Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE099/0221D7CE2F6711EE824ADC59C4F9AE02/7B00C82C33A811EE8DC4D223C4F9AE02.roa
File: 7B00C82C33A811EE8DC4D223C4F9AE02.roa (raw, json)
Hash identifier: 33iXjoRuUOK7R+NBEJQ5ddCVA+h8Ig5SS/WyZhnkh4s=
Subject key identifier: 6B:B2:55:6D:0E:94:64:A4:DB:90:8F:17:22:27:40:3F:A2:D4:1F:B1
Certificate issuer: /CN=A91EE099/serialNumber=F9AA636B5C3E30C7A0BA9743015B5B12104CB7A8
Certificate serial: 09
Authority key identifier: F9:AA:63:6B:5C:3E:30:C7:A0:BA:97:43:01:5B:5B:12:10:4C:B7:A8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-apja1w-MMegupdDAVtbEhBMt6g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EE099/0221D7CE2F6711EE824ADC59C4F9AE02/7B00C82C33A811EE8DC4D223C4F9AE02.roa
Signing time: Sat 05 Aug 2023 15:55:21 +0000
ROA not before: Sat 05 Aug 2023 15:55:21 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 50131
IP address blocks: 103.245.24.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 May 2024 02:07:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EE099/serialNumber=F9AA636B5C3E30C7A0BA9743015B5B12104CB7A8
Validity
Not Before: Aug 5 15:55:21 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64ce70e8-0a7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:5b:0a:b4:d7:f7:d2:6c:b6:ca:71:60:18:65:
b0:39:4d:15:f8:c1:74:f6:d9:5a:cc:3a:9c:c7:53:
3e:f2:54:9d:3d:27:8e:0c:5b:d3:e4:34:0b:e4:a0:
89:0c:18:df:00:12:e4:5b:6f:cf:b0:fc:73:a1:3a:
7b:b7:db:0d:2d:e7:19:99:42:e0:80:92:2c:60:19:
1d:72:a7:cf:dc:43:aa:2a:18:94:35:dc:75:2d:7f:
3d:50:24:1c:b5:4c:ca:a9:e6:24:87:ac:70:78:54:
aa:83:6f:5b:d5:38:01:90:b7:a9:4a:b8:d1:4e:f8:
0c:17:c4:87:30:6b:1d:58:52:46:6f:54:7d:01:8e:
ee:b4:64:83:01:38:36:bf:bf:9c:5f:2e:96:f0:ad:
3d:47:3b:75:e4:d7:e8:36:e5:28:ba:bd:07:82:89:
bd:2d:1f:9a:10:eb:be:76:99:ca:61:7f:bf:53:b9:
d2:39:9e:60:e6:28:11:b8:79:28:34:8e:f7:17:c3:
56:b0:45:e9:ed:46:a9:20:40:35:b5:cd:e8:27:39:
95:5e:4d:63:03:b4:03:4f:4f:c4:29:31:e6:b9:76:
6f:88:64:d1:b9:16:ad:cf:6a:a4:44:ea:8b:f7:6b:
43:37:7a:3e:c4:42:2c:1b:0d:df:dd:99:85:80:c4:
06:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B2:55:6D:0E:94:64:A4:DB:90:8F:17:22:27:40:3F:A2:D4:1F:B1
X509v3 Authority Key Identifier:
keyid:F9:AA:63:6B:5C:3E:30:C7:A0:BA:97:43:01:5B:5B:12:10:4C:B7:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EE099/0221D7CE2F6711EE824ADC59C4F9AE02/-apja1w-MMegupdDAVtbEhBMt6g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-apja1w-MMegupdDAVtbEhBMt6g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE099/0221D7CE2F6711EE824ADC59C4F9AE02/7B00C82C33A811EE8DC4D223C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.245.24.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:34:51:31:4c:d6:63:95:49:2a:54:35:b3:8b:db:fa:de:37:
af:5e:9f:e2:3e:57:80:90:0b:0e:79:3d:30:51:bd:8a:c3:fb:
01:5a:0c:52:d3:11:70:27:36:65:29:2c:f5:c7:6a:06:40:8b:
86:d0:30:8f:2c:e3:59:ad:6d:77:d3:a1:0f:bf:18:d4:1e:fb:
38:c8:9e:cf:18:2a:6c:56:38:8e:8e:5b:2b:63:81:b2:61:e5:
12:af:6c:5f:a1:47:8a:b0:6a:4a:83:f6:5f:40:8c:ae:d7:2f:
a7:24:ba:16:1c:f1:5d:f1:49:8b:dc:76:ac:cd:b4:be:83:6f:
85:22:de:b5:d3:ec:64:1a:4a:24:0d:7c:ff:8a:5d:6f:63:6b:
39:5b:64:2f:c0:9d:f8:7f:b5:a3:6c:eb:f3:5b:e1:1f:be:0f:
ca:0c:11:52:a2:34:d0:ee:5a:b9:a2:ae:7c:8a:3f:ae:2f:40:
4b:cc:f3:a1:6d:2a:b8:2d:9f:5e:9c:27:bc:c3:25:66:96:66:
1c:b6:8b:45:7f:c9:d2:79:66:d2:d9:cb:1d:0b:2a:d1:3f:87:
ba:47:af:2a:ca:06:ff:c1:86:e3:ad:91:bb:07:a7:52:2b:6b:
28:bb:6f:ed:f5:11:aa:69:28:9b:f5:fd:93:2a:8a:ca:dc:24:
3a:66:9d:80
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RTA5OTExMC8GA1UEBRMoRjlBQTYzNkI1QzNFMzBDN0EwQkE5NzQzMDE1QjVCMTIx
MDRDQjdBODAeFw0yMzA4MDUxNTU1MjFaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0Y2U3MGU4LTBhN2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDvWwq01/fSbLbKcWAYZbA5TRX4wXT22VrMOpzHUz7yVJ09J44MW9PkNAvkoIkM
GN8AEuRbb8+w/HOhOnu32w0t5xmZQuCAkixgGR1yp8/cQ6oqGJQ13HUtfz1QJBy1
TMqp5iSHrHB4VKqDb1vVOAGQt6lKuNFO+AwXxIcwax1YUkZvVH0Bju60ZIMBODa/
v5xfLpbwrT1HO3Xk1+g25Si6vQeCib0tH5oQ6752mcphf79TudI5nmDmKBG4eSg0
jvcXw1awRentRqkgQDW1zegnOZVeTWMDtANPT8QpMea5dm+IZNG5Fq3PaqRE6ov3
a0M3ej7EQiwbDd/dmYWAxAYbAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUa7JVbQ6U
ZKTbkI8XIidAP6LUH7EwHwYDVR0jBBgwFoAU+apja1w+MMegupdDAVtbEhBMt6gw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVFMDk5LzAyMjFEN0NFMkY2
NzExRUU4MjRBREM1OUM0RjlBRTAyLy1hcGphMXctTU1lZ3VwZERBVnRiRWhCTXQ2
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvLWFwamExdy1NTWVndXBkREFWdGJFaEJNdDZnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RTA5OS8wMjIxRDdDRTJGNjcxMUVFODI0QURDNTlDNEY5QUUwMi83QjAwQzgyQzMz
QTgxMUVFOERDNEQyMjNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWf1GDANBgkqhkiG9w0BAQsFAAOCAQEAjzRRMUzWY5VJKlQ1
s4vb+t43r16f4j5XgJALDnk9MFG9isP7AVoMUtMRcCc2ZSks9cdqBkCLhtAwjyzj
Wa1td9OhD78Y1B77OMiezxgqbFY4jo5bK2OBsmHlEq9sX6FHirBqSoP2X0CMrtcv
pyS6FhzxXfFJi9x2rM20voNvhSLetdPsZBpKJA18/4pdb2NrOVtkL8Cd+H+1o2zr
81vhH74PygwRUqI00O5auaKufIo/ri9AS8zzoW0quC2fXpwnvMMlZpZmHLaLRX/J
0nlm0tnLHQsq0T+HukevKsoG/8GG462RuwenUitrKLtv7fURqmkom/X9kyqKytwk
OmadgA==
-----END CERTIFICATE-----
Generated at Mon May 27 04:16:01 2024 by rpki-client on console-fra.rpki-client.org