Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/9C4CF2F8B67611EDA32C9C33C4F9AE02.roa
File: 9C4CF2F8B67611EDA32C9C33C4F9AE02.roa (raw, json)
Hash identifier: Yvf8sN6GwbnHoCAUqh/0iOu38zUv48TQqKKA3KYH798=
Subject key identifier: 61:EE:82:99:CE:F0:A8:5C:11:C8:81:08:B4:3A:36:8E:0D:C5:D4:D5
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0445
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/9C4CF2F8B67611EDA32C9C33C4F9AE02.roa
Signing time: Wed 22 Mar 2023 02:12:06 +0000
ROA not before: Wed 22 Mar 2023 02:12:06 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 64021
IP address blocks: 43.229.152.0/24 maxlen: 24
43.229.153.0/24 maxlen: 24
103.48.168.0/24 maxlen: 24
103.228.64.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1093 (0x445)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Mar 22 02:12:06 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=641a63f6-37f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:78:96:db:b2:1e:33:cf:d8:f8:82:51:44:4a:
a5:26:a8:67:52:74:b0:9d:e4:e4:6f:a7:3f:04:c5:
31:d6:4c:09:89:c3:9d:d3:54:60:4d:81:94:74:86:
6b:35:16:76:0f:80:06:83:e0:63:9a:39:8f:96:7c:
a3:0b:3e:54:78:00:51:60:d4:ff:98:86:59:ac:0a:
2e:aa:52:18:7c:02:c9:af:03:08:04:51:7a:f9:f7:
40:e4:f1:7b:ab:50:69:5e:c5:5e:a6:e1:7a:8b:33:
b7:58:f1:4a:b5:97:06:d7:04:a1:1f:f1:20:48:fb:
b9:a3:7e:d1:93:9a:c0:c5:19:2f:30:7a:ec:99:b1:
a7:24:a0:2d:3c:33:5a:14:59:7a:15:ac:a8:90:7a:
75:8f:2e:dd:78:de:43:f9:c6:31:ba:42:40:99:53:
99:43:04:f8:39:9f:d2:5a:a4:2a:79:ad:46:21:74:
0a:8a:2d:c9:5f:26:e7:45:12:18:00:c5:1c:e5:df:
c1:7e:cf:d3:ec:44:47:1d:c3:1e:23:9a:aa:24:c3:
52:fb:cf:83:84:12:d2:c0:ed:11:aa:59:09:e0:b1:
b7:dc:d3:43:a2:63:40:1e:fd:94:38:d4:16:ab:c2:
a1:39:93:f2:4f:24:96:a3:3a:74:81:26:9e:50:91:
54:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:EE:82:99:CE:F0:A8:5C:11:C8:81:08:B4:3A:36:8E:0D:C5:D4:D5
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/9C4CF2F8B67611EDA32C9C33C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.152.0/23
103.48.168.0/24
103.228.64.0/24
Signature Algorithm: sha256WithRSAEncryption
78:ef:90:ef:56:12:1a:7e:52:bb:ba:48:dd:52:f1:4d:7a:fd:
10:83:d4:a4:24:08:5d:8d:47:a5:0f:5e:af:2e:ca:88:a4:9f:
c0:58:30:c7:83:87:11:b1:78:cd:e3:6a:86:11:a5:70:7f:87:
cb:e2:2e:33:56:d6:c4:24:02:f5:92:b0:1b:1a:29:13:42:e7:
48:1c:e8:c1:9b:d9:3e:67:17:ed:7d:49:eb:c9:b7:e7:96:ba:
56:d8:66:1c:ba:33:23:05:ff:41:a5:bb:b1:5f:01:2d:6e:d4:
57:65:f3:bf:6b:45:4e:18:93:21:15:82:3d:2e:16:2e:13:39:
b3:b6:bc:ac:bb:7c:ed:91:2b:b2:dd:4e:9f:d3:78:3f:e5:ce:
28:d9:f3:2b:ac:d2:5c:7d:ad:65:71:de:17:2c:6c:b1:ac:d1:
64:9f:5c:1d:ed:03:ed:56:94:c8:d0:7f:dd:bd:60:6c:ac:b2:
d3:85:6b:b3:e6:b6:2b:aa:78:3f:17:9d:ab:ea:94:0f:90:8d:
14:66:2e:af:0c:f8:e2:26:19:1e:81:b6:e7:d8:b0:d9:6e:47:
c3:56:70:8c:f0:8c:e6:06:07:bf:60:08:36:2d:bf:9e:73:f8:
d8:c2:03:d9:15:a8:3d:04:b7:dc:82:fc:7b:97:8c:a3:a1:85:
7c:31:89:d5
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBEUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjMwMzIyMDIxMjA2WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDFhNjNmNi0zN2YyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1XiW27IeM8/Y+IJRREqlJqhnUnSwneTkb6c/BMUx1kwJicOd01RgTYGUdIZr
NRZ2D4AGg+BjmjmPlnyjCz5UeABRYNT/mIZZrAouqlIYfALJrwMIBFF6+fdA5PF7
q1BpXsVepuF6izO3WPFKtZcG1wShH/EgSPu5o37Rk5rAxRkvMHrsmbGnJKAtPDNa
FFl6FayokHp1jy7deN5D+cYxukJAmVOZQwT4OZ/SWqQqea1GIXQKii3JXybnRRIY
AMUc5d/Bfs/T7ERHHcMeI5qqJMNS+8+DhBLSwO0RqlkJ4LG33NNDomNAHv2UONQW
q8KhOZPyTySWozp0gSaeUJFUbwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFGHugpnO
8KhcEciBCLQ6No4NxdTVMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvOUM0Q0YyRjhC
Njc2MTFFREEzMkM5QzMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAEr5ZgDBABnMKgDBABn5EAwDQYJKoZIhvcNAQELBQADggEB
AHjvkO9WEhp+Uru6SN1S8U16/RCD1KQkCF2NR6UPXq8uyoikn8BYMMeDhxGxeM3j
aoYRpXB/h8viLjNW1sQkAvWSsBsaKRNC50gc6MGb2T5nF+19SevJt+eWulbYZhy6
MyMF/0Glu7FfAS1u1Fdl879rRU4YkyEVgj0uFi4TObO2vKy7fO2RK7LdTp/TeD/l
zijZ8yus0lx9rWVx3hcsbLGs0WSfXB3tA+1WlMjQf929YGysstOFa7PmtiuqeD8X
navqlA+QjRRmLq8M+OImGR6BtufYsNluR8NWcIzwjOYGB79gCDYtv55z+NjCA9kV
qD0Et9yC/HuXjKOhhXwxidU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:36 2023 by rpki-client on console-fra.rpki-client.org