Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917414E/4C5E2FB8E3FF11ECAC210572C4F9AE02/686E3868E40611EC8410A53CC4F9AE02.roa
File: 686E3868E40611EC8410A53CC4F9AE02.roa (raw, json)
Hash identifier: 8O4iiv2Kz+4PH6iPgU6g1RBTh5l9H4k1S/gN/4IRfB0=
Subject key identifier: F0:04:A2:2D:48:F1:54:27:01:98:FD:D6:F7:A6:D1:50:C0:4E:79:3A
Certificate issuer: /CN=A917414E/serialNumber=AF67132D837D576FFF777227A3725D601ED9105D
Certificate serial: 025A
Authority key identifier: AF:67:13:2D:83:7D:57:6F:FF:77:72:27:A3:72:5D:60:1E:D9:10:5D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r2cTLYN9V2__d3Ino3JdYB7ZEF0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917414E/4C5E2FB8E3FF11ECAC210572C4F9AE02/686E3868E40611EC8410A53CC4F9AE02.roa
Signing time: Fri 09 Aug 2024 02:33:58 +0000
ROA not before: Fri 09 Aug 2024 02:33:58 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 149859
IP address blocks: 103.189.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Sep 2024 14:40:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 602 (0x25a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917414E, serialNumber=AF67132D837D576FFF777227A3725D601ED9105D
Validity
Not Before: Aug 9 02:33:58 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66b58016-cd29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:71:46:8f:fa:67:19:d8:9a:0c:89:b4:2d:2a:
c7:0e:59:6e:1a:9b:a3:0a:c9:24:95:03:de:44:4a:
6f:3f:75:a6:25:13:07:3b:c9:c2:ec:52:70:1f:6b:
09:1a:66:51:6a:03:6f:11:72:e4:15:4d:22:f4:12:
f0:79:0c:97:53:e3:05:60:46:19:9c:79:81:5b:fd:
c7:8e:90:cc:26:51:38:89:e8:53:4c:c5:d3:02:05:
9f:ef:b2:12:de:c7:45:61:5a:65:8e:19:79:df:b2:
3e:5b:65:cf:72:0e:ea:b9:c0:6b:ad:64:8b:04:d9:
56:fb:93:84:33:5f:ee:34:1b:d5:69:21:be:fc:a9:
7b:fb:ad:61:26:c7:62:fb:52:12:12:a5:1e:ac:d5:
27:51:fe:26:50:4d:fb:79:b7:89:37:6b:81:84:6c:
f8:04:2d:34:f0:5b:98:a2:ec:46:43:d0:51:67:2a:
e1:3e:d5:c1:7d:c6:fb:eb:97:5f:0f:21:44:ff:e5:
99:b2:3e:77:e7:b4:10:97:dd:5c:e4:ca:b3:2d:e1:
84:9a:78:59:92:5a:19:a4:e4:62:21:ff:65:9c:dd:
cf:65:63:19:2f:1a:5d:8e:8e:79:72:37:5c:0e:25:
15:e3:41:16:c3:da:8f:9a:59:a8:e1:0e:44:55:8b:
2d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:04:A2:2D:48:F1:54:27:01:98:FD:D6:F7:A6:D1:50:C0:4E:79:3A
X509v3 Authority Key Identifier:
keyid:AF:67:13:2D:83:7D:57:6F:FF:77:72:27:A3:72:5D:60:1E:D9:10:5D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917414E/4C5E2FB8E3FF11ECAC210572C4F9AE02/r2cTLYN9V2__d3Ino3JdYB7ZEF0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r2cTLYN9V2__d3Ino3JdYB7ZEF0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917414E/4C5E2FB8E3FF11ECAC210572C4F9AE02/686E3868E40611EC8410A53CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.189.10.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:1b:e9:d3:e5:96:c4:87:ef:22:f0:48:33:79:44:14:05:50:
50:21:e7:7e:20:63:84:5d:5e:84:cf:94:27:cf:2c:93:c8:89:
27:c0:69:88:08:d3:8c:a9:31:06:40:8c:94:bd:55:27:56:03:
9f:0a:d0:fe:18:8d:f5:cc:94:5e:2e:20:78:a2:3b:67:87:15:
ea:83:cb:a3:51:d2:dd:be:6c:53:18:0f:2e:73:9c:16:56:77:
f6:6f:f6:56:bb:07:dd:c6:b2:fa:15:ed:31:5c:0f:f0:96:96:
0e:27:9e:74:95:48:8c:f8:17:f2:95:bb:40:7a:91:25:40:ba:
6f:80:c4:6b:82:04:c4:eb:ce:54:df:cc:55:2b:3c:8d:13:52:
c5:61:30:af:0d:f9:98:0f:4d:1a:ad:fb:14:4f:d8:54:e6:85:
1d:44:a1:74:36:f3:8b:2f:e3:17:cf:4e:a0:87:d6:f8:66:57:
16:95:ae:08:49:a2:87:6c:6d:c4:e2:5e:8b:34:c3:19:91:3c:
be:45:31:46:30:f4:7a:7a:fc:77:9f:74:e4:ab:8c:7b:44:89:
2f:d6:1e:53:15:f4:70:7d:ab:c0:86:67:ba:fc:65:bf:25:41:
34:e9:16:97:15:81:56:d7:10:96:ad:06:04:a7:49:cc:0d:ba:
37:2b:c6:fa
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAlowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQxNEUxMTAvBgNVBAUTKEFGNjcxMzJEODM3RDU3NkZGRjc3NzIyN0EzNzI1RDYw
MUVEOTEwNUQwHhcNMjQwODA5MDIzMzU4WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmI1ODAxNi1jZDI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArHFGj/pnGdiaDIm0LSrHDlluGpujCskklQPeREpvP3WmJRMHO8nC7FJwH2sJ
GmZRagNvEXLkFU0i9BLweQyXU+MFYEYZnHmBW/3HjpDMJlE4iehTTMXTAgWf77IS
3sdFYVpljhl537I+W2XPcg7qucBrrWSLBNlW+5OEM1/uNBvVaSG+/Kl7+61hJsdi
+1ISEqUerNUnUf4mUE37ebeJN2uBhGz4BC008FuYouxGQ9BRZyrhPtXBfcb765df
DyFE/+WZsj5357QQl91c5MqzLeGEmnhZkloZpORiIf9lnN3PZWMZLxpdjo55cjdc
DiUV40EWw9qPmlmo4Q5EVYstLwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPAEoi1I
8VQnAZj91vem0VDATnk6MB8GA1UdIwQYMBaAFK9nEy2DfVdv/3dyJ6NyXWAe2RBd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDE0RS80QzVFMkZCOEUz
RkYxMUVDQUMyMTA1NzJDNEY5QUUwMi9yMmNUTFlOOVYyX19kM0lubzNKZFlCN1pF
RjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3IyY1RMWU45VjJfX2QzSW5vM0pkWUI3WkVGMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQxNEUvNEM1RTJGQjhFM0ZGMTFFQ0FDMjEwNTcyQzRGOUFFMDIvNjg2RTM4NjhF
NDA2MTFFQzg0MTBBNTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnvQowDQYJKoZIhvcNAQELBQADggEBAFwb6dPllsSH7yLw
SDN5RBQFUFAh534gY4RdXoTPlCfPLJPIiSfAaYgI04ypMQZAjJS9VSdWA58K0P4Y
jfXMlF4uIHiiO2eHFeqDy6NR0t2+bFMYDy5znBZWd/Zv9la7B93GsvoV7TFcD/CW
lg4nnnSVSIz4F/KVu0B6kSVAum+AxGuCBMTrzlTfzFUrPI0TUsVhMK8N+ZgPTRqt
+xRP2FTmhR1EoXQ284sv4xfPTqCH1vhmVxaVrghJoodsbcTiXos0wxmRPL5FMUYw
9Hp6/HefdOSrjHtEiS/WHlMV9HB9q8CGZ7r8Zb8lQTTpFpcVgVbXEJatBgSnScwN
ujcrxvo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:01:42 2025 by rpki-client