Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/49DC2156526611EEB6730D84C4F9AE02.roa
File: 49DC2156526611EEB6730D84C4F9AE02.roa (raw, json)
Hash identifier: KDjgalb/ozdVEiDtb+TsZy8lHHHKNApYOr9/0plSMFA=
Subject key identifier: 3B:CD:B7:24:0A:62:3A:CE:5B:9A:DA:3D:0F:33:27:1F:BA:41:94:0B
Certificate issuer: /CN=A9153646/serialNumber=3492EFFE9622B1FFF881597003763C1BA24A1E06
Certificate serial: 05AA
Authority key identifier: 34:92:EF:FE:96:22:B1:FF:F8:81:59:70:03:76:3C:1B:A2:4A:1E:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJLv_pYisf_4gVlwA3Y8G6JKHgY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/49DC2156526611EEB6730D84C4F9AE02.roa
Signing time: Wed 13 Sep 2023 18:49:37 +0000
ROA not before: Wed 13 Sep 2023 18:49:37 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 64074
IP address blocks: 103.203.176.0/24 maxlen: 24
103.203.179.0/24 maxlen: 24
223.29.212.0/24 maxlen: 24
223.29.215.0/24 maxlen: 24
2401:b8c0::/32 maxlen: 32
2401:b8c0:7::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1450 (0x5aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9153646/serialNumber=3492EFFE9622B1FFF881597003763C1BA24A1E06
Validity
Not Before: Sep 13 18:49:37 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=65020441-c62c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fd:49:d8:b3:f4:67:12:1d:5d:e7:74:83:72:
37:e7:f1:e5:18:50:99:c5:a6:0f:e7:1b:35:c7:41:
25:34:ed:72:7f:54:b1:9c:3d:54:5b:5e:11:ad:9f:
91:a5:c3:99:29:3a:6e:31:e5:fe:42:a5:5f:6a:36:
4e:68:08:61:23:5a:28:1f:65:86:79:cd:a5:81:ab:
ad:d7:f9:19:66:3e:34:ab:8d:6d:6d:ae:74:de:7d:
3b:c4:96:2e:e9:dd:ea:4a:c0:3c:8b:d1:9f:a8:46:
41:33:71:ad:0c:db:4c:77:4f:d6:6a:b9:e9:05:fb:
4f:90:a2:4b:b2:01:d5:88:50:fb:29:a0:86:c6:05:
ec:c4:15:a6:da:58:39:d4:48:a1:37:7d:6f:1d:c3:
53:62:64:13:93:55:3a:38:54:1d:52:2b:2c:4d:4e:
a1:62:9b:1e:0e:ba:a0:b3:e0:77:0c:f8:a3:59:dc:
e1:aa:24:c1:cf:72:d5:61:52:12:b7:25:1e:2e:fe:
bd:a6:e1:42:33:28:8c:3e:c5:de:57:cb:d4:2d:c6:
5b:11:13:25:26:d9:c7:44:5e:e8:34:f3:a4:59:a4:
bb:17:08:68:fe:6d:ef:02:7c:24:cd:c0:ca:98:b8:
31:4a:71:b9:09:91:45:81:93:5f:cf:90:9b:8d:e2:
de:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:CD:B7:24:0A:62:3A:CE:5B:9A:DA:3D:0F:33:27:1F:BA:41:94:0B
X509v3 Authority Key Identifier:
keyid:34:92:EF:FE:96:22:B1:FF:F8:81:59:70:03:76:3C:1B:A2:4A:1E:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/NJLv_pYisf_4gVlwA3Y8G6JKHgY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJLv_pYisf_4gVlwA3Y8G6JKHgY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/49DC2156526611EEB6730D84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.203.176.0/24
103.203.179.0/24
223.29.212.0/24
223.29.215.0/24
IPv6:
2401:b8c0::/32
Signature Algorithm: sha256WithRSAEncryption
49:3b:e9:5c:9c:6b:39:7f:31:7d:6b:03:9a:01:7a:4f:5f:a7:
de:2b:67:79:82:df:b8:8f:57:4f:0b:2c:42:c8:66:dd:f9:97:
88:a5:c2:4e:45:9d:54:46:54:96:eb:cd:d8:cc:29:eb:91:bc:
3a:ba:b3:84:63:44:36:d3:4e:f7:25:f4:a3:ac:76:10:eb:3d:
8f:b4:e5:4a:1e:fc:6c:b9:38:e1:2d:fc:c7:ed:a6:d9:74:c2:
8d:59:a5:12:da:d9:39:ab:c6:ae:08:63:0d:e9:34:ff:45:74:
69:16:96:4e:b2:43:3b:fe:07:b4:5d:61:53:9e:44:5b:f1:0e:
29:02:db:75:d6:88:de:8a:20:77:78:85:67:8d:f6:6e:da:49:
f2:26:89:1e:f4:fd:2b:88:87:fc:a1:a9:9a:2f:81:7c:9f:37:
16:d9:50:98:e9:51:4c:05:cb:5e:d3:6d:85:13:d5:fc:36:09:
3b:ea:d5:88:74:47:7f:d4:83:43:2f:20:8a:8f:66:aa:e8:0e:
7d:8f:3b:05:a8:0b:d7:ee:b9:de:f0:aa:ca:ad:27:b6:c3:00:
ee:e8:ac:dd:34:c3:86:7d:af:d9:91:07:82:0b:e7:d5:08:8a:
29:14:31:bf:dc:90:3e:42:b9:bb:61:25:dd:ff:ed:0b:72:b4:
64:07:75:27
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBaowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM2NDYxMTAvBgNVBAUTKDM0OTJFRkZFOTYyMkIxRkZGODgxNTk3MDAzNzYzQzFC
QTI0QTFFMDYwHhcNMjMwOTEzMTg0OTM3WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTAyMDQ0MS1jNjJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvP1J2LP0ZxIdXed0g3I35/HlGFCZxaYP5xs1x0ElNO1yf1SxnD1UW14RrZ+R
pcOZKTpuMeX+QqVfajZOaAhhI1ooH2WGec2lgaut1/kZZj40q41tba503n07xJYu
6d3qSsA8i9GfqEZBM3GtDNtMd0/WarnpBftPkKJLsgHViFD7KaCGxgXsxBWm2lg5
1EihN31vHcNTYmQTk1U6OFQdUissTU6hYpseDrqgs+B3DPijWdzhqiTBz3LVYVIS
tyUeLv69puFCMyiMPsXeV8vULcZbERMlJtnHRF7oNPOkWaS7Fwho/m3vAnwkzcDK
mLgxSnG5CZFFgZNfz5CbjeLeoQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFDvNtyQK
YjrOW5raPQ8zJx+6QZQLMB8GA1UdIwQYMBaAFDSS7/6WIrH/+IFZcAN2PBuiSh4G
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzY0Ni82QjhFRkE1QUZG
OTgxMUU5ODdDODBBNkFDNEY5QUUwMi9OSkx2X3BZaXNmXzRnVmx3QTNZOEc2SktI
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05KTHZfcFlpc2ZfNGdWbHdBM1k4RzZKS0hnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM2NDYvNkI4RUZBNUFGRjk4MTFFOTg3QzgwQTZBQzRGOUFFMDIvNDlEQzIxNTY1
MjY2MTFFRUI2NzMwRDg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBABny7ADBABny7MDBADfHdQDBADfHdcwDQQCAAIwBwMFACQB
uMAwDQYJKoZIhvcNAQELBQADggEBAEk76Vycazl/MX1rA5oBek9fp94rZ3mC37iP
V08LLELIZt35l4ilwk5FnVRGVJbrzdjMKeuRvDq6s4RjRDbTTvcl9KOsdhDrPY+0
5Uoe/Gy5OOEt/Mftptl0wo1ZpRLa2Tmrxq4IYw3pNP9FdGkWlk6yQzv+B7RdYVOe
RFvxDikC23XWiN6KIHd4hWeN9m7aSfImiR70/SuIh/yhqZovgXyfNxbZUJjpUUwF
y17TbYUT1fw2CTvq1Yh0R3/Ug0MvIIqPZqroDn2POwWoC9fuud7wqsqtJ7bDAO7o
rN00w4Z9r9mRB4IL59UIiikUMb/ckD5CubthJd3/7QtytGQHdSc=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:35:24 2023 by rpki-client on console.sobornost.net