Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/D973D448982511EF948BAD29C4F9AE02.roa
File: D973D448982511EF948BAD29C4F9AE02.roa (raw, json)
Hash identifier: cJA1y8ixhMOHK3GzAI444LjqkSBGHNdiN/DkzW0h1bY=
Subject key identifier: 26:44:5E:92:3A:A5:3F:4C:58:6F:DC:5E:CB:C7:40:48:50:FA:B4:E2
Certificate issuer: /CN=A9172A52/serialNumber=674AC57C099876A06657180B34E24E6EEE884411
Certificate serial: 0A
Authority key identifier: 67:4A:C5:7C:09:98:76:A0:66:57:18:0B:34:E2:4E:6E:EE:88:44:11
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0rFfAmYdqBmVxgLNOJObu6IRBE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/D973D448982511EF948BAD29C4F9AE02.roa
Signing time: Fri 01 Nov 2024 08:07:57 +0000
ROA not before: Fri 01 Nov 2024 08:07:57 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 134963
IP address blocks: 103.40.164.0/23 maxlen: 23
103.40.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 10:09:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172A52/serialNumber=674AC57C099876A06657180B34E24E6EEE884411
Validity
Not Before: Nov 1 08:07:57 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67248c5d-2c77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:cd:e9:cf:ef:c1:d4:b8:a5:e9:30:63:07:cd:
28:76:c0:51:1c:f3:11:c9:1c:5f:24:82:75:26:83:
cc:3f:77:09:a7:7d:27:16:f4:aa:56:c1:20:8f:df:
d4:da:20:c0:e2:c9:9a:41:91:2b:64:d7:72:37:80:
36:90:86:36:28:40:0b:7a:0b:5a:84:58:f4:e1:70:
e0:76:85:e5:8a:52:c5:3c:b8:ee:a4:cd:53:ed:55:
07:59:61:dc:87:f0:c2:d8:cb:c3:de:d6:e5:60:d9:
76:48:df:06:51:46:5f:b0:56:76:17:3b:45:e7:92:
f6:d8:b1:12:ab:6b:14:3d:23:7d:bc:f6:55:d8:80:
b3:85:2f:40:29:0e:54:75:8a:96:04:ac:75:ff:05:
51:42:3b:48:92:94:49:3e:12:31:54:31:fc:05:a8:
97:f5:71:0c:ea:09:51:9b:a5:cc:0d:5e:47:8d:f8:
1b:27:81:09:a2:95:5c:6f:b4:cc:68:60:0a:00:e3:
4c:0b:79:4f:d6:18:85:f5:11:4d:8b:7c:27:10:7a:
bb:c0:5d:e9:5b:90:a5:32:88:ef:3d:d5:7c:59:30:
40:b7:b9:e9:50:57:8a:72:8c:33:2d:b8:09:c3:4b:
4a:de:c3:72:bd:14:ec:b8:98:55:83:45:26:88:71:
da:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:44:5E:92:3A:A5:3F:4C:58:6F:DC:5E:CB:C7:40:48:50:FA:B4:E2
X509v3 Authority Key Identifier:
keyid:67:4A:C5:7C:09:98:76:A0:66:57:18:0B:34:E2:4E:6E:EE:88:44:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/Z0rFfAmYdqBmVxgLNOJObu6IRBE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0rFfAmYdqBmVxgLNOJObu6IRBE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/D973D448982511EF948BAD29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.40.164.0/23
Signature Algorithm: sha256WithRSAEncryption
13:05:12:85:51:3d:fe:f0:c1:e1:d7:6f:bf:5b:a0:b0:2d:ed:
6a:0c:d7:fc:a4:c7:dc:64:6e:c3:ac:73:99:fc:78:ec:29:c3:
73:37:ae:76:76:1e:92:ef:62:50:70:bc:c0:92:7c:14:49:a1:
cc:ed:1e:67:e2:b1:c3:20:50:ce:4a:5f:6f:ec:1e:ad:e9:ba:
8b:fd:7e:eb:f6:63:97:e2:19:ad:68:ac:3b:0f:74:3c:80:ee:
8c:ac:7d:69:8d:f1:db:7d:aa:2b:ef:17:5d:9c:4f:57:f0:cc:
ff:2c:53:51:6b:a4:9a:3f:f5:d9:e8:91:3d:4c:58:9b:3e:c7:
36:92:b2:92:e8:6d:71:28:5c:5e:73:3b:3d:db:cc:fb:2a:04:
e0:dd:04:b7:48:2d:c0:ad:a6:ec:16:bf:00:8e:97:bb:b9:13:
b3:ea:06:80:50:21:1b:97:ab:cc:ab:f4:94:fa:28:28:64:5a:
33:26:95:30:1b:c5:c3:d7:17:2a:ad:31:97:a3:94:23:dc:11:
34:27:aa:a6:20:62:d4:12:49:a3:2f:26:37:6c:4b:1b:2b:4c:
ca:56:02:ef:46:69:96:9f:0a:a8:5e:d3:38:a3:ed:bb:d9:7b:
ff:a8:9b:d1:52:43:0b:2c:6d:93:74:aa:d1:9c:f9:03:ec:86:
74:12:50:45
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MkE1MjExMC8GA1UEBRMoNjc0QUM1N0MwOTk4NzZBMDY2NTcxODBCMzRFMjRFNkVF
RTg4NDQxMTAeFw0yNDExMDEwODA3NTdaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MjQ4YzVkLTJjNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCZzenP78HUuKXpMGMHzSh2wFEc8xHJHF8kgnUmg8w/dwmnfScW9KpWwSCP39Ta
IMDiyZpBkStk13I3gDaQhjYoQAt6C1qEWPThcOB2heWKUsU8uO6kzVPtVQdZYdyH
8MLYy8Pe1uVg2XZI3wZRRl+wVnYXO0XnkvbYsRKraxQ9I3289lXYgLOFL0ApDlR1
ipYErHX/BVFCO0iSlEk+EjFUMfwFqJf1cQzqCVGbpcwNXkeN+BsngQmilVxvtMxo
YAoA40wLeU/WGIX1EU2LfCcQervAXelbkKUyiO891XxZMEC3uelQV4pyjDMtuAnD
S0rew3K9FOy4mFWDRSaIcdqfAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUJkRekjql
P0xYb9xey8dASFD6tOIwHwYDVR0jBBgwFoAUZ0rFfAmYdqBmVxgLNOJObu6IRBEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcyQTUyLzNFNzZEN0VFOTgx
OTExRUZCMEQwREQzNEM0RjlBRTAyL1owckZmQW1ZZHFCbVZ4Z0xOT0pPYnU2SVJC
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWjByRmZBbVlkcUJtVnhnTE5PSk9idTZJUkJFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MkE1Mi8zRTc2RDdFRTk4MTkxMUVGQjBEMEREMzRDNEY5QUUwMi9EOTczRDQ0ODk4
MjUxMUVGOTQ4QkFEMjlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcopDANBgkqhkiG9w0BAQsFAAOCAQEAEwUShVE9/vDB4ddv
v1ugsC3tagzX/KTH3GRuw6xzmfx47CnDczeudnYeku9iUHC8wJJ8FEmhzO0eZ+Kx
wyBQzkpfb+werem6i/1+6/Zjl+IZrWisOw90PIDujKx9aY3x232qK+8XXZxPV/DM
/yxTUWukmj/12eiRPUxYmz7HNpKykuhtcShcXnM7PdvM+yoE4N0Et0gtwK2m7Ba/
AI6Xu7kTs+oGgFAhG5erzKv0lPooKGRaMyaVMBvFw9cXKq0xl6OUI9wRNCeqpiBi
1BJJoy8mN2xLGytMylYC70Zplp8KqF7TOKPtu9l7/6ib0VJDCyxtk3Sq0Zz5A+yG
dBJQRQ==
-----END CERTIFICATE-----
Generated at Fri Nov 1 13:22:30 2024 by rpki-client on console-ams.rpki-client.org