Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/5AC80410239811ED9B68AC57C4F9AE02.roa
File: 5AC80410239811ED9B68AC57C4F9AE02.roa (raw, json)
Hash identifier: ykKspw2UHcd+L5SWvRs0SiuZizhlvc3j1sZwwTSCLYs=
Subject key identifier: B7:DD:85:D1:8C:E5:E0:6F:F3:6B:B1:EC:3B:EB:D7:A1:DD:9B:4C:F9
Certificate issuer: /CN=A9143DB0/serialNumber=9BC7651AC4BABF8C4478534FADA610ACDA746BD4
Certificate serial: 25BD
Authority key identifier: 9B:C7:65:1A:C4:BA:BF:8C:44:78:53:4F:AD:A6:10:AC:DA:74:6B:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8dlGsS6v4xEeFNPraYQrNp0a9Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/5AC80410239811ED9B68AC57C4F9AE02.roa
Signing time: Mon 19 Aug 2024 09:12:43 +0000
ROA not before: Mon 19 Aug 2024 09:12:43 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 64005
IP address blocks: 103.228.200.0/24 maxlen: 24
2001:df4:3800::/48 maxlen: 48
2400:eb80::/48 maxlen: 48
2400:eb80:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 03 Nov 2024 11:34:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9661 (0x25bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143DB0/serialNumber=9BC7651AC4BABF8C4478534FADA610ACDA746BD4
Validity
Not Before: Aug 19 09:12:43 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66c30c8a-02b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:66:26:7a:42:cb:46:8e:fb:96:31:26:5a:49:
77:31:08:e1:1d:51:bd:32:c3:bb:c4:af:89:93:a8:
06:ed:9c:1c:1d:44:68:5e:45:11:eb:96:b5:ab:77:
31:aa:db:db:a7:86:44:a9:7a:66:ce:99:fd:d4:95:
bb:b9:ed:ac:36:71:e2:16:91:bc:7b:d7:44:1f:19:
89:3e:46:af:3f:0d:27:0a:c7:8e:1f:37:63:14:02:
7e:03:5f:66:76:25:0d:0a:27:9f:d3:b6:2e:ef:7b:
ce:8b:c8:34:4f:b5:57:4a:ce:65:a2:ca:e0:24:01:
8b:f4:b0:d3:c4:8a:f4:8a:62:b9:64:db:06:38:32:
cd:dc:2e:ae:d7:4e:c9:39:34:94:b1:79:ed:81:aa:
74:d8:ea:85:13:b6:37:c2:b2:db:45:fe:90:a6:f3:
07:3d:a9:21:32:78:e0:55:5b:a3:7f:17:f0:06:f8:
81:df:f0:8a:a9:b1:69:c9:d3:60:b5:80:c5:4e:76:
69:80:15:30:99:d6:fb:56:4c:77:c3:00:c6:46:4f:
9c:da:3e:b4:bb:af:31:72:22:4f:77:9a:01:e5:bd:
ca:59:f7:44:cf:03:9e:7b:a5:73:4e:3f:fa:c2:b7:
97:37:ce:1c:87:65:f4:ae:1a:30:40:3c:62:ec:77:
eb:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:DD:85:D1:8C:E5:E0:6F:F3:6B:B1:EC:3B:EB:D7:A1:DD:9B:4C:F9
X509v3 Authority Key Identifier:
keyid:9B:C7:65:1A:C4:BA:BF:8C:44:78:53:4F:AD:A6:10:AC:DA:74:6B:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/m8dlGsS6v4xEeFNPraYQrNp0a9Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8dlGsS6v4xEeFNPraYQrNp0a9Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/5AC80410239811ED9B68AC57C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.228.200.0/24
IPv6:
2001:df4:3800::/48
2400:eb80::/48
2400:eb80:1000::/48
Signature Algorithm: sha256WithRSAEncryption
91:5c:a5:92:04:31:5c:4d:49:68:c6:39:07:3b:f8:4a:3b:74:
e6:dd:75:92:25:75:91:c6:c7:74:e9:52:7c:3b:87:4e:7f:d2:
0f:1c:6e:07:15:8c:72:8c:3f:ad:13:a5:63:99:78:9f:6c:9e:
19:4d:7c:3c:5d:09:01:cc:1e:1d:3a:23:81:a9:f1:1a:d2:fc:
f4:c4:c9:47:33:21:54:ba:91:be:c1:cb:0f:fe:66:e7:75:e2:
9d:dd:c8:85:c8:cb:a3:8b:67:55:0a:8c:b5:2d:6d:a2:58:4c:
83:58:22:66:21:da:c8:9f:42:13:41:f0:16:0c:4d:21:c3:5a:
ec:f9:0c:9f:4e:8a:f4:67:c8:a8:bb:7d:1c:65:b2:41:79:36:
ca:82:22:18:cc:8f:54:22:54:c6:67:f8:15:48:2d:56:dd:64:
9c:e6:9e:f2:66:88:a0:97:76:2e:27:d7:be:2d:3b:3f:fa:cd:
f1:b9:22:3e:13:0b:dc:82:80:3a:14:e9:d7:53:fa:20:2c:26:
c3:35:a8:20:7c:b8:d2:c8:91:76:9f:6b:9c:ab:35:c2:cb:3d:
5b:8e:cd:78:19:5c:19:af:ae:a4:7e:d8:b5:a4:38:3d:6d:6d:
8c:18:62:57:4f:18:66:83:9c:13:1e:85:6d:7b:64:85:b1:09:
e1:94:17:17
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICJb0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNEQjAxMTAvBgNVBAUTKDlCQzc2NTFBQzRCQUJGOEM0NDc4NTM0RkFEQTYxMEFD
REE3NDZCRDQwHhcNMjQwODE5MDkxMjQzWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmMzMGM4YS0wMmI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr2YmekLLRo77ljEmWkl3MQjhHVG9MsO7xK+Jk6gG7ZwcHURoXkUR65a1q3cx
qtvbp4ZEqXpmzpn91JW7ue2sNnHiFpG8e9dEHxmJPkavPw0nCseOHzdjFAJ+A19m
diUNCief07Yu73vOi8g0T7VXSs5losrgJAGL9LDTxIr0imK5ZNsGODLN3C6u107J
OTSUsXntgap02OqFE7Y3wrLbRf6QpvMHPakhMnjgVVujfxfwBviB3/CKqbFpydNg
tYDFTnZpgBUwmdb7Vkx3wwDGRk+c2j60u68xciJPd5oB5b3KWfdEzwOee6VzTj/6
wreXN84ch2X0rhowQDxi7HfrYwIDAQABo4ICuDCCArQwHQYDVR0OBBYEFLfdhdGM
5eBv82ux7Dvr16Hdm0z5MB8GA1UdIwQYMBaAFJvHZRrEur+MRHhTT62mEKzadGvU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0RCMC9CODk1QUY3NDA1
MTUxMUU1OEQ0OUFFNDJDNEY5QUUwMi9tOGRsR3NTNnY0eEVlRk5QcmFZUXJOcDBh
OVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL204ZGxHc1M2djR4RWVGTlByYVlRck5wMGE5US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNEQjAvQjg5NUFGNzQwNTE1MTFFNThENDlBRTQyQzRGOUFFMDIvNUFDODA0MTAy
Mzk4MTFFRDlCNjhBQzU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E
MzAxMAwEAgABMAYDBABn5MgwIQQCAAIwGwMHACABDfQ4AAMHACQA64AAAAMHACQA
64AQADANBgkqhkiG9w0BAQsFAAOCAQEAkVylkgQxXE1JaMY5Bzv4Sjt05t11kiV1
kcbHdOlSfDuHTn/SDxxuBxWMcow/rROlY5l4n2yeGU18PF0JAcweHTojganxGtL8
9MTJRzMhVLqRvsHLD/5m53Xind3IhcjLo4tnVQqMtS1tolhMg1giZiHayJ9CE0Hw
FgxNIcNa7PkMn06K9GfIqLt9HGWyQXk2yoIiGMyPVCJUxmf4FUgtVt1knOae8maI
oJd2LifXvi07P/rN8bkiPhML3IKAOhTp11P6ICwmwzWoIHy40siRdp9rnKs1wss9
W47NeBlcGa+upH7YtaQ4PW1tjBhiV08YZoOcEx6FbXtkhbEJ4ZQXFw==
-----END CERTIFICATE-----
Generated at Sun Nov 3 14:28:07 2024 by rpki-client on console-ams.rpki-client.org