Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/242DC534983A11EF9D77DE1AC4F9AE02.roa
File: 242DC534983A11EF9D77DE1AC4F9AE02.roa (raw, json)
Hash identifier: r8T+d/EC+wKGXeLFLzlz0h+hGlXWkaOzgEBZIwKFvgA=
Subject key identifier: A9:DD:46:56:67:15:FE:F7:5F:D1:2F:24:7E:30:F6:7C:27:53:D3:1E
Certificate issuer: /CN=A9172A52/serialNumber=674AC57C099876A06657180B34E24E6EEE884411
Certificate serial: 13
Authority key identifier: 67:4A:C5:7C:09:98:76:A0:66:57:18:0B:34:E2:4E:6E:EE:88:44:11
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0rFfAmYdqBmVxgLNOJObu6IRBE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/242DC534983A11EF9D77DE1AC4F9AE02.roa
Signing time: Fri 01 Nov 2024 10:14:56 +0000
ROA not before: Fri 01 Nov 2024 10:14:56 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 134963
IP address blocks: 103.40.164.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Nov 2024 10:24:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19 (0x13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172A52/serialNumber=674AC57C099876A06657180B34E24E6EEE884411
Validity
Not Before: Nov 1 10:14:56 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6724aa1f-f856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8c:26:c2:ef:2d:23:07:c0:81:13:5e:9e:87:
05:01:1a:c4:86:47:db:63:53:30:cd:5c:40:43:8c:
00:ce:3a:3f:34:e1:fa:72:7b:6f:df:fa:23:4a:da:
5c:de:f7:3c:69:ca:bd:19:20:3b:e9:e3:f7:ac:b6:
51:da:03:6a:24:14:00:ff:ac:e5:3d:f2:22:14:05:
0b:df:7e:bf:77:0d:39:4a:83:53:9b:7d:b1:53:cd:
f9:58:e0:84:52:24:29:88:cb:0c:d6:aa:36:2e:c5:
6c:48:a4:c3:36:69:4a:4b:1c:63:e6:53:b5:df:5f:
6f:08:92:3e:56:8c:e7:15:cb:e4:18:e4:43:ce:08:
1a:33:ee:4e:a5:52:28:19:3b:d8:5f:30:8f:93:20:
c8:28:a5:49:96:98:2b:b8:f7:9b:e6:4f:90:16:00:
de:ed:0e:f0:9b:ed:18:1f:00:5a:6d:71:dc:61:c0:
8c:03:ea:0f:f2:61:16:06:13:cd:c4:4d:c9:48:36:
5e:3b:4e:91:0d:52:e7:60:52:7b:9e:4c:50:dc:7e:
2f:9f:a5:35:42:46:27:66:37:80:5c:a1:8b:c5:ae:
6a:c8:4a:56:5e:e1:f7:42:e8:d3:c2:90:83:d2:74:
e4:88:b1:3e:0d:78:91:23:d3:c5:11:f2:1d:93:98:
cc:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:DD:46:56:67:15:FE:F7:5F:D1:2F:24:7E:30:F6:7C:27:53:D3:1E
X509v3 Authority Key Identifier:
keyid:67:4A:C5:7C:09:98:76:A0:66:57:18:0B:34:E2:4E:6E:EE:88:44:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/Z0rFfAmYdqBmVxgLNOJObu6IRBE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0rFfAmYdqBmVxgLNOJObu6IRBE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/242DC534983A11EF9D77DE1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.40.164.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:21:bf:df:c0:b5:b8:1a:5e:11:fe:1f:e0:5f:4b:24:4c:0e:
80:45:2c:cf:84:7a:a3:fd:60:de:44:90:15:43:d6:c2:93:e9:
6f:04:46:19:63:7d:09:f8:24:17:2d:5e:9a:c5:2a:9a:8e:a2:
1a:4c:c5:49:69:a2:94:30:9c:e7:26:9a:21:f5:a2:d1:be:8c:
2e:06:b3:ce:6c:e4:6e:9d:b5:f4:7d:75:65:9c:d5:be:5a:bd:
b1:69:23:77:05:30:ee:90:74:4c:4f:a4:c0:98:7a:81:a2:50:
d2:38:d8:fa:c0:df:39:9c:6d:31:23:bb:dd:38:ce:03:23:89:
f2:c8:bf:f3:4c:0f:9c:3d:11:79:53:4f:60:7d:d7:49:96:5d:
85:4d:18:a3:d6:e5:b3:82:78:b3:65:74:1e:21:4e:ca:4e:81:
00:91:de:0b:9a:cd:bf:78:a6:b9:58:ca:d5:88:2c:8a:2b:86:
5e:1d:7a:85:81:3f:b3:09:e3:7b:f4:51:b5:68:5b:c4:f6:28:
3a:b1:68:d4:eb:fc:96:97:b7:71:94:41:cd:f1:41:da:8a:5b:
04:4e:97:ff:e5:0f:cd:75:1f:a7:75:4f:0e:cf:3a:c0:4e:6c:
e6:76:7f:25:ab:3a:8f:62:31:1c:c6:87:56:e3:53:82:ec:53:
65:a1:09:da
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBEzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MkE1MjExMC8GA1UEBRMoNjc0QUM1N0MwOTk4NzZBMDY2NTcxODBCMzRFMjRFNkVF
RTg4NDQxMTAeFw0yNDExMDExMDE0NTZaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MjRhYTFmLWY4NTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3jCbC7y0jB8CBE16ehwUBGsSGR9tjUzDNXEBDjADOOj804fpye2/f+iNK2lze
9zxpyr0ZIDvp4/estlHaA2okFAD/rOU98iIUBQvffr93DTlKg1ObfbFTzflY4IRS
JCmIywzWqjYuxWxIpMM2aUpLHGPmU7XfX28Ikj5WjOcVy+QY5EPOCBoz7k6lUigZ
O9hfMI+TIMgopUmWmCu495vmT5AWAN7tDvCb7RgfAFptcdxhwIwD6g/yYRYGE83E
TclINl47TpENUudgUnueTFDcfi+fpTVCRidmN4BcoYvFrmrISlZe4fdC6NPCkIPS
dOSIsT4NeJEj08UR8h2TmMw9AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUqd1GVmcV
/vdf0S8kfjD2fCdT0x4wHwYDVR0jBBgwFoAUZ0rFfAmYdqBmVxgLNOJObu6IRBEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcyQTUyLzNFNzZEN0VFOTgx
OTExRUZCMEQwREQzNEM0RjlBRTAyL1owckZmQW1ZZHFCbVZ4Z0xOT0pPYnU2SVJC
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWjByRmZBbVlkcUJtVnhnTE5PSk9idTZJUkJFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MkE1Mi8zRTc2RDdFRTk4MTkxMUVGQjBEMEREMzRDNEY5QUUwMi8yNDJEQzUzNDk4
M0ExMUVGOUQ3N0RFMUFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcopDANBgkqhkiG9w0BAQsFAAOCAQEAPCG/38C1uBpeEf4f
4F9LJEwOgEUsz4R6o/1g3kSQFUPWwpPpbwRGGWN9CfgkFy1emsUqmo6iGkzFSWmi
lDCc5yaaIfWi0b6MLgazzmzkbp219H11ZZzVvlq9sWkjdwUw7pB0TE+kwJh6gaJQ
0jjY+sDfOZxtMSO73TjOAyOJ8si/80wPnD0ReVNPYH3XSZZdhU0Yo9bls4J4s2V0
HiFOyk6BAJHeC5rNv3imuVjK1YgsiiuGXh16hYE/swnje/RRtWhbxPYoOrFo1Ov8
lpe3cZRBzfFB2opbBE6X/+UPzXUfp3VPDs86wE5s5nZ/Jas6j2IxHMaHVuNTguxT
ZaEJ2g==
-----END CERTIFICATE-----
Generated at Sat Nov 2 12:23:52 2024 by rpki-client on console-fra.rpki-client.org