Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911EB2D/4A6CEDACBEB311EA82687643C4F9AE02/AE735F98E19D11ECA439802EC4F9AE02.roa
File: AE735F98E19D11ECA439802EC4F9AE02.roa (raw, json)
Hash identifier: yyOiP+hmmPBOAYHYPQDzv3eJqicBElHf8lu2/xapI0I=
Subject key identifier: 8D:CB:6F:D9:3B:5E:DA:E3:6A:76:32:11:E0:A4:10:18:C6:81:02:81
Certificate issuer: /CN=A911EB2D/serialNumber=C03056F68099647AF7585E53F6A98ECFF3D988DF
Certificate serial: 0827
Authority key identifier: C0:30:56:F6:80:99:64:7A:F7:58:5E:53:F6:A9:8E:CF:F3:D9:88:DF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wDBW9oCZZHr3WF5T9qmOz_PZiN8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911EB2D/4A6CEDACBEB311EA82687643C4F9AE02/AE735F98E19D11ECA439802EC4F9AE02.roa
Signing time: Sat 31 Aug 2024 21:29:29 +0000
ROA not before: Sat 31 Aug 2024 21:29:29 +0000
ROA not after: Wed 01 Jan 2025 00:00:00 +0000
asID: 140849
IP address blocks: 103.152.104.0/24 maxlen: 24
103.152.105.0/24 maxlen: 24
2001:df4:a80::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 17 Sep 2024 03:49:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2087 (0x827)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911EB2D/serialNumber=C03056F68099647AF7585E53F6A98ECFF3D988DF
Validity
Not Before: Aug 31 21:29:29 2024 GMT
Not After : Jan 1 00:00:00 2025 GMT
Subject: CN=66d38b39-770a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7a:85:fd:d3:7f:7d:f1:9a:05:24:33:88:f2:
31:b0:ba:fa:c6:41:39:49:f1:0b:9f:34:44:24:bc:
67:e9:54:7f:ad:ba:1d:d3:bf:27:6f:96:cf:35:d3:
53:7d:0b:23:89:44:78:54:a5:c3:52:2d:79:eb:82:
3a:a6:9c:5a:3b:1c:03:8a:fe:e2:d5:b3:d0:c1:ca:
5f:b5:0b:73:58:69:33:ec:cf:af:5a:9f:5a:c5:22:
db:2f:8a:29:17:ed:89:23:3c:c1:a6:36:a0:da:43:
1c:be:96:cc:88:3b:c6:8c:4c:3e:d6:74:fa:a0:1d:
57:f4:62:74:e5:1d:33:c9:e2:ab:b9:68:41:cd:33:
37:25:b4:84:be:2f:ba:45:d8:65:67:5d:f9:22:4c:
7d:7d:d6:7f:90:04:5d:f9:fc:ee:3e:82:cd:1f:98:
7e:7c:14:55:b8:a9:52:23:1a:10:e4:88:37:aa:bc:
9b:a5:5f:5b:7d:f3:c5:be:dd:83:1e:c0:82:b3:4c:
d4:b3:80:cd:95:7e:8a:fa:3a:ec:83:ce:54:9a:ee:
75:dd:e6:f2:7f:28:bc:c5:80:62:4e:e9:e7:de:da:
67:14:9e:3d:67:ca:70:82:ec:d5:8f:42:1d:4c:71:
31:53:6b:95:95:9e:c9:76:5d:71:bc:41:aa:7e:96:
81:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:CB:6F:D9:3B:5E:DA:E3:6A:76:32:11:E0:A4:10:18:C6:81:02:81
X509v3 Authority Key Identifier:
keyid:C0:30:56:F6:80:99:64:7A:F7:58:5E:53:F6:A9:8E:CF:F3:D9:88:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911EB2D/4A6CEDACBEB311EA82687643C4F9AE02/wDBW9oCZZHr3WF5T9qmOz_PZiN8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wDBW9oCZZHr3WF5T9qmOz_PZiN8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911EB2D/4A6CEDACBEB311EA82687643C4F9AE02/AE735F98E19D11ECA439802EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.104.0/23
IPv6:
2001:df4:a80::/48
Signature Algorithm: sha256WithRSAEncryption
9d:d6:df:71:b7:8a:36:d6:0d:91:03:b1:c4:78:96:23:02:10:
3e:fa:8c:f3:a6:74:c3:5a:74:d0:a7:9f:58:8b:65:af:11:45:
a2:57:a1:38:e6:03:50:4e:bc:52:1e:bf:2d:c3:8d:0d:63:45:
ba:58:10:c0:ea:ab:47:e7:a3:c2:de:5c:ec:12:bd:c8:47:76:
bb:05:60:e6:2a:66:d0:36:e8:8e:b1:90:32:dd:01:89:81:b6:
f8:23:eb:8e:0b:e2:76:a7:fc:0a:cb:6b:73:c8:83:51:8e:b4:
39:24:20:ba:63:f9:ca:d1:7f:a5:c5:43:20:70:b4:c8:8b:5e:
61:25:a4:61:b0:09:f7:e0:2c:c2:db:e1:b9:8e:b0:bd:2f:c3:
26:40:f9:7d:2c:7e:30:ab:2e:4c:e4:9f:06:1d:0e:6a:27:99:
dd:36:25:fa:c9:57:90:0f:cc:93:3f:71:66:70:63:2e:ba:4e:
af:7c:aa:30:9a:a3:72:8e:0a:70:18:06:03:1d:8e:4f:9b:2a:
98:10:94:f8:ca:64:d8:39:01:74:bd:db:dc:85:44:46:f6:02:
d3:aa:b0:02:4b:9b:ef:d5:44:9f:77:2f:cd:e7:50:b6:20:f0:
8a:07:48:14:f4:1d:58:f9:f4:f8:96:a0:9f:06:97:7f:ab:88:
d8:76:69:38
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICCCcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUVCMkQxMTAvBgNVBAUTKEMwMzA1NkY2ODA5OTY0N0FGNzU4NUU1M0Y2QTk4RUNG
RjNEOTg4REYwHhcNMjQwODMxMjEyOTI5WhcNMjUwMTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQzOGIzOS03NzBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuXqF/dN/ffGaBSQziPIxsLr6xkE5SfELnzREJLxn6VR/rbod078nb5bPNdNT
fQsjiUR4VKXDUi1564I6ppxaOxwDiv7i1bPQwcpftQtzWGkz7M+vWp9axSLbL4op
F+2JIzzBpjag2kMcvpbMiDvGjEw+1nT6oB1X9GJ05R0zyeKruWhBzTM3JbSEvi+6
RdhlZ135Ikx9fdZ/kARd+fzuPoLNH5h+fBRVuKlSIxoQ5Ig3qrybpV9bffPFvt2D
HsCCs0zUs4DNlX6K+jrsg85Umu513ebyfyi8xYBiTunn3tpnFJ49Z8pwguzVj0Id
THExU2uVlZ7Jdl1xvEGqfpaBbQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFI3Lb9k7
XtrjanYyEeCkEBjGgQKBMB8GA1UdIwQYMBaAFMAwVvaAmWR691heU/apjs/z2Yjf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRUIyRC80QTZDRURBQ0JF
QjMxMUVBODI2ODc2NDNDNEY5QUUwMi93REJXOW9DWlpIcjNXRjVUOXFtT3pfUFpp
TjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dEQlc5b0NaWkhyM1dGNVQ5cW1Pel9QWmlOOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUVCMkQvNEE2Q0VEQUNCRUIzMTFFQTgyNjg3NjQzQzRGOUFFMDIvQUU3MzVGOThF
MTlEMTFFQ0E0Mzk4MDJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnmGgwDwQCAAIwCQMHACABDfQKgDANBgkqhkiG9w0BAQsF
AAOCAQEAndbfcbeKNtYNkQOxxHiWIwIQPvqM86Z0w1p00KefWItlrxFFolehOOYD
UE68Uh6/LcONDWNFulgQwOqrR+ejwt5c7BK9yEd2uwVg5ipm0DbojrGQMt0BiYG2
+CPrjgvidqf8Cstrc8iDUY60OSQgumP5ytF/pcVDIHC0yIteYSWkYbAJ9+Aswtvh
uY6wvS/DJkD5fSx+MKsuTOSfBh0OaieZ3TYl+slXkA/Mkz9xZnBjLrpOr3yqMJqj
co4KcBgGAx2OT5sqmBCU+Mpk2DkBdL3b3IVERvYC06qwAkub79VEn3cvzedQtiDw
igdIFPQdWPn0+JagnwaXf6uI2HZpOA==
-----END CERTIFICATE-----
Generated at Tue Sep 17 06:37:42 2024 by rpki-client on console-ams.rpki-client.org