Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/0AD2A8DA981B11EFBA039158C4F9AE02.roa
File: 0AD2A8DA981B11EFBA039158C4F9AE02.roa (raw, json)
Hash identifier: 9uQTZujH/sXDD51mbw1T6SyZiBGgNIWET4kZFj9YeZc=
Subject key identifier: 78:A4:51:2B:10:EC:F8:11:43:6F:FB:FE:20:A9:44:67:47:29:88:3B
Certificate issuer: /CN=A9172A52/serialNumber=674AC57C099876A06657180B34E24E6EEE884411
Certificate serial: 08
Authority key identifier: 67:4A:C5:7C:09:98:76:A0:66:57:18:0B:34:E2:4E:6E:EE:88:44:11
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0rFfAmYdqBmVxgLNOJObu6IRBE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/0AD2A8DA981B11EFBA039158C4F9AE02.roa
Signing time: Fri 01 Nov 2024 08:07:15 +0000
ROA not before: Fri 01 Nov 2024 08:07:15 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 133858
IP address blocks: 103.40.164.0/23 maxlen: 23
103.40.164.0/24 maxlen: 24
103.40.165.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 10:09:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172A52/serialNumber=674AC57C099876A06657180B34E24E6EEE884411
Validity
Not Before: Nov 1 08:07:15 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67248c32-b8e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:05:f5:b3:74:2f:eb:c1:ce:12:b4:33:bc:30:
3e:85:2c:5e:54:f5:0f:76:4d:d8:61:d8:e0:f1:b4:
99:20:b8:30:ba:d9:51:16:b1:62:50:73:b7:f2:17:
2a:1e:96:96:64:e3:17:ea:bd:bc:f2:d4:42:56:80:
06:89:1b:3b:86:3a:94:ae:14:7f:e6:c3:bb:52:0f:
6a:aa:66:8c:e1:1c:41:6e:ea:8d:86:76:19:d4:97:
7c:17:7e:6b:75:3e:ef:3d:1e:70:f0:e1:18:6c:5a:
61:15:77:22:9f:66:11:3c:91:56:4c:47:22:e6:4b:
ca:27:0c:d2:1a:ce:5e:20:6a:a4:db:34:2b:36:8c:
7b:82:7e:09:95:cc:7a:ed:35:4e:ee:f1:e0:ba:09:
d2:3a:72:b9:a8:91:1a:5c:ea:49:ab:ac:b8:62:86:
2e:dc:26:3a:31:23:c1:80:34:65:62:51:c4:2c:a6:
29:da:83:cf:d1:33:2c:9d:77:ed:b9:00:ae:25:d2:
4c:dc:98:43:3b:cc:b1:eb:12:b7:1b:8b:ac:95:62:
0c:c5:62:41:16:e4:90:35:66:f5:9c:ed:1d:6d:8b:
9f:52:98:bc:40:33:e5:d6:fa:55:6f:e5:8a:59:f4:
84:48:63:90:8c:33:e3:c2:b5:fb:de:27:89:ef:c3:
b6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:A4:51:2B:10:EC:F8:11:43:6F:FB:FE:20:A9:44:67:47:29:88:3B
X509v3 Authority Key Identifier:
keyid:67:4A:C5:7C:09:98:76:A0:66:57:18:0B:34:E2:4E:6E:EE:88:44:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/Z0rFfAmYdqBmVxgLNOJObu6IRBE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0rFfAmYdqBmVxgLNOJObu6IRBE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/0AD2A8DA981B11EFBA039158C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.40.164.0/23
Signature Algorithm: sha256WithRSAEncryption
77:fd:79:c5:65:9e:df:fc:c1:e4:2a:1f:2f:0a:bc:54:66:61:
de:99:74:94:4a:26:65:45:c9:59:5c:fe:48:a7:2f:e7:73:23:
76:8a:82:72:d6:8c:9c:96:8c:8e:75:a1:92:7f:08:f3:8b:f6:
d1:29:43:16:ee:32:3f:ad:b6:73:85:d7:48:1a:8f:a9:37:af:
91:7e:07:f7:42:7f:36:62:4b:e8:21:b9:63:4f:ea:19:d4:fa:
5d:b6:f1:ea:5a:fc:76:1d:91:62:e2:02:66:16:17:55:1e:17:
3e:32:b2:d8:55:ba:a0:0a:fa:db:52:43:54:85:5e:f4:00:88:
00:c3:67:87:f6:3e:42:05:ff:50:bd:22:92:89:e5:75:77:03:
11:e5:2d:70:57:2b:dd:f2:c1:a9:5c:2c:34:10:93:1d:31:1c:
c9:01:55:5c:6e:37:2a:71:cd:20:1f:f7:43:e5:c5:e9:20:7b:
77:aa:4b:66:c6:dc:f9:f6:12:fb:6a:65:3b:d6:2f:5c:21:6e:
c8:06:d5:e2:77:ae:31:0c:c2:5b:45:32:b2:38:6f:09:ff:88:
be:6d:7d:00:81:39:68:1c:01:ab:ef:9c:34:c2:98:6f:24:75:
79:26:cd:44:47:5d:4b:e0:25:a8:1c:72:38:00:ed:92:5c:1a:
2f:49:1c:bc
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MkE1MjExMC8GA1UEBRMoNjc0QUM1N0MwOTk4NzZBMDY2NTcxODBCMzRFMjRFNkVF
RTg4NDQxMTAeFw0yNDExMDEwODA3MTVaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MjQ4YzMyLWI4ZTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDBfWzdC/rwc4StDO8MD6FLF5U9Q92Tdhh2ODxtJkguDC62VEWsWJQc7fyFyoe
lpZk4xfqvbzy1EJWgAaJGzuGOpSuFH/mw7tSD2qqZozhHEFu6o2GdhnUl3wXfmt1
Pu89HnDw4RhsWmEVdyKfZhE8kVZMRyLmS8onDNIazl4gaqTbNCs2jHuCfgmVzHrt
NU7u8eC6CdI6crmokRpc6kmrrLhihi7cJjoxI8GANGViUcQspinag8/RMyydd+25
AK4l0kzcmEM7zLHrErcbi6yVYgzFYkEW5JA1ZvWc7R1ti59SmLxAM+XW+lVv5YpZ
9IRIY5CMM+PCtfveJ4nvw7ZvAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUeKRRKxDs
+BFDb/v+IKlEZ0cpiDswHwYDVR0jBBgwFoAUZ0rFfAmYdqBmVxgLNOJObu6IRBEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcyQTUyLzNFNzZEN0VFOTgx
OTExRUZCMEQwREQzNEM0RjlBRTAyL1owckZmQW1ZZHFCbVZ4Z0xOT0pPYnU2SVJC
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWjByRmZBbVlkcUJtVnhnTE5PSk9idTZJUkJFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MkE1Mi8zRTc2RDdFRTk4MTkxMUVGQjBEMEREMzRDNEY5QUUwMi8wQUQyQThEQTk4
MUIxMUVGQkEwMzkxNThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcopDANBgkqhkiG9w0BAQsFAAOCAQEAd/15xWWe3/zB5Cof
Lwq8VGZh3pl0lEomZUXJWVz+SKcv53MjdoqCctaMnJaMjnWhkn8I84v20SlDFu4y
P622c4XXSBqPqTevkX4H90J/NmJL6CG5Y0/qGdT6Xbbx6lr8dh2RYuICZhYXVR4X
PjKy2FW6oAr621JDVIVe9ACIAMNnh/Y+QgX/UL0ikonldXcDEeUtcFcr3fLBqVws
NBCTHTEcyQFVXG43KnHNIB/3Q+XF6SB7d6pLZsbc+fYS+2plO9YvXCFuyAbV4neu
MQzCW0UysjhvCf+Ivm19AIE5aBwBq++cNMKYbyR1eSbNREddS+AlqBxyOADtklwa
L0kcvA==
-----END CERTIFICATE-----
Generated at Fri Nov 1 12:52:16 2024 by rpki-client on console-fra.rpki-client.org