Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/A7578FAC6BA411EF8BEE2869C4F9AE02.roa
File: A7578FAC6BA411EF8BEE2869C4F9AE02.roa (raw, json)
Hash identifier: n1BS9hKOidJhFvgj+TydcBJJ3pMpFOpytXlH/BEtyn0=
Subject key identifier: B9:C7:15:C7:78:B2:81:46:29:57:D8:40:12:BC:ED:DA:33:E1:85:57
Certificate issuer: /CN=A91E015D/serialNumber=257A9E6914D58A745B0EE6ABE548CDBE020488D4
Certificate serial: 017A
Authority key identifier: 25:7A:9E:69:14:D5:8A:74:5B:0E:E6:AB:E5:48:CD:BE:02:04:88:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXqeaRTVinRbDuar5UjNvgIEiNQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/A7578FAC6BA411EF8BEE2869C4F9AE02.roa
Signing time: Thu 05 Sep 2024 16:34:00 +0000
ROA not before: Thu 05 Sep 2024 16:34:00 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 43260
IP address blocks: 103.85.200.0/22 maxlen: 22
110.44.108.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 06 Sep 2024 12:15:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 378 (0x17a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E015D/serialNumber=257A9E6914D58A745B0EE6ABE548CDBE020488D4
Validity
Not Before: Sep 5 16:34:00 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66d9dd78-43d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e4:37:4a:c3:a1:7e:84:55:a1:50:72:84:f6:
80:47:5e:1c:83:b7:a7:0f:4f:4c:80:c7:40:30:d9:
8e:9e:ee:c5:24:cd:36:92:84:18:da:d8:df:7b:97:
39:9a:9e:c9:7a:f3:4e:da:f6:ff:5a:37:b3:39:ce:
c9:cf:d8:5b:33:33:56:bb:cd:ad:74:1a:76:9e:8f:
64:60:d8:53:4a:b1:56:3f:73:2e:0d:2c:36:79:d6:
53:f6:17:d3:8a:08:87:ff:82:1e:06:f0:8c:81:37:
d9:17:68:be:eb:af:74:4a:f0:63:8f:46:39:c1:82:
42:61:5a:02:73:07:c1:96:e2:71:2b:63:82:25:50:
3c:bf:0e:66:86:08:7f:dd:15:92:85:73:e1:9e:82:
2b:2b:54:74:5b:73:b2:0a:85:8d:32:c5:16:cd:9d:
23:ed:75:00:ec:7d:c5:9f:6e:68:e6:8d:e2:6d:1b:
ff:8b:45:28:9c:81:7d:a2:43:9c:46:80:21:32:3e:
89:7b:21:f0:a7:ee:ef:e0:dc:d2:b4:51:ac:1a:92:
43:c9:be:59:3e:67:7d:78:52:fa:7c:81:cd:24:c6:
08:eb:e0:b1:48:91:0d:37:fe:62:07:69:e9:91:fd:
eb:1d:9d:6d:97:80:85:55:fb:e7:31:ea:c1:77:4e:
fe:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:C7:15:C7:78:B2:81:46:29:57:D8:40:12:BC:ED:DA:33:E1:85:57
X509v3 Authority Key Identifier:
keyid:25:7A:9E:69:14:D5:8A:74:5B:0E:E6:AB:E5:48:CD:BE:02:04:88:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/JXqeaRTVinRbDuar5UjNvgIEiNQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXqeaRTVinRbDuar5UjNvgIEiNQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/A7578FAC6BA411EF8BEE2869C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.85.200.0/22
110.44.108.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:46:8c:0c:8a:2b:f2:55:d6:42:20:8b:96:81:fb:4c:f3:67:
21:e6:95:40:cd:fb:83:d7:15:46:3a:75:25:a8:ad:67:1f:be:
8d:35:34:87:28:82:29:03:e4:10:db:0c:6f:b9:38:a3:97:30:
4c:f1:3f:01:b4:55:a2:f3:80:55:29:bf:12:f0:fa:79:7f:c3:
52:df:4b:04:67:05:41:3e:51:16:7e:da:03:c1:92:aa:a1:95:
4e:87:ce:e4:61:e6:51:45:65:10:90:bd:19:41:fa:3c:45:30:
96:d8:ee:15:74:79:52:2f:f9:3f:79:df:33:e4:7f:4e:72:05:
3f:be:03:a5:d1:6e:3b:d0:e9:30:14:75:68:76:44:18:24:3f:
58:7f:8c:6c:f7:5e:d9:f0:3e:9d:2f:d6:d8:4f:f0:d5:29:8c:
48:1f:9a:96:6b:ff:d8:5c:98:8b:03:4d:6d:59:bc:03:a7:06:
29:dc:2b:36:da:6b:64:e2:03:aa:38:2d:be:e3:90:2d:7b:37:
f9:da:09:2c:b7:6e:f1:dc:26:2c:30:66:f5:9d:1e:7a:32:e5:
ae:a7:c3:97:44:59:fb:de:51:35:2a:c2:2e:a2:8b:25:23:c6:
f8:5a:8b:ae:8b:1f:80:7b:03:ec:ff:2c:00:60:7c:eb:58:78:
c9:1e:eb:d6
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAXowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTAxNUQxMTAvBgNVBAUTKDI1N0E5RTY5MTRENThBNzQ1QjBFRTZBQkU1NDhDREJF
MDIwNDg4RDQwHhcNMjQwOTA1MTYzNDAwWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5ZGQ3OC00M2Q0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnuQ3SsOhfoRVoVByhPaAR14cg7enD09MgMdAMNmOnu7FJM02koQY2tjfe5c5
mp7JevNO2vb/WjezOc7Jz9hbMzNWu82tdBp2no9kYNhTSrFWP3MuDSw2edZT9hfT
igiH/4IeBvCMgTfZF2i+6690SvBjj0Y5wYJCYVoCcwfBluJxK2OCJVA8vw5mhgh/
3RWShXPhnoIrK1R0W3OyCoWNMsUWzZ0j7XUA7H3Fn25o5o3ibRv/i0UonIF9okOc
RoAhMj6JeyHwp+7v4NzStFGsGpJDyb5ZPmd9eFL6fIHNJMYI6+CxSJENN/5iB2np
kf3rHZ1tl4CFVfvnMerBd07+4wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLnHFcd4
soFGKVfYQBK87doz4YVXMB8GA1UdIwQYMBaAFCV6nmkU1Yp0Ww7mq+VIzb4CBIjU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDE1RC82QzQ3NDkyMDcz
MTIxMUVEQjcwQkNFMzNDNEY5QUUwMi9KWHFlYVJUVmluUmJEdWFyNVVqTnZnSUVp
TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pYcWVhUlRWaW5SYkR1YXI1VWpOdmdJRWlOUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTAxNUQvNkM0NzQ5MjA3MzEyMTFFREI3MEJDRTMzQzRGOUFFMDIvQTc1NzhGQUM2
QkE0MTFFRjhCRUUyODY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnVcgDBAJuLGwwDQYJKoZIhvcNAQELBQADggEBALpGjAyK
K/JV1kIgi5aB+0zzZyHmlUDN+4PXFUY6dSWorWcfvo01NIcogikD5BDbDG+5OKOX
MEzxPwG0VaLzgFUpvxLw+nl/w1LfSwRnBUE+URZ+2gPBkqqhlU6HzuRh5lFFZRCQ
vRlB+jxFMJbY7hV0eVIv+T953zPkf05yBT++A6XRbjvQ6TAUdWh2RBgkP1h/jGz3
XtnwPp0v1thP8NUpjEgfmpZr/9hcmIsDTW1ZvAOnBincKzbaa2TiA6o4Lb7jkC17
N/naCSy3bvHcJiwwZvWdHnoy5a6nw5dEWfveUTUqwi6iiyUjxvhai66LH4B7A+z/
LABgfOtYeMke69Y=
-----END CERTIFICATE-----
Generated at Fri Sep 6 15:05:26 2024 by rpki-client on console-ams.rpki-client.org