Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9116DDB/E1CDCDD2BE1B11EDA61ACD84C4F9AE02/8D4702143CC511EEBD1B8E0FC4F9AE02.roa
File: 8D4702143CC511EEBD1B8E0FC4F9AE02.roa (raw, json)
Hash identifier: VJB6QqkrDdBM5dPfu+lA8Ll6yNBAjEjLCKSqP2bdj68=
Subject key identifier: 3D:B1:DF:6F:00:E6:AE:9C:4D:A6:89:36:16:E1:C1:90:60:21:3D:20
Certificate issuer: /CN=A9116DDB/serialNumber=0C769DA44982F61650362943E6DFEF951B9777FA
Certificate serial: B0
Authority key identifier: 0C:76:9D:A4:49:82:F6:16:50:36:29:43:E6:DF:EF:95:1B:97:77:FA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DHadpEmC9hZQNilD5t_vlRuXd_o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9116DDB/E1CDCDD2BE1B11EDA61ACD84C4F9AE02/8D4702143CC511EEBD1B8E0FC4F9AE02.roa
Signing time: Fri 01 Dec 2023 03:16:03 +0000
ROA not before: Fri 01 Dec 2023 03:16:03 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 17941
IP address blocks: 103.71.92.0/24 maxlen: 24
103.71.93.0/24 maxlen: 24
103.71.94.0/24 maxlen: 24
103.71.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Apr 2024 01:09:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176 (0xb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9116DDB/serialNumber=0C769DA44982F61650362943E6DFEF951B9777FA
Validity
Not Before: Dec 1 03:16:03 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65694ff3-5730
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:70:ba:be:a5:ac:a6:25:d9:13:f9:70:7e:30:
71:8c:c5:53:60:5e:da:0f:f1:79:f6:ca:e6:ef:c1:
fb:18:c7:8d:d6:c6:bf:45:e4:e1:93:8d:f0:37:05:
3f:0d:1c:d2:7c:bd:ae:91:3d:ce:c2:2b:4e:8b:3c:
34:48:b0:38:20:fe:e4:ab:a5:6c:4b:ae:59:23:ca:
4d:68:d4:c3:96:94:3b:bc:80:dc:7f:87:cc:31:de:
93:90:fa:5c:9d:d2:57:87:65:8e:b3:89:85:7b:42:
c3:ad:31:16:be:23:d4:cb:89:6a:1c:7b:bb:3f:9d:
16:f1:b0:48:dc:70:a9:54:3a:b2:0e:44:86:f8:71:
7c:18:62:a6:20:d3:a1:be:45:dd:70:11:f2:78:4e:
f4:9b:b7:58:a0:c6:c4:cb:e6:c7:5d:c6:eb:97:1d:
a5:f1:ab:f2:6e:b8:da:a3:a6:3c:7c:76:4c:43:87:
4e:33:c5:a5:d5:9d:f7:fb:a4:b8:21:25:c0:eb:2e:
a2:f4:af:9a:3a:be:d5:6b:43:78:15:25:6f:ca:9b:
57:95:1d:40:d5:9e:94:82:96:7a:00:b5:0b:ff:85:
3c:a8:a0:ec:5e:45:fa:b1:6a:6b:af:26:72:b1:fa:
46:b2:a9:e2:c0:66:49:fb:6c:9f:1e:52:5d:48:15:
52:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B1:DF:6F:00:E6:AE:9C:4D:A6:89:36:16:E1:C1:90:60:21:3D:20
X509v3 Authority Key Identifier:
keyid:0C:76:9D:A4:49:82:F6:16:50:36:29:43:E6:DF:EF:95:1B:97:77:FA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9116DDB/E1CDCDD2BE1B11EDA61ACD84C4F9AE02/DHadpEmC9hZQNilD5t_vlRuXd_o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DHadpEmC9hZQNilD5t_vlRuXd_o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9116DDB/E1CDCDD2BE1B11EDA61ACD84C4F9AE02/8D4702143CC511EEBD1B8E0FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.71.92.0/22
Signature Algorithm: sha256WithRSAEncryption
57:4a:c4:63:17:c3:93:b3:bc:e6:06:b9:bb:6b:97:41:60:83:
f4:a9:55:a2:f8:78:2f:15:f5:14:bc:ad:03:e7:e1:53:76:ed:
6a:00:6e:e1:fa:4c:cd:9d:d0:0b:9e:71:ad:5f:d2:74:01:e4:
19:85:aa:c6:e0:68:9e:b3:47:40:fe:5f:6c:8c:26:17:24:01:
c3:81:24:b5:61:52:8a:ee:5f:e5:38:13:76:81:b8:ab:72:60:
3d:45:77:eb:95:8d:86:48:0a:3d:78:b6:ee:34:90:ac:55:84:
ba:7c:46:7e:a3:36:7d:35:3d:d6:af:9c:7c:71:67:9b:21:a7:
18:98:8d:ff:25:61:62:eb:0b:92:d9:e9:df:d9:f5:51:1e:2a:
a8:2d:68:38:d6:93:e5:c1:aa:f7:5e:8a:06:9f:15:03:38:da:
8f:da:a4:07:06:f6:e1:03:91:54:30:b4:82:93:16:c9:ec:17:
79:9c:ac:fc:c6:74:91:7b:af:fc:b5:7c:92:6a:fd:64:fc:73:
eb:aa:44:7c:5a:a8:0a:18:fc:81:94:34:2c:12:43:15:48:15:
40:e2:25:7f:3e:63:ce:4e:23:93:4d:15:58:8d:8c:39:b6:7a:
eb:17:af:bc:c4:f4:4c:4f:c3:65:9d:86:51:f4:6c:17:d8:cf:
c7:82:cd:5c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICALAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTZEREIxMTAvBgNVBAUTKDBDNzY5REE0NDk4MkY2MTY1MDM2Mjk0M0U2REZFRjk1
MUI5Nzc3RkEwHhcNMjMxMjAxMDMxNjAzWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTY5NGZmMy01NzMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz3C6vqWspiXZE/lwfjBxjMVTYF7aD/F59srm78H7GMeN1sa/ReThk43wNwU/
DRzSfL2ukT3OwitOizw0SLA4IP7kq6VsS65ZI8pNaNTDlpQ7vIDcf4fMMd6TkPpc
ndJXh2WOs4mFe0LDrTEWviPUy4lqHHu7P50W8bBI3HCpVDqyDkSG+HF8GGKmINOh
vkXdcBHyeE70m7dYoMbEy+bHXcbrlx2l8avybrjao6Y8fHZMQ4dOM8Wl1Z33+6S4
ISXA6y6i9K+aOr7Va0N4FSVvyptXlR1A1Z6UgpZ6ALUL/4U8qKDsXkX6sWprryZy
sfpGsqniwGZJ+2yfHlJdSBVSowIDAQABo4IClTCCApEwHQYDVR0OBBYEFD2x328A
5q6cTaaJNhbhwZBgIT0gMB8GA1UdIwQYMBaAFAx2naRJgvYWUDYpQ+bf75Ubl3f6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNkREQi9FMUNEQ0REMkJF
MUIxMUVEQTYxQUNEODRDNEY5QUUwMi9ESGFkcEVtQzloWlFOaWxENXRfdmxSdVhk
X28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RIYWRwRW1DOWhaUU5pbEQ1dF92bFJ1WGRfby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTZEREIvRTFDRENERDJCRTFCMTFFREE2MUFDRDg0QzRGOUFFMDIvOEQ0NzAyMTQz
Q0M1MTFFRUJEMUI4RTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnR1wwDQYJKoZIhvcNAQELBQADggEBAFdKxGMXw5OzvOYG
ubtrl0Fgg/SpVaL4eC8V9RS8rQPn4VN27WoAbuH6TM2d0Aueca1f0nQB5BmFqsbg
aJ6zR0D+X2yMJhckAcOBJLVhUoruX+U4E3aBuKtyYD1Fd+uVjYZICj14tu40kKxV
hLp8Rn6jNn01PdavnHxxZ5shpxiYjf8lYWLrC5LZ6d/Z9VEeKqgtaDjWk+XBqvde
igafFQM42o/apAcG9uEDkVQwtIKTFsnsF3mcrPzGdJF7r/y1fJJq/WT8c+uqRHxa
qAoY/IGUNCwSQxVIFUDiJX8+Y85OI5NNFViNjDm2eusXr7zE9ExPw2WdhlH0bBfY
z8eCzVw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org