Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911980F/16617D6C483211EB8754311AC4F9AE02/9FF4AFDA483311EB9674A51BC4F9AE02.roa
File: 9FF4AFDA483311EB9674A51BC4F9AE02.roa (raw, json)
Hash identifier: RS6NRFfudX3JngWmT6ARTZq8KRoAPpWvEskFjajmRsI=
Subject key identifier: 5B:BA:07:F1:3C:B4:7D:0D:86:EC:64:AD:A6:89:DE:C3:67:FD:18:0A
Certificate issuer: /CN=A911980F/serialNumber=3BC6B321FD7B60C560F15D7D24CAC5A337440FB4
Certificate serial: 0616
Authority key identifier: 3B:C6:B3:21:FD:7B:60:C5:60:F1:5D:7D:24:CA:C5:A3:37:44:0F:B4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O8azIf17YMVg8V19JMrFozdED7Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911980F/16617D6C483211EB8754311AC4F9AE02/9FF4AFDA483311EB9674A51BC4F9AE02.roa
Signing time: Wed 28 Feb 2024 23:51:50 +0000
ROA not before: Wed 28 Feb 2024 23:51:50 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 137426
IP address blocks: 103.108.68.0/22 maxlen: 24
103.234.60.0/22 maxlen: 24
150.107.36.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 04:46:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1558 (0x616)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911980F/serialNumber=3BC6B321FD7B60C560F15D7D24CAC5A337440FB4
Validity
Not Before: Feb 28 23:51:50 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65dfc716-ef5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:42:45:49:1d:85:f9:d5:a5:52:26:26:ac:3f:
de:f4:30:b7:f9:63:db:70:e3:d5:10:d5:6e:dc:f3:
0e:35:ed:1e:6e:75:64:40:4c:34:42:97:03:fc:22:
d5:cb:e4:f6:01:b8:28:af:51:2d:98:fd:df:d1:bf:
ab:d1:59:c9:bb:b2:03:43:79:4c:a7:33:13:42:15:
05:f8:ba:4e:c2:d7:7d:31:24:e5:0f:b3:af:cc:11:
7d:95:e0:0e:00:0c:a5:d8:44:a7:f3:9b:ca:a4:fb:
ce:3c:14:1a:15:be:0b:88:3d:ed:72:f8:c5:58:38:
39:2c:40:ff:24:f9:0a:2d:94:15:e9:97:e6:19:c6:
43:1f:81:85:5b:99:07:87:44:98:20:d8:13:b8:31:
96:88:7e:2b:d3:b7:f4:f7:f4:2f:7b:10:46:50:a1:
84:49:83:f9:d2:b0:86:07:22:58:9b:70:52:44:d9:
b5:0b:a3:e1:a6:bc:1a:6d:7a:3b:30:32:2e:4a:2a:
d4:7b:3e:36:b4:1e:8a:31:42:ea:99:9d:95:de:8a:
b6:7b:08:b9:c9:d7:32:62:fa:ff:0a:48:0b:04:db:
22:2e:56:e4:19:7d:a6:e5:41:ec:f2:3c:52:75:39:
e4:d8:fe:75:78:c4:b8:17:dd:00:2e:e5:29:fc:da:
eb:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:BA:07:F1:3C:B4:7D:0D:86:EC:64:AD:A6:89:DE:C3:67:FD:18:0A
X509v3 Authority Key Identifier:
keyid:3B:C6:B3:21:FD:7B:60:C5:60:F1:5D:7D:24:CA:C5:A3:37:44:0F:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911980F/16617D6C483211EB8754311AC4F9AE02/O8azIf17YMVg8V19JMrFozdED7Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O8azIf17YMVg8V19JMrFozdED7Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911980F/16617D6C483211EB8754311AC4F9AE02/9FF4AFDA483311EB9674A51BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.108.68.0/22
103.234.60.0/22
150.107.36.0/22
Signature Algorithm: sha256WithRSAEncryption
69:db:ff:4b:e9:f9:4d:94:a5:b9:6e:ba:25:15:3e:d5:80:88:
1d:d6:b8:33:73:37:85:a3:1e:52:13:bf:26:7e:15:8b:2f:86:
94:fe:fc:c0:74:27:b1:77:f3:e4:97:74:f1:7e:ea:84:db:b1:
d7:a7:bd:22:fb:c8:d7:c5:58:5c:88:dd:8d:ed:8a:ce:3b:36:
36:32:10:5a:ec:0b:67:15:7e:d9:79:09:db:7e:59:00:08:45:
5d:39:5a:72:e1:5c:37:b0:7f:6f:12:83:9b:00:4e:cd:54:b2:
ea:99:05:f6:50:fc:2d:c5:82:74:17:df:e2:c1:9b:4f:bc:42:
40:f2:25:6e:65:47:64:99:c2:10:14:bd:6f:1b:22:d1:6a:e3:
4c:30:a4:07:e8:30:5f:4d:cd:74:1e:bd:19:da:6d:f7:b3:15:
3c:f1:ba:a1:08:15:51:76:b4:50:c8:ad:9d:f8:9a:a3:d8:15:
7a:94:03:bc:e5:b3:c8:9b:4f:61:cb:81:38:55:d3:e6:e4:3c:
0b:b9:0a:a1:35:fc:a5:16:56:a1:8e:92:9f:e2:77:eb:ae:db:
fc:fa:93:56:3d:ac:7d:19:06:91:78:11:d3:54:48:23:fc:de:
50:d0:ec:04:64:07:58:ec:fc:6e:ab:1e:be:48:95:05:8c:2c:
f5:94:9e:70
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBhYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTk4MEYxMTAvBgNVBAUTKDNCQzZCMzIxRkQ3QjYwQzU2MEYxNUQ3RDI0Q0FDNUEz
Mzc0NDBGQjQwHhcNMjQwMjI4MjM1MTUwWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWRmYzcxNi1lZjVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1EJFSR2F+dWlUiYmrD/e9DC3+WPbcOPVENVu3PMONe0ebnVkQEw0QpcD/CLV
y+T2Abgor1EtmP3f0b+r0VnJu7IDQ3lMpzMTQhUF+LpOwtd9MSTlD7OvzBF9leAO
AAyl2ESn85vKpPvOPBQaFb4LiD3tcvjFWDg5LED/JPkKLZQV6ZfmGcZDH4GFW5kH
h0SYINgTuDGWiH4r07f09/QvexBGUKGESYP50rCGByJYm3BSRNm1C6PhprwabXo7
MDIuSirUez42tB6KMULqmZ2V3oq2ewi5ydcyYvr/CkgLBNsiLlbkGX2m5UHs8jxS
dTnk2P51eMS4F90ALuUp/NrrZwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFFu6B/E8
tH0NhuxkraaJ3sNn/RgKMB8GA1UdIwQYMBaAFDvGsyH9e2DFYPFdfSTKxaM3RA+0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTgwRi8xNjYxN0Q2QzQ4
MzIxMUVCODc1NDMxMUFDNEY5QUUwMi9POGF6SWYxN1lNVmc4VjE5Sk1yRm96ZEVE
N1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL084YXpJZjE3WU1WZzhWMTlKTXJGb3pkRUQ3US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTk4MEYvMTY2MTdENkM0ODMyMTFFQjg3NTQzMTFBQzRGOUFFMDIvOUZGNEFGREE0
ODMzMTFFQjk2NzRBNTFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJnbEQDBAJn6jwDBAKWayQwDQYJKoZIhvcNAQELBQADggEB
AGnb/0vp+U2UpbluuiUVPtWAiB3WuDNzN4WjHlITvyZ+FYsvhpT+/MB0J7F38+SX
dPF+6oTbsdenvSL7yNfFWFyI3Y3tis47NjYyEFrsC2cVftl5Cdt+WQAIRV05WnLh
XDewf28Sg5sATs1UsuqZBfZQ/C3FgnQX3+LBm0+8QkDyJW5lR2SZwhAUvW8bItFq
40wwpAfoMF9NzXQevRnabfezFTzxuqEIFVF2tFDIrZ34mqPYFXqUA7zls8ibT2HL
gThV0+bkPAu5CqE1/KUWVqGOkp/id+uu2/z6k1Y9rH0ZBpF4EdNUSCP83lDQ7ARk
B1js/G6rHr5IlQWMLPWUnnA=
-----END CERTIFICATE-----
Generated at Thu Aug 29 06:12:37 2024 by rpki-client on console-ams.rpki-client.org