Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9121836/F1DB1D44F4FB11ED938F9447C4F9AE02/8679D334F54511ED9AE2F413C4F9AE02.roa
File: 8679D334F54511ED9AE2F413C4F9AE02.roa (raw, json)
Hash identifier: s7Yvdu0anzTRWCmOtuqkJYMp36nkiqtS/ZKeQIScsZo=
Subject key identifier: 60:54:04:E9:B2:DE:6F:EC:30:EB:C7:97:40:4F:ED:A1:E4:64:56:2F
Certificate issuer: /CN=A9121836/serialNumber=66B214D11C7F961A95C4256703428E93CBA72986
Certificate serial: 55
Authority key identifier: 66:B2:14:D1:1C:7F:96:1A:95:C4:25:67:03:42:8E:93:CB:A7:29:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZrIU0Rx_lhqVxCVnA0KOk8unKYY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9121836/F1DB1D44F4FB11ED938F9447C4F9AE02/8679D334F54511ED9AE2F413C4F9AE02.roa
Signing time: Tue 03 Oct 2023 05:05:47 +0000
ROA not before: Tue 03 Oct 2023 05:05:47 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 4851
IP address blocks: 103.74.216.0/22 maxlen: 22
103.194.229.0/24 maxlen: 24
103.206.187.0/24 maxlen: 24
2407:3280::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 08 Feb 2024 11:37:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85 (0x55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9121836/serialNumber=66B214D11C7F961A95C4256703428E93CBA72986
Validity
Not Before: Oct 3 05:05:47 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=651ba12b-1413
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:41:08:0c:74:02:2e:7d:86:9a:c8:ab:bd:2d:
ef:82:99:81:bc:4d:9e:8d:c9:cb:02:0e:07:64:81:
fd:f3:70:ad:ab:07:e4:29:84:7b:af:16:f2:9c:e0:
2d:39:a4:10:64:2d:1d:96:c7:e6:60:f9:a1:05:75:
fd:24:95:4d:53:98:f2:5c:91:3e:f7:65:15:f8:9a:
36:bb:d1:27:b4:48:04:8a:65:db:70:61:6c:62:91:
e3:b9:2c:74:4d:e0:3f:f2:69:68:55:d7:b5:87:a3:
cd:3d:1d:4a:b7:ca:78:a2:83:80:1e:08:4c:9b:c8:
3d:3d:c4:ef:13:57:bb:3c:bb:a1:41:88:58:3d:7d:
e1:26:a1:2b:73:20:ed:55:bd:28:bd:82:b7:f5:5f:
ee:35:a9:e0:20:87:78:eb:ca:c1:fe:0b:34:1f:e3:
25:8d:f6:9c:84:5a:f8:fc:19:fe:cb:da:6f:4b:cc:
36:88:fd:09:17:21:89:b2:8d:30:21:63:da:9a:3c:
ed:b4:74:56:26:b8:13:01:b2:8c:0b:e2:5c:85:ca:
b9:9c:c6:be:e6:93:55:b3:61:5e:59:10:ef:d6:69:
c6:52:e8:70:6f:4c:2b:de:94:10:a5:59:01:06:4a:
e7:cd:ec:8a:1d:7f:0d:4d:56:5e:8d:0d:66:8d:de:
24:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:54:04:E9:B2:DE:6F:EC:30:EB:C7:97:40:4F:ED:A1:E4:64:56:2F
X509v3 Authority Key Identifier:
keyid:66:B2:14:D1:1C:7F:96:1A:95:C4:25:67:03:42:8E:93:CB:A7:29:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9121836/F1DB1D44F4FB11ED938F9447C4F9AE02/ZrIU0Rx_lhqVxCVnA0KOk8unKYY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZrIU0Rx_lhqVxCVnA0KOk8unKYY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9121836/F1DB1D44F4FB11ED938F9447C4F9AE02/8679D334F54511ED9AE2F413C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.74.216.0/22
103.194.229.0/24
103.206.187.0/24
IPv6:
2407:3280::/32
Signature Algorithm: sha256WithRSAEncryption
6c:93:ab:e5:b6:c1:e8:b5:0d:d7:40:fd:94:0f:15:50:b6:dd:
9d:e0:16:76:bd:2c:c6:7a:a3:b3:2a:89:09:10:b9:89:1a:80:
a9:2e:24:1c:79:c3:58:56:84:6b:a4:a5:5f:15:f3:d1:ce:94:
32:da:75:a9:16:4d:aa:ef:16:ad:5f:fc:61:73:fd:5f:ac:48:
6b:5a:3c:9b:e1:45:f1:94:cb:f9:fa:64:5e:e2:91:5b:be:e3:
b6:13:cb:2f:39:80:82:0d:e8:eb:af:d8:a4:c3:74:ba:f6:99:
c4:e8:98:ae:23:f0:53:a0:7e:40:b5:fd:05:70:77:53:3c:16:
3c:a8:e3:25:eb:cc:c0:e6:9e:fe:37:b9:df:5d:15:6d:c0:b6:
7e:51:58:ed:e3:0a:04:3e:72:24:70:d4:1c:36:b8:ae:91:bd:
c9:18:ac:c9:62:f4:63:d7:d1:c2:e3:ee:aa:01:3d:4c:ea:e9:
9d:1f:35:ec:3f:d7:52:80:4d:d7:f5:36:34:6c:a5:f8:2c:7f:
0d:ba:b2:5a:cf:d3:3a:a2:3a:8a:1a:ef:02:f8:6b:59:58:45:
74:40:85:e4:57:1a:80:aa:55:57:9c:5d:6f:94:9a:59:5a:9d:
07:22:3b:37:f2:af:97:55:fe:89:4e:10:f2:21:c8:53:f1:18:
8e:88:3a:0c
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgIBVTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
MTgzNjExMC8GA1UEBRMoNjZCMjE0RDExQzdGOTYxQTk1QzQyNTY3MDM0MjhFOTND
QkE3Mjk4NjAeFw0yMzEwMDMwNTA1NDdaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MWJhMTJiLTE0MTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCqQQgMdAIufYaayKu9Le+CmYG8TZ6NycsCDgdkgf3zcK2rB+QphHuvFvKc4C05
pBBkLR2Wx+Zg+aEFdf0klU1TmPJckT73ZRX4mja70Se0SASKZdtwYWxikeO5LHRN
4D/yaWhV17WHo809HUq3yniig4AeCEybyD09xO8TV7s8u6FBiFg9feEmoStzIO1V
vSi9grf1X+41qeAgh3jrysH+CzQf4yWN9pyEWvj8Gf7L2m9LzDaI/QkXIYmyjTAh
Y9qaPO20dFYmuBMBsowL4lyFyrmcxr7mk1WzYV5ZEO/WacZS6HBvTCvelBClWQEG
SufN7Iodfw1NVl6NDWaN3iQfAgMBAAGjggKwMIICrDAdBgNVHQ4EFgQUYFQE6bLe
b+ww68eXQE/toeRkVi8wHwYDVR0jBBgwFoAUZrIU0Rx/lhqVxCVnA0KOk8unKYYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIxODM2L0YxREIxRDQ0RjRG
QjExRUQ5MzhGOTQ0N0M0RjlBRTAyL1pySVUwUnhfbGhxVnhDVm5BMEtPazh1bktZ
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWnJJVTBSeF9saHFWeENWbkEwS09rOHVuS1lZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
MTgzNi9GMURCMUQ0NEY0RkIxMUVEOTM4Rjk0NDdDNEY5QUUwMi84Njc5RDMzNEY1
NDUxMUVEOUFFMkY0MTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA6BggrBgEFBQcBBwEB/wQr
MCkwGAQCAAEwEgMEAmdK2AMEAGfC5QMEAGfOuzANBAIAAjAHAwUAJAcygDANBgkq
hkiG9w0BAQsFAAOCAQEAbJOr5bbB6LUN10D9lA8VULbdneAWdr0sxnqjsyqJCRC5
iRqAqS4kHHnDWFaEa6SlXxXz0c6UMtp1qRZNqu8WrV/8YXP9X6xIa1o8m+FF8ZTL
+fpkXuKRW77jthPLLzmAgg3o66/YpMN0uvaZxOiYriPwU6B+QLX9BXB3UzwWPKjj
JevMwOae/je5310VbcC2flFY7eMKBD5yJHDUHDa4rpG9yRisyWL0Y9fRwuPuqgE9
TOrpnR817D/XUoBN1/U2NGyl+Cx/DbqyWs/TOqI6ihrvAvhrWVhFdECF5FcagKpV
V5xdb5SaWVqdByI7N/Kvl1X+iU4Q8iHIU/EYjog6DA==
-----END CERTIFICATE-----
Generated at Thu Feb 8 16:50:24 2024 by rpki-client on console-ams.rpki-client.org