Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/4AF466560BDD11EC99F6A975C4F9AE02.roa
File: 4AF466560BDD11EC99F6A975C4F9AE02.roa (raw, json)
Hash identifier: DaeOf2TpbQQCxpNTgruIL6ZabpP3wD+qRIkj3366cLs=
Subject key identifier: 55:84:84:81:B7:78:47:E7:F8:EB:0B:FE:64:B7:9E:2E:BA:3D:9C:CE
Certificate issuer: /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Certificate serial: 2622
Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/4AF466560BDD11EC99F6A975C4F9AE02.roa
Signing time: Sun 06 Aug 2023 16:12:46 +0000
ROA not before: Sun 06 Aug 2023 16:12:46 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 137443
IP address blocks: 103.196.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Mar 2024 15:05:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9762 (0x2622)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Validity
Not Before: Aug 6 16:12:46 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64cfc67d-35a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2a:f8:1a:ff:7c:22:66:38:fc:38:ef:9c:21:
20:52:ca:09:c1:9d:94:cf:97:39:ff:45:c5:08:da:
1a:49:f2:82:19:3a:06:70:f7:50:2d:00:ba:ed:4f:
13:5c:08:2f:f3:56:2f:66:24:01:ac:5b:99:55:17:
d2:12:97:7a:74:86:1b:7a:5b:04:02:ea:c6:fb:34:
d1:0f:e5:48:f6:31:56:30:18:e0:84:ca:f7:52:a4:
56:4a:78:79:1b:d4:26:26:c5:cb:97:9f:44:2e:0c:
fc:d4:bb:bb:b6:37:3a:41:cd:fe:93:1a:27:f0:20:
b9:2b:bf:e5:85:bf:d7:80:b4:3a:bf:ca:86:7d:1b:
42:4b:c1:7e:f6:fe:82:07:f5:4c:17:af:51:84:97:
36:57:47:d3:1e:36:72:0d:cb:1c:a8:ee:15:39:c2:
0c:9b:da:4b:a4:53:02:34:07:b2:fb:9f:9a:2f:84:
ff:1b:6c:1c:e6:37:e2:ca:b6:b7:d4:b3:6c:2d:5c:
81:b0:62:df:2e:60:36:7a:10:0e:c7:25:38:ef:9f:
18:0e:37:45:c5:ac:ee:1f:b1:1b:0c:e8:46:09:db:
6d:d6:06:44:99:95:41:7b:9a:29:9d:a5:a1:be:7f:
6c:f2:68:e9:8b:c6:14:ce:77:78:03:90:23:b7:68:
0e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:84:84:81:B7:78:47:E7:F8:EB:0B:FE:64:B7:9E:2E:BA:3D:9C:CE
X509v3 Authority Key Identifier:
keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/4AF466560BDD11EC99F6A975C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.196.22.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:79:9e:b8:12:24:6a:0d:a1:80:be:57:ee:38:ee:66:32:fb:
8e:71:cb:e9:3b:e7:2c:13:08:aa:1e:56:1c:b4:70:91:d4:02:
e9:a0:26:a1:6f:4c:a0:7d:36:b2:d4:fb:b3:75:46:27:00:db:
27:61:e9:cf:ee:2a:3f:f1:81:21:e5:5c:38:f1:57:23:77:9e:
84:73:5b:ee:17:72:9d:24:8d:07:e9:39:a2:49:57:cc:2e:c5:
02:f2:1f:d9:d7:2b:49:9a:2e:f7:03:80:20:bd:64:a7:5e:a7:
00:41:b6:1c:0e:48:b4:a2:a3:97:e9:f2:53:73:71:e4:70:2d:
b8:1a:64:9c:2e:5e:46:bb:e2:41:90:a5:d5:ba:94:d8:86:58:
71:1f:da:eb:ec:cc:39:cb:b0:b9:57:6c:ee:e8:51:f5:4e:41:
0d:36:42:8d:28:8b:70:86:2b:28:46:56:da:18:4a:b1:43:fc:
a0:0f:e3:df:c9:91:34:17:6d:61:4a:55:50:d4:0a:ef:13:81:
66:90:b7:04:14:b3:66:b5:a6:ae:31:8a:6a:77:d3:a6:1f:59:
03:c7:a3:d4:e2:fb:60:00:db:4e:de:91:e6:f4:08:87:ab:86:
21:4a:04:95:20:e4:d9:4b:c2:bb:b2:99:fd:41:24:73:5c:af:
f0:e1:51:51
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJiIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw
ODYzRDNEOTMwHhcNMjMwODA2MTYxMjQ2WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNmYzY3ZC0zNWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0yr4Gv98ImY4/DjvnCEgUsoJwZ2Uz5c5/0XFCNoaSfKCGToGcPdQLQC67U8T
XAgv81YvZiQBrFuZVRfSEpd6dIYbelsEAurG+zTRD+VI9jFWMBjghMr3UqRWSnh5
G9QmJsXLl59ELgz81Lu7tjc6Qc3+kxon8CC5K7/lhb/XgLQ6v8qGfRtCS8F+9v6C
B/VMF69RhJc2V0fTHjZyDcscqO4VOcIMm9pLpFMCNAey+5+aL4T/G2wc5jfiyra3
1LNsLVyBsGLfLmA2ehAOxyU4758YDjdFxazuH7EbDOhGCdtt1gZEmZVBe5opnaWh
vn9s8mjpi8YUznd4A5Ajt2gOgQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFWEhIG3
eEfn+OsL/mS3ni66PZzOMB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB
ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvNEFGNDY2NTYw
QkREMTFFQzk5RjZBOTc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnxBYwDQYJKoZIhvcNAQELBQADggEBAKR5nrgSJGoNoYC+
V+447mYy+45xy+k75ywTCKoeVhy0cJHUAumgJqFvTKB9NrLU+7N1RicA2ydh6c/u
Kj/xgSHlXDjxVyN3noRzW+4Xcp0kjQfpOaJJV8wuxQLyH9nXK0maLvcDgCC9ZKde
pwBBthwOSLSio5fp8lNzceRwLbgaZJwuXka74kGQpdW6lNiGWHEf2uvszDnLsLlX
bO7oUfVOQQ02Qo0oi3CGKyhGVtoYSrFD/KAP49/JkTQXbWFKVVDUCu8TgWaQtwQU
s2a1pq4ximp306YfWQPHo9Ti+2AA207ekeb0CIerhiFKBJUg5NlLwruymf1BJHNc
r/DhUVE=
-----END CERTIFICATE-----
Generated at Tue Mar 19 17:58:37 2024 by rpki-client on console-ams.rpki-client.org