Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9168D20/C0C6AE5C935B11EB91086D55C4F9AE02/C20C84EC935D11EBBF8A8058C4F9AE02.roa
File: C20C84EC935D11EBBF8A8058C4F9AE02.roa (raw, json)
Hash identifier: we1qSTYtGbwQoZ4xxshMc+8oSx84kGP8dQr29I1XBY8=
Subject key identifier: 1C:F3:55:06:FA:B5:37:FB:4D:49:40:A9:1C:4C:1E:AA:E1:FE:B5:01
Certificate issuer: /CN=A9168D20/serialNumber=717A78D83EC38F17110273281398449ECDD10500
Certificate serial: 052A
Authority key identifier: 71:7A:78:D8:3E:C3:8F:17:11:02:73:28:13:98:44:9E:CD:D1:05:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXp42D7DjxcRAnMoE5hEns3RBQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9168D20/C0C6AE5C935B11EB91086D55C4F9AE02/C20C84EC935D11EBBF8A8058C4F9AE02.roa
Signing time: Fri 15 Dec 2023 00:32:33 +0000
ROA not before: Fri 15 Dec 2023 00:32:33 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 55561
IP address blocks: 103.125.220.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 28 Feb 2024 19:58:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1322 (0x52a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9168D20/serialNumber=717A78D83EC38F17110273281398449ECDD10500
Validity
Not Before: Dec 15 00:32:33 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=657b9ea1-7b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:89:6e:31:d4:c8:cb:d7:9c:43:dd:99:f5:d9:
e7:fa:ee:b5:29:c0:c2:e1:d1:c3:8f:38:0c:af:cb:
1d:20:21:58:b2:55:b7:c0:60:ec:2f:3a:dd:e8:fb:
2b:8e:be:08:cb:5d:3d:a6:f0:66:f4:e3:6e:44:58:
5a:68:e6:26:1f:0f:4f:31:87:37:c1:f1:10:5b:d9:
e7:cf:40:6c:e8:71:1f:b2:f1:6b:e1:ef:8b:a6:01:
5e:32:60:bc:89:f2:f5:9f:4d:e6:a0:21:e6:da:87:
8f:4a:d7:7f:05:84:de:81:31:5c:48:cf:33:39:ba:
5c:f4:dc:88:8e:d7:f6:8a:15:c2:c4:3e:7b:00:17:
cd:9a:35:6d:c5:4a:a5:89:af:46:ed:ff:35:fc:b7:
e8:0c:70:ea:9b:08:48:12:10:77:fe:e7:3f:8f:e1:
6d:82:34:77:45:70:ce:ad:6f:31:94:01:bc:bf:75:
e3:22:6c:76:d1:a1:07:bb:d9:e2:21:48:c6:9d:c7:
b8:f4:e7:84:7e:b9:6a:cb:2a:9b:74:95:1b:41:cc:
0a:32:d0:77:43:07:bc:4e:32:c5:31:5b:5f:f1:3e:
98:63:ff:5c:ce:1a:04:c9:3c:18:31:4a:9e:29:6b:
85:ee:ef:2a:58:97:42:ed:44:88:76:ea:c1:47:29:
8c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:F3:55:06:FA:B5:37:FB:4D:49:40:A9:1C:4C:1E:AA:E1:FE:B5:01
X509v3 Authority Key Identifier:
keyid:71:7A:78:D8:3E:C3:8F:17:11:02:73:28:13:98:44:9E:CD:D1:05:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9168D20/C0C6AE5C935B11EB91086D55C4F9AE02/cXp42D7DjxcRAnMoE5hEns3RBQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXp42D7DjxcRAnMoE5hEns3RBQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9168D20/C0C6AE5C935B11EB91086D55C4F9AE02/C20C84EC935D11EBBF8A8058C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.125.220.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:13:54:e5:6f:3f:2e:95:10:58:43:66:01:4f:00:7f:5b:7e:
0b:6c:c7:e6:0d:3d:f6:5a:4c:a7:c5:5a:aa:76:32:90:64:1b:
97:b2:a5:43:c3:dd:1c:ff:f1:ae:c2:a2:f8:13:a0:c7:10:32:
85:86:e2:95:3d:a6:db:62:22:6f:c6:23:7c:57:94:35:81:7f:
13:40:0c:ac:6f:5d:56:d4:f4:4e:56:29:b1:fb:12:99:67:bb:
80:52:b3:7a:68:4b:e8:1d:7f:f7:ae:c6:ef:d4:ea:aa:1c:19:
a6:71:7d:a0:d5:46:40:c5:4f:61:76:0c:27:ba:3e:2f:77:84:
24:60:e3:6c:38:5b:2b:24:d7:27:1c:d9:62:f8:88:dd:f7:bd:
df:88:d1:40:4d:a4:87:ed:77:d0:37:b8:c0:76:48:fd:b1:a3:
55:c4:b4:19:1c:19:bf:1d:46:0b:b9:a5:2b:60:ee:eb:f2:11:
ce:e7:df:e6:dd:fa:ba:91:de:cb:05:03:3f:23:78:80:aa:0b:
ba:98:f1:1d:2f:67:47:2a:01:fd:8f:1e:aa:fd:3a:4c:9b:3a:
6c:3f:93:d1:a1:c4:14:b3:0c:ef:aa:07:0e:6f:c1:88:53:37:
25:17:7c:40:f9:3c:ec:f7:ad:01:09:05:9d:a5:3b:1b:f1:62:
b3:5e:2c:7e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBSowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjhEMjAxMTAvBgNVBAUTKDcxN0E3OEQ4M0VDMzhGMTcxMTAyNzMyODEzOTg0NDlF
Q0REMTA1MDAwHhcNMjMxMjE1MDAzMjMzWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTdiOWVhMS03YjRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzoluMdTIy9ecQ92Z9dnn+u61KcDC4dHDjzgMr8sdICFYslW3wGDsLzrd6Psr
jr4Iy109pvBm9ONuRFhaaOYmHw9PMYc3wfEQW9nnz0Bs6HEfsvFr4e+LpgFeMmC8
ifL1n03moCHm2oePStd/BYTegTFcSM8zObpc9NyIjtf2ihXCxD57ABfNmjVtxUql
ia9G7f81/LfoDHDqmwhIEhB3/uc/j+FtgjR3RXDOrW8xlAG8v3XjImx20aEHu9ni
IUjGnce49OeEfrlqyyqbdJUbQcwKMtB3Qwe8TjLFMVtf8T6YY/9czhoEyTwYMUqe
KWuF7u8qWJdC7USIdurBRymMbwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBzzVQb6
tTf7TUlAqRxMHqrh/rUBMB8GA1UdIwQYMBaAFHF6eNg+w48XEQJzKBOYRJ7N0QUA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OEQyMC9DMEM2QUU1Qzkz
NUIxMUVCOTEwODZENTVDNEY5QUUwMi9jWHA0MkQ3RGp4Y1JBbk1vRTVoRW5zM1JC
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NYcDQyRDdEanhjUkFuTW9FNWhFbnMzUkJRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjhEMjAvQzBDNkFFNUM5MzVCMTFFQjkxMDg2RDU1QzRGOUFFMDIvQzIwQzg0RUM5
MzVEMTFFQkJGOEE4MDU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnfdwwDQYJKoZIhvcNAQELBQADggEBAIwTVOVvPy6VEFhD
ZgFPAH9bfgtsx+YNPfZaTKfFWqp2MpBkG5eypUPD3Rz/8a7CovgToMcQMoWG4pU9
pttiIm/GI3xXlDWBfxNADKxvXVbU9E5WKbH7Eplnu4BSs3poS+gdf/euxu/U6qoc
GaZxfaDVRkDFT2F2DCe6Pi93hCRg42w4Wysk1ycc2WL4iN33vd+I0UBNpIftd9A3
uMB2SP2xo1XEtBkcGb8dRgu5pStg7uvyEc7n3+bd+rqR3ssFAz8jeICqC7qY8R0v
Z0cqAf2PHqr9OkybOmw/k9GhxBSzDO+qBw5vwYhTNyUXfED5POz3rQEJBZ2lOxvx
YrNeLH4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:10 2024 by rpki-client on console-fra.rpki-client.org