Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9173F03/64F6C28E0DE111EA99669885C4F9AE02/CA3DD1BC6E6911EFBA9B9866C4F9AE02.roa
File: CA3DD1BC6E6911EFBA9B9866C4F9AE02.roa (raw, json)
Hash identifier: nbCnB2hQI2JkuxhBzJxTRbiz5faUq+WIMw/VziFs4Nw=
Subject key identifier: 16:8E:E5:BD:FB:CA:B9:E1:D1:DA:9E:A0:9B:56:DB:72:E6:91:93:70
Certificate issuer: /CN=A9173F03/serialNumber=C99D6007CD477D89B359C33C93CAA9B5BB10601A
Certificate serial: 0B9E
Authority key identifier: C9:9D:60:07:CD:47:7D:89:B3:59:C3:3C:93:CA:A9:B5:BB:10:60:1A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZ1gB81HfYmzWcM8k8qptbsQYBo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9173F03/64F6C28E0DE111EA99669885C4F9AE02/CA3DD1BC6E6911EFBA9B9866C4F9AE02.roa
Signing time: Mon 09 Sep 2024 05:10:12 +0000
ROA not before: Mon 09 Sep 2024 05:10:12 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 138004
IP address blocks: 103.135.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Oct 2024 08:42:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2974 (0xb9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9173F03/serialNumber=C99D6007CD477D89B359C33C93CAA9B5BB10601A
Validity
Not Before: Sep 9 05:10:12 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66de8333-121b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1e:1b:93:78:f6:ee:29:64:ba:f8:dd:d0:5c:
9f:e4:fd:b2:b0:24:54:33:05:6b:71:ec:cd:5c:7f:
bc:88:38:4d:9a:3a:e9:82:e1:41:51:79:27:93:54:
02:88:b3:76:59:25:b0:75:3b:a4:ef:44:d0:f3:db:
59:58:e8:5b:ab:ac:1c:47:59:7b:b2:77:09:6a:0d:
c9:28:b7:51:1b:9d:a2:d3:b3:27:1d:55:e0:9b:75:
8a:36:d5:fc:58:81:a8:ea:69:a1:79:ae:10:5a:d3:
8c:af:d3:37:6c:50:8f:2c:cc:66:9e:d3:19:6a:fe:
e1:68:ab:2a:7f:d1:7d:b7:5b:ea:86:89:54:37:46:
dc:5a:31:97:a9:e4:0e:63:68:87:0e:1a:cf:7d:18:
24:12:c8:5c:a5:71:aa:0e:83:71:9c:2a:96:97:1e:
b1:17:a8:d3:55:51:ba:93:2b:a3:7c:93:02:63:47:
f2:fa:0f:66:77:87:4d:84:87:30:69:74:80:27:fa:
f0:e8:84:8f:99:fb:13:02:2e:f5:a7:16:88:6d:13:
78:c5:b8:ca:66:63:bf:e3:a4:64:f7:d4:46:0a:db:
2d:f9:78:1d:12:2e:bd:8e:65:79:7a:93:ab:b2:11:
1f:19:a3:f5:87:29:02:e9:f8:ba:32:22:37:42:73:
b6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:8E:E5:BD:FB:CA:B9:E1:D1:DA:9E:A0:9B:56:DB:72:E6:91:93:70
X509v3 Authority Key Identifier:
keyid:C9:9D:60:07:CD:47:7D:89:B3:59:C3:3C:93:CA:A9:B5:BB:10:60:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9173F03/64F6C28E0DE111EA99669885C4F9AE02/yZ1gB81HfYmzWcM8k8qptbsQYBo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZ1gB81HfYmzWcM8k8qptbsQYBo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173F03/64F6C28E0DE111EA99669885C4F9AE02/CA3DD1BC6E6911EFBA9B9866C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.135.235.0/24
Signature Algorithm: sha256WithRSAEncryption
90:39:fc:4e:84:62:23:ea:ae:44:3b:09:1e:eb:45:b1:b0:8d:
10:42:88:f3:66:ae:ec:70:a1:fc:b5:4e:fb:7f:88:bb:4f:84:
d0:93:29:9b:8c:1b:3b:65:f4:20:64:68:1c:06:ae:5f:43:e4:
fb:f5:8e:de:3e:fe:bc:6d:be:f1:f3:1b:56:49:6f:92:ad:7f:
18:f8:75:4e:80:61:c1:a0:3b:e9:34:91:53:05:34:ef:7b:87:
4e:8f:a7:d1:d1:26:3d:cc:30:d2:67:c4:c6:2d:81:ac:fe:2d:
f1:f3:86:cf:1a:8d:64:bf:eb:f9:fa:da:fe:25:b6:38:98:19:
eb:3a:2f:a6:f2:29:28:92:01:d8:e8:1f:1a:ba:86:c5:b4:12:
6f:d6:06:42:ae:ad:0e:e1:16:90:a2:5a:f3:cd:e1:1f:ab:d1:
25:23:fa:22:57:4e:48:d8:43:35:0a:2d:2a:01:22:14:cf:9c:
21:5e:21:1f:41:21:7b:a5:3f:19:93:f5:61:7c:d5:3c:07:95:
3e:85:68:94:60:22:20:6b:0e:7e:16:4b:53:5f:16:89:ab:f6:
e4:b2:6d:e1:9b:ff:a7:cb:d9:92:77:aa:f2:29:74:53:5e:0c:
79:03:bd:fe:1c:c4:6a:d6:cf:99:08:73:7f:a8:e0:7e:54:5b:
91:3f:cd:03
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC54wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzNGMDMxMTAvBgNVBAUTKEM5OUQ2MDA3Q0Q0NzdEODlCMzU5QzMzQzkzQ0FBOUI1
QkIxMDYwMUEwHhcNMjQwOTA5MDUxMDEyWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmRlODMzMy0xMjFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtB4bk3j27ilkuvjd0Fyf5P2ysCRUMwVrcezNXH+8iDhNmjrpguFBUXknk1QC
iLN2WSWwdTuk70TQ89tZWOhbq6wcR1l7sncJag3JKLdRG52i07MnHVXgm3WKNtX8
WIGo6mmhea4QWtOMr9M3bFCPLMxmntMZav7haKsqf9F9t1vqholUN0bcWjGXqeQO
Y2iHDhrPfRgkEshcpXGqDoNxnCqWlx6xF6jTVVG6kyujfJMCY0fy+g9md4dNhIcw
aXSAJ/rw6ISPmfsTAi71pxaIbRN4xbjKZmO/46Rk99RGCtst+XgdEi69jmV5epOr
shEfGaP1hykC6fi6MiI3QnO2OwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBaO5b37
yrnh0dqeoJtW23LmkZNwMB8GA1UdIwQYMBaAFMmdYAfNR32Js1nDPJPKqbW7EGAa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3M0YwMy82NEY2QzI4RTBE
RTExMUVBOTk2Njk4ODVDNEY5QUUwMi95WjFnQjgxSGZZbXpXY004azhxcHRic1FZ
Qm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3laMWdCODFIZllteldjTThrOHFwdGJzUVlCby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzNGMDMvNjRGNkMyOEUwREUxMTFFQTk5NjY5ODg1QzRGOUFFMDIvQ0EzREQxQkM2
RTY5MTFFRkJBOUI5ODY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnh+swDQYJKoZIhvcNAQELBQADggEBAJA5/E6EYiPqrkQ7
CR7rRbGwjRBCiPNmruxwofy1Tvt/iLtPhNCTKZuMGztl9CBkaBwGrl9D5Pv1jt4+
/rxtvvHzG1ZJb5Ktfxj4dU6AYcGgO+k0kVMFNO97h06Pp9HRJj3MMNJnxMYtgaz+
LfHzhs8ajWS/6/n62v4ltjiYGes6L6byKSiSAdjoHxq6hsW0Em/WBkKurQ7hFpCi
WvPN4R+r0SUj+iJXTkjYQzUKLSoBIhTPnCFeIR9BIXulPxmT9WF81TwHlT6FaJRg
IiBrDn4WS1NfFomr9uSybeGb/6fL2ZJ3qvIpdFNeDHkDvf4cxGrWz5kIc3+o4H5U
W5E/zQM=
-----END CERTIFICATE-----
Generated at Wed Oct 9 09:56:45 2024 by rpki-client on console-fra.rpki-client.org