Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9120F0D/08EC2B0CA36E11E8B896662BC4F9AE02/A8CDA40C774811EFA8A45D83C4F9AE02.roa
File: A8CDA40C774811EFA8A45D83C4F9AE02.roa (raw, json)
Hash identifier: o2YXIsPxxZN3XhosUus1HyhHJFyKhm6YE9oOyyWIP9Y=
Subject key identifier: A1:1C:07:CD:D8:A6:C8:AC:56:56:C1:BB:33:D7:4E:78:8B:E7:C4:24
Certificate issuer: /CN=A9120F0D/serialNumber=67F54C39C111E7DF7E7076C5C715B28B35E859F9
Certificate serial: 1319
Authority key identifier: 67:F5:4C:39:C1:11:E7:DF:7E:70:76:C5:C7:15:B2:8B:35:E8:59:F9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z_VMOcER599-cHbFxxWyizXoWfk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9120F0D/08EC2B0CA36E11E8B896662BC4F9AE02/A8CDA40C774811EFA8A45D83C4F9AE02.roa
Signing time: Mon 23 Sep 2024 14:32:31 +0000
ROA not before: Mon 23 Sep 2024 14:32:31 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 135542
IP address blocks: 103.116.44.0/24 maxlen: 24
103.116.45.0/24 maxlen: 24
103.116.46.0/24 maxlen: 24
103.116.47.0/24 maxlen: 24
103.129.196.0/24 maxlen: 24
103.129.197.0/24 maxlen: 24
103.129.198.0/24 maxlen: 24
103.129.199.0/24 maxlen: 24
2402:f5c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 04 Nov 2024 07:24:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4889 (0x1319)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9120F0D/serialNumber=67F54C39C111E7DF7E7076C5C715B28B35E859F9
Validity
Not Before: Sep 23 14:32:31 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66f17bfe-dd41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:00:71:b4:9b:09:f9:65:3d:35:0b:a1:62:21:
c4:69:ad:e5:c2:79:8c:37:05:24:38:e9:e5:15:47:
99:2c:45:d9:53:dc:ef:f9:09:99:64:4a:9a:1f:30:
28:b4:69:25:8c:9a:5f:6b:75:2e:e7:83:3c:79:6a:
61:a7:ac:1d:7f:ce:b1:69:78:a6:03:79:78:f0:1d:
e1:fc:7e:c6:64:15:59:77:07:b4:84:30:ef:a1:b3:
7f:f0:80:4e:33:7a:c0:d9:1e:e8:44:b8:fa:4b:d6:
3a:9d:59:dd:b4:a8:07:a7:4c:b2:8d:e1:a2:4a:ff:
c0:67:85:1d:97:92:fc:24:d4:cc:ec:22:ae:39:90:
3b:b5:2d:16:bd:87:4b:da:de:c1:c2:99:80:d1:0b:
fe:59:42:3d:c1:36:bf:b4:6a:dd:ff:a6:c5:34:94:
c4:9f:58:7d:79:19:79:9f:e3:10:d7:f9:b7:82:1b:
c9:2c:7b:3b:24:51:65:00:66:ac:e9:40:23:c5:46:
4e:d2:4d:05:6b:fc:d4:0a:40:66:69:e6:ec:97:d3:
17:98:a3:73:c6:dc:99:f7:6c:36:f6:9f:24:c4:e8:
8a:f4:cb:97:9b:0e:21:3d:06:1a:61:1a:15:8c:2e:
49:29:59:81:e5:de:f7:77:c7:6a:5e:da:bd:bc:ba:
ae:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:1C:07:CD:D8:A6:C8:AC:56:56:C1:BB:33:D7:4E:78:8B:E7:C4:24
X509v3 Authority Key Identifier:
keyid:67:F5:4C:39:C1:11:E7:DF:7E:70:76:C5:C7:15:B2:8B:35:E8:59:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9120F0D/08EC2B0CA36E11E8B896662BC4F9AE02/Z_VMOcER599-cHbFxxWyizXoWfk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z_VMOcER599-cHbFxxWyizXoWfk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120F0D/08EC2B0CA36E11E8B896662BC4F9AE02/A8CDA40C774811EFA8A45D83C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.116.44.0/22
103.129.196.0/22
IPv6:
2402:f5c0::/32
Signature Algorithm: sha256WithRSAEncryption
73:a6:a9:fd:3d:f2:f7:e4:ed:05:12:de:68:9f:25:0d:d0:c9:
96:ea:39:77:8d:7d:b8:27:0b:2b:fe:1d:d5:91:5d:2a:00:0e:
61:40:0a:dc:a6:91:9d:9d:a8:84:37:4f:84:b1:4b:11:4e:21:
c2:52:91:da:9f:e3:f2:9a:84:e7:23:9f:5d:ec:bc:49:b5:58:
b1:dc:5a:eb:39:45:37:d3:87:c7:80:c1:ff:32:40:9f:9b:28:
08:b3:8d:6c:98:75:5a:fc:66:85:04:79:40:85:ee:cb:c4:f4:
23:98:9d:79:d3:2f:bc:95:a1:c5:fb:26:49:72:f8:77:8b:52:
25:2f:05:20:14:25:9c:c8:c3:de:0e:d2:76:4c:bf:cd:1d:bd:
85:af:46:c1:9e:c9:38:1b:4e:8c:c4:6c:1c:48:da:90:1b:ad:
df:77:51:6d:97:f7:21:d1:e4:80:9b:a1:1b:19:af:82:c7:a9:
17:4e:57:30:d1:71:6f:06:e5:56:e4:32:84:70:0e:c2:d9:21:
f4:94:07:4c:d6:01:dc:d0:7a:26:14:21:d4:8f:7e:6c:6f:a5:
10:2c:15:08:1a:34:c1:ef:00:5c:48:da:43:65:f8:a1:ba:7f:
6b:07:75:e5:6f:a3:0d:08:ea:06:ff:8f:49:f1:f5:6c:0c:ef:
4f:3b:23:9f
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICExkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjBGMEQxMTAvBgNVBAUTKDY3RjU0QzM5QzExMUU3REY3RTcwNzZDNUM3MTVCMjhC
MzVFODU5RjkwHhcNMjQwOTIzMTQzMjMxWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYxN2JmZS1kZDQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8ABxtJsJ+WU9NQuhYiHEaa3lwnmMNwUkOOnlFUeZLEXZU9zv+QmZZEqaHzAo
tGkljJpfa3Uu54M8eWphp6wdf86xaXimA3l48B3h/H7GZBVZdwe0hDDvobN/8IBO
M3rA2R7oRLj6S9Y6nVndtKgHp0yyjeGiSv/AZ4Udl5L8JNTM7CKuOZA7tS0WvYdL
2t7BwpmA0Qv+WUI9wTa/tGrd/6bFNJTEn1h9eRl5n+MQ1/m3ghvJLHs7JFFlAGas
6UAjxUZO0k0Fa/zUCkBmaebsl9MXmKNzxtyZ92w29p8kxOiK9MuXmw4hPQYaYRoV
jC5JKVmB5d73d8dqXtq9vLquqwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKEcB83Y
psisVlbBuzPXTniL58QkMB8GA1UdIwQYMBaAFGf1TDnBEefffnB2xccVsos16Fn5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEYwRC8wOEVDMkIwQ0Ez
NkUxMUU4Qjg5NjY2MkJDNEY5QUUwMi9aX1ZNT2NFUjU5OS1jSGJGeHhXeWl6WG9X
ZmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pfVk1PY0VSNTk5LWNIYkZ4eFd5aXpYb1dmay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjBGMEQvMDhFQzJCMENBMzZFMTFFOEI4OTY2NjJCQzRGOUFFMDIvQThDREE0MEM3
NzQ4MTFFRkE4QTQ1RDgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJndCwDBAJngcQwDQQCAAIwBwMFACQC9cAwDQYJKoZIhvcN
AQELBQADggEBAHOmqf098vfk7QUS3mifJQ3QyZbqOXeNfbgnCyv+HdWRXSoADmFA
CtymkZ2dqIQ3T4SxSxFOIcJSkdqf4/KahOcjn13svEm1WLHcWus5RTfTh8eAwf8y
QJ+bKAizjWyYdVr8ZoUEeUCF7svE9COYnXnTL7yVocX7Jkly+HeLUiUvBSAUJZzI
w94O0nZMv80dvYWvRsGeyTgbTozEbBxI2pAbrd93UW2X9yHR5ICboRsZr4LHqRdO
VzDRcW8G5VbkMoRwDsLZIfSUB0zWAdzQeiYUIdSPfmxvpRAsFQgaNMHvAFxI2kNl
+KG6f2sHdeVvow0I6gb/j0nx9WwM7087I58=
-----END CERTIFICATE-----
Generated at Mon Nov 4 09:05:00 2024 by rpki-client on console-ams.rpki-client.org