Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9122039/FB70DF6AFF2011EB8160AC51C4F9AE02/7940C6003EDC11EF95BD1552C4F9AE02.roa
File: 7940C6003EDC11EF95BD1552C4F9AE02.roa (raw, json)
Hash identifier: tzClMctaqRobnjx5SoyB7hlal8tdTtPs1WN3tTscDWY=
Subject key identifier: 5D:4B:CF:69:9E:32:93:0B:D5:FB:50:D1:DF:88:58:2C:AC:38:BD:27
Certificate issuer: /CN=A9122039/serialNumber=374D9A2C832F2344BDD8CA406311793F66D4C735
Certificate serial: 048C
Authority key identifier: 37:4D:9A:2C:83:2F:23:44:BD:D8:CA:40:63:11:79:3F:66:D4:C7:35
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/N02aLIMvI0S92MpAYxF5P2bUxzU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9122039/FB70DF6AFF2011EB8160AC51C4F9AE02/7940C6003EDC11EF95BD1552C4F9AE02.roa
Signing time: Wed 10 Jul 2024 16:50:12 +0000
ROA not before: Wed 10 Jul 2024 16:50:12 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 33011
IP address blocks: 103.116.4.0/23 maxlen: 24
103.116.6.0/24 maxlen: 24
2402:f2c0::/32 maxlen: 40
Validation: Failed, certificate revoked on Fri 26 Jul 2024 16:47:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1164 (0x48c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9122039/serialNumber=374D9A2C832F2344BDD8CA406311793F66D4C735
Validity
Not Before: Jul 10 16:50:12 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=668ebbc4-445b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:34:92:6c:3a:4f:6a:ec:d3:fc:eb:3f:df:ab:
ce:ff:06:cf:f8:27:f8:84:88:5f:d7:8d:a2:ed:38:
6f:42:11:a4:ad:4c:8e:64:bc:80:20:99:7c:23:93:
f5:6b:61:cc:a0:41:8d:99:9c:8c:28:be:20:d8:d2:
24:4f:b0:b5:90:95:4e:95:7d:f5:ae:22:fe:d9:cf:
a0:fa:51:6e:bc:73:1c:1b:5a:81:3c:0d:75:e4:88:
c4:22:8f:9c:7e:18:00:02:cd:8b:87:22:27:ac:9c:
cf:14:94:dc:52:38:d3:31:ac:ed:45:83:b9:68:4e:
26:5e:e5:ba:74:f0:15:18:32:05:2a:dd:ef:52:16:
e5:46:0f:f8:eb:15:be:e0:38:dd:8b:5c:7e:e6:1e:
e0:75:c8:5d:c2:f7:ef:89:23:08:e1:f8:f1:98:85:
69:56:7d:c9:05:06:f2:04:c0:35:14:d6:76:a1:67:
f4:98:ed:42:4a:ff:ad:7b:4f:11:14:19:95:95:37:
da:38:9e:13:08:0e:b6:3d:d1:60:67:c6:f0:97:6b:
7a:ac:6d:c7:6c:c9:c7:4f:7a:b6:3e:67:fa:69:45:
f5:c2:bb:3a:e6:83:49:d0:c3:12:72:4e:dd:9e:8f:
40:fc:0d:29:be:10:5c:b1:6e:48:71:69:b2:d6:a3:
d2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:4B:CF:69:9E:32:93:0B:D5:FB:50:D1:DF:88:58:2C:AC:38:BD:27
X509v3 Authority Key Identifier:
keyid:37:4D:9A:2C:83:2F:23:44:BD:D8:CA:40:63:11:79:3F:66:D4:C7:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9122039/FB70DF6AFF2011EB8160AC51C4F9AE02/N02aLIMvI0S92MpAYxF5P2bUxzU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/N02aLIMvI0S92MpAYxF5P2bUxzU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122039/FB70DF6AFF2011EB8160AC51C4F9AE02/7940C6003EDC11EF95BD1552C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.116.4.0-103.116.6.255
IPv6:
2402:f2c0::/32
Signature Algorithm: sha256WithRSAEncryption
7d:20:31:89:86:a2:23:f9:db:31:4a:83:7e:a1:b6:fb:b9:93:
48:c4:e3:8a:5e:00:39:e1:e0:a8:4e:e7:ca:2e:7a:b1:b9:93:
8e:f4:9b:d0:bd:dc:cc:0f:0d:3b:f6:71:f0:3f:3a:f9:90:39:
5a:a8:98:d8:82:e3:19:24:93:bb:13:15:d1:db:73:83:43:2e:
5e:3b:6e:a2:f7:e3:16:a6:85:3c:60:31:eb:b2:96:d3:e9:f9:
7b:83:da:d4:1d:a8:27:43:d9:56:0f:1a:74:b1:79:45:61:11:
90:ab:7f:86:08:18:9a:53:26:e7:b8:c8:a5:c7:2d:21:42:ab:
09:ec:1f:e4:f4:b3:31:57:9f:69:2c:fb:09:ab:35:b8:30:32:
36:b2:20:73:27:32:48:62:ff:f0:ee:34:d6:1c:27:f1:20:dc:
62:6e:94:8f:3c:1c:be:f1:aa:b5:d5:c6:c4:b1:00:46:05:71:
f4:25:69:c6:42:ee:37:89:6b:f2:ed:d6:a9:19:17:9b:93:11:
d4:fb:f7:f1:4a:89:37:1c:29:38:83:06:0b:f5:d9:b1:99:f1:
89:28:b6:f8:07:7d:4f:97:7b:0f:0f:3b:7e:8f:ca:97:23:68:
dd:b2:e7:63:17:d8:ce:76:f7:68:b3:db:4c:1c:7d:c8:94:24:
fa:9a:32:d5
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICBIwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjIwMzkxMTAvBgNVBAUTKDM3NEQ5QTJDODMyRjIzNDRCREQ4Q0E0MDYzMTE3OTNG
NjZENEM3MzUwHhcNMjQwNzEwMTY1MDEyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjhlYmJjNC00NDViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoTSSbDpPauzT/Os/36vO/wbP+Cf4hIhf142i7ThvQhGkrUyOZLyAIJl8I5P1
a2HMoEGNmZyMKL4g2NIkT7C1kJVOlX31riL+2c+g+lFuvHMcG1qBPA115IjEIo+c
fhgAAs2LhyInrJzPFJTcUjjTMaztRYO5aE4mXuW6dPAVGDIFKt3vUhblRg/46xW+
4Djdi1x+5h7gdchdwvfviSMI4fjxmIVpVn3JBQbyBMA1FNZ2oWf0mO1CSv+te08R
FBmVlTfaOJ4TCA62PdFgZ8bwl2t6rG3HbMnHT3q2Pmf6aUX1wrs65oNJ0MMSck7d
no9A/A0pvhBcsW5IcWmy1qPSnwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFF1Lz2me
MpML1ftQ0d+IWCysOL0nMB8GA1UdIwQYMBaAFDdNmiyDLyNEvdjKQGMReT9m1Mc1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMjAzOS9GQjcwREY2QUZG
MjAxMUVCODE2MEFDNTFDNEY5QUUwMi9OMDJhTElNdkkwUzkyTXBBWXhGNVAyYlV4
elUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL04wMmFMSU12STBTOTJNcEFZeEY1UDJiVXh6VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjIwMzkvRkI3MERGNkFGRjIwMTFFQjgxNjBBQzUxQzRGOUFFMDIvNzk0MEM2MDAz
RURDMTFFRjk1QkQxNTUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBQEAgABMA4wDAMEAmd0BAMEAGd0BjANBAIAAjAHAwUAJALywDANBgkqhkiG
9w0BAQsFAAOCAQEAfSAxiYaiI/nbMUqDfqG2+7mTSMTjil4AOeHgqE7nyi56sbmT
jvSb0L3czA8NO/Zx8D86+ZA5WqiY2ILjGSSTuxMV0dtzg0MuXjtuovfjFqaFPGAx
67KW0+n5e4Pa1B2oJ0PZVg8adLF5RWERkKt/hggYmlMm57jIpcctIUKrCewf5PSz
MVefaSz7Cas1uDAyNrIgcycySGL/8O401hwn8SDcYm6UjzwcvvGqtdXGxLEARgVx
9CVpxkLuN4lr8u3WqRkXm5MR1Pv38UqJNxwpOIMGC/XZsZnxiSi2+Ad9T5d7Dw87
fo/KlyNo3bLnYxfYznb3aLPbTBx9yJQk+poy1Q==
-----END CERTIFICATE-----
Generated at Fri Jul 26 19:28:07 2024 by rpki-client on console-ams.rpki-client.org