Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919C77D/7D4BFE06749911E6B0252B84C4F9AE02/C930C34ACC0611EC93451840C4F9AE02.roa
File: C930C34ACC0611EC93451840C4F9AE02.roa (raw, json)
Hash identifier: WZPwLXFZ7LBKsxQ4FYjy2RV8EjAUzuOMPn9uugjc+Pw=
Subject key identifier: D4:03:96:EC:F2:F3:D6:7A:30:C4:F8:A8:03:4F:C8:3B:23:BE:87:2C
Certificate issuer: /CN=A919C77D/serialNumber=9409808C8A32C58494DAE574D05D6BB22272C35A
Certificate serial: 1CF4
Authority key identifier: 94:09:80:8C:8A:32:C5:84:94:DA:E5:74:D0:5D:6B:B2:22:72:C3:5A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lAmAjIoyxYSU2uV00F1rsiJyw1o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919C77D/7D4BFE06749911E6B0252B84C4F9AE02/C930C34ACC0611EC93451840C4F9AE02.roa
Signing time: Wed 10 May 2023 16:56:46 +0000
ROA not before: Wed 10 May 2023 16:56:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9297
IP address blocks: 43.248.44.0/22 maxlen: 22
103.74.188.0/23 maxlen: 23
119.252.0.0/19 maxlen: 19
2401:1400::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 16 Jun 2024 00:16:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7412 (0x1cf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919C77D/serialNumber=9409808C8A32C58494DAE574D05D6BB22272C35A
Validity
Not Before: May 10 16:56:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bccce-3658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:2e:0b:78:9f:f8:b1:d8:1c:ec:eb:cb:e0:4e:
84:31:76:a2:43:49:38:60:df:5b:e7:ad:37:52:a4:
94:3f:9e:e3:a4:20:09:4d:f0:fd:91:92:7f:a8:af:
45:53:4a:c5:9e:00:a3:96:66:b0:ba:6f:25:ef:df:
ee:86:6e:be:76:70:ac:a3:21:22:0a:4d:a5:79:fe:
ec:f8:0b:17:2a:f5:89:dc:8e:ca:58:dc:3a:6b:9f:
15:1b:d3:3c:6e:9f:cd:c8:47:54:da:e9:08:42:f9:
5d:bc:ec:e7:db:c0:29:cf:49:f6:6f:98:39:83:ac:
93:f2:88:8d:ac:ee:9d:4a:2f:5f:a9:bb:d8:de:93:
b9:13:27:17:c4:e5:17:07:3c:1d:de:fd:f9:2c:26:
a4:c1:cd:24:21:d9:de:1c:74:c8:c7:d6:b8:52:a4:
d6:9f:65:54:f2:8e:81:28:b5:cb:6b:a3:3d:10:0e:
e6:21:b8:dd:78:ac:ea:37:02:e5:c3:95:60:00:3b:
c7:f7:be:c1:39:40:11:23:d7:b7:65:63:6e:e3:a5:
2c:bd:7c:d0:f0:e6:15:58:21:2a:3c:1b:5c:ed:1e:
12:0a:8d:2c:e2:ba:12:cb:9f:4d:51:b2:b6:59:75:
0a:b3:ed:f4:45:73:3a:c2:8c:94:c2:e0:71:15:c9:
a4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:03:96:EC:F2:F3:D6:7A:30:C4:F8:A8:03:4F:C8:3B:23:BE:87:2C
X509v3 Authority Key Identifier:
keyid:94:09:80:8C:8A:32:C5:84:94:DA:E5:74:D0:5D:6B:B2:22:72:C3:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919C77D/7D4BFE06749911E6B0252B84C4F9AE02/lAmAjIoyxYSU2uV00F1rsiJyw1o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lAmAjIoyxYSU2uV00F1rsiJyw1o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C77D/7D4BFE06749911E6B0252B84C4F9AE02/C930C34ACC0611EC93451840C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.44.0/22
103.74.188.0/23
119.252.0.0/19
IPv6:
2401:1400::/32
Signature Algorithm: sha256WithRSAEncryption
21:dc:50:a6:6f:7d:6d:63:97:9e:a9:0d:b3:8a:0b:02:33:8c:
8f:ee:85:21:13:d6:5d:0f:cc:b8:06:74:69:6c:9b:e9:84:6c:
b7:15:6a:ee:2a:20:3e:98:08:1c:93:07:85:18:c1:62:54:ca:
00:03:74:2b:33:49:d8:5c:9e:05:f6:3b:93:02:0b:62:1e:b3:
09:66:45:38:c1:ff:75:a7:a0:c1:2f:43:b8:b4:8e:8d:83:07:
0f:ef:67:ae:d8:b4:ab:02:e4:89:9a:4d:ce:5d:3b:ca:81:a9:
ea:fd:d0:e3:a9:b4:56:82:06:a3:3b:70:c7:56:1b:37:ff:65:
b7:2e:01:ca:21:7e:4a:b2:e3:89:4b:57:1b:8d:fc:93:a5:0a:
a5:67:68:9a:e6:ee:26:91:c3:0b:59:a9:65:39:6b:88:25:5d:
27:f4:d0:08:d8:c6:02:5f:b1:2f:cf:cb:f9:4e:8d:b5:b2:99:
08:9f:f2:d1:74:d0:fe:45:78:e3:13:ec:71:c8:bf:dd:5c:5b:
2c:7e:cd:28:5e:54:5a:aa:96:e4:77:a9:e6:d0:af:97:dc:cb:
8b:95:41:83:94:ec:58:f8:4c:85:31:3e:82:94:8c:18:6a:ed:
1d:f6:ac:32:02:9d:66:09:cd:9e:97:f8:df:ab:40:14:06:9f:
8e:7a:d9:3a
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICHPQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUM3N0QxMTAvBgNVBAUTKDk0MDk4MDhDOEEzMkM1ODQ5NERBRTU3NEQwNUQ2QkIy
MjI3MkMzNUEwHhcNMjMwNTEwMTY1NjQ2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViY2NjZS0zNjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4y4LeJ/4sdgc7OvL4E6EMXaiQ0k4YN9b5603UqSUP57jpCAJTfD9kZJ/qK9F
U0rFngCjlmawum8l79/uhm6+dnCsoyEiCk2lef7s+AsXKvWJ3I7KWNw6a58VG9M8
bp/NyEdU2ukIQvldvOzn28Apz0n2b5g5g6yT8oiNrO6dSi9fqbvY3pO5EycXxOUX
Bzwd3v35LCakwc0kIdneHHTIx9a4UqTWn2VU8o6BKLXLa6M9EA7mIbjdeKzqNwLl
w5VgADvH977BOUARI9e3ZWNu46UsvXzQ8OYVWCEqPBtc7R4SCo0s4roSy59NUbK2
WXUKs+30RXM6woyUwuBxFcmkZQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFNQDluzy
89Z6MMT4qANPyDsjvocsMB8GA1UdIwQYMBaAFJQJgIyKMsWElNrldNBda7IicsNa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5Qzc3RC83RDRCRkUwNjc0
OTkxMUU2QjAyNTJCODRDNEY5QUUwMi9sQW1BaklveXhZU1UydVYwMEYxcnNpSnl3
MW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xBbUFqSW95eFlTVTJ1VjAwRjFyc2lKeXcxby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUM3N0QvN0Q0QkZFMDY3NDk5MTFFNkIwMjUyQjg0QzRGOUFFMDIvQzkzMEMzNEFD
QzA2MTFFQzkzNDUxODQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAIr+CwDBAFnSrwDBAV3/AAwDQQCAAIwBwMFACQBFAAwDQYJ
KoZIhvcNAQELBQADggEBACHcUKZvfW1jl56pDbOKCwIzjI/uhSET1l0PzLgGdGls
m+mEbLcVau4qID6YCByTB4UYwWJUygADdCszSdhcngX2O5MCC2IeswlmRTjB/3Wn
oMEvQ7i0jo2DBw/vZ67YtKsC5ImaTc5dO8qBqer90OOptFaCBqM7cMdWGzf/Zbcu
Acohfkqy44lLVxuN/JOlCqVnaJrm7iaRwwtZqWU5a4glXSf00AjYxgJfsS/Py/lO
jbWymQif8tF00P5FeOMT7HHIv91cWyx+zSheVFqqluR3qebQr5fcy4uVQYOU7Fj4
TIUxPoKUjBhq7R32rDICnWYJzZ6X+N+rQBQGn4562To=
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:36:40 2024 by rpki-client on console-ams.rpki-client.org