Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/C49C7ED272E111EDBF1C7C81C4F9AE02.roa
File: C49C7ED272E111EDBF1C7C81C4F9AE02.roa (raw, json)
Hash identifier: AA9pKQD3K1s6bDOsh71a6T8aY7Z2HrBGgcZtF4T6xEg=
Subject key identifier: 8A:0D:E1:AA:32:89:FE:7F:3F:BA:40:8F:14:D2:AE:7E:AA:A2:E7:6E
Certificate issuer: /CN=A917190F/serialNumber=9D07446EF99F3C57C29C582D6B7ACA4735F4E470
Certificate serial: 06AB
Authority key identifier: 9D:07:44:6E:F9:9F:3C:57:C2:9C:58:2D:6B:7A:CA:47:35:F4:E4:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQdEbvmfPFfCnFgta3rKRzX05HA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/C49C7ED272E111EDBF1C7C81C4F9AE02.roa
Signing time: Sat 02 Sep 2023 21:48:35 +0000
ROA not before: Sat 02 Sep 2023 21:48:35 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 134428
IP address blocks: 103.40.100.0/24 maxlen: 24
103.40.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Sep 2024 16:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1707 (0x6ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917190F/serialNumber=9D07446EF99F3C57C29C582D6B7ACA4735F4E470
Validity
Not Before: Sep 2 21:48:35 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=64f3adb3-2940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4f:38:8d:07:b2:3f:08:17:72:56:0c:c0:32:
c4:0a:ff:40:5c:82:1e:54:83:02:40:41:39:10:5d:
19:0f:e8:88:d7:eb:ed:3b:bc:f0:b5:1b:d9:e7:81:
4f:41:43:e7:b8:f2:f2:bf:d5:bd:d7:c7:25:22:bb:
e0:3b:c9:b9:31:16:fd:db:6b:f6:c7:37:40:e6:dc:
cc:64:6c:34:58:a5:b2:84:e7:8c:28:2d:c7:d9:72:
cd:9a:c4:17:0c:a2:bd:87:c4:0b:84:0f:19:3d:21:
80:42:3c:d0:9d:3f:e9:b3:20:35:10:4b:95:f6:f9:
56:dd:9b:b2:17:c2:55:10:65:e2:b3:47:d9:59:b7:
f5:47:ee:6a:ba:c2:8d:8a:fb:92:21:6a:9f:e8:00:
29:a0:a3:f7:b7:48:c0:45:77:f4:67:45:4b:10:dc:
c2:4b:15:87:72:39:92:b0:72:24:05:7d:94:6f:c6:
83:c9:d5:14:5f:22:b3:26:9a:c8:8d:61:14:d7:da:
cb:17:fc:ca:be:b1:f9:69:86:c5:e3:ed:cb:0a:1e:
d2:47:c0:02:2a:59:61:37:e5:34:3b:2f:76:72:f1:
47:63:ed:45:d8:37:70:6f:41:fc:85:98:5b:33:ad:
61:20:ae:32:c0:b0:4d:5e:8a:1a:44:81:28:96:36:
60:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:0D:E1:AA:32:89:FE:7F:3F:BA:40:8F:14:D2:AE:7E:AA:A2:E7:6E
X509v3 Authority Key Identifier:
keyid:9D:07:44:6E:F9:9F:3C:57:C2:9C:58:2D:6B:7A:CA:47:35:F4:E4:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/nQdEbvmfPFfCnFgta3rKRzX05HA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQdEbvmfPFfCnFgta3rKRzX05HA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/C49C7ED272E111EDBF1C7C81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.40.100.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:9c:07:00:00:6f:c1:e7:62:49:cd:ac:26:2e:d2:d2:7a:23:
a4:62:b5:d0:d4:28:9f:c2:d8:9b:ab:d9:34:0f:01:8c:84:aa:
41:eb:5d:50:1f:a3:32:a6:22:85:a2:65:aa:4a:87:10:be:41:
96:51:0a:6f:51:79:52:02:15:3e:51:61:2b:72:c6:f7:56:a4:
d2:5d:55:af:b3:d3:cc:74:54:94:b1:39:9d:05:ad:d4:3e:65:
5a:08:26:66:d4:95:a4:26:56:9b:ed:4e:a7:9e:f5:61:2e:aa:
67:89:e4:5c:a2:65:e1:50:ab:19:e0:ff:0e:28:b9:67:5e:fb:
9b:89:d4:e0:3a:1b:78:97:fa:8b:95:9e:10:c1:53:4a:b7:b6:
93:3f:ff:e3:61:c4:b5:35:34:6b:d1:57:77:93:65:75:f5:7a:
44:e5:d1:02:2a:5a:76:40:2c:26:20:34:fd:6a:bb:bb:4a:41:
fc:ad:65:73:53:b5:ac:68:30:ea:01:4b:14:2b:f7:bc:fb:38:
63:e5:14:d6:b5:4c:b7:31:37:a5:e3:95:9c:82:db:a3:19:37:
10:c3:d4:ba:55:de:0d:1d:43:6b:fe:f7:2e:45:d2:c5:bf:05:
4f:b0:2b:a5:b6:5b:89:7e:2f:ec:48:53:35:72:3c:78:11:2e:
8b:84:f4:b9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBqswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzE5MEYxMTAvBgNVBAUTKDlEMDc0NDZFRjk5RjNDNTdDMjlDNTgyRDZCN0FDQTQ3
MzVGNEU0NzAwHhcNMjMwOTAyMjE0ODM1WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGYzYWRiMy0yOTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyU84jQeyPwgXclYMwDLECv9AXIIeVIMCQEE5EF0ZD+iI1+vtO7zwtRvZ54FP
QUPnuPLyv9W918clIrvgO8m5MRb922v2xzdA5tzMZGw0WKWyhOeMKC3H2XLNmsQX
DKK9h8QLhA8ZPSGAQjzQnT/psyA1EEuV9vlW3ZuyF8JVEGXis0fZWbf1R+5qusKN
ivuSIWqf6AApoKP3t0jARXf0Z0VLENzCSxWHcjmSsHIkBX2Ub8aDydUUXyKzJprI
jWEU19rLF/zKvrH5aYbF4+3LCh7SR8ACKllhN+U0Oy92cvFHY+1F2Ddwb0H8hZhb
M61hIK4ywLBNXooaRIEoljZgLwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIoN4aoy
if5/P7pAjxTSrn6qouduMB8GA1UdIwQYMBaAFJ0HRG75nzxXwpxYLWt6ykc19ORw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTkwRi9CM0NBNzZDMEZB
MzExMUVBQkQyNDlFN0FDNEY5QUUwMi9uUWRFYnZtZlBGZkNuRmd0YTNyS1J6WDA1
SEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25RZEVidm1mUEZmQ25GZ3RhM3JLUnpYMDVIQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzE5MEYvQjNDQTc2QzBGQTMxMTFFQUJEMjQ5RTdBQzRGOUFFMDIvQzQ5QzdFRDI3
MkUxMTFFREJGMUM3QzgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnKGQwDQYJKoZIhvcNAQELBQADggEBAF+cBwAAb8HnYknN
rCYu0tJ6I6RitdDUKJ/C2Jur2TQPAYyEqkHrXVAfozKmIoWiZapKhxC+QZZRCm9R
eVICFT5RYStyxvdWpNJdVa+z08x0VJSxOZ0FrdQ+ZVoIJmbUlaQmVpvtTqee9WEu
qmeJ5FyiZeFQqxng/w4ouWde+5uJ1OA6G3iX+ouVnhDBU0q3tpM//+NhxLU1NGvR
V3eTZXX1ekTl0QIqWnZALCYgNP1qu7tKQfytZXNTtaxoMOoBSxQr97z7OGPlFNa1
TLcxN6XjlZyC26MZNxDD1LpV3g0dQ2v+9y5F0sW/BU+wK6W2W4l+L+xIUzVyPHgR
LouE9Lk=
-----END CERTIFICATE-----
Generated at Mon Sep 9 20:55:07 2024 by rpki-client on console-ams.rpki-client.org