Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913D6C9/73FBD332481D11ECB6FEDF77C4F9AE02/9D4A6CE8534011ECA89E5D16C4F9AE02.roa
File: 9D4A6CE8534011ECA89E5D16C4F9AE02.roa (raw, json)
Hash identifier: ZZMbl+BmQ0RnnUR9VLVrk8y0qEtbt7LypYsqFSZSdes=
Subject key identifier: 6B:D7:E0:AE:4D:15:F3:BE:A4:EA:F1:65:E0:D9:1B:B4:CA:42:9D:46
Certificate issuer: /CN=A913D6C9/serialNumber=41F8B6B47BADB00F6F8FE8E7E013FF55A18E7428
Certificate serial: 0374
Authority key identifier: 41:F8:B6:B4:7B:AD:B0:0F:6F:8F:E8:E7:E0:13:FF:55:A1:8E:74:28
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qfi2tHutsA9vj-jn4BP_VaGOdCg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913D6C9/73FBD332481D11ECB6FEDF77C4F9AE02/9D4A6CE8534011ECA89E5D16C4F9AE02.roa
Signing time: Thu 21 Dec 2023 02:14:14 +0000
ROA not before: Thu 21 Dec 2023 02:14:14 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 7603
IP address blocks: 103.176.196.0/23 maxlen: 24
2001:df0:22c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 04 Feb 2024 23:22:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 884 (0x374)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913D6C9/serialNumber=41F8B6B47BADB00F6F8FE8E7E013FF55A18E7428
Validity
Not Before: Dec 21 02:14:14 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65839f76-a439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:74:02:60:3e:72:94:1c:96:3c:2d:2d:65:b5:
80:da:91:2f:1c:cc:f6:17:5f:82:d8:9f:02:9b:d1:
67:97:12:60:1c:80:c8:ff:59:a5:96:da:51:1b:11:
fb:74:1b:55:ba:0f:d1:c6:58:42:7c:0a:19:73:78:
98:0e:0b:8a:54:a0:c2:70:aa:85:6f:87:e2:19:b6:
fa:74:be:c9:7a:ee:98:0d:69:a4:dd:d7:3c:2e:fa:
7e:0d:13:92:60:bb:c1:de:bc:0e:53:11:c2:44:2c:
88:94:cd:77:bd:1e:ca:9f:e0:60:c5:6e:28:67:8c:
a7:21:e1:67:71:89:f0:f9:4f:57:7d:14:36:ca:0d:
24:50:79:8e:92:2c:74:f7:6d:44:1f:5e:ea:03:d2:
34:5d:30:f3:e3:d9:eb:a7:ff:03:5d:e6:db:58:59:
74:31:33:bc:f9:f1:73:d8:7a:99:9e:15:8e:9f:54:
3c:76:4a:ce:cb:e5:30:88:09:ba:95:a8:db:76:01:
81:41:66:7e:fe:16:50:16:eb:b8:1f:6f:69:f2:b9:
76:a4:ec:c5:71:14:38:89:22:48:5e:ef:75:af:29:
e3:ba:b8:3e:8d:1e:dd:dd:6b:df:5c:7e:4b:17:c3:
6d:fa:f2:31:5b:64:73:69:dc:9f:0f:f9:65:47:ca:
0a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D7:E0:AE:4D:15:F3:BE:A4:EA:F1:65:E0:D9:1B:B4:CA:42:9D:46
X509v3 Authority Key Identifier:
keyid:41:F8:B6:B4:7B:AD:B0:0F:6F:8F:E8:E7:E0:13:FF:55:A1:8E:74:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913D6C9/73FBD332481D11ECB6FEDF77C4F9AE02/Qfi2tHutsA9vj-jn4BP_VaGOdCg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qfi2tHutsA9vj-jn4BP_VaGOdCg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913D6C9/73FBD332481D11ECB6FEDF77C4F9AE02/9D4A6CE8534011ECA89E5D16C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.176.196.0/23
IPv6:
2001:df0:22c0::/48
Signature Algorithm: sha256WithRSAEncryption
a3:e9:ad:8d:ab:ab:03:fd:72:61:08:9b:24:4f:3c:ea:15:c6:
d8:e0:53:af:de:ff:70:5f:ee:0d:c9:fd:63:50:6a:55:70:ba:
11:e0:a2:31:d5:68:32:b7:95:4a:9f:83:ce:86:0f:40:9f:ca:
c7:01:d7:75:c6:83:ef:4f:32:f9:6e:d8:f7:d4:3f:70:48:12:
b7:9a:ef:3a:10:41:06:ba:19:d9:5c:f0:9e:a4:94:5f:3f:84:
4d:61:4e:f7:59:78:70:fa:f6:a9:74:65:1d:0b:eb:0b:83:2e:
40:5d:41:db:d1:40:d3:43:d8:2d:8b:ad:18:8e:45:d2:98:fb:
8a:86:9c:7b:e5:ed:47:ae:ad:b4:8d:d6:ab:c1:3b:84:04:a3:
44:00:2b:91:ce:e8:ac:8c:ba:7d:24:12:e1:38:dd:fb:a9:ee:
e0:1d:1e:39:98:0a:d1:74:f4:da:0a:95:07:92:89:8e:3b:1e:
cb:21:a5:9d:d7:f0:13:3f:80:f6:df:ed:8a:4d:7c:70:ed:fe:
ef:86:0f:6b:b0:a1:2a:da:8f:98:6a:61:fe:ec:35:35:07:88:
5a:df:d2:72:ac:3d:a2:9a:9a:e0:3a:6f:30:ee:98:f9:40:a1:
b4:b0:70:64:c9:c9:ad:46:4b:a8:d3:4c:21:7c:77:12:db:17:
7d:f4:a6:74
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICA3QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0Q2QzkxMTAvBgNVBAUTKDQxRjhCNkI0N0JBREIwMEY2RjhGRThFN0UwMTNGRjU1
QTE4RTc0MjgwHhcNMjMxMjIxMDIxNDE0WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTgzOWY3Ni1hNDM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtnQCYD5ylByWPC0tZbWA2pEvHMz2F1+C2J8Cm9FnlxJgHIDI/1mlltpRGxH7
dBtVug/RxlhCfAoZc3iYDguKVKDCcKqFb4fiGbb6dL7Jeu6YDWmk3dc8Lvp+DROS
YLvB3rwOUxHCRCyIlM13vR7Kn+BgxW4oZ4ynIeFncYnw+U9XfRQ2yg0kUHmOkix0
921EH17qA9I0XTDz49nrp/8DXebbWFl0MTO8+fFz2HqZnhWOn1Q8dkrOy+UwiAm6
lajbdgGBQWZ+/hZQFuu4H29p8rl2pOzFcRQ4iSJIXu91rynjurg+jR7d3WvfXH5L
F8Nt+vIxW2RzadyfD/llR8oKUwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFGvX4K5N
FfO+pOrxZeDZG7TKQp1GMB8GA1UdIwQYMBaAFEH4trR7rbAPb4/o5+AT/1WhjnQo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRDZDOS83M0ZCRDMzMjQ4
MUQxMUVDQjZGRURGNzdDNEY5QUUwMi9RZmkydEh1dHNBOXZqLWpuNEJQX1ZhR09k
Q2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FmaTJ0SHV0c0E5dmotam40QlBfVmFHT2RDZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0Q2QzkvNzNGQkQzMzI0ODFEMTFFQ0I2RkVERjc3QzRGOUFFMDIvOUQ0QTZDRTg1
MzQwMTFFQ0E4OUU1RDE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnsMQwDwQCAAIwCQMHACABDfAiwDANBgkqhkiG9w0BAQsF
AAOCAQEAo+mtjaurA/1yYQibJE886hXG2OBTr97/cF/uDcn9Y1BqVXC6EeCiMdVo
MreVSp+DzoYPQJ/KxwHXdcaD708y+W7Y99Q/cEgSt5rvOhBBBroZ2VzwnqSUXz+E
TWFO91l4cPr2qXRlHQvrC4MuQF1B29FA00PYLYutGI5F0pj7ioace+XtR66ttI3W
q8E7hASjRAArkc7orIy6fSQS4Tjd+6nu4B0eOZgK0XT02gqVB5KJjjseyyGlndfw
Ez+A9t/tik18cO3+74YPa7ChKtqPmGph/uw1NQeIWt/Scqw9opqa4DpvMO6Y+UCh
tLBwZMnJrUZLqNNMIXx3EtsXffSmdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org