Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919D772/C625FF2E6A6311E9B9DAFC6DC4F9AE02/9A87A358AAC411EE97BF005BC4F9AE02.roa
File: 9A87A358AAC411EE97BF005BC4F9AE02.roa (raw, json)
Hash identifier: g3QZPXuGTSWYsCQFZ3zI3xhJI2MTk6TOG3JhgBBnBwc=
Subject key identifier: 4E:28:D6:69:40:AE:42:42:8A:8F:1E:13:15:C3:6C:67:00:A6:A7:26
Certificate issuer: /CN=A919D772/serialNumber=21E7499E2180BD212FAAA0D1521D165677D8BDEE
Certificate serial: 0E83
Authority key identifier: 21:E7:49:9E:21:80:BD:21:2F:AA:A0:D1:52:1D:16:56:77:D8:BD:EE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IedJniGAvSEvqqDRUh0WVnfYve4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919D772/C625FF2E6A6311E9B9DAFC6DC4F9AE02/9A87A358AAC411EE97BF005BC4F9AE02.roa
Signing time: Thu 04 Jan 2024 05:56:38 +0000
ROA not before: Thu 04 Jan 2024 05:56:38 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 152300
IP address blocks: 103.114.40.0/22 maxlen: 22
103.114.40.0/23 maxlen: 23
103.114.40.0/24 maxlen: 24
103.114.41.0/24 maxlen: 24
103.114.42.0/23 maxlen: 23
103.114.42.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
2402:ca40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3715 (0xe83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919D772/serialNumber=21E7499E2180BD212FAAA0D1521D165677D8BDEE
Validity
Not Before: Jan 4 05:56:38 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65964895-3380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:85:77:b7:00:22:5b:09:a6:54:1c:2b:2b:4f:
59:4e:09:f5:d5:06:69:b7:a9:b9:64:e6:f5:a6:23:
d4:ab:9f:5e:8c:0d:5a:3a:f6:bf:2a:9a:72:8a:61:
ec:58:8d:05:36:6a:9a:2b:2a:ac:c6:2d:93:73:02:
cf:8d:11:98:bb:7e:d2:62:a3:9f:06:b9:e6:7e:99:
8e:ef:ea:2c:57:81:32:d1:d6:ca:59:5d:2a:66:c1:
1f:2e:c1:c2:15:ae:f1:03:87:b0:81:81:cd:53:6a:
60:c2:6b:87:e4:a0:7e:59:bc:05:27:93:8f:51:62:
28:eb:69:cc:97:4a:58:2b:57:5f:31:13:ff:ad:1e:
35:f4:b0:d7:81:2b:5b:08:e3:a3:e6:57:76:d8:3a:
a1:0b:b0:20:dc:cc:aa:9a:9f:b1:e0:bb:c7:8d:5d:
42:7a:fc:8e:e4:41:cb:da:e1:39:d9:07:7c:59:bf:
75:d2:e2:5d:44:6d:78:9e:90:9c:47:19:22:c5:65:
4b:0d:23:81:1e:28:f9:1e:2c:be:c6:89:51:40:53:
c2:21:42:c4:b3:37:a9:ee:ef:d5:9e:36:0d:bb:ec:
aa:d3:bd:07:0c:96:e4:f8:3f:f8:e8:06:98:dd:72:
f2:41:02:42:df:ea:81:c2:75:53:c6:e9:1f:4c:da:
7a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:28:D6:69:40:AE:42:42:8A:8F:1E:13:15:C3:6C:67:00:A6:A7:26
X509v3 Authority Key Identifier:
keyid:21:E7:49:9E:21:80:BD:21:2F:AA:A0:D1:52:1D:16:56:77:D8:BD:EE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919D772/C625FF2E6A6311E9B9DAFC6DC4F9AE02/IedJniGAvSEvqqDRUh0WVnfYve4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IedJniGAvSEvqqDRUh0WVnfYve4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D772/C625FF2E6A6311E9B9DAFC6DC4F9AE02/9A87A358AAC411EE97BF005BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.114.40.0/22
IPv6:
2402:ca40::/32
Signature Algorithm: sha256WithRSAEncryption
7d:15:dd:33:87:c8:e4:9a:d2:ea:80:20:15:a9:ca:0b:cc:4d:
0b:80:9a:f0:de:aa:69:89:2f:9d:06:5f:15:e2:ab:b9:bb:42:
3c:c8:23:fe:75:6e:2a:af:80:e1:3d:ab:91:d8:17:fc:ac:a0:
af:5f:d1:49:bf:e7:19:8c:3c:0c:5a:a0:d5:60:b9:80:f4:26:
ff:be:ae:53:42:04:53:18:82:41:ef:77:ed:f1:80:4e:ca:b0:
7e:49:d7:35:da:43:a0:ae:42:2c:dc:fc:b2:38:05:d5:57:95:
bc:28:4c:76:e9:c1:81:7f:eb:8e:b2:1c:24:87:e9:55:7f:62:
a1:d1:fb:3d:b9:f9:00:fb:16:16:cd:fb:6e:0a:a7:d6:5f:df:
af:34:f7:df:3d:07:7b:68:a3:3a:21:f2:63:9f:5b:26:dd:f8:
b5:b6:2f:cf:c1:84:67:cf:32:e6:e5:3d:87:8c:e9:7c:5c:8f:
71:44:4e:38:39:d3:f9:16:1c:83:5e:1e:bf:99:61:62:14:51:
a8:17:c3:84:0e:55:7f:28:b0:77:76:ca:1b:c6:af:46:62:96:
8f:a9:b2:fa:6f:63:d6:53:af:d4:2b:40:a0:b8:04:4b:19:d8:
b4:7d:96:8a:b5:c1:a4:1b:a1:d7:56:c6:07:8f:d6:20:1a:99:
95:d5:1f:7c
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDoMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUQ3NzIxMTAvBgNVBAUTKDIxRTc0OTlFMjE4MEJEMjEyRkFBQTBEMTUyMUQxNjU2
NzdEOEJERUUwHhcNMjQwMTA0MDU1NjM4WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk2NDg5NS0zMzgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApoV3twAiWwmmVBwrK09ZTgn11QZpt6m5ZOb1piPUq59ejA1aOva/KppyimHs
WI0FNmqaKyqsxi2TcwLPjRGYu37SYqOfBrnmfpmO7+osV4Ey0dbKWV0qZsEfLsHC
Fa7xA4ewgYHNU2pgwmuH5KB+WbwFJ5OPUWIo62nMl0pYK1dfMRP/rR419LDXgStb
COOj5ld22DqhC7Ag3Myqmp+x4LvHjV1CevyO5EHL2uE52Qd8Wb910uJdRG14npCc
RxkixWVLDSOBHij5Hiy+xolRQFPCIULEszep7u/VnjYNu+yq070HDJbk+D/46AaY
3XLyQQJC3+qBwnVTxukfTNp6WQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFE4o1mlA
rkJCio8eExXDbGcApqcmMB8GA1UdIwQYMBaAFCHnSZ4hgL0hL6qg0VIdFlZ32L3u
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RDc3Mi9DNjI1RkYyRTZB
NjMxMUU5QjlEQUZDNkRDNEY5QUUwMi9JZWRKbmlHQXZTRXZxcURSVWgwV1ZuZll2
ZTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0llZEpuaUdBdlNFdnFxRFJVaDBXVm5mWXZlNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUQ3NzIvQzYyNUZGMkU2QTYzMTFFOUI5REFGQzZEQzRGOUFFMDIvOUE4N0EzNThB
QUM0MTFFRTk3QkYwMDVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJncigwDQQCAAIwBwMFACQCykAwDQYJKoZIhvcNAQELBQAD
ggEBAH0V3TOHyOSa0uqAIBWpygvMTQuAmvDeqmmJL50GXxXiq7m7QjzII/51biqv
gOE9q5HYF/ysoK9f0Um/5xmMPAxaoNVguYD0Jv++rlNCBFMYgkHvd+3xgE7KsH5J
1zXaQ6CuQizc/LI4BdVXlbwoTHbpwYF/646yHCSH6VV/YqHR+z25+QD7FhbN+24K
p9Zf36809989B3toozoh8mOfWybd+LW2L8/BhGfPMublPYeM6Xxcj3FETjg50/kW
HINeHr+ZYWIUUagXw4QOVX8osHd2yhvGr0Zilo+psvpvY9ZTr9QrQKC4BEsZ2LR9
loq1waQboddWxgeP1iAamZXVH3w=
-----END CERTIFICATE-----
Generated at Sat Jan 6 18:10:43 2024 by rpki-client on console-fra.rpki-client.org