Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916BEBC/A77826A0CF8C11ED9B7D3A7DC4F9AE02/290F6F58CF9111EDA3BFB51CC4F9AE02.roa
File: 290F6F58CF9111EDA3BFB51CC4F9AE02.roa (raw, json)
Hash identifier: zjzFvnjksjYEQnz8cKMB+SHasgxHzI5X9+gQGbKiV0g=
Subject key identifier: 6A:AA:39:26:4C:9F:4C:D4:28:D1:F6:55:0D:63:92:66:70:BC:3A:00
Certificate issuer: /CN=A916BEBC/serialNumber=13AB60C800F9F72B2F3244F058C4258381092FC5
Certificate serial: C4
Authority key identifier: 13:AB:60:C8:00:F9:F7:2B:2F:32:44:F0:58:C4:25:83:81:09:2F:C5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E6tgyAD59ysvMkTwWMQlg4EJL8U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916BEBC/A77826A0CF8C11ED9B7D3A7DC4F9AE02/290F6F58CF9111EDA3BFB51CC4F9AE02.roa
Signing time: Thu 11 Apr 2024 06:08:57 +0000
ROA not before: Thu 11 Apr 2024 06:08:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139922
IP address blocks: 103.123.60.0/23 maxlen: 24
2001:df2:32c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Apr 2024 05:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 196 (0xc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916BEBC/serialNumber=13AB60C800F9F72B2F3244F058C4258381092FC5
Validity
Not Before: Apr 11 06:08:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66177e78-1c2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:67:1e:62:0e:0e:24:83:06:34:50:ad:49:2f:
de:5f:87:60:df:34:d1:e0:f2:4b:e6:ad:ab:94:3c:
be:39:40:f8:b8:7c:ec:72:13:a3:1b:e4:e3:5e:89:
cf:26:a2:2e:0a:a4:87:61:1d:45:95:68:76:29:f3:
8f:1d:1a:e4:cf:f1:d7:c0:58:1f:3f:88:ea:29:e8:
c7:ea:e8:81:9b:13:e5:91:4f:2f:0a:3a:cd:2c:a9:
f9:1a:18:9c:79:4d:a5:cf:08:a9:f2:7f:29:55:77:
82:78:82:8d:dd:41:46:d1:a6:96:48:c3:2b:0f:1c:
20:74:d6:48:d5:8e:f9:67:a5:e5:33:7d:c1:73:75:
fc:87:58:0c:00:f0:8e:77:9d:ee:20:9d:6e:b5:47:
df:16:cd:fb:8f:6c:e9:eb:e5:bc:b5:90:ad:b6:19:
38:42:c1:c4:e5:a5:16:29:4a:fb:6d:30:fe:f2:a4:
94:68:3a:1a:9a:96:96:d2:78:15:1e:42:5c:a6:26:
e0:2e:b4:0f:99:73:b3:35:59:ec:8a:1f:35:54:39:
5a:95:07:d8:10:4b:ed:cb:ed:29:65:e6:16:3f:4d:
d6:4c:7f:fe:82:20:4b:9e:66:9f:b4:31:b8:dc:58:
dd:74:00:1f:8b:d0:16:59:cd:96:1d:10:9c:98:98:
17:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:AA:39:26:4C:9F:4C:D4:28:D1:F6:55:0D:63:92:66:70:BC:3A:00
X509v3 Authority Key Identifier:
keyid:13:AB:60:C8:00:F9:F7:2B:2F:32:44:F0:58:C4:25:83:81:09:2F:C5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916BEBC/A77826A0CF8C11ED9B7D3A7DC4F9AE02/E6tgyAD59ysvMkTwWMQlg4EJL8U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E6tgyAD59ysvMkTwWMQlg4EJL8U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BEBC/A77826A0CF8C11ED9B7D3A7DC4F9AE02/290F6F58CF9111EDA3BFB51CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.60.0/23
IPv6:
2001:df2:32c0::/48
Signature Algorithm: sha256WithRSAEncryption
55:42:74:c6:b2:ea:0a:27:4a:e0:85:99:5c:64:38:34:99:bf:
1e:9f:7f:7d:8e:5e:ef:a9:34:e8:3f:8f:d7:15:ec:b1:b9:d2:
83:0d:5e:23:5c:47:65:d4:13:77:ed:05:62:28:a8:6f:f7:cb:
7a:db:a7:a3:6e:73:f7:83:be:da:9e:56:42:aa:e8:24:8e:58:
eb:dc:fa:60:2b:d6:5d:78:1d:3c:42:02:e4:58:58:28:e6:34:
7c:50:e7:2e:b5:58:41:4f:fb:e6:f6:4f:c9:a8:da:2b:e3:29:
19:b9:9a:24:0e:03:89:74:e2:ff:24:61:a1:a7:e9:4b:4a:fd:
8a:4d:82:a1:a2:dd:d3:cd:6b:03:05:68:01:c2:14:ad:70:15:
e4:63:37:ab:5d:85:cf:4c:27:08:39:af:57:e0:a5:28:d1:cf:
ad:8c:66:63:f8:0f:de:cb:d6:9f:e2:75:0c:6c:87:74:72:c8:
f2:47:45:60:ec:af:df:e9:38:ff:cf:1b:4c:bc:b8:1b:ca:46:
c9:fd:02:61:d0:6e:45:92:8a:26:d9:71:dc:3d:61:06:d8:08:
cd:df:35:38:2c:6f:9f:3d:c5:33:02:d1:f9:94:23:72:e9:da:
35:df:ae:e4:7c:df:1a:df:11:09:e8:9d:63:6a:72:1b:12:38:
c1:5d:df:40
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAMQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkJFQkMxMTAvBgNVBAUTKDEzQUI2MEM4MDBGOUY3MkIyRjMyNDRGMDU4QzQyNTgz
ODEwOTJGQzUwHhcNMjQwNDExMDYwODU3WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjE3N2U3OC0xYzJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu2ceYg4OJIMGNFCtSS/eX4dg3zTR4PJL5q2rlDy+OUD4uHzschOjG+TjXonP
JqIuCqSHYR1FlWh2KfOPHRrkz/HXwFgfP4jqKejH6uiBmxPlkU8vCjrNLKn5Ghic
eU2lzwip8n8pVXeCeIKN3UFG0aaWSMMrDxwgdNZI1Y75Z6XlM33Bc3X8h1gMAPCO
d53uIJ1utUffFs37j2zp6+W8tZCtthk4QsHE5aUWKUr7bTD+8qSUaDoampaW0ngV
HkJcpibgLrQPmXOzNVnsih81VDlalQfYEEvty+0pZeYWP03WTH/+giBLnmaftDG4
3FjddAAfi9AWWc2WHRCcmJgXvwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFGqqOSZM
n0zUKNH2VQ1jkmZwvDoAMB8GA1UdIwQYMBaAFBOrYMgA+fcrLzJE8FjEJYOBCS/F
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkVCQy9BNzc4MjZBMENG
OEMxMUVEOUI3RDNBN0RDNEY5QUUwMi9FNnRneUFENTl5c3ZNa1R3V01RbGc0RUpM
OFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0U2dGd5QUQ1OXlzdk1rVHdXTVFsZzRFSkw4VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkJFQkMvQTc3ODI2QTBDRjhDMTFFRDlCN0QzQTdEQzRGOUFFMDIvMjkwRjZGNThD
RjkxMTFFREEzQkZCNTFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnezwwDwQCAAIwCQMHACABDfIywDANBgkqhkiG9w0BAQsF
AAOCAQEAVUJ0xrLqCidK4IWZXGQ4NJm/Hp9/fY5e76k06D+P1xXssbnSgw1eI1xH
ZdQTd+0FYiiob/fLetuno25z94O+2p5WQqroJI5Y69z6YCvWXXgdPEIC5FhYKOY0
fFDnLrVYQU/75vZPyajaK+MpGbmaJA4DiXTi/yRhoafpS0r9ik2CoaLd081rAwVo
AcIUrXAV5GM3q12Fz0wnCDmvV+ClKNHPrYxmY/gP3svWn+J1DGyHdHLI8kdFYOyv
3+k4/88bTLy4G8pGyf0CYdBuRZKKJtlx3D1hBtgIzd81OCxvnz3FMwLR+ZQjcuna
Nd+u5HzfGt8RCeidY2pyGxI4wV3fQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org