Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/D973D448982511EF948BAD29C4F9AE02.roa
File: D973D448982511EF948BAD29C4F9AE02.roa (raw, json)
Hash identifier: 3mrVqhc5ZofPuapBTqxXDnsRbeATpo3IOgeuRLAESXw=
Subject key identifier: 0C:8E:5C:28:F4:76:7F:8E:9A:7B:AE:80:92:93:9D:AB:1B:6A:F7:21
Certificate issuer: /CN=A9172A52/serialNumber=674AC57C099876A06657180B34E24E6EEE884411
Certificate serial: 04
Authority key identifier: 67:4A:C5:7C:09:98:76:A0:66:57:18:0B:34:E2:4E:6E:EE:88:44:11
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0rFfAmYdqBmVxgLNOJObu6IRBE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/D973D448982511EF948BAD29C4F9AE02.roa
Signing time: Fri 01 Nov 2024 07:49:40 +0000
ROA not before: Fri 01 Nov 2024 07:49:40 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 134963
IP address blocks: 103.40.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 08:08:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172A52/serialNumber=674AC57C099876A06657180B34E24E6EEE884411
Validity
Not Before: Nov 1 07:49:40 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67248814-9681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:dc:c3:00:08:3c:65:bf:c9:dc:b2:51:d8:bd:
f7:50:6d:10:5a:1b:68:e6:79:25:45:d6:cd:00:c5:
5b:32:33:cf:23:7a:fe:52:da:de:66:f7:d1:0b:d5:
b6:7a:6b:3b:0e:b8:ca:45:42:9c:67:f9:c3:74:1a:
87:72:ac:01:b9:ae:0d:11:34:7e:f0:50:82:33:62:
da:14:a2:a2:62:89:2c:fe:56:13:76:35:8f:b8:b9:
6a:68:a9:1a:a3:4f:f3:f5:00:d1:8d:78:e5:58:9f:
5a:4a:69:1e:77:46:93:57:2c:89:ef:10:00:37:63:
88:36:c7:88:5b:ac:a3:8d:b4:92:fb:7d:7a:b4:2a:
bf:71:1e:9c:93:a4:5e:c1:bd:d6:e3:99:01:c6:d4:
29:b9:4c:20:63:b4:9d:45:d2:4a:96:87:a9:94:e8:
fb:2e:12:87:75:b0:9d:b4:5f:f8:b5:c3:7c:6d:c6:
af:26:83:34:aa:46:97:55:ea:50:93:4a:69:21:4f:
50:44:d8:7d:ef:9e:14:b2:ef:80:5c:39:4e:18:96:
b4:d1:71:14:73:fb:38:42:c2:d3:1a:84:23:b3:bf:
87:f1:7d:c7:0f:0d:36:63:d7:8d:f0:23:79:a7:91:
84:99:e4:83:db:69:11:2b:20:4b:dd:fb:5c:e2:6e:
85:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:8E:5C:28:F4:76:7F:8E:9A:7B:AE:80:92:93:9D:AB:1B:6A:F7:21
X509v3 Authority Key Identifier:
keyid:67:4A:C5:7C:09:98:76:A0:66:57:18:0B:34:E2:4E:6E:EE:88:44:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/Z0rFfAmYdqBmVxgLNOJObu6IRBE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0rFfAmYdqBmVxgLNOJObu6IRBE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/D973D448982511EF948BAD29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.40.164.0/24
Signature Algorithm: sha256WithRSAEncryption
58:77:d4:84:6c:10:d7:b5:d8:f9:6e:f5:ab:0c:ce:ac:c3:85:
4d:bf:6f:b0:89:f0:18:12:74:f6:17:1f:33:60:36:88:6b:32:
4b:3e:e5:2d:5b:2c:6e:ea:08:02:f4:6f:62:7b:50:74:4e:45:
dd:e8:98:c5:08:39:84:6d:97:20:52:a8:ae:1a:02:56:f5:85:
bd:5e:5c:da:1c:4b:5e:46:d9:da:5a:09:ac:93:4e:fe:95:e6:
c1:0a:bc:a9:9b:80:23:f9:6c:97:d4:d4:0c:02:28:cd:66:f3:
51:97:0d:7c:d5:6e:09:92:77:e1:ec:40:ca:86:c0:31:d7:8f:
10:c5:fc:78:00:ab:d4:37:7e:51:30:a6:e5:78:b2:62:1b:ea:
5e:da:7d:0f:9d:ff:94:ef:59:71:32:fc:eb:75:95:87:0f:41:
d3:08:50:b1:3c:a5:25:7b:55:bc:ff:ae:14:e8:c8:11:15:ed:
0a:3d:93:68:53:45:22:fe:c4:6d:55:ce:8c:e1:78:24:e3:14:
b3:74:2f:c5:fd:12:fd:ac:6c:76:33:7a:3f:c3:e0:64:93:f2:
75:be:70:71:0b:a7:b5:89:4c:72:8a:07:86:d8:00:c9:0d:23:
3b:a0:60:3d:50:82:30:f1:2d:41:e7:94:69:a3:34:b2:d5:71:
6d:32:a4:ea
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MkE1MjExMC8GA1UEBRMoNjc0QUM1N0MwOTk4NzZBMDY2NTcxODBCMzRFMjRFNkVF
RTg4NDQxMTAeFw0yNDExMDEwNzQ5NDBaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MjQ4ODE0LTk2ODEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJ3MMACDxlv8ncslHYvfdQbRBaG2jmeSVF1s0AxVsyM88jev5S2t5m99EL1bZ6
azsOuMpFQpxn+cN0GodyrAG5rg0RNH7wUIIzYtoUoqJiiSz+VhN2NY+4uWpoqRqj
T/P1ANGNeOVYn1pKaR53RpNXLInvEAA3Y4g2x4hbrKONtJL7fXq0Kr9xHpyTpF7B
vdbjmQHG1Cm5TCBjtJ1F0kqWh6mU6PsuEod1sJ20X/i1w3xtxq8mgzSqRpdV6lCT
SmkhT1BE2H3vnhSy74BcOU4YlrTRcRRz+zhCwtMahCOzv4fxfccPDTZj143wI3mn
kYSZ5IPbaRErIEvd+1ziboXbAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUDI5cKPR2
f46ae66AkpOdqxtq9yEwHwYDVR0jBBgwFoAUZ0rFfAmYdqBmVxgLNOJObu6IRBEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcyQTUyLzNFNzZEN0VFOTgx
OTExRUZCMEQwREQzNEM0RjlBRTAyL1owckZmQW1ZZHFCbVZ4Z0xOT0pPYnU2SVJC
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWjByRmZBbVlkcUJtVnhnTE5PSk9idTZJUkJFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MkE1Mi8zRTc2RDdFRTk4MTkxMUVGQjBEMEREMzRDNEY5QUUwMi9EOTczRDQ0ODk4
MjUxMUVGOTQ4QkFEMjlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGcopDANBgkqhkiG9w0BAQsFAAOCAQEAWHfUhGwQ17XY+W71
qwzOrMOFTb9vsInwGBJ09hcfM2A2iGsySz7lLVssbuoIAvRvYntQdE5F3eiYxQg5
hG2XIFKorhoCVvWFvV5c2hxLXkbZ2loJrJNO/pXmwQq8qZuAI/lsl9TUDAIozWbz
UZcNfNVuCZJ34exAyobAMdePEMX8eACr1Dd+UTCm5XiyYhvqXtp9D53/lO9ZcTL8
63WVhw9B0whQsTylJXtVvP+uFOjIERXtCj2TaFNFIv7EbVXOjOF4JOMUs3Qvxf0S
/axsdjN6P8PgZJPydb5wcQuntYlMcooHhtgAyQ0jO6BgPVCCMPEtQeeUaaM0stVx
bTKk6g==
-----END CERTIFICATE-----
Generated at Fri Nov 1 12:18:39 2024 by rpki-client on console.sobornost.net