Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9173F03/64F6C28E0DE111EA99669885C4F9AE02/38416E960DE211EA999D9786C4F9AE02.roa
File: 38416E960DE211EA999D9786C4F9AE02.roa (raw, json)
Hash identifier: MAWRaaMprm8tPei+3CtJOqEW3h2weTu0tf++qBi1g+k=
Subject key identifier: 82:5E:FB:AE:C7:23:31:A6:40:54:E8:C7:79:57:D6:BE:A6:32:06:5C
Certificate issuer: /CN=A9173F03/serialNumber=C99D6007CD477D89B359C33C93CAA9B5BB10601A
Certificate serial: 0B3B
Authority key identifier: C9:9D:60:07:CD:47:7D:89:B3:59:C3:3C:93:CA:A9:B5:BB:10:60:1A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZ1gB81HfYmzWcM8k8qptbsQYBo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9173F03/64F6C28E0DE111EA99669885C4F9AE02/38416E960DE211EA999D9786C4F9AE02.roa
Signing time: Wed 20 Mar 2024 19:57:50 +0000
ROA not before: Wed 20 Mar 2024 19:57:50 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 138659
IP address blocks: 103.135.232.0/22 maxlen: 24
2404:86c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 09 Sep 2024 04:58:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2875 (0xb3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9173F03/serialNumber=C99D6007CD477D89B359C33C93CAA9B5BB10601A
Validity
Not Before: Mar 20 19:57:50 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=65fb3fbd-8835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6a:ee:1e:38:4a:ec:e7:e5:4f:ed:87:b0:dc:
7c:f0:ef:dc:68:02:11:fe:fd:bc:bf:0e:9b:b7:c9:
46:b9:b4:53:27:89:ec:84:5f:fd:d7:34:33:25:a4:
ee:12:fc:e0:ae:93:20:7e:25:b2:23:64:07:3b:64:
f1:91:55:fd:3a:8d:36:f7:0a:f4:6e:ba:2d:1d:24:
4d:58:ea:0f:af:7b:e9:d7:23:65:84:3a:7c:01:45:
d4:3c:20:a9:43:61:3f:01:70:69:95:94:1e:6e:7b:
1b:a7:f2:45:4a:3c:26:6b:c1:b4:5c:23:3b:2a:33:
e5:8f:a0:62:cc:1c:f7:0e:82:d1:64:cf:1e:59:8f:
8d:8e:79:c1:b7:8c:0d:bc:ca:3e:f4:3c:d0:90:c4:
55:3c:97:91:ac:ab:e1:60:36:4c:19:75:87:7b:97:
b4:ea:cc:1e:98:86:cc:40:f8:c9:9e:04:de:5c:96:
ce:72:a3:0b:4f:2b:d9:d4:2c:4a:24:81:ef:35:72:
e8:82:56:5f:86:d9:da:f6:e8:cc:8a:35:de:0c:16:
b5:35:3b:b8:ab:3e:b2:4f:6c:14:32:6f:e7:dd:78:
c3:07:89:00:52:09:86:0c:1d:24:c8:21:02:fb:9a:
03:79:cc:c2:cf:3c:6d:2b:fe:e0:6a:d2:2c:4d:29:
7c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:5E:FB:AE:C7:23:31:A6:40:54:E8:C7:79:57:D6:BE:A6:32:06:5C
X509v3 Authority Key Identifier:
keyid:C9:9D:60:07:CD:47:7D:89:B3:59:C3:3C:93:CA:A9:B5:BB:10:60:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9173F03/64F6C28E0DE111EA99669885C4F9AE02/yZ1gB81HfYmzWcM8k8qptbsQYBo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZ1gB81HfYmzWcM8k8qptbsQYBo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173F03/64F6C28E0DE111EA99669885C4F9AE02/38416E960DE211EA999D9786C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.135.232.0/22
IPv6:
2404:86c0::/32
Signature Algorithm: sha256WithRSAEncryption
05:1d:01:ac:60:a8:0c:59:c4:82:69:31:c7:78:1b:66:cf:fb:
cd:f2:1e:0b:1d:64:5b:27:2e:79:20:31:9c:5b:a8:e7:00:6e:
e8:ea:8c:35:71:7e:4b:16:f5:9a:0d:67:9c:09:af:27:71:29:
dd:26:45:db:8e:d8:33:19:3e:e1:18:4d:14:08:17:38:54:02:
45:a9:9a:9f:d2:bd:57:26:e3:af:7c:de:14:22:82:7c:d6:b0:
43:f0:f4:5d:c1:b4:43:0e:12:00:d0:eb:74:70:86:28:d1:d9:
36:59:66:ec:29:da:11:7d:a5:fa:e0:28:e1:59:14:e0:dd:8f:
3f:c5:86:e9:55:99:1a:44:ac:c4:d4:8e:9e:02:22:62:4c:e3:
2b:2e:6e:c7:b4:78:01:d1:51:48:95:23:79:6b:2b:dc:54:27:
3d:e6:d1:f3:e4:e3:c9:3d:f1:26:a5:7c:1d:5b:b4:08:88:05:
ee:88:2a:38:f2:32:87:ac:17:7a:7f:29:74:78:d1:01:3e:64:
a1:09:6e:77:b8:51:c0:5d:dc:23:81:54:55:bf:08:16:9c:75:
4a:4f:05:f0:18:14:d4:48:be:6d:fc:e6:f2:51:49:4b:28:88:
6f:7b:d0:97:84:9e:47:3e:fd:05:de:9b:8e:91:28:43:bd:b0:
90:a1:a0:e6
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCzswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzNGMDMxMTAvBgNVBAUTKEM5OUQ2MDA3Q0Q0NzdEODlCMzU5QzMzQzkzQ0FBOUI1
QkIxMDYwMUEwHhcNMjQwMzIwMTk1NzUwWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NWZiM2ZiZC04ODM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx2ruHjhK7OflT+2HsNx88O/caAIR/v28vw6bt8lGubRTJ4nshF/91zQzJaTu
EvzgrpMgfiWyI2QHO2TxkVX9Oo029wr0brotHSRNWOoPr3vp1yNlhDp8AUXUPCCp
Q2E/AXBplZQebnsbp/JFSjwma8G0XCM7KjPlj6BizBz3DoLRZM8eWY+NjnnBt4wN
vMo+9DzQkMRVPJeRrKvhYDZMGXWHe5e06swemIbMQPjJngTeXJbOcqMLTyvZ1CxK
JIHvNXLoglZfhtna9ujMijXeDBa1NTu4qz6yT2wUMm/n3XjDB4kAUgmGDB0kyCEC
+5oDeczCzzxtK/7gatIsTSl8fQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFIJe+67H
IzGmQFTox3lX1r6mMgZcMB8GA1UdIwQYMBaAFMmdYAfNR32Js1nDPJPKqbW7EGAa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3M0YwMy82NEY2QzI4RTBE
RTExMUVBOTk2Njk4ODVDNEY5QUUwMi95WjFnQjgxSGZZbXpXY004azhxcHRic1FZ
Qm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3laMWdCODFIZllteldjTThrOHFwdGJzUVlCby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzNGMDMvNjRGNkMyOEUwREUxMTFFQTk5NjY5ODg1QzRGOUFFMDIvMzg0MTZFOTYw
REUyMTFFQTk5OUQ5Nzg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnh+gwDQQCAAIwBwMFACQEhsAwDQYJKoZIhvcNAQELBQAD
ggEBAAUdAaxgqAxZxIJpMcd4G2bP+83yHgsdZFsnLnkgMZxbqOcAbujqjDVxfksW
9ZoNZ5wJrydxKd0mRduO2DMZPuEYTRQIFzhUAkWpmp/SvVcm46983hQignzWsEPw
9F3BtEMOEgDQ63RwhijR2TZZZuwp2hF9pfrgKOFZFODdjz/FhulVmRpErMTUjp4C
ImJM4ysubse0eAHRUUiVI3lrK9xUJz3m0fPk48k98SalfB1btAiIBe6IKjjyMoes
F3p/KXR40QE+ZKEJbne4UcBd3COBVFW/CBacdUpPBfAYFNRIvm385vJRSUsoiG97
0JeEnkc+/QXem46RKEO9sJChoOY=
-----END CERTIFICATE-----
Generated at Mon Sep 9 06:31:21 2024 by rpki-client on console-ams.rpki-client.org