Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9127142/966185BA383C11EDB09F0214C4F9AE02/A8A6CFFE907E11EF9E083631C4F9AE02.roa
File: A8A6CFFE907E11EF9E083631C4F9AE02.roa (raw, json)
Hash identifier: jJHFGQx906r8kL05/OWtN5S2kUhPS/YNHKU54g7qV1k=
Subject key identifier: 3D:04:EF:8F:53:C1:C1:7E:55:E6:93:39:0F:73:F6:15:64:D4:3C:0B
Certificate issuer: /CN=A9127142/serialNumber=A7E71952DCFB395C42CBD8BC6F52F0329CC76B65
Certificate serial: 01A9
Authority key identifier: A7:E7:19:52:DC:FB:39:5C:42:CB:D8:BC:6F:52:F0:32:9C:C7:6B:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p-cZUtz7OVxCy9i8b1LwMpzHa2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9127142/966185BA383C11EDB09F0214C4F9AE02/A8A6CFFE907E11EF9E083631C4F9AE02.roa
Signing time: Wed 23 Oct 2024 10:32:29 +0000
ROA not before: Wed 23 Oct 2024 10:32:29 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 135587
IP address blocks: 103.7.122.0/24 maxlen: 24
103.7.123.0/24 maxlen: 24
2001:df1:49c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 28 Oct 2024 15:06:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 425 (0x1a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9127142/serialNumber=A7E71952DCFB395C42CBD8BC6F52F0329CC76B65
Validity
Not Before: Oct 23 10:32:29 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6718d0bd-3694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:53:22:30:22:96:02:27:05:50:e4:31:4a:c3:
82:84:96:fb:fc:06:f0:c4:c4:b8:d3:90:c2:30:75:
04:ec:19:9c:9d:5f:be:f3:e5:ae:78:31:a7:e3:5a:
93:4b:61:d6:d3:44:4f:18:69:3a:6a:b4:62:c5:f0:
7c:d6:25:eb:da:11:de:45:48:ec:63:50:90:14:4b:
bf:2c:d4:9f:76:76:56:cb:4a:5c:3a:50:97:b1:16:
bf:04:96:22:bc:98:08:b5:ce:b2:b4:aa:88:e6:bc:
d6:7e:a5:9e:c1:3e:9e:18:24:e6:8e:e0:f1:63:78:
e7:24:90:a3:a9:24:01:ad:ee:2d:af:8d:2d:7a:f9:
7e:a9:c1:9f:02:03:b9:b2:16:46:fc:30:08:64:3d:
2f:9f:14:a2:15:ae:4f:d9:51:a9:c5:c6:a0:7f:5d:
23:1d:90:48:2e:06:06:7c:7a:2e:03:90:ca:a5:06:
d5:90:af:c4:0e:25:86:24:74:9c:82:75:c7:c0:ef:
49:bc:00:62:24:f7:14:e0:29:cd:45:c4:d4:d2:a4:
49:c3:42:00:44:e8:53:09:6a:d3:63:50:09:f0:db:
9e:ad:eb:fc:82:da:18:ee:25:cd:c1:b3:80:f4:4a:
4a:f4:c0:40:6a:30:26:cc:25:0c:03:94:42:36:d9:
d3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:04:EF:8F:53:C1:C1:7E:55:E6:93:39:0F:73:F6:15:64:D4:3C:0B
X509v3 Authority Key Identifier:
keyid:A7:E7:19:52:DC:FB:39:5C:42:CB:D8:BC:6F:52:F0:32:9C:C7:6B:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9127142/966185BA383C11EDB09F0214C4F9AE02/p-cZUtz7OVxCy9i8b1LwMpzHa2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p-cZUtz7OVxCy9i8b1LwMpzHa2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127142/966185BA383C11EDB09F0214C4F9AE02/A8A6CFFE907E11EF9E083631C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.7.122.0/23
IPv6:
2001:df1:49c0::/48
Signature Algorithm: sha256WithRSAEncryption
24:42:25:de:8f:fb:6c:68:62:f2:9b:47:02:c1:8d:be:d1:57:
67:fa:9b:cb:b8:f3:52:87:22:48:bf:be:6b:ee:46:b9:a0:a5:
0a:27:04:b1:ad:89:a1:51:31:33:dc:87:7d:a1:cf:3c:fc:87:
99:b3:cd:92:74:92:31:49:b9:f9:a5:10:a1:0e:dc:bd:c9:3e:
e7:3e:dd:37:6e:e8:48:19:76:d4:ba:72:a3:10:fc:6b:e7:c4:
86:2a:38:33:f9:58:c3:b6:0e:47:cd:db:45:cf:4f:37:57:c4:
58:ca:1e:56:f5:18:33:ee:bf:83:43:12:ae:54:61:fc:49:a0:
80:5c:37:fb:95:9e:71:c3:3b:67:0a:6b:a5:71:48:a2:70:85:
01:55:06:e5:1d:1a:79:46:30:78:05:e0:fa:8b:57:63:d5:bc:
f6:3d:ac:e7:ed:c7:da:05:aa:11:37:aa:d3:0b:5d:22:f5:cb:
24:33:56:9a:01:3b:3a:f0:43:77:25:c7:74:4e:08:5e:73:e9:
95:0f:70:4d:07:e4:e8:99:24:eb:d0:8b:0f:a6:d0:d3:3b:6d:
d5:4e:6b:85:fe:d1:14:e0:2b:c1:b7:dd:0e:2d:82:ec:de:3b:
6c:7d:8d:41:8d:89:c1:a3:91:b5:e9:e9:3c:fc:81:35:30:47:
90:e5:98:83
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAakwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjcxNDIxMTAvBgNVBAUTKEE3RTcxOTUyRENGQjM5NUM0MkNCRDhCQzZGNTJGMDMy
OUNDNzZCNjUwHhcNMjQxMDIzMTAzMjI5WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzE4ZDBiZC0zNjk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuFMiMCKWAicFUOQxSsOChJb7/AbwxMS405DCMHUE7BmcnV++8+WueDGn41qT
S2HW00RPGGk6arRixfB81iXr2hHeRUjsY1CQFEu/LNSfdnZWy0pcOlCXsRa/BJYi
vJgItc6ytKqI5rzWfqWewT6eGCTmjuDxY3jnJJCjqSQBre4tr40tevl+qcGfAgO5
shZG/DAIZD0vnxSiFa5P2VGpxcagf10jHZBILgYGfHouA5DKpQbVkK/EDiWGJHSc
gnXHwO9JvABiJPcU4CnNRcTU0qRJw0IAROhTCWrTY1AJ8Nuerev8gtoY7iXNwbOA
9EpK9MBAajAmzCUMA5RCNtnToQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFD0E749T
wcF+VeaTOQ9z9hVk1DwLMB8GA1UdIwQYMBaAFKfnGVLc+zlcQsvYvG9S8DKcx2tl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzE0Mi85NjYxODVCQTM4
M0MxMUVEQjA5RjAyMTRDNEY5QUUwMi9wLWNaVXR6N09WeEN5OWk4YjFMd01wekhh
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3AtY1pVdHo3T1Z4Q3k5aThiMUx3TXB6SGEyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjcxNDIvOTY2MTg1QkEzODNDMTFFREIwOUYwMjE0QzRGOUFFMDIvQThBNkNGRkU5
MDdFMTFFRjlFMDgzNjMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnB3owDwQCAAIwCQMHACABDfFJwDANBgkqhkiG9w0BAQsF
AAOCAQEAJEIl3o/7bGhi8ptHAsGNvtFXZ/qby7jzUociSL++a+5GuaClCicEsa2J
oVExM9yHfaHPPPyHmbPNknSSMUm5+aUQoQ7cvck+5z7dN27oSBl21LpyoxD8a+fE
hio4M/lYw7YOR83bRc9PN1fEWMoeVvUYM+6/g0MSrlRh/EmggFw3+5WeccM7Zwpr
pXFIonCFAVUG5R0aeUYweAXg+otXY9W89j2s5+3H2gWqETeq0wtdIvXLJDNWmgE7
OvBDdyXHdE4IXnPplQ9wTQfk6Jkk69CLD6bQ0ztt1U5rhf7RFOArwbfdDi2C7N47
bH2NQY2JwaORtenpPPyBNTBHkOWYgw==
-----END CERTIFICATE-----
Generated at Mon Oct 28 18:24:30 2024 by rpki-client on console-fra.rpki-client.org