:
f8:26:b1:43:4e:82:d0:96:3d:4a:f6:f5:3b:0e:32:
f0:d6:3b:16:6f:ab:09:77:ed:12:9a:38:af:79:69:
14:bb:51:b0:4c:6a:29:83:25:9e:3d:4e:7b:d8:f0:
5e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:5B:F4:4C:D5:90:81:59:41:8C:32:72:8A:11:0D:29:90:EF:09:C2
X509v3 Authority Key Identifier:
keyid:16:79:EA:06:66:83:F2:A1:55:0D:E7:0F:45:84:32:DD:1A:83:27:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DDCD9/410BBC144E6C11EA89049747C4F9AE02/FnnqBmaD8qFVDecPRYQy3RqDJw8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FnnqBmaD8qFVDecPRYQy3RqDJw8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DDCD9/410BBC144E6C11EA89049747C4F9AE02/D825A42E4E6D11EAA3D8784AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.253.0/24
103.175.127.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:7d:5e:64:c2:97:a1:6a:85:65:76:a9:7e:77:33:54:c5:f8:
61:23:fe:9e:b4:b3:dc:bc:b8:11:81:9e:61:de:50:67:1a:d2:
d5:b1:20:05:b9:df:f4:3b:07:b3:ee:07:aa:57:88:27:6e:8c:
a9:8e:d4:99:8c:67:4d:09:1d:7b:3d:20:f9:4f:09:50:60:82:
75:83:3e:58:39:ad:d3:c3:a5:8d:d5:39:5c:58:d5:7a:45:cf:
fb:0a:35:a3:01:ad:7d:09:34:6b:50:3a:86:c0:84:d0:93:08:
6e:a3:af:eb:84:46:2b:1b:05:4e:f7:ee:68:ea:9c:61:9d:0a:
d9:b6:7c:a3:2e:6e:d6:13:45:8c:89:f0:25:bd:0f:3f:95:44:
fe:49:dc:bc:d3:38:11:d1:c9:49:d4:b2:4a:bb:50:7c:66:8e:
52:f3:bd:ba:bc:8c:4b:ff:78:15:b1:a6:cf:61:34:2d:e9:95:
c2:18:03:6b:7b:16:c5:8c:61:6a:9e:08:0f:75:8a:72:c8:1a:
91:a1:ad:03:af:3c:be:4f:ce:16:95:61:f2:34:07:88:18:f4:
f0:54:04:ec:0d:fb:49:38:54:e8:52:91:8f:4e:27:24:0f:eb:
fc:5b:ea:a5:f3:61:01:71:90:9e:ea:d0:13:98:a1:48:ce:66:
19:48:a4:0d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCi8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RERDRDkxMTAvBgNVBAUTKDE2NzlFQTA2NjY4M0YyQTE1NTBERTcwRjQ1ODQzMkRE
MUE4MzI3MEYwHhcNMjQwNzEwMjAxODIzWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjhlZWM4Zi01NDQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs/CBlgkvnrkcz/TW0G3dE9RqNroUQVwdVAbFptLWAeV7eIl6iJyFNb/rdPPD
QAxn4WVi5dKdjFvHuseoFuW9y+m5Os7cuJEiYwc0gfcYD3FZqJHhI/vN1V10M/Ey
7A67wbj9Q8E9By/4sez8ZnZVayB6kxuQCO8bg4X9cD7xTXfOHH8u593tfqPsMIiQ
qSr1BV/GCikROFYSJ1s5Jd34fsigjGJ3bvRdXTOdn1DoJdQhHNT1i4YJ3SZ1sdDO
lzSVahA0M68Krz2CHJmnDVQ3FLf4JrFDToLQlj1K9vU7DjLw1jsWb6sJd+0Smjiv
eWkUu1GwTGopgyWePU572PBeDwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNFb9EzV
kIFZQYwycooRDSmQ7wnCMB8GA1UdIwQYMBaAFBZ56gZmg/KhVQ3nD0WEMt0agycP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERENEOS80MTBCQkMxNDRF
NkMxMUVBODkwNDk3NDdDNEY5QUUwMi9Gbm5xQm1hRDhxRlZEZWNQUllReTNScURK
dzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZubnFCbWFEOHFGVkRlY1BSWVF5M1JxREp3OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RERDRDkvNDEwQkJDMTQ0RTZDMTFFQTg5MDQ5NzQ3QzRGOUFFMDIvRDgyNUE0MkU0
RTZEMTFFQUEzRDg3ODRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABni/0DBABnr38wDQYJKoZIhvcNAQELBQADggEBAA59XmTC
l6FqhWV2qX53M1TF+GEj/p60s9y8uBGBnmHeUGca0tWxIAW53/Q7B7PuB6pXiCdu
jKmO1JmMZ00JHXs9IPlPCVBggnWDPlg5rdPDpY3VOVxY1XpFz/sKNaMBrX0JNGtQ
OobAhNCTCG6jr+uERisbBU737mjqnGGdCtm2fKMubtYTRYyJ8CW9Dz+VRP5J3LzT
OBHRyUnUskq7UHxmjlLzvbq8jEv/eBWxps9hNC3plcIYA2t7FsWMYWqeCA91inLI
GpGhrQOvPL5PzhaVYfI0B4gY9PBUBOwN+0k4VOhSkY9OJyQP6/xb6qXzYQFxkJ7q
0BOYoUjOZhlIpA0=
-----END CERTIFICATE-----
Generated at Wed Jul 17 11:14:42 2024 by rpki-client on console-ams.rpki-client.org