Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/77613B58497311EEB2F56426C4F9AE02.roa
File: 77613B58497311EEB2F56426C4F9AE02.roa (raw, json)
Hash identifier: 0WRsh9QQWK/nHO3KRkCLTQL+iO0oOFU8F83Pf6XQTbQ=
Subject key identifier: 62:AA:6E:2F:60:8A:D0:AB:9F:03:AF:4D:23:4C:4B:0A:01:BB:07:89
Certificate issuer: /CN=A914661C/serialNumber=74AEB63F2F1DA957D65820964FF79DF0F593800C
Certificate serial: 0121
Authority key identifier: 74:AE:B6:3F:2F:1D:A9:57:D6:58:20:96:4F:F7:9D:F0:F5:93:80:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dK62Py8dqVfWWCCWT_ed8PWTgAw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/77613B58497311EEB2F56426C4F9AE02.roa
Signing time: Wed 15 Nov 2023 04:35:06 +0000
ROA not before: Wed 15 Nov 2023 04:35:06 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 151786
IP address blocks: 103.7.4.0/24 maxlen: 24
2400:ac20:2000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 05 Mar 2024 18:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 289 (0x121)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914661C/serialNumber=74AEB63F2F1DA957D65820964FF79DF0F593800C
Validity
Not Before: Nov 15 04:35:06 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65544a7a-31d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:62:0e:89:5d:97:07:ff:a8:4d:b3:8c:94:06:
de:f3:e1:f8:ee:82:85:dd:3b:c2:3d:48:70:93:34:
2d:ae:e6:54:fd:5c:b6:ba:74:56:d9:3e:0f:63:70:
d5:b2:2e:ce:88:4d:41:2f:21:0b:36:69:2f:47:e9:
da:b0:cb:48:77:68:af:0a:15:b3:6a:29:47:8b:a2:
b6:bd:da:4c:ee:58:b5:e2:3d:22:e6:95:9d:ed:10:
92:e3:3e:37:13:15:b3:7d:b7:b3:cc:c6:62:3d:d0:
fd:a3:21:db:63:36:79:60:bf:7a:e4:32:7e:cc:d4:
54:d7:a1:2c:80:55:95:c1:08:9f:b5:3b:ba:75:11:
98:a2:66:7e:58:27:a2:4b:e0:a0:a6:7c:24:f1:9d:
4f:43:68:00:d5:c5:21:a0:a7:e1:b9:6e:f4:26:78:
5f:b8:9f:85:c8:a3:3e:70:67:a1:c0:ef:e6:3a:fc:
29:76:e9:6b:a1:a3:7f:42:cf:d0:e0:44:fc:81:43:
55:05:3c:7b:de:a5:1f:e7:13:ae:50:8e:8b:fc:06:
af:04:7d:44:6a:56:97:ba:e9:6d:39:74:0e:38:75:
6f:d2:52:3b:e2:40:fe:f8:ab:62:c4:0e:c5:5d:26:
3f:9e:64:8b:df:eb:65:29:b7:b9:06:2e:11:93:b4:
1f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:AA:6E:2F:60:8A:D0:AB:9F:03:AF:4D:23:4C:4B:0A:01:BB:07:89
X509v3 Authority Key Identifier:
keyid:74:AE:B6:3F:2F:1D:A9:57:D6:58:20:96:4F:F7:9D:F0:F5:93:80:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/dK62Py8dqVfWWCCWT_ed8PWTgAw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dK62Py8dqVfWWCCWT_ed8PWTgAw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/77613B58497311EEB2F56426C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.7.4.0/24
IPv6:
2400:ac20:2000::/36
Signature Algorithm: sha256WithRSAEncryption
4f:a0:59:db:e8:48:b3:14:f1:1c:93:ce:99:e8:94:1f:3b:fd:
37:63:4b:c1:4c:c6:a2:98:37:61:3d:f6:3c:fc:62:0a:cd:ff:
14:90:b7:fa:0a:40:d9:f6:a9:4c:bb:60:98:30:ab:29:86:da:
e9:9d:83:c6:08:71:90:71:53:8f:55:48:77:76:a1:19:ba:ea:
c5:d3:74:1f:3b:87:fa:52:bb:17:6c:09:7e:2c:be:5b:d5:f2:
2b:5f:76:55:09:22:65:92:01:8a:1b:d7:85:35:59:cb:e8:bb:
c2:4a:55:06:5f:55:6d:c2:ce:e9:00:47:24:f4:79:bf:73:d0:
34:d9:0a:9c:52:e8:5c:f3:ea:98:c1:f1:65:1f:74:36:2b:b1:
6f:ff:64:19:1d:e5:2e:91:27:c6:a9:60:1c:38:8d:04:c3:3e:
ef:e2:91:0a:22:5d:20:24:86:29:64:77:e0:26:2f:b9:a1:ea:
76:9b:85:7f:6a:54:dc:b4:76:07:52:d2:22:83:46:f0:98:88:
c8:d5:2b:c8:ab:f7:fb:81:53:12:90:da:b9:2b:e3:34:7f:28:
14:3a:fc:e5:48:3d:45:2e:bf:17:d1:61:3d:b7:bb:fe:2a:0f:
b6:38:83:9b:96:37:eb:c0:b9:98:02:4c:ad:fc:8a:d9:15:83:
11:ef:ee:4d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICASEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDY2MUMxMTAvBgNVBAUTKDc0QUVCNjNGMkYxREE5NTdENjU4MjA5NjRGRjc5REYw
RjU5MzgwMEMwHhcNMjMxMTE1MDQzNTA2WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTU0NGE3YS0zMWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA02IOiV2XB/+oTbOMlAbe8+H47oKF3TvCPUhwkzQtruZU/Vy2unRW2T4PY3DV
si7OiE1BLyELNmkvR+nasMtId2ivChWzailHi6K2vdpM7li14j0i5pWd7RCS4z43
ExWzfbezzMZiPdD9oyHbYzZ5YL965DJ+zNRU16EsgFWVwQiftTu6dRGYomZ+WCei
S+Cgpnwk8Z1PQ2gA1cUhoKfhuW70JnhfuJ+FyKM+cGehwO/mOvwpdulroaN/Qs/Q
4ET8gUNVBTx73qUf5xOuUI6L/AavBH1EalaXuultOXQOOHVv0lI74kD++KtixA7F
XSY/nmSL3+tlKbe5Bi4Rk7QfWQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGKqbi9g
itCrnwOvTSNMSwoBuweJMB8GA1UdIwQYMBaAFHSutj8vHalX1lgglk/3nfD1k4AM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NjYxQy83NzBDQkUyNDM2
QTYxMUVEOEZDMTcwMkNDNEY5QUUwMi9kSzYyUHk4ZHFWZldXQ0NXVF9lZDhQV1Rn
QXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RLNjJQeThkcVZmV1dDQ1dUX2VkOFBXVGdBdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDY2MUMvNzcwQ0JFMjQzNkE2MTFFRDhGQzE3MDJDQzRGOUFFMDIvNzc2MTNCNTg0
OTczMTFFRUIyRjU2NDI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBABnBwQwDgQCAAIwCAMGBCQArCAgMA0GCSqGSIb3DQEBCwUA
A4IBAQBPoFnb6EizFPEck86Z6JQfO/03Y0vBTMaimDdhPfY8/GIKzf8UkLf6CkDZ
9qlMu2CYMKsphtrpnYPGCHGQcVOPVUh3dqEZuurF03QfO4f6UrsXbAl+LL5b1fIr
X3ZVCSJlkgGKG9eFNVnL6LvCSlUGX1Vtws7pAEck9Hm/c9A02QqcUuhc8+qYwfFl
H3Q2K7Fv/2QZHeUukSfGqWAcOI0Ewz7v4pEKIl0gJIYpZHfgJi+5oep2m4V/alTc
tHYHUtIig0bwmIjI1SvIq/f7gVMSkNq5K+M0fygUOvzlSD1FLr8X0WE9t7v+Kg+2
OIObljfrwLmYAkyt/IrZFYMR7+5N
-----END CERTIFICATE-----
Generated at Tue Mar 5 22:41:18 2024 by rpki-client on console-fra.rpki-client.org