Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912D1D5/343361EECC8C11EDA4C1A143C4F9AE02/E569E8C6CC9011EDB38B7C4AC4F9AE02.roa
File: E569E8C6CC9011EDB38B7C4AC4F9AE02.roa (raw, json)
Hash identifier: nfNAZnO3ETzobHABVPsprjEqc8mckO+a/7jvk3TuVsE=
Subject key identifier: A9:CD:99:2C:51:F4:F1:E8:0A:E2:37:D1:8C:F6:E3:63:9B:E8:75:D3
Certificate issuer: /CN=A912D1D5/serialNumber=C54525E9705BD69D61424DBEE7B0493F5FD6F0A4
Certificate serial: 04
Authority key identifier: C5:45:25:E9:70:5B:D6:9D:61:42:4D:BE:E7:B0:49:3F:5F:D6:F0:A4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xUUl6XBb1p1hQk2-57BJP1_W8KQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912D1D5/343361EECC8C11EDA4C1A143C4F9AE02/E569E8C6CC9011EDB38B7C4AC4F9AE02.roa
Signing time: Tue 28 Mar 2023 09:36:52 +0000
ROA not before: Tue 28 Mar 2023 09:36:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 141778
IP address blocks: 103.121.178.0/24 maxlen: 24
103.121.179.0/24 maxlen: 24
2001:df2:2ec0::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 27 Apr 2023 17:46:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912D1D5/serialNumber=C54525E9705BD69D61424DBEE7B0493F5FD6F0A4
Validity
Not Before: Mar 28 09:36:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6422b533-5d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:88:8b:bd:53:d2:33:3a:25:86:a6:ca:83:0a:
35:08:ef:56:8d:08:36:58:f2:5b:e3:5d:71:e3:b0:
a2:b0:64:2a:ff:06:33:cf:18:86:4d:38:df:89:ef:
7d:fb:f7:79:23:6f:35:bc:3f:f5:ef:5e:b7:60:11:
3d:c1:4c:4c:c1:b3:75:ed:98:66:13:3d:3c:2f:8f:
e0:01:96:88:d2:5c:0d:7d:ea:45:47:72:ce:4d:c1:
0e:9a:f1:c8:01:c0:9e:7b:8d:84:e8:02:6f:c8:3e:
75:b4:2f:b4:33:3a:d4:02:6b:d2:77:50:c8:c0:8a:
d2:83:22:68:d5:89:95:7b:24:ff:6d:02:1a:40:9c:
6e:ae:28:4b:34:9b:5e:3b:71:1d:c7:00:4f:1e:62:
12:fe:fe:f0:95:a9:e5:d2:5a:86:1b:41:be:af:80:
02:86:bc:a3:13:a1:77:27:60:4b:79:07:0f:07:14:
07:9c:b3:a1:a0:e2:7f:85:b8:ba:74:d4:a0:50:54:
09:d7:ea:25:cf:dc:bb:b8:4e:3b:e0:2c:4d:e1:d9:
e0:b8:ad:b7:1a:bc:54:75:53:46:57:35:7d:85:25:
9b:31:f5:1d:64:ee:06:78:fb:4e:dc:65:cd:4f:bb:
38:d4:c5:2f:11:f0:3c:32:be:61:d0:bd:0e:45:8d:
b8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:CD:99:2C:51:F4:F1:E8:0A:E2:37:D1:8C:F6:E3:63:9B:E8:75:D3
X509v3 Authority Key Identifier:
keyid:C5:45:25:E9:70:5B:D6:9D:61:42:4D:BE:E7:B0:49:3F:5F:D6:F0:A4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912D1D5/343361EECC8C11EDA4C1A143C4F9AE02/xUUl6XBb1p1hQk2-57BJP1_W8KQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xUUl6XBb1p1hQk2-57BJP1_W8KQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912D1D5/343361EECC8C11EDA4C1A143C4F9AE02/E569E8C6CC9011EDB38B7C4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.178.0/23
IPv6:
2001:df2:2ec0::/48
Signature Algorithm: sha256WithRSAEncryption
df:6d:94:e4:f0:dd:dd:4a:12:96:82:e1:09:3e:82:70:38:c8:
da:c8:fe:21:2e:83:df:60:dc:d2:da:83:17:47:95:b5:f3:0f:
cb:0e:35:90:0c:bd:25:b4:a5:bd:ea:c6:fa:57:c4:40:25:5f:
09:65:a5:d1:78:86:cb:86:5a:bc:73:a9:61:ed:ac:07:47:76:
ea:d4:31:4b:f9:24:6e:5e:5c:6b:19:98:a5:9f:17:2a:f1:17:
ec:45:92:f1:90:e8:39:47:04:c6:1c:d7:07:6f:6e:d0:49:09:
ca:48:4b:74:98:cd:80:6f:be:78:d7:4a:56:a9:4b:ab:94:7f:
5e:56:30:2f:4a:8f:5f:29:3a:af:07:47:f8:e1:a6:b9:9a:c5:
cf:a0:eb:2d:b2:9c:63:77:05:68:ac:d6:5d:7c:aa:55:22:8b:
26:5c:10:b2:cc:dc:25:e9:eb:16:a4:2a:0f:f8:ab:72:a5:80:
ed:d0:28:57:69:6e:98:87:d6:0c:90:3a:10:7b:43:d1:6c:08:
ff:f7:e2:b4:a3:ec:e3:58:03:45:df:65:46:97:23:94:c5:48:
7d:74:56:76:02:a9:1b:5e:f5:f0:36:ab:8b:78:07:3b:67:94:
19:ad:95:2b:ff:6c:d0:89:52:4d:28:c6:d2:65:81:63:66:72:
7f:6c:82:e6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
RDFENTExMC8GA1UEBRMoQzU0NTI1RTk3MDVCRDY5RDYxNDI0REJFRTdCMDQ5M0Y1
RkQ2RjBBNDAeFw0yMzAzMjgwOTM2NTFaFw0yNDA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MjJiNTMzLTVkMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+iIu9U9IzOiWGpsqDCjUI71aNCDZY8lvjXXHjsKKwZCr/BjPPGIZNON+J7337
93kjbzW8P/XvXrdgET3BTEzBs3XtmGYTPTwvj+ABlojSXA196kVHcs5NwQ6a8cgB
wJ57jYToAm/IPnW0L7QzOtQCa9J3UMjAitKDImjViZV7JP9tAhpAnG6uKEs0m147
cR3HAE8eYhL+/vCVqeXSWoYbQb6vgAKGvKMToXcnYEt5Bw8HFAecs6Gg4n+FuLp0
1KBQVAnX6iXP3Lu4TjvgLE3h2eC4rbcavFR1U0ZXNX2FJZsx9R1k7gZ4+07cZc1P
uzjUxS8R8DwyvmHQvQ5FjbhNAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUqc2ZLFH0
8egK4jfRjPbjY5voddMwHwYDVR0jBBgwFoAUxUUl6XBb1p1hQk2+57BJP1/W8KQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJEMUQ1LzM0MzM2MUVFQ0M4
QzExRURBNEMxQTE0M0M0RjlBRTAyL3hVVWw2WEJiMXAxaFFrMi01N0JKUDFfVzhL
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIveFVVbDZYQmIxcDFoUWsyLTU3QkpQMV9XOEtRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
RDFENS8zNDMzNjFFRUNDOEMxMUVEQTRDMUExNDNDNEY5QUUwMi9FNTY5RThDNkND
OTAxMUVEQjM4QjdDNEFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWd5sjAPBAIAAjAJAwcAIAEN8i7AMA0GCSqGSIb3DQEBCwUA
A4IBAQDfbZTk8N3dShKWguEJPoJwOMjayP4hLoPfYNzS2oMXR5W18w/LDjWQDL0l
tKW96sb6V8RAJV8JZaXReIbLhlq8c6lh7awHR3bq1DFL+SRuXlxrGZilnxcq8Rfs
RZLxkOg5RwTGHNcHb27QSQnKSEt0mM2Ab75410pWqUurlH9eVjAvSo9fKTqvB0f4
4aa5msXPoOstspxjdwVorNZdfKpVIosmXBCyzNwl6esWpCoP+KtypYDt0ChXaW6Y
h9YMkDoQe0PRbAj/9+K0o+zjWANF32VGlyOUxUh9dFZ2AqkbXvXwNquLeAc7Z5QZ
rZUr/2zQiVJNKMbSZYFjZnJ/bILm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org