Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9131927/E99772F896E911EBB258E562C4F9AE02/9F14DAB096EC11EBA1E20768C4F9AE02.roa
File: 9F14DAB096EC11EBA1E20768C4F9AE02.roa (raw, json)
Hash identifier: w25SU8mU5Mw6b7fWAYyKM/MHyoRa7vvdcxtlDPk3q+w=
Subject key identifier: C4:A0:38:98:1B:13:46:D1:63:F1:A6:8C:5F:E2:62:3A:9C:CD:CF:D4
Certificate issuer: /CN=A9131927/serialNumber=7E8103C8659B2DF67273B504AF75C66665310116
Certificate serial: 058B
Authority key identifier: 7E:81:03:C8:65:9B:2D:F6:72:73:B5:04:AF:75:C6:66:65:31:01:16
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/foEDyGWbLfZyc7UEr3XGZmUxARY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9131927/E99772F896E911EBB258E562C4F9AE02/9F14DAB096EC11EBA1E20768C4F9AE02.roa
Signing time: Mon 01 Jul 2024 00:22:17 +0000
ROA not before: Mon 01 Jul 2024 00:22:17 +0000
ROA not after: Wed 30 Oct 2024 00:00:00 +0000
asID: 14618
IP address blocks: 103.165.160.0/24 maxlen: 24
2001:df6:6880::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 18 Aug 2024 22:41:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1419 (0x58b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9131927/serialNumber=7E8103C8659B2DF67273B504AF75C66665310116
Validity
Not Before: Jul 1 00:22:17 2024 GMT
Not After : Oct 30 00:00:00 2024 GMT
Subject: CN=6681f6b8-2315
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:7f:7a:5e:0a:4c:ec:01:96:aa:04:f6:a2:aa:
f0:fc:7b:fe:f3:99:84:f2:10:5e:e2:06:0c:51:be:
30:89:cc:4e:77:2e:12:e3:34:dd:9a:2e:d7:c3:fe:
82:b6:c8:29:b6:19:04:3c:ad:20:ec:e3:2c:ce:39:
08:58:2d:a0:9e:b6:be:0a:3d:9b:07:9c:90:a2:62:
e0:86:87:d3:34:3d:68:8a:8f:a2:ae:8d:2d:e4:78:
30:2a:9c:8d:b8:e6:d1:1d:8f:ca:7d:d6:d4:2f:bb:
3b:d6:ef:39:1b:2c:c3:db:6b:ca:ee:87:66:df:de:
ef:c7:48:52:d4:1d:8c:91:dc:2d:80:ab:cb:4f:9b:
7d:9d:11:f7:2a:c8:3f:f8:65:f7:5a:fd:e2:2e:7f:
cd:69:cc:7a:97:d3:21:45:36:07:e5:cb:1e:a0:f9:
5d:d7:9a:6d:88:9c:17:07:56:a7:fe:59:b7:90:bd:
54:da:76:bb:36:03:ec:97:84:4e:01:e7:13:07:37:
59:e7:5c:96:82:05:24:79:a5:44:14:e8:d9:a6:04:
40:3c:3c:2a:29:1e:c2:b1:78:7f:34:00:42:fd:99:
12:3d:8e:68:53:af:0b:16:d1:b4:15:da:e8:40:65:
36:92:ea:68:67:53:4d:eb:d9:f1:5c:95:1c:cc:29:
21:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:A0:38:98:1B:13:46:D1:63:F1:A6:8C:5F:E2:62:3A:9C:CD:CF:D4
X509v3 Authority Key Identifier:
keyid:7E:81:03:C8:65:9B:2D:F6:72:73:B5:04:AF:75:C6:66:65:31:01:16
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9131927/E99772F896E911EBB258E562C4F9AE02/foEDyGWbLfZyc7UEr3XGZmUxARY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/foEDyGWbLfZyc7UEr3XGZmUxARY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131927/E99772F896E911EBB258E562C4F9AE02/9F14DAB096EC11EBA1E20768C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.165.160.0/24
IPv6:
2001:df6:6880::/48
Signature Algorithm: sha256WithRSAEncryption
a7:b7:b4:cc:5e:50:95:a1:f5:49:ac:7e:2c:53:9b:84:0b:0c:
ee:03:8b:e0:a3:0b:69:e0:c0:b6:af:9a:9b:d6:bb:23:bf:fc:
41:9d:06:0c:d9:e7:a8:5c:6d:95:d8:57:67:ce:1d:07:79:95:
24:fb:52:27:47:cc:11:35:f6:60:ec:d0:d0:f3:c8:70:5a:94:
19:d4:b8:5c:09:d7:57:db:ae:9d:b1:c4:f2:33:d1:7d:0b:f2:
b0:98:56:1e:18:14:c5:83:7f:25:f6:65:6b:42:b9:d2:b0:11:
b7:5d:aa:fe:e5:d9:6b:f6:c3:ff:22:25:be:14:7b:a8:01:18:
9d:65:7e:ef:6c:2f:62:dc:f3:1c:37:6d:0c:b6:16:6b:53:30:
0e:27:81:4d:72:45:df:68:a5:c2:2d:be:a5:e6:98:da:6f:b1:
b2:4d:f9:7f:d4:2e:f0:2d:c3:ce:d5:ea:c6:98:1b:76:dd:34:
b1:01:b7:6c:2c:17:6f:7a:b3:0b:03:04:01:1d:1f:f1:54:2d:
26:b5:f1:86:b0:1b:0c:9d:89:a4:47:b7:b7:9f:2f:04:e3:fc:
8c:0b:82:45:8a:c8:fb:61:9e:a0:32:2c:a1:05:8f:b7:84:a4:
74:fe:d1:1d:75:d0:e0:a2:75:0c:c4:25:cb:6b:8d:cb:1e:74:
a9:14:ee:e0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBYswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzE5MjcxMTAvBgNVBAUTKDdFODEwM0M4NjU5QjJERjY3MjczQjUwNEFGNzVDNjY2
NjUzMTAxMTYwHhcNMjQwNzAxMDAyMjE3WhcNMjQxMDMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjgxZjZiOC0yMzE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6396XgpM7AGWqgT2oqrw/Hv+85mE8hBe4gYMUb4wicxOdy4S4zTdmi7Xw/6C
tsgpthkEPK0g7OMszjkIWC2gnra+Cj2bB5yQomLghofTND1oio+iro0t5HgwKpyN
uObRHY/KfdbUL7s71u85GyzD22vK7odm397vx0hS1B2MkdwtgKvLT5t9nRH3Ksg/
+GX3Wv3iLn/Nacx6l9MhRTYH5cseoPld15ptiJwXB1an/lm3kL1U2na7NgPsl4RO
AecTBzdZ51yWggUkeaVEFOjZpgRAPDwqKR7CsXh/NABC/ZkSPY5oU68LFtG0Fdro
QGU2kupoZ1NN69nxXJUczCkhewIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFMSgOJgb
E0bRY/GmjF/iYjqczc/UMB8GA1UdIwQYMBaAFH6BA8hlmy32cnO1BK91xmZlMQEW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTkyNy9FOTk3NzJGODk2
RTkxMUVCQjI1OEU1NjJDNEY5QUUwMi9mb0VEeUdXYkxmWnljN1VFcjNYR1ptVXhB
UlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZvRUR5R1diTGZaeWM3VUVyM1hHWm1VeEFSWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzE5MjcvRTk5NzcyRjg5NkU5MTFFQkIyNThFNTYyQzRGOUFFMDIvOUYxNERBQjA5
NkVDMTFFQkExRTIwNzY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnpaAwDwQCAAIwCQMHACABDfZogDANBgkqhkiG9w0BAQsF
AAOCAQEAp7e0zF5QlaH1Sax+LFObhAsM7gOL4KMLaeDAtq+am9a7I7/8QZ0GDNnn
qFxtldhXZ84dB3mVJPtSJ0fMETX2YOzQ0PPIcFqUGdS4XAnXV9uunbHE8jPRfQvy
sJhWHhgUxYN/JfZla0K50rARt12q/uXZa/bD/yIlvhR7qAEYnWV+72wvYtzzHDdt
DLYWa1MwDieBTXJF32ilwi2+peaY2m+xsk35f9Qu8C3DztXqxpgbdt00sQG3bCwX
b3qzCwMEAR0f8VQtJrXxhrAbDJ2JpEe3t58vBOP8jAuCRYrI+2GeoDIsoQWPt4Sk
dP7RHXXQ4KJ1DMQly2uNyx50qRTu4A==
-----END CERTIFICATE-----
Generated at Mon Aug 19 02:27:08 2024 by rpki-client on console-ams.rpki-client.org