Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9138FCA/BACF23FE35E311ED81A3DD32C4F9AE02/4C4E9F3460AB11ED85291585C4F9AE02.roa
File: 4C4E9F3460AB11ED85291585C4F9AE02.roa (raw, json)
Hash identifier: 1uDSQkg95cnNadU3Y5gChmX4Vy2QnHMNNPrmkxgRkwk=
Subject key identifier: C6:D6:4B:D4:C8:95:9D:CE:DB:3C:26:EC:E4:34:CE:E2:B1:40:38:DF
Certificate issuer: /CN=A9138FCA/serialNumber=C199597C4E78CD35ADF1AFDCFD4161174606A649
Certificate serial: 59
Authority key identifier: C1:99:59:7C:4E:78:CD:35:AD:F1:AF:DC:FD:41:61:17:46:06:A6:49
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wZlZfE54zTWt8a_c_UFhF0YGpkk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9138FCA/BACF23FE35E311ED81A3DD32C4F9AE02/4C4E9F3460AB11ED85291585C4F9AE02.roa
Signing time: Fri 23 Dec 2022 06:24:53 +0000
ROA not before: Fri 23 Dec 2022 06:24:53 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 135330
IP address blocks: 103.79.121.0/24 maxlen: 24
103.79.123.0/24 maxlen: 24
202.91.37.0/24 maxlen: 24
202.91.39.0/24 maxlen: 24
2400:3bc0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89 (0x59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9138FCA/serialNumber=C199597C4E78CD35ADF1AFDCFD4161174606A649
Validity
Not Before: Dec 23 06:24:53 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63a549b5-7cd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:43:25:4b:98:83:9a:c1:48:6d:a4:ce:7a:0e:
67:3d:0b:78:13:ed:b9:0b:4c:da:9f:5c:a8:0a:f2:
2d:5b:0e:e4:dc:41:ad:29:f1:ce:44:5e:f1:c3:dc:
b6:95:16:3f:58:79:84:85:1c:6f:53:b5:84:ac:5e:
41:db:d7:c3:da:d7:4b:6b:70:7f:cf:2b:f3:54:32:
ca:10:c7:c1:fd:2a:7f:3e:09:a5:69:02:a0:e5:b1:
67:a3:39:94:92:7e:20:fd:11:11:ad:4a:b3:b4:97:
35:93:e0:b1:a4:a6:4e:94:20:9b:b1:11:34:38:5a:
d8:37:19:ad:a8:9b:bb:c6:75:5c:f8:c2:62:3f:15:
c7:f3:cf:30:a4:43:70:03:23:4a:b9:a3:4a:9a:69:
89:c0:2d:94:76:2a:3e:5e:67:69:2e:18:da:96:86:
4f:78:c5:49:70:fb:79:ec:2b:22:92:21:3d:d6:97:
32:dd:99:69:46:21:48:3e:a7:8d:13:b7:c2:03:c3:
e0:6f:74:b4:d8:24:4a:5a:99:73:bf:e4:5d:2d:e2:
1c:69:d3:c1:f0:d5:0b:9d:b9:94:62:a7:4f:ce:1c:
c6:48:2f:29:7e:8b:10:7f:fd:34:a2:08:67:64:99:
63:16:be:2f:22:78:ae:af:0b:a2:a9:bf:39:4c:5d:
44:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:D6:4B:D4:C8:95:9D:CE:DB:3C:26:EC:E4:34:CE:E2:B1:40:38:DF
X509v3 Authority Key Identifier:
keyid:C1:99:59:7C:4E:78:CD:35:AD:F1:AF:DC:FD:41:61:17:46:06:A6:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9138FCA/BACF23FE35E311ED81A3DD32C4F9AE02/wZlZfE54zTWt8a_c_UFhF0YGpkk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wZlZfE54zTWt8a_c_UFhF0YGpkk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9138FCA/BACF23FE35E311ED81A3DD32C4F9AE02/4C4E9F3460AB11ED85291585C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.79.121.0/24
103.79.123.0/24
202.91.37.0/24
202.91.39.0/24
IPv6:
2400:3bc0::/32
Signature Algorithm: sha256WithRSAEncryption
10:80:73:fc:19:23:08:aa:06:8d:9a:d0:ca:fd:66:c0:14:45:
d4:01:21:8d:34:ab:9d:4e:cc:39:f1:3a:ae:35:fc:16:05:8a:
db:11:b2:2c:61:10:39:b2:82:37:8a:01:1f:d0:e3:e2:0f:c5:
3c:25:64:3d:cc:28:f4:84:59:ee:b7:21:87:d4:a4:0a:28:96:
09:5c:40:34:09:3d:b2:2f:cf:dd:4e:28:98:c1:e6:bd:b4:3d:
03:78:ce:d4:dd:42:7d:77:1f:1f:82:1b:c2:bd:3a:37:69:2c:
bb:43:a7:82:69:b7:86:06:9e:0c:4e:20:c3:43:36:27:9b:35:
30:d6:c9:26:f0:e5:ab:d5:06:f8:6d:ee:4c:7e:ed:ab:21:7f:
54:26:f6:58:71:09:90:f5:23:5e:2d:e0:5b:4f:f8:36:3d:71:
b2:24:c7:38:32:49:8c:b4:ab:aa:88:ba:45:df:e6:71:3c:f1:
d5:85:ba:a8:13:37:1e:ae:bf:2a:51:4b:f5:ac:81:1a:52:19:
16:ee:1d:b9:03:93:c6:4f:85:4b:84:d8:0c:20:5c:8a:b5:94:
cd:25:b7:89:2c:16:c5:58:1a:18:e8:c9:cc:e7:30:e5:2d:54:
e9:c0:77:79:48:3d:a2:a1:fd:03:f0:91:96:6a:be:fa:a2:7a:
cc:e6:4a:e7
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBWTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
OEZDQTExMC8GA1UEBRMoQzE5OTU5N0M0RTc4Q0QzNUFERjFBRkRDRkQ0MTYxMTc0
NjA2QTY0OTAeFw0yMjEyMjMwNjI0NTNaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYTU0OWI1LTdjZDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCvQyVLmIOawUhtpM56Dmc9C3gT7bkLTNqfXKgK8i1bDuTcQa0p8c5EXvHD3LaV
Fj9YeYSFHG9TtYSsXkHb18Pa10trcH/PK/NUMsoQx8H9Kn8+CaVpAqDlsWejOZSS
fiD9ERGtSrO0lzWT4LGkpk6UIJuxETQ4Wtg3Ga2om7vGdVz4wmI/FcfzzzCkQ3AD
I0q5o0qaaYnALZR2Kj5eZ2kuGNqWhk94xUlw+3nsKyKSIT3WlzLdmWlGIUg+p40T
t8IDw+BvdLTYJEpamXO/5F0t4hxp08Hw1QuduZRip0/OHMZILyl+ixB//TSiCGdk
mWMWvi8ieK6vC6KpvzlMXUQPAgMBAAGjggK2MIICsjAdBgNVHQ4EFgQUxtZL1MiV
nc7bPCbs5DTO4rFAON8wHwYDVR0jBBgwFoAUwZlZfE54zTWt8a/c/UFhF0YGpkkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM4RkNBL0JBQ0YyM0ZFMzVF
MzExRUQ4MUEzREQzMkM0RjlBRTAyL3dabFpmRTU0elRXdDhhX2NfVUZoRjBZR3Br
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvd1psWmZFNTR6VFd0OGFfY19VRmhGMFlHcGtrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
OEZDQS9CQUNGMjNGRTM1RTMxMUVEODFBM0REMzJDNEY5QUUwMi80QzRFOUYzNDYw
QUIxMUVEODUyOTE1ODVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBABggrBgEFBQcBBwEB/wQx
MC8wHgQCAAEwGAMEAGdPeQMEAGdPewMEAMpbJQMEAMpbJzANBAIAAjAHAwUAJAA7
wDANBgkqhkiG9w0BAQsFAAOCAQEAEIBz/BkjCKoGjZrQyv1mwBRF1AEhjTSrnU7M
OfE6rjX8FgWK2xGyLGEQObKCN4oBH9Dj4g/FPCVkPcwo9IRZ7rchh9SkCiiWCVxA
NAk9si/P3U4omMHmvbQ9A3jO1N1CfXcfH4Ibwr06N2ksu0Ongmm3hgaeDE4gw0M2
J5s1MNbJJvDlq9UG+G3uTH7tqyF/VCb2WHEJkPUjXi3gW0/4Nj1xsiTHODJJjLSr
qoi6Rd/mcTzx1YW6qBM3Hq6/KlFL9ayBGlIZFu4duQOTxk+FS4TYDCBcirWUzSW3
iSwWxVgaGOjJzOcw5S1U6cB3eUg9oqH9A/CRlmq++qJ6zOZK5w==
-----END CERTIFICATE-----
Generated at Wed Dec 13 08:26:48 2023 by rpki-client on console-ams.rpki-client.org