Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/CAD9B57C800811EFAAC27742C4F9AE02.roa
File: CAD9B57C800811EFAAC27742C4F9AE02.roa (raw, json)
Hash identifier: zqWUhiwxdkEdRAyEF8edHnlsgnAwdwPaAs5a3Nf/2J4=
Subject key identifier: C9:C6:E5:57:0D:1C:71:49:BA:15:61:D1:88:EB:AB:D6:5D:A3:F5:65
Certificate issuer: /CN=A9170E11/serialNumber=3D6447D7297483294ECECB853A5E500935D1B8D7
Certificate serial: 03F0
Authority key identifier: 3D:64:47:D7:29:74:83:29:4E:CE:CB:85:3A:5E:50:09:35:D1:B8:D7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PWRH1yl0gylOzsuFOl5QCTXRuNc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/CAD9B57C800811EFAAC27742C4F9AE02.roa
Signing time: Tue 01 Oct 2024 15:21:12 +0000
ROA not before: Tue 01 Oct 2024 15:21:12 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 214640
IP address blocks: 103.177.248.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 05 Oct 2024 14:39:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1008 (0x3f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170E11
Validity
Not Before: Oct 1 15:21:12 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66fc1368-8e8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:da:ac:e3:38:ad:b4:09:22:c0:b0:b6:17:5f:
24:26:fb:1e:26:3b:f1:cf:72:46:0b:5f:b7:1c:31:
1f:81:ca:fe:84:2e:57:44:8e:34:ba:5b:93:c8:87:
dc:35:a7:8a:e7:66:c7:2a:b6:76:b7:a8:b7:67:ec:
69:98:23:da:ef:39:55:79:af:61:fc:ed:58:43:1d:
95:68:e1:65:35:f4:34:4e:83:47:1a:30:eb:38:b2:
83:f3:75:ff:e7:ae:b7:88:59:22:73:8c:0c:75:12:
0c:50:b8:af:c1:70:f6:ac:c2:6a:0e:99:ab:b6:d4:
cb:96:de:5e:f1:c4:02:49:ce:91:68:b8:b2:3a:92:
7f:d4:a0:41:35:65:26:d0:f5:77:7b:d3:df:39:71:
4f:86:7d:9b:35:1c:0c:6b:19:63:33:80:27:39:9a:
af:97:76:eb:8d:2e:2c:57:88:e3:13:0f:6a:2a:61:
3c:d0:08:59:92:f1:53:a8:84:2d:30:2d:c1:01:a3:
ca:c6:c9:ad:9b:b5:98:25:3a:60:d5:2d:17:49:ed:
be:fe:66:a0:bc:e0:61:b4:ae:26:2f:75:02:55:09:
94:28:20:56:36:3e:06:7f:bf:a2:2f:39:79:8f:36:
a8:43:32:b8:43:a7:ea:73:f3:a5:af:6e:6c:be:e3:
eb:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:C6:E5:57:0D:1C:71:49:BA:15:61:D1:88:EB:AB:D6:5D:A3:F5:65
X509v3 Authority Key Identifier:
keyid:3D:64:47:D7:29:74:83:29:4E:CE:CB:85:3A:5E:50:09:35:D1:B8:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/PWRH1yl0gylOzsuFOl5QCTXRuNc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PWRH1yl0gylOzsuFOl5QCTXRuNc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/CAD9B57C800811EFAAC27742C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.177.248.0/23
Signature Algorithm: sha256WithRSAEncryption
90:d1:37:a7:41:d9:2d:e1:0e:38:c0:86:47:04:f1:8a:cb:3d:
f1:1e:8b:18:64:82:d5:1f:95:09:be:74:e0:72:56:95:39:01:
2f:bf:4e:0a:f7:86:98:76:14:ef:45:e3:68:d5:34:f9:a8:61:
eb:14:99:9f:3f:57:49:97:b7:27:39:50:00:20:cb:3b:67:99:
09:40:b6:05:b3:23:fe:11:f4:bf:9e:f1:33:66:ec:33:74:7a:
a1:5d:87:52:7a:38:1c:47:a1:57:c2:6a:85:ff:e4:8a:fe:d0:
bd:ec:67:94:71:0c:2c:90:2e:92:d7:ac:cf:d5:79:4c:ce:7e:
a1:bf:64:d2:27:53:60:31:d7:38:34:40:15:43:ca:b7:8d:d2:
d9:3a:de:9e:10:5f:32:d9:e2:9d:50:36:0a:5d:96:27:53:1b:
6f:e9:36:c1:11:f4:07:44:a3:07:5c:86:e0:71:5c:e2:98:27:
88:2d:bd:1e:cf:f1:58:95:09:c9:36:da:b5:fe:3e:50:f3:07:
3d:a9:db:1b:4a:40:b4:5f:75:ff:97:82:ad:5b:6c:75:ae:fc:
ad:a7:8a:21:0c:7f:fe:d7:33:1f:23:29:01:5a:35:bd:de:a5:
b8:ae:b4:64:d7:cf:3b:2b:f5:43:81:7a:0e:eb:4b:cb:20:af:
8a:f4:2c:fc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA/AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzBFMTExMTAvBgNVBAUTKDNENjQ0N0Q3Mjk3NDgzMjk0RUNFQ0I4NTNBNUU1MDA5
MzVEMUI4RDcwHhcNMjQxMDAxMTUyMTEyWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZjMTM2OC04ZThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxNqs4zittAkiwLC2F18kJvseJjvxz3JGC1+3HDEfgcr+hC5XRI40uluTyIfc
NaeK52bHKrZ2t6i3Z+xpmCPa7zlVea9h/O1YQx2VaOFlNfQ0ToNHGjDrOLKD83X/
5663iFkic4wMdRIMULivwXD2rMJqDpmrttTLlt5e8cQCSc6RaLiyOpJ/1KBBNWUm
0PV3e9PfOXFPhn2bNRwMaxljM4AnOZqvl3brjS4sV4jjEw9qKmE80AhZkvFTqIQt
MC3BAaPKxsmtm7WYJTpg1S0XSe2+/magvOBhtK4mL3UCVQmUKCBWNj4Gf7+iLzl5
jzaoQzK4Q6fqc/Olr25svuPrTwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMnG5VcN
HHFJuhVh0Yjrq9Zdo/VlMB8GA1UdIwQYMBaAFD1kR9cpdIMpTs7LhTpeUAk10bjX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEUxMS9EMDYwQzlCMjVC
RDYxMUVDQUQ4MzM2NTFDNEY5QUUwMi9QV1JIMXlsMGd5bE96c3VGT2w1UUNUWFJ1
TmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BXUkgxeWwwZ3lsT3pzdUZPbDVRQ1RYUnVOYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzBFMTEvRDA2MEM5QjI1QkQ2MTFFQ0FEODMzNjUxQzRGOUFFMDIvQ0FEOUI1N0M4
MDA4MTFFRkFBQzI3NzQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnsfgwDQYJKoZIhvcNAQELBQADggEBAJDRN6dB2S3hDjjA
hkcE8YrLPfEeixhkgtUflQm+dOByVpU5AS+/Tgr3hph2FO9F42jVNPmoYesUmZ8/
V0mXtyc5UAAgyztnmQlAtgWzI/4R9L+e8TNm7DN0eqFdh1J6OBxHoVfCaoX/5Ir+
0L3sZ5RxDCyQLpLXrM/VeUzOfqG/ZNInU2Ax1zg0QBVDyreN0tk63p4QXzLZ4p1Q
NgpdlidTG2/pNsER9AdEowdchuBxXOKYJ4gtvR7P8ViVCck22rX+PlDzBz2p2xtK
QLRfdf+Xgq1bbHWu/K2niiEMf/7XMx8jKQFaNb3epbiutGTXzzsr9UOBeg7rS8sg
r4r0LPw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:58 2025 by rpki-client