Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9117836/FA25EDE2431D11EE868CA40FC4F9AE02/78E592EE431F11EEA922EE1DC4F9AE02.roa
File: 78E592EE431F11EEA922EE1DC4F9AE02.roa (raw, json)
Hash identifier: X2JiGaJuAQzX+xBQvcl/vd1hHt2Ifkegf3tBIZL1sXo=
Subject key identifier: 8A:69:88:27:6E:A3:E3:64:A1:78:CC:10:BF:4A:9C:D3:41:D1:86:BC
Certificate issuer: /CN=A9117836/serialNumber=6F67581038534D4DBCE3C81B5F2D8861C536B67C
Certificate serial: 02
Authority key identifier: 6F:67:58:10:38:53:4D:4D:BC:E3:C8:1B:5F:2D:88:61:C5:36:B6:7C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b2dYEDhTTU2848gbXy2IYcU2tnw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9117836/FA25EDE2431D11EE868CA40FC4F9AE02/78E592EE431F11EEA922EE1DC4F9AE02.roa
Signing time: Fri 25 Aug 2023 08:14:55 +0000
ROA not before: Fri 25 Aug 2023 08:14:55 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 151779
IP address blocks: 103.20.101.0/24 maxlen: 24
2001:df2:da40::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 18 Oct 2023 08:22:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9117836/serialNumber=6F67581038534D4DBCE3C81B5F2D8861C536B67C
Validity
Not Before: Aug 25 08:14:55 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=64e862fe-5ab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e8:ec:33:e5:3e:e2:26:44:bf:64:ae:da:7b:
c3:b5:2a:4e:11:4c:6c:3b:df:5c:22:94:ce:5f:d9:
5e:b8:78:aa:4e:fb:d7:08:13:66:7f:d8:a3:2d:b4:
06:b1:5c:c4:40:aa:2d:9f:a3:81:de:ee:72:a9:60:
d0:2f:f2:0b:ff:10:f9:7b:80:43:0d:b3:8a:5d:70:
6e:11:5c:f3:79:70:64:35:d6:4a:70:2c:19:0f:8a:
90:9a:bb:0c:26:55:cf:ed:2a:ae:60:92:7e:72:be:
23:e1:ee:95:c3:e9:50:3a:ad:b6:13:af:0e:0d:5c:
7d:54:56:15:69:ec:f4:73:e2:57:e2:b1:57:6a:f8:
23:51:22:d8:ac:e4:15:f3:79:e0:46:9f:5f:71:8c:
ba:95:2a:33:20:3c:3d:7d:46:85:96:2b:01:9e:4e:
0f:1f:d6:25:2d:cb:40:9d:b5:30:29:60:1e:9b:18:
76:8a:65:c0:3d:90:8b:9d:b2:c0:93:f5:3d:03:2c:
10:c4:1d:6a:a3:6d:e9:45:31:f0:bc:93:61:27:34:
77:3e:a9:57:59:2f:db:1f:92:35:72:f1:7c:f6:e3:
f4:1e:c2:ca:ba:72:be:ee:15:82:2f:42:97:40:4a:
ba:70:cf:39:a8:4d:cd:b8:62:06:90:5c:5a:cc:01:
43:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:69:88:27:6E:A3:E3:64:A1:78:CC:10:BF:4A:9C:D3:41:D1:86:BC
X509v3 Authority Key Identifier:
keyid:6F:67:58:10:38:53:4D:4D:BC:E3:C8:1B:5F:2D:88:61:C5:36:B6:7C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9117836/FA25EDE2431D11EE868CA40FC4F9AE02/b2dYEDhTTU2848gbXy2IYcU2tnw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b2dYEDhTTU2848gbXy2IYcU2tnw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117836/FA25EDE2431D11EE868CA40FC4F9AE02/78E592EE431F11EEA922EE1DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.101.0/24
IPv6:
2001:df2:da40::/48
Signature Algorithm: sha256WithRSAEncryption
7c:9d:9e:c1:5f:7e:fe:12:99:9d:98:bb:69:cf:0e:8a:f5:5e:
3b:6d:f1:68:b2:1a:c9:d9:eb:64:8f:04:37:14:0c:11:28:31:
7a:b0:d7:52:db:0e:f2:75:6d:ef:ba:14:2f:a9:29:5b:d3:8d:
84:73:39:44:53:bd:8f:46:d2:b3:d9:8e:23:ee:25:d4:0d:95:
e9:11:57:91:df:9e:4c:e2:52:e2:ff:fc:1c:7b:83:9a:1b:a8:
2e:ab:b0:17:9d:7f:3d:75:55:08:79:7e:a8:8b:d7:cd:71:82:
23:59:a5:cd:29:1c:f6:e3:73:dc:93:76:6d:d6:45:2b:04:90:
72:ac:5b:5f:ff:3d:29:c4:59:0f:2d:65:0e:c6:d3:e2:c8:af:
a0:98:38:5e:66:6d:62:10:57:a3:f0:20:37:5d:db:99:b2:6b:
8b:8c:60:ca:21:0e:a3:c9:a7:9b:c6:f0:43:8a:07:0d:cb:4c:
6d:0c:cd:e1:45:95:98:5c:48:28:ee:a7:3f:62:14:ef:72:dc:
00:a5:b3:9b:86:39:d8:99:ed:26:d5:07:b6:2e:0e:d8:1b:14:
82:31:e3:e5:33:cf:87:f1:ef:c5:b3:f1:61:b3:e6:9b:64:1d:
2a:98:d9:e5:01:9a:29:50:d1:0b:95:7d:1d:a2:d5:fd:dc:a7:
6f:13:6a:33
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
NzgzNjExMC8GA1UEBRMoNkY2NzU4MTAzODUzNEQ0REJDRTNDODFCNUYyRDg4NjFD
NTM2QjY3QzAeFw0yMzA4MjUwODE0NTVaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZTg2MmZlLTVhYjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCv6Owz5T7iJkS/ZK7ae8O1Kk4RTGw731wilM5f2V64eKpO+9cIE2Z/2KMttAax
XMRAqi2fo4He7nKpYNAv8gv/EPl7gEMNs4pdcG4RXPN5cGQ11kpwLBkPipCauwwm
Vc/tKq5gkn5yviPh7pXD6VA6rbYTrw4NXH1UVhVp7PRz4lfisVdq+CNRItis5BXz
eeBGn19xjLqVKjMgPD19RoWWKwGeTg8f1iUty0CdtTApYB6bGHaKZcA9kIudssCT
9T0DLBDEHWqjbelFMfC8k2EnNHc+qVdZL9sfkjVy8Xz24/Qewsq6cr7uFYIvQpdA
SrpwzzmoTc24YgaQXFrMAUO7AgMBAAGjggKmMIICojAdBgNVHQ4EFgQUimmIJ26j
42SheMwQv0qc00HRhrwwHwYDVR0jBBgwFoAUb2dYEDhTTU2848gbXy2IYcU2tnww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE3ODM2L0ZBMjVFREUyNDMx
RDExRUU4NjhDQTQwRkM0RjlBRTAyL2IyZFlFRGhUVFUyODQ4Z2JYeTJJWWNVMnRu
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYjJkWUVEaFRUVTI4NDhnYlh5MklZY1UydG53LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
NzgzNi9GQTI1RURFMjQzMUQxMUVFODY4Q0E0MEZDNEY5QUUwMi83OEU1OTJFRTQz
MUYxMUVFQTkyMkVFMURDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAGcUZTAPBAIAAjAJAwcAIAEN8tpAMA0GCSqGSIb3DQEBCwUA
A4IBAQB8nZ7BX37+EpmdmLtpzw6K9V47bfFoshrJ2etkjwQ3FAwRKDF6sNdS2w7y
dW3vuhQvqSlb042EczlEU72PRtKz2Y4j7iXUDZXpEVeR355M4lLi//wce4OaG6gu
q7AXnX89dVUIeX6oi9fNcYIjWaXNKRz243Pck3Zt1kUrBJByrFtf/z0pxFkPLWUO
xtPiyK+gmDheZm1iEFej8CA3XduZsmuLjGDKIQ6jyaebxvBDigcNy0xtDM3hRZWY
XEgo7qc/YhTvctwApbObhjnYme0m1Qe2Lg7YGxSCMePlM8+H8e/Fs/Fhs+abZB0q
mNnlAZopUNELlX0dotX93KdvE2oz
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org