Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/3ED413A2465611EE8AF9CD1AC4F9AE02.roa
File: 3ED413A2465611EE8AF9CD1AC4F9AE02.roa (raw, json)
Hash identifier: JJA8bUWfyKMExxdC/ZKxUaQmJUw+PvOlA7wsfANakT0=
Subject key identifier: 4E:0B:92:4D:EB:F4:9A:51:6A:89:74:C8:C6:57:A3:40:2E:08:89:8E
Certificate issuer: /CN=A9136109/serialNumber=28E0177C70A5724707DBB149ED557C0F8156E0E9
Certificate serial: 0484
Authority key identifier: 28:E0:17:7C:70:A5:72:47:07:DB:B1:49:ED:55:7C:0F:81:56:E0:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOAXfHClckcH27FJ7VV8D4FW4Ok.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/3ED413A2465611EE8AF9CD1AC4F9AE02.roa
Signing time: Tue 29 Aug 2023 10:24:33 +0000
ROA not before: Tue 29 Aug 2023 10:24:33 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 212744
IP address blocks: 103.167.234.0/24 maxlen: 24
2407:79c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:07:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1156 (0x484)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9136109/serialNumber=28E0177C70A5724707DBB149ED557C0F8156E0E9
Validity
Not Before: Aug 29 10:24:33 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64edc761-afb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d5:8e:27:50:77:ef:8c:44:be:89:56:89:5a:
45:40:92:04:b5:e0:d6:e4:b1:f3:60:cf:27:26:ba:
f5:c8:c0:71:e5:1c:68:55:54:ea:b9:34:d6:63:6a:
85:f4:84:5d:74:46:a4:5d:da:98:32:fd:08:a4:b3:
41:e3:5d:0a:6d:11:87:d7:29:7a:04:e3:f2:03:f1:
10:81:4b:8c:72:1b:6e:bc:8b:61:ce:4c:32:ee:db:
63:71:c5:b1:40:1a:48:06:e3:d2:71:ae:32:94:8f:
49:89:42:68:a6:3e:73:d9:98:dc:ca:f6:e2:4a:d7:
df:43:ae:99:2c:12:42:80:4a:46:98:e7:dd:dd:cf:
b7:e6:4d:da:ee:92:81:b5:ef:3c:5c:6a:c7:b4:08:
0e:8c:50:4b:2a:98:72:e4:e7:62:2b:8a:50:01:b5:
78:fd:da:5d:8f:e1:ab:74:ea:fe:3a:bb:fd:d5:3a:
25:d1:36:83:a4:fa:21:ab:d2:50:39:66:1c:d9:03:
2d:fa:f0:5d:9a:28:fc:10:3c:ea:f2:23:f7:a9:f9:
a9:56:19:ba:85:fb:51:d8:d3:d6:d8:bf:3c:3c:8d:
aa:1a:d5:d3:23:2a:7c:72:22:7f:1c:6b:b4:47:96:
85:47:dd:ca:98:c5:f7:a6:25:23:39:2f:84:cd:f5:
21:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:0B:92:4D:EB:F4:9A:51:6A:89:74:C8:C6:57:A3:40:2E:08:89:8E
X509v3 Authority Key Identifier:
keyid:28:E0:17:7C:70:A5:72:47:07:DB:B1:49:ED:55:7C:0F:81:56:E0:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/KOAXfHClckcH27FJ7VV8D4FW4Ok.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOAXfHClckcH27FJ7VV8D4FW4Ok.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/3ED413A2465611EE8AF9CD1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.234.0/24
IPv6:
2407:79c0::/32
Signature Algorithm: sha256WithRSAEncryption
c1:e4:e1:01:61:e5:00:25:d4:7e:bf:ef:73:af:7c:20:12:de:
3d:20:a9:ab:04:08:fd:af:d8:8d:2b:60:04:d4:2d:c6:78:56:
69:5e:54:ba:1e:0b:f7:e7:9f:1e:65:78:2d:ed:01:9f:e5:d9:
d0:fd:97:c3:03:98:ef:90:63:3a:b5:ca:2a:dd:e9:e9:b0:81:
34:0b:35:10:f7:46:f6:0c:b5:d2:a1:39:13:f6:e7:86:1f:7e:
83:ea:2d:fb:2d:ed:18:1a:90:12:48:a4:54:49:68:a3:cc:46:
5b:1b:fd:f0:1b:c6:61:c3:2d:05:d0:51:b6:75:ee:0d:b7:f9:
32:cc:a3:3d:b2:2b:e2:cb:69:9b:a1:93:ab:87:dd:72:24:bc:
2c:7f:ce:db:c9:45:27:66:58:8c:42:68:15:9a:62:38:95:52:
16:8d:51:e4:0a:99:99:d3:88:af:05:89:e1:b0:a4:15:02:f8:
07:5e:fe:7d:b9:d7:cd:3d:e7:83:d3:c0:d5:56:35:83:f4:0c:
06:4b:e9:b4:39:22:70:b5:22:78:f7:c7:a5:23:05:5a:a3:d6:
1c:5c:3e:d5:8b:a1:fb:78:d6:f3:d5:65:03:f7:cc:6b:31:78:
01:bd:a6:58:ce:96:f5:ad:aa:cb:f4:90:04:61:20:89:78:00:
fd:e2:8f:79
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBIQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzYxMDkxMTAvBgNVBAUTKDI4RTAxNzdDNzBBNTcyNDcwN0RCQjE0OUVENTU3QzBG
ODE1NkUwRTkwHhcNMjMwODI5MTAyNDMzWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVkYzc2MS1hZmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAk9WOJ1B374xEvolWiVpFQJIEteDW5LHzYM8nJrr1yMBx5RxoVVTquTTWY2qF
9IRddEakXdqYMv0IpLNB410KbRGH1yl6BOPyA/EQgUuMchtuvIthzkwy7ttjccWx
QBpIBuPSca4ylI9JiUJopj5z2ZjcyvbiStffQ66ZLBJCgEpGmOfd3c+35k3a7pKB
te88XGrHtAgOjFBLKphy5OdiK4pQAbV4/dpdj+GrdOr+Orv91Tol0TaDpPohq9JQ
OWYc2QMt+vBdmij8EDzq8iP3qfmpVhm6hftR2NPW2L88PI2qGtXTIyp8ciJ/HGu0
R5aFR93KmMX3piUjOS+EzfUhCwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFE4Lkk3r
9JpRaol0yMZXo0AuCImOMB8GA1UdIwQYMBaAFCjgF3xwpXJHB9uxSe1VfA+BVuDp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNjEwOS9DODIwNzIxMkM1
MEQxMUVCOUFBRUU4N0JDNEY5QUUwMi9LT0FYZkhDbGNrY0gyN0ZKN1ZWOEQ0Rlc0
T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tPQVhmSENsY2tjSDI3Rko3VlY4RDRGVzRPay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzYxMDkvQzgyMDcyMTJDNTBEMTFFQjlBQUVFODdCQzRGOUFFMDIvM0VENDEzQTI0
NjU2MTFFRThBRjlDRDFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABnp+owDQQCAAIwBwMFACQHecAwDQYJKoZIhvcNAQELBQAD
ggEBAMHk4QFh5QAl1H6/73OvfCAS3j0gqasECP2v2I0rYATULcZ4VmleVLoeC/fn
nx5leC3tAZ/l2dD9l8MDmO+QYzq1yird6emwgTQLNRD3RvYMtdKhORP254YffoPq
Lfst7RgakBJIpFRJaKPMRlsb/fAbxmHDLQXQUbZ17g23+TLMoz2yK+LLaZuhk6uH
3XIkvCx/ztvJRSdmWIxCaBWaYjiVUhaNUeQKmZnTiK8FieGwpBUC+Ade/n251809
54PTwNVWNYP0DAZL6bQ5InC1Inj3x6UjBVqj1hxcPtWLoft41vPVZQP3zGsxeAG9
pljOlvWtqsv0kARhIIl4AP3ij3k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org