Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/F9371B0A983911EF91FE821AC4F9AE02.roa
File: F9371B0A983911EF91FE821AC4F9AE02.roa (raw, json)
Hash identifier: /9H5541mhlVUmOMqC0KEczwFMg4jCC7WXkUxvWgvElY=
Subject key identifier: C9:1E:C7:BB:32:20:5C:F5:0A:B1:01:0B:66:FF:A9:23:5E:FB:54:A5
Certificate issuer: /CN=A9172A52/serialNumber=674AC57C099876A06657180B34E24E6EEE884411
Certificate serial: 11
Authority key identifier: 67:4A:C5:7C:09:98:76:A0:66:57:18:0B:34:E2:4E:6E:EE:88:44:11
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0rFfAmYdqBmVxgLNOJObu6IRBE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/F9371B0A983911EF91FE821AC4F9AE02.roa
Signing time: Fri 01 Nov 2024 10:13:43 +0000
ROA not before: Fri 01 Nov 2024 10:13:43 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 133858
IP address blocks: 103.40.164.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Nov 2024 10:33:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17 (0x11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172A52/serialNumber=674AC57C099876A06657180B34E24E6EEE884411
Validity
Not Before: Nov 1 10:13:43 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6724a9d7-ade9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:de:c4:f5:a5:93:ea:61:8d:80:b0:db:89:5e:
a5:99:38:c3:8c:ca:9f:6d:8a:ec:75:32:54:c4:64:
34:d3:6a:48:ba:c1:1c:06:59:ac:0e:77:3d:49:3b:
2b:41:4c:ba:69:c8:8a:75:9d:2f:fd:9f:eb:92:fc:
d2:19:28:b7:57:89:34:8b:11:ab:93:b2:e0:ce:de:
40:fe:40:cc:82:33:89:0d:83:0e:c1:c0:e6:9d:4c:
58:80:c9:ab:63:ff:33:87:b9:96:55:e8:8d:8c:e4:
e5:45:4a:19:04:0b:a1:29:00:db:8c:1d:9d:7d:eb:
4f:d2:7e:a5:24:5b:9e:1f:73:94:a9:04:87:0c:1e:
f1:b1:7c:82:39:cb:8a:7d:d9:96:f1:67:66:38:98:
c8:de:02:c2:4c:bd:fd:02:dd:3f:73:ad:6b:f1:ee:
43:35:d0:cd:2d:11:76:94:ed:f9:61:3a:9a:c1:74:
01:00:d3:28:cf:de:5d:89:7e:4c:e1:0a:e1:99:97:
6a:a0:6b:ac:81:63:00:59:c4:4c:8a:f2:4f:43:6b:
99:e9:df:db:07:04:ca:8b:46:ed:57:5b:f3:7a:d5:
15:82:6e:ad:90:39:65:b4:1c:a4:c0:67:50:aa:b6:
39:65:92:03:6d:f6:53:8b:c4:c5:43:7f:df:13:9d:
4e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:1E:C7:BB:32:20:5C:F5:0A:B1:01:0B:66:FF:A9:23:5E:FB:54:A5
X509v3 Authority Key Identifier:
keyid:67:4A:C5:7C:09:98:76:A0:66:57:18:0B:34:E2:4E:6E:EE:88:44:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/Z0rFfAmYdqBmVxgLNOJObu6IRBE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0rFfAmYdqBmVxgLNOJObu6IRBE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/F9371B0A983911EF91FE821AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.40.164.0/23
Signature Algorithm: sha256WithRSAEncryption
51:5c:b7:d8:28:f3:c7:d3:44:93:83:7e:52:8b:92:c4:24:8d:
e9:b1:96:20:c1:26:79:7a:1f:0c:f1:e6:47:18:cd:4e:8c:ef:
85:ed:cc:3c:31:29:f1:da:66:b0:1d:42:8c:9c:12:fd:5f:07:
9d:eb:9c:b4:fc:9d:2c:04:4e:3a:45:95:3a:da:c5:6d:33:ed:
a3:ac:8d:af:54:2c:2e:7d:ec:af:3c:df:da:7d:35:73:3b:65:
62:6a:8d:f4:9a:f2:43:74:9e:b9:a8:36:b5:4e:58:e4:93:1b:
2f:1d:b7:0f:36:d1:9b:6d:8a:47:2c:a7:90:96:bd:7b:0d:ef:
5a:e0:1f:28:d3:28:dd:1f:dd:ec:fc:bf:0c:67:89:15:46:79:
2f:03:69:ac:0c:7c:21:5f:ce:f7:d4:9e:c5:98:42:e8:6d:09:
04:d0:7f:fb:9e:58:0f:c7:a5:59:2c:3e:3e:b1:27:1f:26:20:
37:60:7d:26:ac:98:91:22:48:8f:c8:cd:16:2f:87:ab:2f:e1:
ae:12:ac:01:a6:64:31:e0:80:03:4c:f8:5f:81:e5:e5:e7:d8:
62:87:56:a4:03:7b:04:4a:53:74:78:5e:12:8e:66:62:d7:36:
c9:dd:23:98:90:b2:65:90:ec:c7:67:81:f3:16:37:ac:7c:58:
77:6b:b6:d3
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBETANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MkE1MjExMC8GA1UEBRMoNjc0QUM1N0MwOTk4NzZBMDY2NTcxODBCMzRFMjRFNkVF
RTg4NDQxMTAeFw0yNDExMDExMDEzNDNaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MjRhOWQ3LWFkZTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCb3sT1pZPqYY2AsNuJXqWZOMOMyp9tiux1MlTEZDTTaki6wRwGWawOdz1JOytB
TLppyIp1nS/9n+uS/NIZKLdXiTSLEauTsuDO3kD+QMyCM4kNgw7BwOadTFiAyatj
/zOHuZZV6I2M5OVFShkEC6EpANuMHZ1960/SfqUkW54fc5SpBIcMHvGxfII5y4p9
2ZbxZ2Y4mMjeAsJMvf0C3T9zrWvx7kM10M0tEXaU7flhOprBdAEA0yjP3l2Jfkzh
CuGZl2qga6yBYwBZxEyK8k9Da5np39sHBMqLRu1XW/N61RWCbq2QOWW0HKTAZ1Cq
tjllkgNt9lOLxMVDf98TnU4jAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUyR7HuzIg
XPUKsQELZv+pI177VKUwHwYDVR0jBBgwFoAUZ0rFfAmYdqBmVxgLNOJObu6IRBEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcyQTUyLzNFNzZEN0VFOTgx
OTExRUZCMEQwREQzNEM0RjlBRTAyL1owckZmQW1ZZHFCbVZ4Z0xOT0pPYnU2SVJC
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWjByRmZBbVlkcUJtVnhnTE5PSk9idTZJUkJFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MkE1Mi8zRTc2RDdFRTk4MTkxMUVGQjBEMEREMzRDNEY5QUUwMi9GOTM3MUIwQTk4
MzkxMUVGOTFGRTgyMUFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcopDANBgkqhkiG9w0BAQsFAAOCAQEAUVy32Cjzx9NEk4N+
UouSxCSN6bGWIMEmeXofDPHmRxjNTozvhe3MPDEp8dpmsB1CjJwS/V8HneuctPyd
LAROOkWVOtrFbTPto6yNr1QsLn3srzzf2n01cztlYmqN9JryQ3Seuag2tU5Y5JMb
Lx23DzbRm22KRyynkJa9ew3vWuAfKNMo3R/d7Py/DGeJFUZ5LwNprAx8IV/O99Se
xZhC6G0JBNB/+55YD8elWSw+PrEnHyYgN2B9JqyYkSJIj8jNFi+Hqy/hrhKsAaZk
MeCAA0z4X4Hl5efYYodWpAN7BEpTdHheEo5mYtc2yd0jmJCyZZDsx2eB8xY3rHxY
d2u20w==
-----END CERTIFICATE-----
Generated at Sat Nov 2 12:23:52 2024 by rpki-client on console-fra.rpki-client.org