Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91278D5/6013216056C811EAB6657A40C4F9AE02/A8C966FE524F11EEB5EDAA28C4F9AE02.roa
File: A8C966FE524F11EEB5EDAA28C4F9AE02.roa (raw, json)
Hash identifier: fk56dio5wCoKmBXYyy5Gx8L+IJd1wa8eTtSAUCNibbk=
Subject key identifier: 9D:71:93:2C:FC:CE:D8:EA:89:65:69:E7:A3:23:D0:EC:B9:0C:4B:CE
Certificate issuer: /CN=A91278D5/serialNumber=E010AF2E114A4A9FD5085BE44660521390FB1331
Certificate serial: 0974
Authority key identifier: E0:10:AF:2E:11:4A:4A:9F:D5:08:5B:E4:46:60:52:13:90:FB:13:31
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4BCvLhFKSp_VCFvkRmBSE5D7EzE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91278D5/6013216056C811EAB6657A40C4F9AE02/A8C966FE524F11EEB5EDAA28C4F9AE02.roa
Signing time: Wed 13 Sep 2023 16:08:15 +0000
ROA not before: Wed 13 Sep 2023 16:08:15 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 150178
IP address blocks: 103.120.44.0/24 maxlen: 24
103.120.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 11:28:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2420 (0x974)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91278D5/serialNumber=E010AF2E114A4A9FD5085BE44660521390FB1331
Validity
Not Before: Sep 13 16:08:15 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=6501de6e-8d7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ea:1f:c6:40:cf:df:ff:0d:b6:35:4a:4d:fc:
c7:c3:bb:39:2c:18:20:48:7a:da:33:4f:ba:3a:0a:
78:4d:46:5f:15:0f:6d:35:0d:e3:f4:57:d5:fe:c0:
1e:a9:a5:23:06:f9:44:2d:dc:01:e7:b4:3d:67:22:
26:ce:ed:24:03:ea:38:1c:44:e1:3e:45:f9:95:21:
5d:fa:b9:2e:b8:9b:c7:be:12:f7:54:b4:0f:eb:42:
14:66:83:ae:91:42:9d:65:38:f9:f2:f5:72:35:21:
f9:15:dc:3e:e3:82:1f:77:02:30:24:42:18:f1:ae:
15:58:a7:a9:42:70:4a:33:41:3c:04:12:a1:e9:4f:
1b:ce:c0:ba:d9:48:c8:19:49:f3:f2:ba:9f:bf:b5:
23:af:16:3f:b5:4a:71:2e:2a:b5:34:ca:a1:1c:cd:
65:b4:9f:79:84:47:c9:8a:dd:39:83:fd:e8:6c:d3:
00:c5:5d:8b:a7:f4:15:19:25:a8:7b:2c:d3:06:a7:
d6:08:f3:63:8a:7e:07:e3:8e:64:96:da:59:03:8b:
cc:5f:3b:ed:40:da:8a:f9:43:73:41:d2:44:8f:a6:
e5:be:91:81:e7:3a:1e:09:bb:d3:ce:dc:f9:c2:08:
8a:04:47:54:6e:31:96:4d:36:ca:2b:40:a4:84:b9:
6e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:71:93:2C:FC:CE:D8:EA:89:65:69:E7:A3:23:D0:EC:B9:0C:4B:CE
X509v3 Authority Key Identifier:
keyid:E0:10:AF:2E:11:4A:4A:9F:D5:08:5B:E4:46:60:52:13:90:FB:13:31
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91278D5/6013216056C811EAB6657A40C4F9AE02/4BCvLhFKSp_VCFvkRmBSE5D7EzE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4BCvLhFKSp_VCFvkRmBSE5D7EzE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91278D5/6013216056C811EAB6657A40C4F9AE02/A8C966FE524F11EEB5EDAA28C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.120.44.0/23
Signature Algorithm: sha256WithRSAEncryption
28:dc:69:08:3c:15:0d:53:73:9a:f4:6e:bf:d5:3f:43:d4:89:
f4:1d:bf:25:46:2a:37:43:c7:56:15:54:52:27:5b:c0:28:7c:
29:95:f7:0a:4d:4c:a2:58:72:09:58:a6:25:c2:72:03:4a:9c:
15:ff:30:6b:c6:e2:c6:1f:2a:70:1f:fd:3b:f6:23:5a:22:d6:
22:c4:40:b3:e1:12:5b:b5:58:15:8a:fa:e2:a7:ad:e7:a1:92:
3e:69:a3:8b:de:2f:27:39:0f:08:19:73:d2:7f:e2:c4:87:85:
6b:15:78:f6:01:65:24:7e:81:a2:10:15:2b:66:14:1b:0a:ab:
44:6d:73:94:fa:81:a9:de:ed:c2:84:5f:e3:a5:7c:ce:7e:8b:
64:14:b1:0b:79:f6:1b:32:35:4d:b5:c5:57:d7:cc:43:89:72:
31:da:c8:95:1d:43:a5:9d:7e:fc:c8:1a:2a:51:68:fc:44:34:
ba:a6:b8:93:3f:cc:56:46:22:48:fe:da:57:c9:64:5c:ed:80:
48:ab:91:09:ac:c0:aa:c6:25:bc:f3:09:e4:cf:5b:c3:d8:77:
61:44:04:51:10:89:d3:b6:37:19:dc:91:0a:47:83:b4:5f:f4:
e2:aa:37:a7:73:c1:8b:09:f8:a3:c5:b8:28:cf:a4:6f:4c:c5:
b4:ba:44:66
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCXQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjc4RDUxMTAvBgNVBAUTKEUwMTBBRjJFMTE0QTRBOUZENTA4NUJFNDQ2NjA1MjEz
OTBGQjEzMzEwHhcNMjMwOTEzMTYwODE1WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTAxZGU2ZS04ZDdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1OofxkDP3/8NtjVKTfzHw7s5LBggSHraM0+6Ogp4TUZfFQ9tNQ3j9FfV/sAe
qaUjBvlELdwB57Q9ZyImzu0kA+o4HEThPkX5lSFd+rkuuJvHvhL3VLQP60IUZoOu
kUKdZTj58vVyNSH5Fdw+44IfdwIwJEIY8a4VWKepQnBKM0E8BBKh6U8bzsC62UjI
GUnz8rqfv7UjrxY/tUpxLiq1NMqhHM1ltJ95hEfJit05g/3obNMAxV2Lp/QVGSWo
eyzTBqfWCPNjin4H445kltpZA4vMXzvtQNqK+UNzQdJEj6blvpGB5zoeCbvTztz5
wgiKBEdUbjGWTTbKK0CkhLluBwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJ1xkyz8
ztjqiWVp56Mj0Oy5DEvOMB8GA1UdIwQYMBaAFOAQry4RSkqf1Qhb5EZgUhOQ+xMx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzhENS82MDEzMjE2MDU2
QzgxMUVBQjY2NTdBNDBDNEY5QUUwMi80QkN2TGhGS1NwX1ZDRnZrUm1CU0U1RDdF
ekUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRCQ3ZMaEZLU3BfVkNGdmtSbUJTRTVEN0V6RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjc4RDUvNjAxMzIxNjA1NkM4MTFFQUI2NjU3QTQwQzRGOUFFMDIvQThDOTY2RkU1
MjRGMTFFRUI1RURBQTI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFneCwwDQYJKoZIhvcNAQELBQADggEBACjcaQg8FQ1Tc5r0
br/VP0PUifQdvyVGKjdDx1YVVFInW8AofCmV9wpNTKJYcglYpiXCcgNKnBX/MGvG
4sYfKnAf/Tv2I1oi1iLEQLPhElu1WBWK+uKnreehkj5po4veLyc5DwgZc9J/4sSH
hWsVePYBZSR+gaIQFStmFBsKq0Rtc5T6gane7cKEX+OlfM5+i2QUsQt59hsyNU21
xVfXzEOJcjHayJUdQ6WdfvzIGipRaPxENLqmuJM/zFZGIkj+2lfJZFztgEirkQms
wKrGJbzzCeTPW8PYd2FEBFEQidO2NxnckQpHg7Rf9OKqN6dzwYsJ+KPFuCjPpG9M
xbS6RGY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:48 2024 by rpki-client on console-ams.rpki-client.org