Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912885B/A99C18906C7911ED8CB6BC6BC4F9AE02/52CA0A326C7D11EDA4DED684C4F9AE02.roa
File: 52CA0A326C7D11EDA4DED684C4F9AE02.roa (raw, json)
Hash identifier: GbTd/ymfjfSYUzAcfAsZ9BpXe7LwvvgI/QspdBtgsRU=
Subject key identifier: DC:26:20:27:7A:61:25:0C:57:7F:73:59:54:3A:EC:9F:EA:3A:69:80
Certificate issuer: /CN=A912885B/serialNumber=BDA7621E1AC6E05B0BA0C2EF154174C8BE5C13B9
Certificate serial: AA
Authority key identifier: BD:A7:62:1E:1A:C6:E0:5B:0B:A0:C2:EF:15:41:74:C8:BE:5C:13:B9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vadiHhrG4FsLoMLvFUF0yL5cE7k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912885B/A99C18906C7911ED8CB6BC6BC4F9AE02/52CA0A326C7D11EDA4DED684C4F9AE02.roa
Signing time: Thu 19 Oct 2023 04:15:49 +0000
ROA not before: Thu 19 Oct 2023 04:15:49 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 150394
IP address blocks: 103.29.60.0/23 maxlen: 23
103.29.60.0/24 maxlen: 24
103.29.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Nov 2023 15:11:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170 (0xaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912885B/serialNumber=BDA7621E1AC6E05B0BA0C2EF154174C8BE5C13B9
Validity
Not Before: Oct 19 04:15:49 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6530ad75-263e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1f:f1:05:3b:25:8b:9d:7f:10:e2:2c:19:03:
41:41:59:13:25:e3:70:07:5f:a5:ce:6e:a9:6a:86:
c2:4e:2b:06:80:98:7a:d4:6a:24:a0:b1:cc:74:58:
ea:e8:64:63:9f:21:10:96:f5:5a:43:6c:78:a2:63:
cf:24:d4:1e:6d:80:ec:a5:c6:54:1e:f3:4d:76:f8:
09:b0:5a:bd:72:2c:5c:c9:88:2b:df:5f:88:8b:e9:
2a:87:7a:79:79:85:b4:83:6e:5b:a4:37:c6:b8:0a:
72:a8:4b:57:27:c4:1b:85:d9:73:87:7a:a4:a9:e1:
8b:48:12:c9:ab:6f:51:20:87:b4:d5:94:7f:58:7e:
40:54:23:96:cc:21:2a:82:c8:dc:a0:58:56:d3:a7:
38:1e:c6:5d:16:26:1f:1f:62:35:07:6e:56:29:de:
36:2c:e2:bb:d6:c1:91:04:b5:d1:4b:6a:f1:65:47:
3b:c2:6d:d4:05:db:e9:6f:af:24:bd:6b:43:9d:c0:
b4:b1:51:4c:73:4a:b9:35:08:2d:e5:1a:42:16:50:
a1:9f:d7:9c:eb:d3:a7:f5:a1:b2:a6:0e:c7:8b:2a:
ce:62:56:68:b9:23:e5:2f:9a:1b:67:eb:9b:d6:e4:
1f:75:a9:c6:1e:ca:ac:65:c2:6e:b0:f7:7d:70:e7:
29:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:26:20:27:7A:61:25:0C:57:7F:73:59:54:3A:EC:9F:EA:3A:69:80
X509v3 Authority Key Identifier:
keyid:BD:A7:62:1E:1A:C6:E0:5B:0B:A0:C2:EF:15:41:74:C8:BE:5C:13:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912885B/A99C18906C7911ED8CB6BC6BC4F9AE02/vadiHhrG4FsLoMLvFUF0yL5cE7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vadiHhrG4FsLoMLvFUF0yL5cE7k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912885B/A99C18906C7911ED8CB6BC6BC4F9AE02/52CA0A326C7D11EDA4DED684C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.29.60.0/23
Signature Algorithm: sha256WithRSAEncryption
51:21:06:0e:49:56:f0:96:e5:25:6a:0c:bf:d0:41:88:2c:57:
8a:6c:73:90:80:94:17:ac:4f:79:64:eb:d2:c8:88:a5:ad:20:
80:7c:af:e5:e0:fc:29:bd:69:34:27:c0:33:94:05:52:01:73:
10:d1:7e:e1:bb:ec:9a:cb:57:9a:2e:37:9a:c7:07:96:55:ab:
13:4c:ff:01:d5:9d:d9:90:f3:ce:cc:4e:14:13:61:e4:e2:a1:
00:f2:0d:59:be:bc:28:3c:2b:46:1f:d5:75:d4:24:93:c3:e5:
f6:7e:90:1f:67:c7:bb:44:be:80:4a:e8:f6:ed:a9:1c:0d:e9:
b8:03:76:e8:93:14:8c:0b:2c:0d:81:78:c7:b5:4c:74:8d:75:
55:e2:91:b7:32:ba:81:51:30:5c:14:a5:b3:49:ca:93:4c:17:
cb:eb:ab:0d:a9:d8:c2:68:81:08:3a:bc:38:92:66:85:84:6e:
84:3e:a0:ca:57:7c:c1:16:b8:48:e0:8d:1c:f9:48:28:f5:c3:
fa:39:bb:62:80:3d:ab:5e:c9:26:34:a1:bf:74:06:20:da:32:
18:2a:4e:a9:65:02:c1:65:90:23:75:b2:b3:79:f8:d2:50:73:
e7:d5:60:c3:0c:99:c8:3a:85:81:8e:bd:21:5a:6c:d2:20:b1:
70:e2:76:d6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAKowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjg4NUIxMTAvBgNVBAUTKEJEQTc2MjFFMUFDNkUwNUIwQkEwQzJFRjE1NDE3NEM4
QkU1QzEzQjkwHhcNMjMxMDE5MDQxNTQ5WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTMwYWQ3NS0yNjNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmx/xBTsli51/EOIsGQNBQVkTJeNwB1+lzm6paobCTisGgJh61GokoLHMdFjq
6GRjnyEQlvVaQ2x4omPPJNQebYDspcZUHvNNdvgJsFq9cixcyYgr31+Ii+kqh3p5
eYW0g25bpDfGuApyqEtXJ8Qbhdlzh3qkqeGLSBLJq29RIIe01ZR/WH5AVCOWzCEq
gsjcoFhW06c4HsZdFiYfH2I1B25WKd42LOK71sGRBLXRS2rxZUc7wm3UBdvpb68k
vWtDncC0sVFMc0q5NQgt5RpCFlChn9ec69On9aGypg7HiyrOYlZouSPlL5obZ+ub
1uQfdanGHsqsZcJusPd9cOcp5wIDAQABo4IClTCCApEwHQYDVR0OBBYEFNwmICd6
YSUMV39zWVQ67J/qOmmAMB8GA1UdIwQYMBaAFL2nYh4axuBbC6DC7xVBdMi+XBO5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyODg1Qi9BOTlDMTg5MDZD
NzkxMUVEOENCNkJDNkJDNEY5QUUwMi92YWRpSGhyRzRGc0xvTUx2RlVGMHlMNWNF
N2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZhZGlIaHJHNEZzTG9NTHZGVUYweUw1Y0U3ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjg4NUIvQTk5QzE4OTA2Qzc5MTFFRDhDQjZCQzZCQzRGOUFFMDIvNTJDQTBBMzI2
QzdEMTFFREE0REVENjg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnHTwwDQYJKoZIhvcNAQELBQADggEBAFEhBg5JVvCW5SVq
DL/QQYgsV4psc5CAlBesT3lk69LIiKWtIIB8r+Xg/Cm9aTQnwDOUBVIBcxDRfuG7
7JrLV5ouN5rHB5ZVqxNM/wHVndmQ887MThQTYeTioQDyDVm+vCg8K0Yf1XXUJJPD
5fZ+kB9nx7tEvoBK6PbtqRwN6bgDduiTFIwLLA2BeMe1THSNdVXikbcyuoFRMFwU
pbNJypNMF8vrqw2p2MJogQg6vDiSZoWEboQ+oMpXfMEWuEjgjRz5SCj1w/o5u2KA
PateySY0ob90BiDaMhgqTqllAsFlkCN1srN5+NJQc+fVYMMMmcg6hYGOvSFabNIg
sXDidtY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org