Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/53A8832A2ED411ED995E6343C4F9AE02.roa
File: 53A8832A2ED411ED995E6343C4F9AE02.roa (raw, json)
Hash identifier: FpkxajsFV0fmSCPTUNJVvony6lG+eqtd2kOslZpXL60=
Subject key identifier: DC:B4:26:98:DA:69:0A:2C:83:17:2B:1B:62:B1:26:21:BE:88:4C:A6
Certificate issuer: /CN=A9136109/serialNumber=28E0177C70A5724707DBB149ED557C0F8156E0E9
Certificate serial: 0472
Authority key identifier: 28:E0:17:7C:70:A5:72:47:07:DB:B1:49:ED:55:7C:0F:81:56:E0:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOAXfHClckcH27FJ7VV8D4FW4Ok.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/53A8832A2ED411ED995E6343C4F9AE02.roa
Signing time: Sat 29 Jul 2023 00:41:21 +0000
ROA not before: Sat 29 Jul 2023 00:41:21 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 212744
IP address blocks: 103.167.234.0/24 maxlen: 24
103.167.235.0/24 maxlen: 24
2407:79c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 29 Aug 2023 10:24:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1138 (0x472)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9136109/serialNumber=28E0177C70A5724707DBB149ED557C0F8156E0E9
Validity
Not Before: Jul 29 00:41:21 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64c46031-17b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:05:bc:c5:a1:83:75:84:f1:dd:4d:3f:d6:83:
27:bc:24:df:5e:75:fd:36:36:13:59:3d:f3:c4:db:
fe:77:af:a1:6b:b4:1b:11:c7:70:90:24:d5:ed:64:
44:5c:3f:e7:29:ed:77:8c:de:7c:cb:3e:d9:08:01:
0b:21:f1:e6:28:56:6f:a3:26:6e:b0:64:82:8a:eb:
1b:e4:cc:96:0a:49:da:ad:4e:ce:78:e4:06:a5:c9:
73:54:bb:4a:67:5d:a5:6b:0d:02:47:19:f0:53:58:
e1:22:c5:3a:d1:75:65:92:fe:4d:90:8d:a2:4a:f5:
07:37:18:16:e7:bf:17:7c:90:dc:16:b9:05:d9:64:
93:50:b8:0d:af:f8:a0:db:37:b7:cf:ce:34:62:b3:
43:11:0d:bd:e4:98:0a:86:d9:bb:55:eb:2e:d0:2b:
f4:6a:79:4c:c3:40:ca:68:5e:93:00:94:c7:d5:d8:
40:c6:5a:58:66:4e:ab:92:91:5e:32:54:b3:a5:d7:
71:ed:06:cd:17:35:5a:a8:1b:ab:fb:9e:5e:0a:b4:
7e:e4:d3:d2:5c:4d:fd:00:9f:90:e6:d2:d7:87:e2:
26:6c:66:76:88:7d:26:47:fc:6d:db:b7:7c:20:58:
21:15:92:a7:ef:69:00:b6:cc:56:db:2f:1e:c9:62:
90:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:B4:26:98:DA:69:0A:2C:83:17:2B:1B:62:B1:26:21:BE:88:4C:A6
X509v3 Authority Key Identifier:
keyid:28:E0:17:7C:70:A5:72:47:07:DB:B1:49:ED:55:7C:0F:81:56:E0:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/KOAXfHClckcH27FJ7VV8D4FW4Ok.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOAXfHClckcH27FJ7VV8D4FW4Ok.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/53A8832A2ED411ED995E6343C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.234.0/23
IPv6:
2407:79c0::/32
Signature Algorithm: sha256WithRSAEncryption
72:e1:51:4e:41:72:3e:50:fc:4a:a2:4b:2b:6f:21:5e:88:d0:
05:1e:94:c1:d4:ba:c0:e7:51:ee:20:a7:d2:b5:b5:a3:4f:08:
0d:44:9b:c2:64:05:78:fa:79:66:06:6b:93:97:08:de:ab:7b:
18:e2:b1:23:39:7f:2a:71:b3:bf:1e:26:a8:a3:19:4e:13:20:
90:ba:b0:2d:6d:ee:24:fb:d6:29:a2:cc:a8:f2:81:24:29:1f:
7d:f4:ba:85:ec:9a:33:45:a2:1a:48:54:5f:10:af:d3:21:bd:
ee:0a:81:5a:c2:ef:7f:9b:ee:b7:38:a4:0b:fe:a9:21:22:4d:
ad:36:3c:37:3f:68:1e:0a:af:ff:9e:de:bb:83:86:d2:49:5a:
c3:9a:0d:ce:1a:52:9e:57:db:8e:1e:a1:ca:9d:b9:04:80:7c:
74:2c:d9:aa:c6:8b:ba:ca:25:ea:0b:6b:d4:4b:66:a3:fa:b2:
0c:36:fe:28:bc:be:92:1f:d6:c5:18:f9:eb:01:60:0c:f4:a2:
7f:2a:c3:15:dc:5e:1f:29:93:a6:c5:ab:ad:fe:da:4f:78:57:
d9:42:d4:20:59:4b:a4:b5:d6:13:6c:19:24:f4:9d:81:0f:82:
a7:f8:49:87:1a:b8:c4:11:9f:37:a7:1e:d8:30:31:d3:0b:82:
04:c0:82:38
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBHIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzYxMDkxMTAvBgNVBAUTKDI4RTAxNzdDNzBBNTcyNDcwN0RCQjE0OUVENTU3QzBG
ODE1NkUwRTkwHhcNMjMwNzI5MDA0MTIxWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM0NjAzMS0xN2I4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmgW8xaGDdYTx3U0/1oMnvCTfXnX9NjYTWT3zxNv+d6+ha7QbEcdwkCTV7WRE
XD/nKe13jN58yz7ZCAELIfHmKFZvoyZusGSCiusb5MyWCknarU7OeOQGpclzVLtK
Z12law0CRxnwU1jhIsU60XVlkv5NkI2iSvUHNxgW578XfJDcFrkF2WSTULgNr/ig
2ze3z840YrNDEQ295JgKhtm7Vesu0Cv0anlMw0DKaF6TAJTH1dhAxlpYZk6rkpFe
MlSzpddx7QbNFzVaqBur+55eCrR+5NPSXE39AJ+Q5tLXh+ImbGZ2iH0mR/xt27d8
IFghFZKn72kAtsxW2y8eyWKQAQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFNy0Jpja
aQosgxcrG2KxJiG+iEymMB8GA1UdIwQYMBaAFCjgF3xwpXJHB9uxSe1VfA+BVuDp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNjEwOS9DODIwNzIxMkM1
MEQxMUVCOUFBRUU4N0JDNEY5QUUwMi9LT0FYZkhDbGNrY0gyN0ZKN1ZWOEQ0Rlc0
T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tPQVhmSENsY2tjSDI3Rko3VlY4RDRGVzRPay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzYxMDkvQzgyMDcyMTJDNTBEMTFFQjlBQUVFODdCQzRGOUFFMDIvNTNBODgzMkEy
RUQ0MTFFRDk5NUU2MzQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnp+owDQQCAAIwBwMFACQHecAwDQYJKoZIhvcNAQELBQAD
ggEBAHLhUU5Bcj5Q/EqiSytvIV6I0AUelMHUusDnUe4gp9K1taNPCA1Em8JkBXj6
eWYGa5OXCN6rexjisSM5fypxs78eJqijGU4TIJC6sC1t7iT71imizKjygSQpH330
uoXsmjNFohpIVF8Qr9Mhve4KgVrC73+b7rc4pAv+qSEiTa02PDc/aB4Kr/+e3ruD
htJJWsOaDc4aUp5X244eocqduQSAfHQs2arGi7rKJeoLa9RLZqP6sgw2/ii8vpIf
1sUY+esBYAz0on8qwxXcXh8pk6bFq63+2k94V9lC1CBZS6S11hNsGST0nYEPgqf4
SYcauMQRnzenHtgwMdMLggTAgjg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org