Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9140BED/08E0E0661F3811EFB059B665C4F9AE02/832F85B01F3911EFBE35ED85C4F9AE02.roa
File: 832F85B01F3911EFBE35ED85C4F9AE02.roa (raw, json)
Hash identifier: tn+jWYeNiWNSmL9cIC9ZaFAjCxYZm4L6cwT9iRxB3os=
Subject key identifier: BC:A3:E1:2C:D4:C2:00:DC:06:4B:E4:BD:72:14:2F:F1:5D:8D:A5:51
Certificate issuer: /CN=A9140BED/serialNumber=419F27A4CFECF461DB82F6F906764FB6D65F23CF
Certificate serial: 02
Authority key identifier: 41:9F:27:A4:CF:EC:F4:61:DB:82:F6:F9:06:76:4F:B6:D6:5F:23:CF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZ8npM_s9GHbgvb5BnZPttZfI88.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9140BED/08E0E0661F3811EFB059B665C4F9AE02/832F85B01F3911EFBE35ED85C4F9AE02.roa
Signing time: Fri 31 May 2024 10:35:34 +0000
ROA not before: Fri 31 May 2024 10:35:34 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 151990
IP address blocks: 103.70.112.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 12 Jun 2024 04:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9140BED/serialNumber=419F27A4CFECF461DB82F6F906764FB6D65F23CF
Validity
Not Before: May 31 10:35:34 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6659a7f6-b990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fe:49:bf:9c:97:8a:a4:e6:a2:ec:de:31:a7:
cb:93:b0:c3:b3:64:a7:b4:f4:0f:bd:40:6c:d8:6e:
1e:16:ae:fd:0e:1e:e5:27:63:f8:fa:7b:1e:e4:71:
66:81:29:b8:96:2d:d1:d7:0a:ab:5e:a6:7b:b2:5a:
dd:92:7b:85:63:f0:64:c9:ab:26:8b:83:d5:39:ab:
6d:e1:be:b8:91:86:e9:3f:7d:3b:61:5c:52:ac:a1:
43:dc:ad:5c:98:38:83:45:bc:48:53:03:69:e9:b6:
c1:ed:6b:37:fa:c9:ae:d8:5b:f3:7e:85:31:08:ee:
27:4f:43:dd:38:e3:e9:cd:aa:0a:97:91:24:11:d7:
2a:f3:dc:0f:84:45:a0:fc:cc:de:cc:ef:cf:08:a2:
28:2f:57:d7:69:dc:84:b3:63:3a:55:b6:98:c8:84:
51:84:19:49:3e:35:b9:04:68:f7:4f:b6:e6:50:8c:
04:7b:58:92:6c:90:b1:17:4f:27:42:e6:c2:61:f4:
74:0d:15:60:d0:8f:5a:2d:02:95:76:71:98:65:88:
2a:d4:bd:26:91:c8:1f:7f:cf:2b:26:df:21:26:98:
5f:7b:dc:61:55:b8:b5:3c:da:a0:b3:df:19:08:5a:
bc:c8:47:d6:f5:12:48:a4:9a:6d:16:78:26:b4:9e:
34:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A3:E1:2C:D4:C2:00:DC:06:4B:E4:BD:72:14:2F:F1:5D:8D:A5:51
X509v3 Authority Key Identifier:
keyid:41:9F:27:A4:CF:EC:F4:61:DB:82:F6:F9:06:76:4F:B6:D6:5F:23:CF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9140BED/08E0E0661F3811EFB059B665C4F9AE02/QZ8npM_s9GHbgvb5BnZPttZfI88.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZ8npM_s9GHbgvb5BnZPttZfI88.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9140BED/08E0E0661F3811EFB059B665C4F9AE02/832F85B01F3911EFBE35ED85C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.70.112.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:12:12:45:96:1b:6f:60:95:23:01:19:33:99:8a:d5:9e:6b:
14:a5:c3:41:14:00:5c:1a:ba:b4:45:06:1b:92:b2:6b:f5:42:
17:86:a0:55:96:6a:80:b3:66:99:73:2a:c8:f5:f1:65:dc:a7:
38:33:a6:5a:76:fd:6c:1c:b8:aa:8d:26:87:e4:ac:2e:ab:b6:
bd:97:f3:a0:1f:2a:40:46:9e:12:41:45:46:1e:c1:8f:2f:6f:
92:bf:40:95:8e:31:dc:60:e9:de:cf:dc:b8:ba:7c:e0:e0:fe:
19:2e:49:a6:d1:d2:56:b3:f8:0e:65:91:15:a7:79:c0:84:40:
f9:ce:c3:2c:b9:41:e4:b7:3c:f3:d1:48:2d:52:86:fa:2f:fa:
32:66:1e:63:af:c0:72:80:ae:1e:4b:06:01:e5:34:9c:ce:3f:
db:fc:9e:9e:02:77:7d:c3:11:e7:46:72:fb:e4:45:0c:c5:fd:
4c:35:68:74:0a:6f:a2:b2:4a:b8:d3:8d:9e:e0:43:f5:4c:99:
a2:5c:45:55:f4:28:50:cd:2c:7b:97:4d:04:11:01:05:35:8b:
7c:07:5f:4e:34:0d:b1:17:a1:2c:92:c0:30:2a:3e:0a:a6:da:
95:1c:80:48:12:c9:3a:b1:be:27:76:13:f4:b0:d8:a8:c4:8c:
57:8d:36:bf
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
MEJFRDExMC8GA1UEBRMoNDE5RjI3QTRDRkVDRjQ2MURCODJGNkY5MDY3NjRGQjZE
NjVGMjNDRjAeFw0yNDA1MzExMDM1MzRaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NTlhN2Y2LWI5OTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDU/km/nJeKpOai7N4xp8uTsMOzZKe09A+9QGzYbh4Wrv0OHuUnY/j6ex7kcWaB
KbiWLdHXCqtepnuyWt2Se4Vj8GTJqyaLg9U5q23hvriRhuk/fTthXFKsoUPcrVyY
OINFvEhTA2nptsHtazf6ya7YW/N+hTEI7idPQ9044+nNqgqXkSQR1yrz3A+ERaD8
zN7M788IoigvV9dp3ISzYzpVtpjIhFGEGUk+NbkEaPdPtuZQjAR7WJJskLEXTydC
5sJh9HQNFWDQj1otApV2cZhliCrUvSaRyB9/zysm3yEmmF973GFVuLU82qCz3xkI
WrzIR9b1Ekikmm0WeCa0njQZAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUvKPhLNTC
ANwGS+S9chQv8V2NpVEwHwYDVR0jBBgwFoAUQZ8npM/s9GHbgvb5BnZPttZfI88w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQwQkVELzA4RTBFMDY2MUYz
ODExRUZCMDU5QjY2NUM0RjlBRTAyL1FaOG5wTV9zOUdIYmd2YjVCblpQdHRaZkk4
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUVo4bnBNX3M5R0hiZ3ZiNUJuWlB0dFpmSTg4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MEJFRC8wOEUwRTA2NjFGMzgxMUVGQjA1OUI2NjVDNEY5QUUwMi84MzJGODVCMDFG
MzkxMUVGQkUzNUVEODVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWdGcDANBgkqhkiG9w0BAQsFAAOCAQEAoRISRZYbb2CVIwEZ
M5mK1Z5rFKXDQRQAXBq6tEUGG5Kya/VCF4agVZZqgLNmmXMqyPXxZdynODOmWnb9
bBy4qo0mh+SsLqu2vZfzoB8qQEaeEkFFRh7Bjy9vkr9AlY4x3GDp3s/cuLp84OD+
GS5JptHSVrP4DmWRFad5wIRA+c7DLLlB5Lc889FILVKG+i/6MmYeY6/AcoCuHksG
AeU0nM4/2/yengJ3fcMR50Zy++RFDMX9TDVodApvorJKuNONnuBD9UyZolxFVfQo
UM0se5dNBBEBBTWLfAdfTjQNsRehLJLAMCo+CqbalRyASBLJOrG+J3YT9LDYqMSM
V402vw==
-----END CERTIFICATE-----
Generated at Wed Jun 12 07:40:59 2024 by rpki-client on console-ams.rpki-client.org