Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ECA1F/09D37E48DB0711EB9F659537C4F9AE02/8CBC85F8BA3511ECA20A3817C4F9AE02.roa
File: 8CBC85F8BA3511ECA20A3817C4F9AE02.roa (raw, json)
Hash identifier: ZrawyhBjP96WoGSkobi5FAQkm+myGRyVaAHlqjKVQoI=
Subject key identifier: 8A:A5:F9:76:AF:75:9B:35:53:DB:54:E1:8C:17:EA:5D:59:80:92:46
Certificate issuer: /CN=A91ECA1F/serialNumber=A7FB287839DDAC8A8AC8167F07041B6B25BD57DA
Certificate serial: 04D2
Authority key identifier: A7:FB:28:78:39:DD:AC:8A:8A:C8:16:7F:07:04:1B:6B:25:BD:57:DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p_soeDndrIqKyBZ_BwQbayW9V9o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ECA1F/09D37E48DB0711EB9F659537C4F9AE02/8CBC85F8BA3511ECA20A3817C4F9AE02.roa
Signing time: Tue 11 Jun 2024 02:27:32 +0000
ROA not before: Tue 11 Jun 2024 02:27:32 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 30633
IP address blocks: 103.139.50.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 00:42:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1234 (0x4d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ECA1F/serialNumber=A7FB287839DDAC8A8AC8167F07041B6B25BD57DA
Validity
Not Before: Jun 11 02:27:32 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6667b613-73d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:53:e9:77:32:42:0b:0d:94:55:d1:d0:1b:03:
0b:4b:d8:c2:d7:ff:c5:97:7a:2d:90:d7:c8:ba:dc:
af:85:1c:26:cb:01:c7:6c:47:ce:72:25:0e:d8:4f:
27:1d:9c:e1:48:61:03:78:c4:4a:61:2d:84:8a:35:
34:96:e5:4c:87:e8:d9:52:9e:96:71:46:e8:2a:44:
08:09:6b:fb:97:0b:9c:8a:06:a0:cc:38:b3:7f:1d:
d8:ee:5d:91:d0:02:02:6d:db:d3:c1:b7:45:18:ce:
d9:13:db:04:77:53:c5:f3:2e:37:27:b1:2d:c9:dc:
c3:dc:0c:1b:c5:7d:a5:3e:ea:83:9d:30:c3:ab:ee:
13:02:4d:ad:7b:29:58:2a:07:5c:93:56:b6:2e:46:
3e:91:60:fa:3f:28:ad:72:a5:1e:e7:7d:ff:ab:63:
0e:2a:72:e0:75:25:f5:0d:2f:e2:0d:bd:59:06:8b:
80:55:a9:e7:aa:4f:0f:e5:e2:e3:aa:fc:64:2c:13:
94:f9:eb:29:d3:d5:f3:e7:a4:a1:9e:78:75:96:d3:
3a:e0:51:83:05:3d:d7:bf:54:46:12:58:52:76:f7:
24:9f:dc:52:d8:63:b4:3d:2e:0b:56:15:35:c1:57:
9a:5e:f7:12:2b:4f:ce:0d:44:ef:29:3f:50:13:ab:
e7:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A5:F9:76:AF:75:9B:35:53:DB:54:E1:8C:17:EA:5D:59:80:92:46
X509v3 Authority Key Identifier:
keyid:A7:FB:28:78:39:DD:AC:8A:8A:C8:16:7F:07:04:1B:6B:25:BD:57:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ECA1F/09D37E48DB0711EB9F659537C4F9AE02/p_soeDndrIqKyBZ_BwQbayW9V9o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p_soeDndrIqKyBZ_BwQbayW9V9o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ECA1F/09D37E48DB0711EB9F659537C4F9AE02/8CBC85F8BA3511ECA20A3817C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.50.0/24
Signature Algorithm: sha256WithRSAEncryption
84:7f:30:15:d4:77:ea:ba:af:c0:27:a6:a4:b1:64:5d:4a:a4:
6b:5f:0f:d4:dc:5a:16:3a:eb:66:97:11:99:f8:81:fa:ee:f7:
a6:49:dc:6b:9e:67:6a:ed:75:9e:ed:3f:06:96:9f:66:dd:ff:
74:99:76:e4:28:d5:dc:13:f5:ae:40:51:f7:01:82:95:de:49:
06:96:1d:35:21:d8:16:3d:6c:aa:c8:6c:39:21:29:b0:06:16:
e4:1e:08:da:8b:6e:bc:ae:e7:06:a6:8e:5d:8a:94:81:7d:cb:
be:e6:58:e1:ce:27:65:5c:9c:25:e2:74:63:c4:89:b5:c3:8a:
9a:e3:27:30:a7:14:d6:4a:70:6c:02:20:46:0c:42:a3:10:8c:
7a:dc:a2:af:54:7b:1f:d3:06:e2:86:2b:89:4a:c8:d3:1f:cb:
d9:ff:72:4e:be:9b:46:68:e7:6d:6f:46:13:2b:0b:54:a5:fc:
9e:c3:c3:ca:2e:43:e4:e0:19:f7:05:41:85:45:a3:52:9d:c0:
90:37:31:69:12:23:04:cb:9d:56:be:50:0a:44:d0:f6:1a:6d:
e4:12:9c:4d:dd:e7:f6:ab:5e:32:b2:f1:09:0a:56:db:ca:b1:
6e:3f:dc:8c:4f:58:f4:12:4e:64:8c:5f:e4:37:28:f8:e4:fd:
0a:af:84:9e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBNIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUNBMUYxMTAvBgNVBAUTKEE3RkIyODc4MzlEREFDOEE4QUM4MTY3RjA3MDQxQjZC
MjVCRDU3REEwHhcNMjQwNjExMDIyNzMyWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjY3YjYxMy03M2Q0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv1PpdzJCCw2UVdHQGwMLS9jC1//Fl3otkNfIutyvhRwmywHHbEfOciUO2E8n
HZzhSGEDeMRKYS2EijU0luVMh+jZUp6WcUboKkQICWv7lwucigagzDizfx3Y7l2R
0AICbdvTwbdFGM7ZE9sEd1PF8y43J7EtydzD3AwbxX2lPuqDnTDDq+4TAk2teylY
Kgdck1a2LkY+kWD6PyitcqUe533/q2MOKnLgdSX1DS/iDb1ZBouAVannqk8P5eLj
qvxkLBOU+esp09Xz56Shnnh1ltM64FGDBT3Xv1RGElhSdvckn9xS2GO0PS4LVhU1
wVeaXvcSK0/ODUTvKT9QE6vnPQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIql+Xav
dZs1U9tU4YwX6l1ZgJJGMB8GA1UdIwQYMBaAFKf7KHg53ayKisgWfwcEG2slvVfa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQ0ExRi8wOUQzN0U0OERC
MDcxMUVCOUY2NTk1MzdDNEY5QUUwMi9wX3NvZURuZHJJcUt5QlpfQndRYmF5VzlW
OW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Bfc29lRG5kcklxS3lCWl9Cd1FiYXlXOVY5by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUNBMUYvMDlEMzdFNDhEQjA3MTFFQjlGNjU5NTM3QzRGOUFFMDIvOENCQzg1RjhC
QTM1MTFFQ0EyMEEzODE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnizIwDQYJKoZIhvcNAQELBQADggEBAIR/MBXUd+q6r8An
pqSxZF1KpGtfD9TcWhY662aXEZn4gfru96ZJ3GueZ2rtdZ7tPwaWn2bd/3SZduQo
1dwT9a5AUfcBgpXeSQaWHTUh2BY9bKrIbDkhKbAGFuQeCNqLbryu5wamjl2KlIF9
y77mWOHOJ2VcnCXidGPEibXDiprjJzCnFNZKcGwCIEYMQqMQjHrcoq9Uex/TBuKG
K4lKyNMfy9n/ck6+m0Zo521vRhMrC1Sl/J7Dw8ouQ+TgGfcFQYVFo1KdwJA3MWkS
IwTLnVa+UApE0PYabeQSnE3d5/arXjKy8QkKVtvKsW4/3IxPWPQSTmSMX+Q3KPjk
/QqvhJ4=
-----END CERTIFICATE-----
Generated at Thu Jul 11 02:22:05 2024 by rpki-client on console-fra.rpki-client.org