Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/40E54CA09CE111EF92DBE982C4F9AE02.roa
File: 40E54CA09CE111EF92DBE982C4F9AE02.roa (raw, json)
Hash identifier: VHsB4oHqzw/6u+kHx4CCGimhGyK1Nk7O96tyotPZtd8=
Subject key identifier: 7A:E6:01:77:3E:73:F2:6B:02:D9:5C:1A:89:E5:7B:DF:95:7E:2F:4B
Certificate issuer: /CN=A91E4E32/serialNumber=A185C0C574829C5FCD71445449E534CDAEF41396
Certificate serial: 028A
Authority key identifier: A1:85:C0:C5:74:82:9C:5F:CD:71:44:54:49:E5:34:CD:AE:F4:13:96
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oYXAxXSCnF_NcURUSeU0za70E5Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/40E54CA09CE111EF92DBE982C4F9AE02.roa
Signing time: Thu 07 Nov 2024 08:21:14 +0000
ROA not before: Thu 07 Nov 2024 08:21:14 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 14618
IP address blocks: 103.26.8.0/24 maxlen: 24
103.26.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Nov 2024 04:44:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 650 (0x28a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4E32/serialNumber=A185C0C574829C5FCD71445449E534CDAEF41396
Validity
Not Before: Nov 7 08:21:14 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=672c787a-6a6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f3:e8:95:3a:ac:5f:b8:1a:b8:55:ac:7a:bb:
6a:0d:da:a7:24:89:35:23:7d:23:10:2a:99:0b:42:
b2:f4:b8:3e:c0:33:c0:da:7d:42:22:0a:46:c0:52:
1e:cd:10:d0:79:07:0d:8f:5d:19:58:c1:6b:b6:97:
bd:5f:aa:9b:9c:7e:3c:b5:cb:41:96:79:ac:c2:91:
1a:de:fa:2b:c9:8b:1c:10:87:9d:8a:12:2b:9c:fb:
94:de:65:5a:21:6f:51:85:e2:1b:0e:be:b7:7b:6b:
7a:6c:4f:f2:30:f7:23:57:f3:58:c7:5c:34:2e:ed:
12:7a:2b:08:fb:9a:3c:68:f8:b1:5e:c1:b3:f9:1a:
00:fa:93:a8:eb:25:16:0f:34:5a:84:db:9f:72:d0:
a6:18:8f:09:42:a5:91:5a:9d:5e:be:8e:e9:74:26:
03:dc:4c:15:ef:67:f1:8d:13:94:9a:df:2c:31:56:
78:d2:e9:7e:df:d4:6d:0b:98:ff:75:2f:f1:58:c0:
5a:87:c0:69:51:b2:89:5e:3f:3a:ae:38:b5:88:8f:
a2:6e:44:e9:13:cf:65:b2:d9:ce:f9:ed:2a:a9:fb:
8b:3e:04:5a:2e:a6:78:56:77:a6:50:58:2d:89:50:
71:41:f6:7b:ac:f5:e9:96:23:36:5a:21:3a:73:f1:
d7:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:E6:01:77:3E:73:F2:6B:02:D9:5C:1A:89:E5:7B:DF:95:7E:2F:4B
X509v3 Authority Key Identifier:
keyid:A1:85:C0:C5:74:82:9C:5F:CD:71:44:54:49:E5:34:CD:AE:F4:13:96
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/oYXAxXSCnF_NcURUSeU0za70E5Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oYXAxXSCnF_NcURUSeU0za70E5Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/40E54CA09CE111EF92DBE982C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.26.8.0/23
Signature Algorithm: sha256WithRSAEncryption
23:ea:1c:16:7c:c0:6f:77:8c:2c:55:4b:29:59:dc:a6:fc:e6:
96:0c:b9:e1:02:ce:47:95:4d:2b:cc:bb:1d:36:b9:e3:c5:a6:
c5:fc:4d:88:03:e9:77:d8:4a:70:d0:b2:8b:73:d9:01:f5:12:
11:b6:7f:bf:a8:e8:a3:3f:cb:24:de:26:f2:5b:c0:df:c7:62:
1e:a2:24:37:88:eb:7c:bf:6a:52:27:dd:19:15:bb:ae:eb:5d:
5a:f6:16:2a:9d:a0:bc:88:45:bc:4c:95:d4:4c:0f:67:10:2d:
c9:61:bc:5f:5d:67:46:a4:c8:af:b2:b2:a9:cb:f2:1a:52:8d:
5f:50:1a:47:eb:86:30:ca:0d:1b:32:93:5c:55:56:ea:c5:ff:
4c:6c:ef:de:63:65:b4:9e:f0:0f:74:c4:71:47:15:ff:5c:69:
f7:db:ce:9b:1b:55:e5:ec:11:81:b8:06:17:10:a6:77:bf:1c:
d0:36:57:1f:47:63:f5:80:c1:47:7b:95:8c:8e:53:41:71:0e:
38:d7:1c:cb:1c:73:f4:2c:20:97:75:12:b3:5e:d5:15:b6:72:
27:73:31:37:7e:47:da:98:89:2d:43:f5:45:fb:8d:11:d9:9e:
7c:9c:4d:ca:64:6c:1b:c6:55:ea:f8:13:bb:24:61:51:6f:2d:
4e:97:7e:b6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAoowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRFMzIxMTAvBgNVBAUTKEExODVDMEM1NzQ4MjlDNUZDRDcxNDQ1NDQ5RTUzNENE
QUVGNDEzOTYwHhcNMjQxMTA3MDgyMTE0WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJjNzg3YS02YTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApPPolTqsX7gauFWsertqDdqnJIk1I30jECqZC0Ky9Lg+wDPA2n1CIgpGwFIe
zRDQeQcNj10ZWMFrtpe9X6qbnH48tctBlnmswpEa3voryYscEIedihIrnPuU3mVa
IW9RheIbDr63e2t6bE/yMPcjV/NYx1w0Lu0SeisI+5o8aPixXsGz+RoA+pOo6yUW
DzRahNufctCmGI8JQqWRWp1evo7pdCYD3EwV72fxjROUmt8sMVZ40ul+39RtC5j/
dS/xWMBah8BpUbKJXj86rji1iI+ibkTpE89lstnO+e0qqfuLPgRaLqZ4VnemUFgt
iVBxQfZ7rPXpliM2WiE6c/HXiQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHrmAXc+
c/JrAtlcGonle9+Vfi9LMB8GA1UdIwQYMBaAFKGFwMV0gpxfzXFEVEnlNM2u9BOW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEUzMi83MjA5NTlGQzAx
QzAxMUVEQkQ3QzZGNThDNEY5QUUwMi9vWVhBeFhTQ25GX05jVVJVU2VVMHphNzBF
NVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29ZWEF4WFNDbkZfTmNVUlVTZVUwemE3MEU1WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRFMzIvNzIwOTU5RkMwMUMwMTFFREJEN0M2RjU4QzRGOUFFMDIvNDBFNTRDQTA5
Q0UxMTFFRjkyREJFOTgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnGggwDQYJKoZIhvcNAQELBQADggEBACPqHBZ8wG93jCxV
SylZ3Kb85pYMueECzkeVTSvMux02uePFpsX8TYgD6XfYSnDQsotz2QH1EhG2f7+o
6KM/yyTeJvJbwN/HYh6iJDeI63y/alIn3RkVu67rXVr2FiqdoLyIRbxMldRMD2cQ
LclhvF9dZ0akyK+ysqnL8hpSjV9QGkfrhjDKDRsyk1xVVurF/0xs795jZbSe8A90
xHFHFf9caffbzpsbVeXsEYG4BhcQpne/HNA2Vx9HY/WAwUd7lYyOU0FxDjjXHMsc
c/QsIJd1ErNe1RW2cidzMTd+R9qYiS1D9UX7jRHZnnycTcpkbBvGVer4E7skYVFv
LU6XfrY=
-----END CERTIFICATE-----
Generated at Fri Nov 8 08:11:23 2024 by rpki-client on console-fra.rpki-client.org