Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9121836/F1DB1D44F4FB11ED938F9447C4F9AE02/036AE674F50211ED8A235C4EC4F9AE02.roa
File: 036AE674F50211ED8A235C4EC4F9AE02.roa (raw, json)
Hash identifier: 0X4hM+ZS5o4rsSzHyiq73Flv9u/0i7DetS1RV00lTaA=
Subject key identifier: 35:D9:9C:6E:69:F5:B9:37:5D:34:2D:36:DD:74:A1:79:B7:23:B4:DA
Certificate issuer: /CN=A9121836/serialNumber=66B214D11C7F961A95C4256703428E93CBA72986
Certificate serial: 07
Authority key identifier: 66:B2:14:D1:1C:7F:96:1A:95:C4:25:67:03:42:8E:93:CB:A7:29:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZrIU0Rx_lhqVxCVnA0KOk8unKYY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9121836/F1DB1D44F4FB11ED938F9447C4F9AE02/036AE674F50211ED8A235C4EC4F9AE02.roa
Signing time: Thu 18 May 2023 04:56:58 +0000
ROA not before: Thu 18 May 2023 04:56:58 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 4851
IP address blocks: 103.25.115.0/24 maxlen: 24
103.74.216.0/22 maxlen: 22
103.194.229.0/24 maxlen: 24
103.206.187.0/24 maxlen: 24
2407:3280::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9121836/serialNumber=66B214D11C7F961A95C4256703428E93CBA72986
Validity
Not Before: May 18 04:56:58 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=6465b01a-068f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a6:53:d5:5b:da:78:a3:ca:41:48:dd:6f:aa:
61:34:4c:39:13:88:60:04:23:bc:f9:30:97:ad:ce:
45:ac:9b:06:aa:48:50:30:92:7c:ad:f2:64:32:bb:
0e:44:1c:2d:7e:99:e5:87:eb:e3:62:a0:e0:bb:88:
23:21:ba:1d:0e:8b:cf:a1:ab:80:a6:1c:5e:8c:ff:
57:55:2b:08:1c:57:d5:42:93:8f:04:32:ae:b4:98:
61:62:80:05:cd:b5:ed:23:9f:f8:89:8c:b9:3d:09:
b9:7d:e6:03:eb:d4:e5:bd:48:3f:21:e6:82:ee:b9:
d5:df:72:8a:49:0e:ed:a6:47:6b:62:51:86:c2:41:
fb:cf:64:a7:5e:d8:79:ef:e0:d9:29:50:8a:a1:ec:
23:d7:94:72:a7:78:18:77:b1:28:42:ca:58:a9:08:
2a:b4:53:9d:db:fc:79:74:e1:ff:63:0a:70:3a:f0:
f6:0a:a9:f1:39:0a:29:72:a4:c4:4c:c8:e6:70:56:
d9:73:d0:57:be:ab:52:06:7b:5b:b3:05:96:4d:c9:
d1:8a:19:69:93:51:27:87:23:63:e0:85:00:90:b2:
94:4c:44:d0:11:5f:5e:dc:57:0f:fa:a4:7e:d4:37:
f8:39:d3:b8:e9:c1:17:1b:84:c0:26:a2:b5:f0:ea:
ce:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D9:9C:6E:69:F5:B9:37:5D:34:2D:36:DD:74:A1:79:B7:23:B4:DA
X509v3 Authority Key Identifier:
keyid:66:B2:14:D1:1C:7F:96:1A:95:C4:25:67:03:42:8E:93:CB:A7:29:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9121836/F1DB1D44F4FB11ED938F9447C4F9AE02/ZrIU0Rx_lhqVxCVnA0KOk8unKYY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZrIU0Rx_lhqVxCVnA0KOk8unKYY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9121836/F1DB1D44F4FB11ED938F9447C4F9AE02/036AE674F50211ED8A235C4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.25.115.0/24
103.74.216.0/22
103.194.229.0/24
103.206.187.0/24
IPv6:
2407:3280::/32
Signature Algorithm: sha256WithRSAEncryption
1b:eb:02:69:84:bd:e6:be:80:df:ca:51:cd:6e:74:20:ff:5b:
91:d6:fe:14:9e:3f:b6:37:e7:75:b1:5a:c3:55:1f:77:71:6f:
32:49:20:68:7f:c6:e5:90:02:78:11:cb:af:60:16:28:81:e3:
78:9c:f4:90:fd:2c:76:ab:7c:01:72:cc:8e:60:f5:ba:5f:a0:
21:a6:4e:65:c0:a7:31:3d:aa:bc:55:2e:ae:b8:e3:22:e8:7e:
8c:fa:22:d9:cd:87:99:e0:7f:54:78:70:76:f2:de:29:ac:cc:
a5:ac:42:2a:5f:c0:1f:57:ef:14:bb:df:97:c1:82:28:f7:e7:
1d:dd:7d:65:35:f6:dd:84:80:b1:07:40:97:3d:69:2f:c4:98:
9a:7a:c7:ac:f6:5d:de:e2:62:5a:e7:b7:0c:8e:7f:27:a7:69:
6c:2f:1d:dc:78:95:7d:5c:9d:0a:01:47:6a:80:b3:83:f4:d3:
6c:48:f9:fc:31:a9:cb:5d:98:7f:f3:cb:2c:79:3e:26:91:e9:
99:a2:4d:b7:d8:e5:4d:85:57:e7:c6:d9:25:02:61:63:94:34:
3d:e5:e4:27:3d:87:ae:8b:c9:28:e5:a7:5e:07:42:ce:e2:7b:
00:a3:4e:ea:eb:32:d9:31:0e:a7:7a:d1:0e:9e:75:5f:cc:f7:
b8:fe:dc:ab
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
MTgzNjExMC8GA1UEBRMoNjZCMjE0RDExQzdGOTYxQTk1QzQyNTY3MDM0MjhFOTND
QkE3Mjk4NjAeFw0yMzA1MTgwNDU2NThaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NjViMDFhLTA2OGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDmplPVW9p4o8pBSN1vqmE0TDkTiGAEI7z5MJetzkWsmwaqSFAwknyt8mQyuw5E
HC1+meWH6+NioOC7iCMhuh0Oi8+hq4CmHF6M/1dVKwgcV9VCk48EMq60mGFigAXN
te0jn/iJjLk9Cbl95gPr1OW9SD8h5oLuudXfcopJDu2mR2tiUYbCQfvPZKde2Hnv
4NkpUIqh7CPXlHKneBh3sShCylipCCq0U53b/Hl04f9jCnA68PYKqfE5CilypMRM
yOZwVtlz0Fe+q1IGe1uzBZZNydGKGWmTUSeHI2PghQCQspRMRNARX17cVw/6pH7U
N/g507jpwRcbhMAmorXw6s6rAgMBAAGjggK2MIICsjAdBgNVHQ4EFgQUNdmcbmn1
uTddNC023XShebcjtNowHwYDVR0jBBgwFoAUZrIU0Rx/lhqVxCVnA0KOk8unKYYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIxODM2L0YxREIxRDQ0RjRG
QjExRUQ5MzhGOTQ0N0M0RjlBRTAyL1pySVUwUnhfbGhxVnhDVm5BMEtPazh1bktZ
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWnJJVTBSeF9saHFWeENWbkEwS09rOHVuS1lZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
MTgzNi9GMURCMUQ0NEY0RkIxMUVEOTM4Rjk0NDdDNEY5QUUwMi8wMzZBRTY3NEY1
MDIxMUVEOEEyMzVDNEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBABggrBgEFBQcBBwEB/wQx
MC8wHgQCAAEwGAMEAGcZcwMEAmdK2AMEAGfC5QMEAGfOuzANBAIAAjAHAwUAJAcy
gDANBgkqhkiG9w0BAQsFAAOCAQEAG+sCaYS95r6A38pRzW50IP9bkdb+FJ4/tjfn
dbFaw1Ufd3FvMkkgaH/G5ZACeBHLr2AWKIHjeJz0kP0sdqt8AXLMjmD1ul+gIaZO
ZcCnMT2qvFUurrjjIuh+jPoi2c2HmeB/VHhwdvLeKazMpaxCKl/AH1fvFLvfl8GC
KPfnHd19ZTX23YSAsQdAlz1pL8SYmnrHrPZd3uJiWue3DI5/J6dpbC8d3HiVfVyd
CgFHaoCzg/TTbEj5/DGpy12Yf/PLLHk+JpHpmaJNt9jlTYVX58bZJQJhY5Q0PeXk
Jz2HrovJKOWnXgdCzuJ7AKNO6usy2TEOp3rRDp51X8z3uP7cqw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:36 2023 by rpki-client on console-fra.rpki-client.org