Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/916F749AFA5611EDB88E6A76C4F9AE02.roa
File: 916F749AFA5611EDB88E6A76C4F9AE02.roa (raw, json)
Hash identifier: SEUa+pH8iFOqfvIwC54rt/EjFIQrqMPro68ZZUvvYfE=
Subject key identifier: 30:92:E8:5C:E2:1D:5D:42:07:FB:D3:F9:78:CD:1C:52:E8:06:68:21
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1B19
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/916F749AFA5611EDB88E6A76C4F9AE02.roa
Signing time: Wed 24 May 2023 17:15:24 +0000
ROA not before: Wed 24 May 2023 17:15:24 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 141342
IP address blocks: 103.12.120.0/24 maxlen: 24
103.12.121.0/24 maxlen: 24
103.12.122.0/24 maxlen: 24
103.12.123.0/24 maxlen: 24
113.203.200.0/24 maxlen: 24
113.203.201.0/24 maxlen: 24
113.203.202.0/24 maxlen: 24
113.203.203.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6937 (0x1b19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: May 24 17:15:24 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=646e462b-2c88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:79:d8:a9:9d:6f:79:2d:20:cb:8b:1c:a6:3a:
5d:d0:e5:51:47:e8:47:72:92:03:18:58:4e:5f:b8:
52:3c:07:c6:0a:f6:33:bb:2c:08:e9:3d:34:01:73:
5b:b9:59:73:1c:14:a1:ef:27:53:3f:f9:db:b8:93:
13:ec:3b:45:86:4f:de:fc:32:76:e4:25:70:a3:2a:
18:ad:f1:de:66:7e:5c:65:7a:7f:cb:13:20:f9:f4:
dd:96:ab:af:51:cb:8b:a7:c1:d1:ac:ee:1c:d1:82:
68:3a:7b:f0:d2:fa:62:39:1d:38:86:ac:d7:67:19:
f8:5e:c1:dd:0f:13:74:bb:f8:fc:ff:ce:18:bf:80:
38:ae:d5:83:84:60:75:e1:d2:26:63:ad:9b:56:42:
8d:23:ce:10:86:98:c2:4b:e6:96:24:10:22:73:67:
8e:88:8a:f0:60:cf:07:5d:32:9b:11:31:98:01:72:
8c:d6:0c:c4:63:31:49:3a:3b:a7:86:ac:82:7a:bc:
0f:fc:e9:2a:1e:a8:4c:b5:a2:17:43:dc:dc:b8:4c:
83:8e:61:3a:6a:a4:7a:3a:3e:47:c9:43:c6:0c:68:
e6:7a:9c:4d:74:0c:f4:78:7b:dd:98:51:2c:23:60:
42:eb:d4:b3:04:5e:04:9d:19:94:3b:54:23:14:5a:
53:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:92:E8:5C:E2:1D:5D:42:07:FB:D3:F9:78:CD:1C:52:E8:06:68:21
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/916F749AFA5611EDB88E6A76C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.12.120.0/22
113.203.200.0/22
Signature Algorithm: sha256WithRSAEncryption
75:c3:15:5f:73:5c:13:35:46:f4:36:aa:75:d8:25:79:fb:b6:
11:52:e3:a1:3e:12:bc:e1:b3:7b:01:e9:b9:6d:2d:78:22:08:
a5:0a:55:26:a4:bc:bf:25:74:56:b6:c4:b6:27:f0:b0:17:a4:
6a:c1:98:fd:eb:20:55:03:d0:6c:da:97:85:ff:9b:80:28:01:
12:f2:05:45:55:42:f6:66:4b:d3:18:bf:78:89:93:4c:4d:97:
c5:58:9f:34:9d:c3:24:27:f9:29:38:9a:91:24:2d:72:a3:4e:
a7:17:e7:c0:c9:9b:de:c3:04:d1:38:e9:fd:f2:c0:95:2f:a5:
75:9d:5a:fd:d3:52:92:36:72:c8:bc:70:75:81:a6:7e:14:4c:
99:8b:f5:b7:37:06:fe:9d:16:a4:12:50:7c:21:ca:7a:35:49:
09:9c:00:11:9c:24:64:f5:c7:e4:af:41:1b:c0:22:10:f9:da:
95:a8:c2:b7:de:c1:31:9c:01:4d:2f:c9:69:5b:36:ff:15:56:
44:1c:fd:b7:7f:df:bf:44:89:b8:b5:1a:e0:2e:c9:7e:72:5e:
6a:55:82:e4:b1:0e:d2:4e:bb:79:08:e5:c2:19:1f:bd:b4:b0:
fe:51:62:27:a8:cb:04:37:aa:41:31:c8:56:7f:fd:67:72:02:
a3:aa:b3:62
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICGxkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjMwNTI0MTcxNTI0WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDZlNDYyYi0yYzg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyHnYqZ1veS0gy4scpjpd0OVRR+hHcpIDGFhOX7hSPAfGCvYzuywI6T00AXNb
uVlzHBSh7ydTP/nbuJMT7DtFhk/e/DJ25CVwoyoYrfHeZn5cZXp/yxMg+fTdlquv
UcuLp8HRrO4c0YJoOnvw0vpiOR04hqzXZxn4XsHdDxN0u/j8/84Yv4A4rtWDhGB1
4dImY62bVkKNI84QhpjCS+aWJBAic2eOiIrwYM8HXTKbETGYAXKM1gzEYzFJOjun
hqyCerwP/OkqHqhMtaIXQ9zcuEyDjmE6aqR6Oj5HyUPGDGjmepxNdAz0eHvdmFEs
I2BC69SzBF4EnRmUO1QjFFpTqwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDCS6Fzi
HV1CB/vT+XjNHFLoBmghMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvOTE2Rjc0OUFG
QTU2MTFFREI4OEU2QTc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnDHgDBAJxy8gwDQYJKoZIhvcNAQELBQADggEBAHXDFV9z
XBM1RvQ2qnXYJXn7thFS46E+Erzhs3sB6bltLXgiCKUKVSakvL8ldFa2xLYn8LAX
pGrBmP3rIFUD0Gzal4X/m4AoARLyBUVVQvZmS9MYv3iJk0xNl8VYnzSdwyQn+Sk4
mpEkLXKjTqcX58DJm97DBNE46f3ywJUvpXWdWv3TUpI2csi8cHWBpn4UTJmL9bc3
Bv6dFqQSUHwhyno1SQmcABGcJGT1x+SvQRvAIhD52pWowrfewTGcAU0vyWlbNv8V
VkQc/bd/379Eibi1GuAuyX5yXmpVguSxDtJOu3kI5cIZH720sP5RYieoywQ3qkEx
yFZ//WdyAqOqs2I=
-----END CERTIFICATE-----
Generated at Sat Nov 4 14:31:50 2023 by rpki-client on console-ams.rpki-client.org