Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F9BB9F76CA4C11EE88CC9E0BC4F9AE02.roa
File: F9BB9F76CA4C11EE88CC9E0BC4F9AE02.roa (raw, json)
Hash identifier: vfUHMb+y3BWW54vrXiYRppqh4NsXqNVzKLHil7UYz6E=
Subject key identifier: 17:D2:EB:65:B7:54:E7:54:57:37:6C:BB:AB:B8:0A:92:B4:5A:36:82
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8476
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F9BB9F76CA4C11EE88CC9E0BC4F9AE02.roa
Signing time: Tue 12 Mar 2024 05:04:22 +0000
ROA not before: Tue 12 Mar 2024 05:04:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 151750
IP address blocks: 103.172.226.0/23 maxlen: 24
2001:df3:76c0::/48 maxlen: 48
2407:da40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Mar 2024 07:53:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33910 (0x8476)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 12 05:04:22 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65efe256-1090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:af:f8:8a:28:c5:ca:81:3b:c5:41:d6:ff:cd:
fa:c2:d1:ec:8d:6a:33:30:59:51:45:ae:83:ef:be:
4a:fa:e6:e7:95:a5:ae:9c:7d:f0:56:09:7d:50:8a:
9e:73:ae:0c:42:7f:5c:3e:0e:e8:c5:9e:18:52:c8:
f1:08:71:93:87:ac:78:44:5c:46:af:b4:f1:35:a0:
11:9a:6b:0e:e4:6b:5a:b6:d8:cb:91:23:96:a5:9f:
75:e1:e3:c2:f3:df:7b:25:fe:df:16:45:6a:dc:69:
a6:54:4b:0e:78:dc:40:5e:e2:9b:7d:5e:c0:45:b1:
41:aa:02:36:76:02:6d:5d:81:07:00:bb:ea:24:cd:
fa:11:ff:c1:93:56:bb:f2:04:44:96:34:ed:a6:fa:
b0:5b:ce:08:4b:19:62:ec:7a:1d:3b:c3:8b:39:21:
11:72:eb:fb:b8:99:54:12:00:33:c2:b7:58:fd:e1:
82:06:4d:db:f7:40:5a:78:ae:a8:89:97:bd:01:ad:
b3:76:dc:2c:30:e9:a7:49:11:93:b5:4f:5c:f5:85:
09:19:49:20:3b:14:e4:4f:cc:62:49:48:7e:45:a6:
83:06:7a:12:03:59:1b:ac:0a:68:6e:a4:5e:6f:7c:
72:89:3d:50:50:66:81:57:94:e5:0f:36:f8:0b:98:
6f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:D2:EB:65:B7:54:E7:54:57:37:6C:BB:AB:B8:0A:92:B4:5A:36:82
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F9BB9F76CA4C11EE88CC9E0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.226.0/23
IPv6:
2001:df3:76c0::/48
2407:da40::/32
Signature Algorithm: sha256WithRSAEncryption
9f:ae:d4:29:d8:bb:80:e5:11:3c:23:cd:67:4c:12:2a:ca:4b:
af:ae:47:b8:27:26:ac:98:28:96:5a:df:16:09:d6:02:32:60:
df:7a:80:d3:71:7f:81:14:5d:e9:2d:ea:cb:2a:3d:4e:6e:3e:
e0:4f:5f:74:e5:d8:78:63:9d:b0:1f:9f:85:30:59:e6:73:fc:
26:be:b9:76:b2:3f:81:25:30:d9:04:08:8a:4b:44:bf:84:b9:
22:79:8e:5d:09:73:e6:85:d7:9b:9f:ed:fb:95:99:59:d0:b0:
89:31:f5:30:d9:ce:65:3c:c8:64:cb:fe:d5:b1:73:e2:08:fc:
35:4d:eb:c3:cc:26:f5:e9:0a:95:9a:6d:cf:46:f0:9b:fc:4e:
4d:c8:6e:cc:0a:b9:49:51:9b:d1:b4:f8:1e:c9:20:26:da:12:
94:8e:0b:e2:72:dd:02:9c:3f:e9:84:f7:70:2f:50:3b:0f:bf:
5b:0c:27:90:1b:b8:33:78:29:92:05:17:8d:6b:49:6e:74:46:
f1:aa:0f:a7:8c:a2:4f:d5:28:59:f1:92:82:5d:cc:6a:19:51:
5e:83:bf:b5:ee:6c:cf:06:66:9f:ef:17:89:80:04:91:2d:6e:
ce:32:f0:a0:50:bc:60:be:42:7a:71:9a:ba:f2:b1:62:75:88:
f5:0d:a1:b6
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAIR2MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDMxMjA1MDQyMloXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjVlZmUyNTYtMTA5MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+v+IooxcqBO8VB1v/N+sLR7I1qMzBZUUWug+++Svrm55Wlrpx98FYJfVCK
nnOuDEJ/XD4O6MWeGFLI8Qhxk4eseERcRq+08TWgEZprDuRrWrbYy5EjlqWfdeHj
wvPfeyX+3xZFatxpplRLDnjcQF7im31ewEWxQaoCNnYCbV2BBwC76iTN+hH/wZNW
u/IERJY07ab6sFvOCEsZYux6HTvDizkhEXLr+7iZVBIAM8K3WP3hggZN2/dAWniu
qImXvQGts3bcLDDpp0kRk7VPXPWFCRlJIDsU5E/MYklIfkWmgwZ6EgNZG6wKaG6k
Xm98cok9UFBmgVeU5Q82+AuYb4MCAwEAAaOCAq0wggKpMB0GA1UdDgQWBBQX0utl
t1TnVFc3bLuruAqStFo2gjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Y5QkI5Rjc2
Q0E0QzExRUU4OENDOUUwQkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDcGCCsGAQUFBwEHAQH/
BCgwJjAMBAIAATAGAwQBZ6ziMBYEAgACMBADBwAgAQ3zdsADBQAkB9pAMA0GCSqG
SIb3DQEBCwUAA4IBAQCfrtQp2LuA5RE8I81nTBIqykuvrke4JyasmCiWWt8WCdYC
MmDfeoDTcX+BFF3pLerLKj1Obj7gT1905dh4Y52wH5+FMFnmc/wmvrl2sj+BJTDZ
BAiKS0S/hLkieY5dCXPmhdebn+37lZlZ0LCJMfUw2c5lPMhky/7VsXPiCPw1TevD
zCb16QqVmm3PRvCb/E5NyG7MCrlJUZvRtPgeySAm2hKUjgvict0CnD/phPdwL1A7
D79bDCeQG7gzeCmSBReNa0ludEbxqg+njKJP1ShZ8ZKCXcxqGVFeg7+17mzPBmaf
7xeJgASRLW7OMvCgULxgvkJ6cZq68rFidYj1DaG2
-----END CERTIFICATE-----
Generated at Wed Mar 13 10:59:28 2024 by rpki-client on console-ams.rpki-client.org