Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9147C4C/CCB20354B9E211EABC554B83C4F9AE02/25D7F3866C9211EC98F97C5DC4F9AE02.roa
File: 25D7F3866C9211EC98F97C5DC4F9AE02.roa (raw, json)
Hash identifier: u/wIX+e0xEkiY71NUgqVlyw1DrRbG38ZMe2Ly5mH27A=
Subject key identifier: FE:94:14:FE:14:94:BC:6F:FE:78:87:5B:9A:71:1F:4D:03:6E:A5:3E
Certificate issuer: /CN=A9147C4C/serialNumber=2A9AEF6BC129914CA0B9105C9271DEAF39DBC866
Certificate serial: 075D
Authority key identifier: 2A:9A:EF:6B:C1:29:91:4C:A0:B9:10:5C:92:71:DE:AF:39:DB:C8:66
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Kprva8EpkUyguRBcknHerznbyGY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9147C4C/CCB20354B9E211EABC554B83C4F9AE02/25D7F3866C9211EC98F97C5DC4F9AE02.roa
Signing time: Wed 02 Aug 2023 21:39:00 +0000
ROA not before: Wed 02 Aug 2023 21:39:00 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 398109
IP address blocks: 103.66.180.0/22 maxlen: 22
103.244.112.0/22 maxlen: 22
2406:f380::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1885 (0x75d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9147C4C/serialNumber=2A9AEF6BC129914CA0B9105C9271DEAF39DBC866
Validity
Not Before: Aug 2 21:39:00 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64caccf4-cbff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:57:11:7d:55:a0:74:13:4f:87:d6:ad:00:7b:
f2:dc:0f:bd:fc:2d:ca:7c:e8:8b:f6:9c:3c:dc:cb:
33:cc:15:f4:f7:92:18:4f:c1:72:67:75:c5:3f:66:
b3:4d:64:f5:80:4c:11:9c:a0:0d:8c:f6:ae:8a:c8:
ab:9e:92:8f:59:0d:50:37:c4:58:61:87:71:1f:83:
aa:4a:91:10:8e:fb:24:7f:28:a5:a3:d7:5a:76:d8:
68:67:a2:91:0d:8e:71:37:dc:2d:8f:63:0f:3b:b1:
cc:46:ff:c0:d5:48:2b:79:d0:bb:e4:ff:b9:7c:da:
c5:68:d8:b4:ef:94:61:d5:8a:dd:de:4f:06:d7:3c:
4c:e7:f6:bf:54:d6:38:81:65:0a:36:d2:2c:11:dc:
4d:e8:e7:ad:d8:49:98:f2:7a:f7:81:09:28:c8:6a:
97:23:76:11:15:d3:1e:7d:77:18:8c:2e:97:63:ef:
bb:7c:65:4d:55:87:db:b4:e9:6b:f4:03:5f:5b:df:
34:25:96:40:a3:d9:25:cf:a9:39:52:e5:c4:e2:9d:
05:45:a6:c1:85:94:3b:be:eb:e9:d6:ab:cb:65:31:
e0:6e:19:26:50:5f:fb:ed:54:ad:71:de:ef:de:46:
79:80:eb:15:ed:dd:5e:d1:a0:67:a6:64:2b:34:94:
ce:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:94:14:FE:14:94:BC:6F:FE:78:87:5B:9A:71:1F:4D:03:6E:A5:3E
X509v3 Authority Key Identifier:
keyid:2A:9A:EF:6B:C1:29:91:4C:A0:B9:10:5C:92:71:DE:AF:39:DB:C8:66
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9147C4C/CCB20354B9E211EABC554B83C4F9AE02/Kprva8EpkUyguRBcknHerznbyGY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Kprva8EpkUyguRBcknHerznbyGY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147C4C/CCB20354B9E211EABC554B83C4F9AE02/25D7F3866C9211EC98F97C5DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.66.180.0/22
103.244.112.0/22
IPv6:
2406:f380::/32
Signature Algorithm: sha256WithRSAEncryption
2a:25:2a:96:6f:69:ab:79:8a:79:83:ee:22:fa:a2:73:6f:8c:
ea:ab:30:ff:e6:72:49:5b:ed:fe:9c:58:73:f4:f4:da:5b:d3:
d9:30:7f:d1:43:0c:ee:df:31:82:7e:80:3e:9d:8c:28:7f:d9:
30:f0:c9:48:43:1c:c3:54:bb:df:f0:f5:3d:e9:76:10:ec:41:
8b:79:b5:ee:92:02:7a:38:c9:37:31:3b:0b:00:6a:b5:e6:13:
c9:0e:54:aa:21:26:4e:ec:f1:b2:b0:77:1a:2c:e6:76:11:ff:
fe:96:07:cb:9c:7d:fc:66:09:d2:20:2e:a7:6a:ae:f6:0f:1a:
9c:70:2e:9a:2a:d0:d4:73:64:75:be:90:58:31:fe:95:40:e1:
05:9b:82:88:17:ca:4e:20:4f:bf:fe:d6:47:70:79:57:00:5e:
85:94:8d:fe:84:a4:fc:ec:92:ff:f7:b6:f6:9f:b9:46:bd:f4:
8e:49:c9:33:54:34:c1:e4:19:3a:4d:77:1c:f7:8a:8a:e0:76:
e0:a1:cd:9a:5d:16:13:19:41:b5:e9:66:9a:62:58:3b:01:31:
78:c2:0f:12:85:29:3d:b6:7b:ee:98:0e:37:b3:4b:92:a8:30:
45:37:4c:75:90:dd:d2:ab:cc:87:33:36:ce:4d:c7:cb:01:94:
7c:e6:81:fb
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICB10wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDdDNEMxMTAvBgNVBAUTKDJBOUFFRjZCQzEyOTkxNENBMEI5MTA1QzkyNzFERUFG
MzlEQkM4NjYwHhcNMjMwODAyMjEzOTAwWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNhY2NmNC1jYmZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv1cRfVWgdBNPh9atAHvy3A+9/C3KfOiL9pw83MszzBX095IYT8FyZ3XFP2az
TWT1gEwRnKANjPauisirnpKPWQ1QN8RYYYdxH4OqSpEQjvskfyilo9dadthoZ6KR
DY5xN9wtj2MPO7HMRv/A1UgredC75P+5fNrFaNi075Rh1Yrd3k8G1zxM5/a/VNY4
gWUKNtIsEdxN6Oet2EmY8nr3gQkoyGqXI3YRFdMefXcYjC6XY++7fGVNVYfbtOlr
9ANfW980JZZAo9klz6k5UuXE4p0FRabBhZQ7vuvp1qvLZTHgbhkmUF/77VStcd7v
3kZ5gOsV7d1e0aBnpmQrNJTOFQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFP6UFP4U
lLxv/niHW5pxH00DbqU+MB8GA1UdIwQYMBaAFCqa72vBKZFMoLkQXJJx3q8528hm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0M0Qy9DQ0IyMDM1NEI5
RTIxMUVBQkM1NTRCODNDNEY5QUUwMi9LcHJ2YThFcGtVeWd1UkJja25IZXJ6bmJ5
R1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0twcnZhOEVwa1V5Z3VSQmNrbkhlcnpuYnlHWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDdDNEMvQ0NCMjAzNTRCOUUyMTFFQUJDNTU0QjgzQzRGOUFFMDIvMjVEN0YzODY2
QzkyMTFFQzk4Rjk3QzVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnQrQDBAJn9HAwDQQCAAIwBwMFACQG84AwDQYJKoZIhvcN
AQELBQADggEBAColKpZvaat5inmD7iL6onNvjOqrMP/mcklb7f6cWHP09Npb09kw
f9FDDO7fMYJ+gD6djCh/2TDwyUhDHMNUu9/w9T3pdhDsQYt5te6SAno4yTcxOwsA
arXmE8kOVKohJk7s8bKwdxos5nYR//6WB8ucffxmCdIgLqdqrvYPGpxwLpoq0NRz
ZHW+kFgx/pVA4QWbgogXyk4gT7/+1kdweVcAXoWUjf6EpPzskv/3tvafuUa99I5J
yTNUNMHkGTpNdxz3iorgduChzZpdFhMZQbXpZppiWDsBMXjCDxKFKT22e+6YDjez
S5KoMEU3THWQ3dKrzIczNs5Nx8sBlHzmgfs=
-----END CERTIFICATE-----
Generated at Mon Oct 2 13:58:29 2023 by rpki-client on console-ams.rpki-client.org