Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/437C435AF0EC11EB9D0B176AC4F9AE02.roa
File: 437C435AF0EC11EB9D0B176AC4F9AE02.roa (raw, json)
Hash identifier: XcqfdRU1AflqobSbfrEbVmvUa4VxiebuZByGYiHzVA0=
Subject key identifier: 1E:D5:43:EF:AA:8B:D4:A8:49:B5:73:99:B7:7E:19:CB:3D:23:21:A4
Certificate issuer: /CN=A916C128/serialNumber=B5642732265D40BF75CA94A9EC8119211C1B9B32
Certificate serial: 2AA7
Authority key identifier: B5:64:27:32:26:5D:40:BF:75:CA:94:A9:EC:81:19:21:1C:1B:9B:32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/437C435AF0EC11EB9D0B176AC4F9AE02.roa
Signing time: Fri 02 Jun 2023 16:12:58 +0000
ROA not before: Fri 02 Jun 2023 16:12:58 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 133401
IP address blocks: 103.9.236.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 22 Jan 2024 23:14:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10919 (0x2aa7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C128/serialNumber=B5642732265D40BF75CA94A9EC8119211C1B9B32
Validity
Not Before: Jun 2 16:12:58 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=647a150a-a429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:45:b5:86:5e:94:90:d1:c8:b9:4f:37:75:c0:
51:42:8d:8a:a4:af:4c:39:e1:03:e3:7b:49:39:43:
17:cd:b6:4a:61:c9:06:99:16:59:bf:bb:6a:02:03:
9a:24:bb:c3:8e:24:62:d3:f1:a7:31:03:a8:20:14:
c1:6d:48:73:35:41:b5:d5:23:69:a8:2b:e1:bf:47:
54:7f:f9:42:25:bb:d8:a8:fb:8d:b1:34:8b:95:a9:
60:a2:77:37:0a:32:26:76:02:8f:d1:f2:c5:5f:f7:
dc:aa:ae:e5:6d:8f:c1:43:60:a5:0c:43:30:a3:8d:
10:9c:3b:3e:b5:f2:a7:15:71:0c:a4:97:0b:bf:b1:
f4:6c:77:fe:20:7d:9d:0a:64:51:be:a0:c2:07:43:
54:68:7e:2f:ce:43:94:a9:e9:c3:fd:7f:9a:e3:bf:
e8:b3:bf:73:3d:be:06:6b:cf:7e:53:5f:25:22:67:
f7:0b:5b:72:d7:80:41:df:04:26:e0:56:f4:77:35:
06:ef:3c:9f:12:21:51:26:df:cc:57:fc:bd:6c:f7:
2f:0e:8f:8d:3a:8b:26:e6:bb:c2:f0:51:f5:ed:7e:
bc:24:e8:84:4b:ec:47:4f:fd:9c:18:c3:0d:c6:0e:
25:ba:da:67:17:42:88:6a:40:06:86:0b:7b:a5:84:
da:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D5:43:EF:AA:8B:D4:A8:49:B5:73:99:B7:7E:19:CB:3D:23:21:A4
X509v3 Authority Key Identifier:
keyid:B5:64:27:32:26:5D:40:BF:75:CA:94:A9:EC:81:19:21:1C:1B:9B:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/437C435AF0EC11EB9D0B176AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.9.236.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:84:51:d4:7c:4a:e0:02:2b:1e:1a:0f:e8:97:38:96:e7:a0:
4a:50:b9:a6:ab:07:45:7f:bc:1b:7f:a8:91:c1:f2:a5:06:13:
28:8c:46:3f:8b:ec:57:51:10:86:a1:e5:ad:ee:72:27:1e:a9:
be:7b:55:6f:84:53:0a:45:9b:f3:44:f7:51:74:a9:1f:8e:1b:
85:8b:f9:93:4d:99:bf:c4:76:07:aa:28:3d:3d:90:3c:14:63:
ca:b6:d2:1f:ee:93:6b:f2:bd:d5:d3:4e:e4:1e:bd:7f:41:51:
ce:07:97:08:a4:0c:3e:50:05:45:56:17:90:b3:20:e1:4b:0c:
8e:69:42:12:58:80:cf:b2:39:11:8d:80:f4:b2:a3:00:8f:84:
6a:0f:84:bd:39:56:ab:96:f8:df:1b:d2:57:28:6b:d6:3c:79:
f6:4c:1f:ba:9f:cf:4d:13:62:0a:36:38:d3:90:40:bd:37:6d:
d6:de:d8:bc:da:a9:33:7f:0f:31:50:94:ec:56:3a:89:87:36:
c6:a9:17:28:88:24:a7:3d:8a:5c:30:ca:c4:3f:4d:3a:3a:f1:
b5:d6:17:e2:9b:1e:54:9e:54:4a:bb:c5:4b:f5:33:cc:2e:27:
1c:16:96:65:21:8a:6f:8f:b3:79:f9:f0:28:3b:25:e6:3f:da:
ce:17:a0:5b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICKqcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkMxMjgxMTAvBgNVBAUTKEI1NjQyNzMyMjY1RDQwQkY3NUNBOTRBOUVDODExOTIx
MUMxQjlCMzIwHhcNMjMwNjAyMTYxMjU4WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdhMTUwYS1hNDI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyUW1hl6UkNHIuU83dcBRQo2KpK9MOeED43tJOUMXzbZKYckGmRZZv7tqAgOa
JLvDjiRi0/GnMQOoIBTBbUhzNUG11SNpqCvhv0dUf/lCJbvYqPuNsTSLlalgonc3
CjImdgKP0fLFX/fcqq7lbY/BQ2ClDEMwo40QnDs+tfKnFXEMpJcLv7H0bHf+IH2d
CmRRvqDCB0NUaH4vzkOUqenD/X+a47/os79zPb4Ga89+U18lImf3C1ty14BB3wQm
4Fb0dzUG7zyfEiFRJt/MV/y9bPcvDo+NOosm5rvC8FH17X68JOiES+xHT/2cGMMN
xg4lutpnF0KIakAGhgt7pYTauwIDAQABo4IClTCCApEwHQYDVR0OBBYEFB7VQ++q
i9SoSbVzmbd+Gcs9IyGkMB8GA1UdIwQYMBaAFLVkJzImXUC/dcqUqeyBGSEcG5sy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzEyOC82NjRBOUJDQUZB
NkQxMUUzQjZBQzIzNTA1OTExRUEzMi90V1FuTWlaZFFMOTF5cFNwN0lFWklSd2Jt
ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RXUW5NaVpkUUw5MXlwU3A3SUVaSVJ3Ym16SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkMxMjgvNjY0QTlCQ0FGQTZEMTFFM0I2QUMyMzUwNTkxMUVBMzIvNDM3QzQzNUFG
MEVDMTFFQjlEMEIxNzZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnCewwDQYJKoZIhvcNAQELBQADggEBABuEUdR8SuACKx4a
D+iXOJbnoEpQuaarB0V/vBt/qJHB8qUGEyiMRj+L7FdREIah5a3uciceqb57VW+E
UwpFm/NE91F0qR+OG4WL+ZNNmb/EdgeqKD09kDwUY8q20h/uk2vyvdXTTuQevX9B
Uc4HlwikDD5QBUVWF5CzIOFLDI5pQhJYgM+yORGNgPSyowCPhGoPhL05VquW+N8b
0lcoa9Y8efZMH7qfz00TYgo2ONOQQL03bdbe2LzaqTN/DzFQlOxWOomHNsapFyiI
JKc9ilwwysQ/TTo68bXWF+KbHlSeVEq7xUv1M8wuJxwWlmUhim+Ps3n58Cg7JeY/
2s4XoFs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org