Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9176FD9/98D666CC0FA311EFB43C9432C4F9AE02/AA4F3C4C0FA511EFBDB06936C4F9AE02.roa
File: AA4F3C4C0FA511EFBDB06936C4F9AE02.roa (raw, json)
Hash identifier: iELufklYIaLqv097I/nhADAl5T13BbQaszMx77M9syQ=
Subject key identifier: 78:06:82:6B:82:32:9C:65:A8:0A:9D:B4:59:C3:C4:E0:9D:02:9C:BC
Certificate issuer: /CN=A9176FD9/serialNumber=6223ABD6F6B67BAFEFE3E73646FD7A66E10214BE
Certificate serial: 28
Authority key identifier: 62:23:AB:D6:F6:B6:7B:AF:EF:E3:E7:36:46:FD:7A:66:E1:02:14:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YiOr1va2e6_v4-c2Rv16ZuECFL4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9176FD9/98D666CC0FA311EFB43C9432C4F9AE02/AA4F3C4C0FA511EFBDB06936C4F9AE02.roa
Signing time: Thu 11 Jul 2024 07:38:34 +0000
ROA not before: Thu 11 Jul 2024 07:38:34 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 55405
IP address blocks: 103.13.122.0/23 maxlen: 23
103.13.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Oct 2024 09:22:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40 (0x28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9176FD9/serialNumber=6223ABD6F6B67BAFEFE3E73646FD7A66E10214BE
Validity
Not Before: Jul 11 07:38:34 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=668f8bfa-822d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:bb:30:f5:c8:60:81:44:09:19:cd:11:9b:fc:
ad:91:a7:88:b5:e2:6e:f9:85:dc:97:c6:21:5d:6f:
33:15:6b:03:02:00:c9:62:17:80:1e:ad:7b:c1:ae:
e5:99:90:7f:9f:0b:71:b6:c4:10:f5:1f:f0:d6:81:
08:79:33:b5:3e:b9:12:de:44:1b:48:b3:ef:1b:a7:
f2:7d:37:9b:9a:53:ee:cc:ab:ea:d0:13:a9:34:16:
00:06:47:88:e8:6a:19:55:70:4e:e6:53:a6:8d:62:
3c:75:2b:f5:f4:68:40:f8:bd:ad:30:0e:52:03:0e:
18:45:fe:fa:5d:4d:91:04:81:cc:60:fe:e2:99:3c:
57:42:20:a2:b2:33:bd:37:63:20:40:be:d4:67:4d:
1f:e0:c1:83:63:cc:ac:34:90:27:e5:ed:f2:a6:a1:
16:c6:21:c3:1b:26:7f:ec:cf:49:bc:4a:79:2a:94:
6a:0a:10:83:4a:87:82:3d:a8:4e:10:42:ae:3f:28:
b1:ca:e1:0f:9f:fc:0e:d5:b8:75:b3:08:ff:1a:ee:
64:8f:bc:96:47:65:95:be:84:29:36:af:89:ea:12:
91:bb:0a:09:c3:58:2b:57:fa:62:23:7d:0b:82:7f:
1c:1b:78:83:63:51:18:f2:dd:e5:8b:d8:25:95:96:
fa:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:06:82:6B:82:32:9C:65:A8:0A:9D:B4:59:C3:C4:E0:9D:02:9C:BC
X509v3 Authority Key Identifier:
keyid:62:23:AB:D6:F6:B6:7B:AF:EF:E3:E7:36:46:FD:7A:66:E1:02:14:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9176FD9/98D666CC0FA311EFB43C9432C4F9AE02/YiOr1va2e6_v4-c2Rv16ZuECFL4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YiOr1va2e6_v4-c2Rv16ZuECFL4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9176FD9/98D666CC0FA311EFB43C9432C4F9AE02/AA4F3C4C0FA511EFBDB06936C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.13.122.0/23
Signature Algorithm: sha256WithRSAEncryption
55:4b:6f:b3:9e:28:e4:41:b5:83:95:b4:8a:67:78:71:49:4c:
88:d0:5d:89:bb:0e:7a:b4:1a:82:eb:75:19:5f:9f:1f:d8:4c:
e7:b7:fb:6e:a0:f1:91:e0:47:a7:01:3d:b8:c3:fb:f9:c5:61:
50:d5:d6:6d:e5:c4:ad:37:53:8b:0e:12:5a:d3:23:bb:79:74:
f2:9f:7a:5a:b7:e6:4e:40:84:a6:32:79:18:b3:de:36:91:0e:
e6:22:f1:86:75:86:10:01:0c:9d:80:39:bd:6a:87:b6:0f:de:
d3:b9:86:9d:fc:3e:ef:06:20:1b:36:de:8c:42:33:58:f2:33:
91:ee:65:4a:b2:ed:e7:f6:53:35:82:93:43:62:c2:d3:53:e4:
0c:92:52:2a:71:87:fc:ec:3e:36:f0:49:15:9f:ab:1d:5d:58:
e3:2c:e9:f2:46:17:09:bc:8f:19:d2:bc:1b:00:ae:81:78:95:
0d:ea:e4:71:6b:f8:92:b8:b1:42:fd:0a:b4:6a:77:bb:52:b7:
dc:54:c8:34:4a:4b:7d:e6:8f:b1:09:c2:2e:ad:45:70:ed:2c:
89:e0:71:78:5f:1a:01:a8:9a:3d:ae:7c:84:54:ce:0b:ad:3f:
77:a7:80:75:86:a6:40:1b:8e:61:58:8a:c7:86:2c:0d:25:27:
db:8a:11:91
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBKDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
NkZEOTExMC8GA1UEBRMoNjIyM0FCRDZGNkI2N0JBRkVGRTNFNzM2NDZGRDdBNjZF
MTAyMTRCRTAeFw0yNDA3MTEwNzM4MzRaFw0yNTA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2OGY4YmZhLTgyMmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCluzD1yGCBRAkZzRGb/K2Rp4i14m75hdyXxiFdbzMVawMCAMliF4AerXvBruWZ
kH+fC3G2xBD1H/DWgQh5M7U+uRLeRBtIs+8bp/J9N5uaU+7Mq+rQE6k0FgAGR4jo
ahlVcE7mU6aNYjx1K/X0aED4va0wDlIDDhhF/vpdTZEEgcxg/uKZPFdCIKKyM703
YyBAvtRnTR/gwYNjzKw0kCfl7fKmoRbGIcMbJn/sz0m8SnkqlGoKEINKh4I9qE4Q
Qq4/KLHK4Q+f/A7VuHWzCP8a7mSPvJZHZZW+hCk2r4nqEpG7CgnDWCtX+mIjfQuC
fxwbeINjURjy3eWL2CWVlvpJAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUeAaCa4Iy
nGWoCp20WcPE4J0CnLwwHwYDVR0jBBgwFoAUYiOr1va2e6/v4+c2Rv16ZuECFL4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc2RkQ5Lzk4RDY2NkNDMEZB
MzExRUZCNDNDOTQzMkM0RjlBRTAyL1lpT3IxdmEyZTZfdjQtYzJSdjE2WnVFQ0ZM
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWWlPcjF2YTJlNl92NC1jMlJ2MTZadUVDRkw0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NkZEOS85OEQ2NjZDQzBGQTMxMUVGQjQzQzk0MzJDNEY5QUUwMi9BQTRGM0M0QzBG
QTUxMUVGQkRCMDY5MzZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcNejANBgkqhkiG9w0BAQsFAAOCAQEAVUtvs54o5EG1g5W0
imd4cUlMiNBdibsOerQagut1GV+fH9hM57f7bqDxkeBHpwE9uMP7+cVhUNXWbeXE
rTdTiw4SWtMju3l08p96WrfmTkCEpjJ5GLPeNpEO5iLxhnWGEAEMnYA5vWqHtg/e
07mGnfw+7wYgGzbejEIzWPIzke5lSrLt5/ZTNYKTQ2LC01PkDJJSKnGH/Ow+NvBJ
FZ+rHV1Y4yzp8kYXCbyPGdK8GwCugXiVDerkcWv4krixQv0KtGp3u1K33FTINEpL
feaPsQnCLq1FcO0sieBxeF8aAaiaPa58hFTOC60/d6eAdYamQBuOYViKx4YsDSUn
24oRkQ==
-----END CERTIFICATE-----
Generated at Fri Oct 18 10:57:34 2024 by rpki-client on console-ams.rpki-client.org