Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9174589/5FC627C461C411EEBB151C4BC4F9AE02/A4554AD6A1C111EE96BE4110C4F9AE02.roa
File: A4554AD6A1C111EE96BE4110C4F9AE02.roa (raw, json)
Hash identifier: XIOp7Jp9uCcB/QSz030mtM//VqwRRbglHVbC22PALEQ=
Subject key identifier: 2F:73:EB:CA:2A:B8:99:93:BF:0C:9A:F8:88:75:9A:3C:13:1D:50:A4
Certificate issuer: /CN=A9174589/serialNumber=458CDDCA3E8FB64C9D1A23492528BA777FCDD234
Certificate serial: AC
Authority key identifier: 45:8C:DD:CA:3E:8F:B6:4C:9D:1A:23:49:25:28:BA:77:7F:CD:D2:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RYzdyj6PtkydGiNJJSi6d3_N0jQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9174589/5FC627C461C411EEBB151C4BC4F9AE02/A4554AD6A1C111EE96BE4110C4F9AE02.roa
Signing time: Sat 03 Aug 2024 06:50:48 +0000
ROA not before: Sat 03 Aug 2024 06:50:48 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 137871
IP address blocks: 103.240.2.0/24 maxlen: 24
103.240.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Aug 2024 06:58:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172 (0xac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9174589/serialNumber=458CDDCA3E8FB64C9D1A23492528BA777FCDD234
Validity
Not Before: Aug 3 06:50:48 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=66add348-8704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6a:b4:89:b3:a4:91:b8:c6:e8:9d:51:0e:db:
97:c0:32:a2:51:e6:f7:4d:f9:3e:17:9b:f8:16:9a:
9a:5e:d4:79:68:e5:7b:a9:d0:fa:ad:81:81:24:6b:
b0:f1:47:b3:49:d3:be:6b:41:a8:a7:34:80:e5:57:
94:a9:90:8e:20:b6:79:60:11:29:32:b8:b5:30:f8:
b3:f4:74:17:8b:28:20:51:c0:45:84:7d:7f:e3:87:
6c:d3:29:57:93:36:27:8c:76:2f:51:65:23:4e:5f:
50:dd:eb:7c:86:8f:f9:42:8d:24:68:f1:18:c7:b8:
fd:ff:a6:36:2d:2e:4d:25:50:8a:d1:91:7a:0a:3d:
bb:2e:b3:7d:6d:bc:8f:be:7f:ba:0e:80:61:47:0e:
5d:7c:a6:17:33:31:8d:51:39:47:30:c5:08:61:49:
3d:d8:d0:3a:64:51:93:73:90:2e:0c:7a:fb:b0:e0:
87:0a:94:00:ee:47:be:41:21:66:7e:32:b0:9c:b2:
d2:de:55:78:75:06:9d:2e:cf:bb:da:d7:27:ca:e5:
0f:7d:a4:4f:7d:b9:8a:d3:0f:25:13:23:9d:a2:91:
ed:ef:22:51:0b:43:23:a7:3c:72:dd:60:c9:13:b7:
d9:72:20:71:ed:e3:71:d8:02:eb:3f:e0:79:11:db:
67:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:73:EB:CA:2A:B8:99:93:BF:0C:9A:F8:88:75:9A:3C:13:1D:50:A4
X509v3 Authority Key Identifier:
keyid:45:8C:DD:CA:3E:8F:B6:4C:9D:1A:23:49:25:28:BA:77:7F:CD:D2:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9174589/5FC627C461C411EEBB151C4BC4F9AE02/RYzdyj6PtkydGiNJJSi6d3_N0jQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RYzdyj6PtkydGiNJJSi6d3_N0jQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174589/5FC627C461C411EEBB151C4BC4F9AE02/A4554AD6A1C111EE96BE4110C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.240.2.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:47:3e:4d:34:92:28:c3:de:f1:ce:5e:ed:af:5b:b6:44:9b:
a3:e4:c0:51:07:ad:1c:18:7e:d7:d7:5e:5d:2d:52:cb:41:54:
7c:45:c5:32:02:d5:cb:13:9e:db:92:b9:71:14:66:2e:da:6c:
cf:fd:31:09:57:83:cc:0a:f7:8c:15:98:2b:82:c9:25:b5:dd:
b9:29:b7:66:67:ea:62:f5:44:88:41:aa:5a:9d:cd:b8:cd:fb:
55:bf:df:70:59:3a:7e:96:fc:5e:0c:69:d5:9c:0b:ec:65:f9:
bc:84:c3:ff:1b:2d:91:93:ab:e6:cc:f0:f4:a2:f8:04:17:66:
70:6c:c5:76:18:8f:39:d1:0e:b6:8d:ea:71:cc:27:5e:39:45:
54:0d:33:e0:c2:9c:2f:60:ea:29:0e:be:ca:bb:16:4b:79:d0:
fa:38:37:58:ec:90:48:4e:73:71:8d:a6:43:b9:f5:6e:b4:df:
9e:28:87:75:30:f8:d4:8c:ce:b6:ca:5d:08:23:8a:80:c5:48:
84:2e:21:1b:00:aa:e8:c4:00:2d:03:db:f6:6c:3d:b3:47:af:
f8:91:b8:93:14:3a:70:50:57:4e:fd:f9:b2:1a:df:1b:02:65:
08:85:1f:f4:34:42:47:ab:6e:d3:47:c2:58:96:62:79:c6:99:
cd:36:82:65
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAKwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQ1ODkxMTAvBgNVBAUTKDQ1OENERENBM0U4RkI2NEM5RDFBMjM0OTI1MjhCQTc3
N0ZDREQyMzQwHhcNMjQwODAzMDY1MDQ4WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFkZDM0OC04NzA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwmq0ibOkkbjG6J1RDtuXwDKiUeb3Tfk+F5v4FpqaXtR5aOV7qdD6rYGBJGuw
8UezSdO+a0GopzSA5VeUqZCOILZ5YBEpMri1MPiz9HQXiyggUcBFhH1/44ds0ylX
kzYnjHYvUWUjTl9Q3et8ho/5Qo0kaPEYx7j9/6Y2LS5NJVCK0ZF6Cj27LrN9bbyP
vn+6DoBhRw5dfKYXMzGNUTlHMMUIYUk92NA6ZFGTc5AuDHr7sOCHCpQA7ke+QSFm
fjKwnLLS3lV4dQadLs+72tcnyuUPfaRPfbmK0w8lEyOdopHt7yJRC0Mjpzxy3WDJ
E7fZciBx7eNx2ALrP+B5Edtn5wIDAQABo4IClTCCApEwHQYDVR0OBBYEFC9z68oq
uJmTvwya+Ih1mjwTHVCkMB8GA1UdIwQYMBaAFEWM3co+j7ZMnRojSSUound/zdI0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDU4OS81RkM2MjdDNDYx
QzQxMUVFQkIxNTFDNEJDNEY5QUUwMi9SWXpkeWo2UHRreWRHaU5KSlNpNmQzX04w
alEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JZemR5ajZQdGt5ZEdpTkpKU2k2ZDNfTjBqUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQ1ODkvNUZDNjI3QzQ2MUM0MTFFRUJCMTUxQzRCQzRGOUFFMDIvQTQ1NTRBRDZB
MUMxMTFFRTk2QkU0MTEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn8AIwDQYJKoZIhvcNAQELBQADggEBAD1HPk00kijD3vHO
Xu2vW7ZEm6PkwFEHrRwYftfXXl0tUstBVHxFxTIC1csTntuSuXEUZi7abM/9MQlX
g8wK94wVmCuCySW13bkpt2Zn6mL1RIhBqlqdzbjN+1W/33BZOn6W/F4MadWcC+xl
+byEw/8bLZGTq+bM8PSi+AQXZnBsxXYYjznRDraN6nHMJ145RVQNM+DCnC9g6ikO
vsq7Fkt50Po4N1jskEhOc3GNpkO59W60354oh3Uw+NSMzrbKXQgjioDFSIQuIRsA
qujEAC0D2/ZsPbNHr/iRuJMUOnBQV079+bIa3xsCZQiFH/Q0QkerbtNHwliWYnnG
mc02gmU=
-----END CERTIFICATE-----
Generated at Mon Aug 19 09:06:51 2024 by rpki-client on console-fra.rpki-client.org