Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9127142/966185BA383C11EDB09F0214C4F9AE02/51DC4CFA3E8911EEBAA0A668C4F9AE02.roa
File: 51DC4CFA3E8911EEBAA0A668C4F9AE02.roa (raw, json)
Hash identifier: wj1QmjCqxukcXJ7934ZSlSvBZT69eDvgCviZgQrAEHQ=
Subject key identifier: E6:33:B2:84:45:11:70:C1:1C:0E:C8:E5:D7:82:2A:39:F2:5E:AD:2F
Certificate issuer: /CN=A9127142/serialNumber=A7E71952DCFB395C42CBD8BC6F52F0329CC76B65
Certificate serial: 0180
Authority key identifier: A7:E7:19:52:DC:FB:39:5C:42:CB:D8:BC:6F:52:F0:32:9C:C7:6B:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p-cZUtz7OVxCy9i8b1LwMpzHa2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9127142/966185BA383C11EDB09F0214C4F9AE02/51DC4CFA3E8911EEBAA0A668C4F9AE02.roa
Signing time: Sat 17 Aug 2024 04:05:23 +0000
ROA not before: Sat 17 Aug 2024 04:05:23 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 135587
IP address blocks: 103.7.122.0/24 maxlen: 24
103.7.123.0/24 maxlen: 24
2001:df1:49c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 22 Oct 2024 14:05:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 384 (0x180)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9127142/serialNumber=A7E71952DCFB395C42CBD8BC6F52F0329CC76B65
Validity
Not Before: Aug 17 04:05:23 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66c02182-382c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8b:45:04:53:9f:05:50:25:3d:eb:df:60:e7:
a6:87:7c:ab:3f:a4:bb:25:08:3f:ca:2d:ef:7b:fc:
94:57:09:0a:8c:7a:67:c6:0b:07:15:2d:d4:13:9e:
8c:ab:09:8b:ef:04:63:64:cf:b5:a1:7d:7a:37:f4:
a8:d8:79:8a:94:02:9b:61:64:17:be:5b:99:6a:2f:
d3:d0:69:ef:00:94:93:b0:bc:70:5c:c4:21:85:44:
9e:32:a3:32:34:02:f2:22:45:9e:2a:65:05:8f:bc:
b8:2f:4c:6a:84:3d:6f:dd:53:04:15:a2:ea:5f:6d:
de:df:cc:e4:e8:9c:4f:e5:8c:2a:0c:8b:5a:8c:1a:
cf:3b:e8:d1:7f:89:ba:04:a6:67:91:08:64:70:ac:
99:e1:1d:77:15:76:ec:39:4e:da:51:db:69:30:c0:
ed:ac:dd:b2:f4:9a:3d:c7:9f:04:b5:29:6e:74:30:
16:8f:4f:f2:39:fd:a7:64:d3:cc:5c:b9:26:21:1a:
b8:6d:38:f9:24:ff:52:f5:81:32:92:8f:ad:48:77:
d7:54:7a:24:23:14:c8:c8:11:a4:cf:78:3b:e1:0c:
93:45:d7:bc:7e:d7:46:e6:6f:c0:25:a9:d4:69:21:
12:1d:d7:be:f8:e2:56:5b:52:d9:e3:63:79:88:62:
00:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:33:B2:84:45:11:70:C1:1C:0E:C8:E5:D7:82:2A:39:F2:5E:AD:2F
X509v3 Authority Key Identifier:
keyid:A7:E7:19:52:DC:FB:39:5C:42:CB:D8:BC:6F:52:F0:32:9C:C7:6B:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9127142/966185BA383C11EDB09F0214C4F9AE02/p-cZUtz7OVxCy9i8b1LwMpzHa2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p-cZUtz7OVxCy9i8b1LwMpzHa2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127142/966185BA383C11EDB09F0214C4F9AE02/51DC4CFA3E8911EEBAA0A668C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.7.122.0/23
IPv6:
2001:df1:49c0::/48
Signature Algorithm: sha256WithRSAEncryption
81:72:f8:db:8e:ae:bc:77:1e:07:bd:ab:f2:67:b1:a3:21:ae:
a8:4b:4b:e5:d8:6b:af:51:9b:5b:f9:44:06:27:3d:69:cf:18:
f8:ca:68:3f:4d:b0:54:3a:f8:ab:51:d0:7c:91:7d:76:52:28:
8f:ed:0f:03:d7:82:fd:ca:7c:1a:cd:38:22:32:37:1e:b5:b3:
4d:88:b7:22:1e:84:c0:c3:8d:a7:76:58:55:39:17:3f:d5:7b:
c0:e0:24:20:ce:07:70:be:de:5f:72:da:22:1f:25:cc:d4:a5:
50:d1:1a:f0:ae:3c:2a:71:89:3b:7c:b7:93:15:5f:90:06:72:
c8:3c:8b:d5:10:95:42:ec:c2:be:96:d8:70:36:53:1d:47:32:
33:7d:f7:98:d1:77:66:52:3f:2e:e2:cb:e7:88:76:0d:fe:3a:
30:52:a4:86:2f:46:b2:27:0d:02:6a:d7:c9:18:87:de:f0:0f:
1e:bc:66:3d:17:b0:98:6c:93:2c:e0:76:df:dc:98:9a:be:f8:
02:80:99:e5:4f:cf:b9:9f:60:1d:e2:35:e8:14:e6:6b:bb:eb:
3d:22:97:5a:14:ba:21:15:12:92:c9:ef:9f:19:df:6b:0c:ac:
b2:ea:86:4f:9c:d0:3e:a0:d5:89:10:7a:1c:98:05:88:f7:9d:
23:9b:a0:09
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAYAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjcxNDIxMTAvBgNVBAUTKEE3RTcxOTUyRENGQjM5NUM0MkNCRDhCQzZGNTJGMDMy
OUNDNzZCNjUwHhcNMjQwODE3MDQwNTIzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmMwMjE4Mi0zODJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy4tFBFOfBVAlPevfYOemh3yrP6S7JQg/yi3ve/yUVwkKjHpnxgsHFS3UE56M
qwmL7wRjZM+1oX16N/So2HmKlAKbYWQXvluZai/T0GnvAJSTsLxwXMQhhUSeMqMy
NALyIkWeKmUFj7y4L0xqhD1v3VMEFaLqX23e38zk6JxP5YwqDItajBrPO+jRf4m6
BKZnkQhkcKyZ4R13FXbsOU7aUdtpMMDtrN2y9Jo9x58EtSludDAWj0/yOf2nZNPM
XLkmIRq4bTj5JP9S9YEyko+tSHfXVHokIxTIyBGkz3g74QyTRde8ftdG5m/AJanU
aSESHde++OJWW1LZ42N5iGIAKQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFOYzsoRF
EXDBHA7I5deCKjnyXq0vMB8GA1UdIwQYMBaAFKfnGVLc+zlcQsvYvG9S8DKcx2tl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzE0Mi85NjYxODVCQTM4
M0MxMUVEQjA5RjAyMTRDNEY5QUUwMi9wLWNaVXR6N09WeEN5OWk4YjFMd01wekhh
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3AtY1pVdHo3T1Z4Q3k5aThiMUx3TXB6SGEyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjcxNDIvOTY2MTg1QkEzODNDMTFFREIwOUYwMjE0QzRGOUFFMDIvNTFEQzRDRkEz
RTg5MTFFRUJBQTBBNjY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnB3owDwQCAAIwCQMHACABDfFJwDANBgkqhkiG9w0BAQsF
AAOCAQEAgXL4246uvHceB72r8mexoyGuqEtL5dhrr1GbW/lEBic9ac8Y+MpoP02w
VDr4q1HQfJF9dlIoj+0PA9eC/cp8Gs04IjI3HrWzTYi3Ih6EwMONp3ZYVTkXP9V7
wOAkIM4HcL7eX3LaIh8lzNSlUNEa8K48KnGJO3y3kxVfkAZyyDyL1RCVQuzCvpbY
cDZTHUcyM333mNF3ZlI/LuLL54h2Df46MFKkhi9GsicNAmrXyRiH3vAPHrxmPRew
mGyTLOB239yYmr74AoCZ5U/PuZ9gHeI16BTma7vrPSKXWhS6IRUSksnvnxnfawys
suqGT5zQPqDViRB6HJgFiPedI5ugCQ==
-----END CERTIFICATE-----
Generated at Tue Oct 22 16:58:42 2024 by rpki-client on console-ams.rpki-client.org