Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91278D5/6013216056C811EAB6657A40C4F9AE02/7C152064F72411EA85BF9936C4F9AE02.roa
File: 7C152064F72411EA85BF9936C4F9AE02.roa (raw, json)
Hash identifier: hCcKNkHA5fE7HqrXDQmPMNjrQiAYudnic1SWLgzdfIM=
Subject key identifier: 47:F2:B4:9C:56:32:D3:5B:C7:3C:17:EE:F5:FB:58:04:F4:5A:7F:94
Certificate issuer: /CN=A91278D5/serialNumber=E010AF2E114A4A9FD5085BE44660521390FB1331
Certificate serial: 0963
Authority key identifier: E0:10:AF:2E:11:4A:4A:9F:D5:08:5B:E4:46:60:52:13:90:FB:13:31
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4BCvLhFKSp_VCFvkRmBSE5D7EzE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91278D5/6013216056C811EAB6657A40C4F9AE02/7C152064F72411EA85BF9936C4F9AE02.roa
Signing time: Mon 28 Aug 2023 20:18:12 +0000
ROA not before: Mon 28 Aug 2023 20:18:12 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 140949
IP address blocks: 103.120.44.0/22 maxlen: 22
103.120.44.0/23 maxlen: 23
103.120.44.0/24 maxlen: 24
103.120.45.0/24 maxlen: 24
103.120.46.0/23 maxlen: 23
103.120.46.0/24 maxlen: 24
103.120.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Sep 2023 16:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2403 (0x963)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91278D5/serialNumber=E010AF2E114A4A9FD5085BE44660521390FB1331
Validity
Not Before: Aug 28 20:18:12 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64ed0103-5cca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:df:03:0a:8f:dd:c3:a7:59:96:4f:f4:3e:d3:
c8:b0:aa:2a:f4:e2:f5:d3:5c:e6:72:ca:07:56:25:
2c:fc:f0:93:b0:1d:fe:01:27:b4:e4:30:43:b0:09:
ad:70:d0:35:ed:66:b5:fd:e1:e0:c7:01:80:e7:77:
e4:11:f9:19:da:2f:58:56:b2:5c:a6:8a:c6:80:05:
8f:c8:4a:e3:d7:68:c6:a1:fc:c1:f9:78:a8:68:4d:
93:3f:c9:06:51:6b:19:f8:43:fe:1f:d4:c4:b7:e3:
73:85:e7:2d:70:1c:fd:49:fa:9e:fa:1d:54:fd:54:
f6:a6:46:c5:f2:7d:84:5a:26:29:70:b5:19:71:55:
09:61:bf:fa:ae:9c:4c:33:02:42:ee:f5:41:fb:1a:
36:fe:b4:43:ee:a1:a9:19:82:7d:71:52:43:f7:27:
22:7c:13:79:5f:ad:d4:7e:98:3a:f7:9c:1f:9f:f2:
4d:6a:d5:e6:9b:13:58:a2:f4:5a:1f:a5:4a:d6:53:
13:8e:1f:ce:a1:23:05:5f:4c:88:c3:84:ee:5e:3d:
a8:9c:e9:13:6e:a1:d1:95:91:91:d0:e9:ac:51:c4:
2b:67:4c:29:f5:fb:4b:19:b5:99:37:1d:26:9b:01:
a2:2a:7b:34:76:9d:99:6c:c2:ce:60:1f:e4:3e:26:
2d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:F2:B4:9C:56:32:D3:5B:C7:3C:17:EE:F5:FB:58:04:F4:5A:7F:94
X509v3 Authority Key Identifier:
keyid:E0:10:AF:2E:11:4A:4A:9F:D5:08:5B:E4:46:60:52:13:90:FB:13:31
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91278D5/6013216056C811EAB6657A40C4F9AE02/4BCvLhFKSp_VCFvkRmBSE5D7EzE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4BCvLhFKSp_VCFvkRmBSE5D7EzE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91278D5/6013216056C811EAB6657A40C4F9AE02/7C152064F72411EA85BF9936C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.120.44.0/22
Signature Algorithm: sha256WithRSAEncryption
53:ca:87:a0:a5:db:39:f9:41:21:b7:fd:04:38:6a:cb:98:9c:
6e:14:00:e0:a0:32:82:91:62:03:70:99:27:e6:1a:93:91:67:
b7:d0:1c:33:ef:7c:be:e3:2a:24:98:58:df:50:46:b9:53:69:
5c:58:8d:52:a3:f1:62:bb:ab:06:1e:b1:2e:de:20:48:11:0d:
5c:8b:93:cb:61:00:55:cf:75:e1:53:57:7a:79:88:be:03:26:
2b:de:3a:ee:96:82:13:e9:08:86:1c:09:8f:4b:06:1e:98:8f:
c8:f7:a6:6e:16:38:c0:59:4a:eb:5f:85:88:66:a0:34:b6:15:
13:cc:a7:b0:9a:17:2b:09:6a:1a:2b:7e:11:29:48:74:50:c4:
51:53:96:25:04:cf:82:e5:5b:69:1c:fa:2c:f4:fc:6b:c6:db:
c4:39:a9:e6:c9:da:10:64:12:f1:e8:d5:04:c8:66:6e:0c:42:
10:6c:77:1e:41:3d:5f:2b:3e:25:75:6e:de:5c:73:93:a2:01:
03:b2:e1:7b:a3:12:51:96:40:13:58:ea:a6:f0:28:a5:2f:fe:
78:c9:3c:e0:3b:c5:b7:11:91:34:f9:19:c9:06:f6:f0:70:53:
cf:2c:c7:f2:31:f8:70:6e:81:1f:9f:12:84:49:10:57:a2:64:
a2:99:f9:5f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCWMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjc4RDUxMTAvBgNVBAUTKEUwMTBBRjJFMTE0QTRBOUZENTA4NUJFNDQ2NjA1MjEz
OTBGQjEzMzEwHhcNMjMwODI4MjAxODEyWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVkMDEwMy01Y2NhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxN8DCo/dw6dZlk/0PtPIsKoq9OL101zmcsoHViUs/PCTsB3+ASe05DBDsAmt
cNA17Wa1/eHgxwGA53fkEfkZ2i9YVrJcporGgAWPyErj12jGofzB+XioaE2TP8kG
UWsZ+EP+H9TEt+NzhectcBz9Sfqe+h1U/VT2pkbF8n2EWiYpcLUZcVUJYb/6rpxM
MwJC7vVB+xo2/rRD7qGpGYJ9cVJD9ycifBN5X63Ufpg695wfn/JNatXmmxNYovRa
H6VK1lMTjh/OoSMFX0yIw4TuXj2onOkTbqHRlZGR0OmsUcQrZ0wp9ftLGbWZNx0m
mwGiKns0dp2ZbMLOYB/kPiYtdwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEfytJxW
MtNbxzwX7vX7WAT0Wn+UMB8GA1UdIwQYMBaAFOAQry4RSkqf1Qhb5EZgUhOQ+xMx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzhENS82MDEzMjE2MDU2
QzgxMUVBQjY2NTdBNDBDNEY5QUUwMi80QkN2TGhGS1NwX1ZDRnZrUm1CU0U1RDdF
ekUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRCQ3ZMaEZLU3BfVkNGdmtSbUJTRTVEN0V6RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjc4RDUvNjAxMzIxNjA1NkM4MTFFQUI2NjU3QTQwQzRGOUFFMDIvN0MxNTIwNjRG
NzI0MTFFQTg1QkY5OTM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJneCwwDQYJKoZIhvcNAQELBQADggEBAFPKh6Cl2zn5QSG3
/QQ4asuYnG4UAOCgMoKRYgNwmSfmGpORZ7fQHDPvfL7jKiSYWN9QRrlTaVxYjVKj
8WK7qwYesS7eIEgRDVyLk8thAFXPdeFTV3p5iL4DJiveOu6WghPpCIYcCY9LBh6Y
j8j3pm4WOMBZSutfhYhmoDS2FRPMp7CaFysJahorfhEpSHRQxFFTliUEz4LlW2kc
+iz0/GvG28Q5qebJ2hBkEvHo1QTIZm4MQhBsdx5BPV8rPiV1bt5cc5OiAQOy4Xuj
ElGWQBNY6qbwKKUv/njJPOA7xbcRkTT5GckG9vBwU88sx/Ix+HBugR+fEoRJEFei
ZKKZ+V8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org