Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/F8751502FFC211ED83E11516C4F9AE02.roa
File: F8751502FFC211ED83E11516C4F9AE02.roa (raw, json)
Hash identifier: Gji7uprC0pkI2ABNcSXblr5sX1FdEqJy6sclMW+NjGw=
Subject key identifier: C7:FB:E7:50:F1:1B:9E:2D:FE:3A:0D:59:1B:F1:D4:38:A5:AC:4B:9A
Certificate issuer: /CN=A91AFF15/serialNumber=599A78D4BBCE13D4D813DEF9167CD35747EA0260
Certificate serial: 088B
Authority key identifier: 59:9A:78:D4:BB:CE:13:D4:D8:13:DE:F9:16:7C:D3:57:47:EA:02:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WZp41LvOE9TYE975FnzTV0fqAmA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/F8751502FFC211ED83E11516C4F9AE02.roa
Signing time: Wed 22 Nov 2023 21:28:53 +0000
ROA not before: Wed 22 Nov 2023 21:28:53 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 133141
IP address blocks: 103.72.0.0/24 maxlen: 24
103.72.1.0/24 maxlen: 24
103.72.2.0/24 maxlen: 24
103.72.3.0/24 maxlen: 24
103.194.92.0/24 maxlen: 24
103.194.93.0/24 maxlen: 24
103.194.94.0/24 maxlen: 24
103.194.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 19:57:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2187 (0x88b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AFF15/serialNumber=599A78D4BBCE13D4D813DEF9167CD35747EA0260
Validity
Not Before: Nov 22 21:28:53 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=655e7295-7431
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:0a:63:6e:8f:dd:5c:b6:44:c7:fa:27:e9:f2:
f7:e1:8e:ca:8a:2e:97:5c:85:f5:e8:5f:0a:91:0e:
b9:6b:26:57:29:64:bd:23:83:9a:31:f5:0b:4f:e0:
86:a5:38:ba:1b:ea:0b:e0:a6:10:9e:32:7e:b8:b1:
67:14:15:79:70:1d:2f:37:c8:c9:dc:6d:c2:16:a5:
d1:4d:46:9c:29:e0:84:0f:ff:15:06:fd:6c:ee:df:
c7:b5:98:89:ef:15:57:25:e7:bd:fc:85:5e:65:75:
13:09:80:1c:e1:2d:ab:49:d7:bb:a7:47:aa:00:f2:
26:32:0e:98:ef:30:23:6e:57:91:a9:49:92:c4:83:
fa:0d:0b:a4:98:8e:87:a9:5c:dd:64:34:88:ac:fc:
5e:ce:db:db:45:53:90:de:a2:69:0f:18:c1:04:3b:
1a:e5:51:c4:41:26:4a:9c:6c:4d:c6:66:08:1a:f5:
1c:50:e1:f4:ac:1a:fd:55:a1:b2:f4:d1:86:ed:1d:
83:5c:40:f9:88:0a:7d:1d:37:21:95:e5:1e:55:d4:
c1:2b:47:f8:ec:46:6e:fa:87:b4:81:85:80:ca:ad:
18:52:31:89:51:9b:43:f7:53:4f:60:1d:d1:48:04:
30:2e:7b:4a:fb:a6:b6:2f:3d:10:37:ef:fd:8f:d8:
5d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:FB:E7:50:F1:1B:9E:2D:FE:3A:0D:59:1B:F1:D4:38:A5:AC:4B:9A
X509v3 Authority Key Identifier:
keyid:59:9A:78:D4:BB:CE:13:D4:D8:13:DE:F9:16:7C:D3:57:47:EA:02:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/WZp41LvOE9TYE975FnzTV0fqAmA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WZp41LvOE9TYE975FnzTV0fqAmA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/F8751502FFC211ED83E11516C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.0.0/22
103.194.92.0/22
Signature Algorithm: sha256WithRSAEncryption
ca:0e:b6:f6:21:c5:91:6d:91:05:e0:af:d3:97:0f:a3:f7:45:
aa:06:39:89:cb:3f:cb:0e:36:91:9b:66:43:7a:0f:87:cd:c5:
7e:db:b0:c3:ec:6c:e3:05:8d:4d:48:73:8b:89:1c:77:ef:fa:
7c:07:1b:5d:b6:6a:6e:ba:06:78:a0:e6:e7:ab:2c:33:d1:37:
c8:ec:3c:88:0f:6f:4b:e5:8c:60:72:17:53:8a:5f:64:61:b3:
24:71:2c:70:44:45:be:1b:b5:b4:42:dd:a2:9f:9b:29:67:a8:
3e:41:d7:45:d2:2b:38:1d:4d:7a:ef:6a:78:1f:c0:19:7d:05:
31:69:f7:ba:60:ea:4f:2b:94:5f:36:38:4f:1c:96:71:10:db:
4f:9d:c1:ad:58:5c:87:fd:c4:3f:4d:d0:62:9a:69:ed:e0:41:
46:97:bd:01:74:70:63:eb:6d:94:29:d7:bc:c4:81:e9:76:07:
b9:82:4b:c6:f3:1e:ee:ef:41:36:9d:fd:80:1c:6a:9e:a9:3a:
ea:3e:27:6e:3c:50:c0:ed:b5:a8:5e:81:ca:90:77:97:d9:d9:
4d:b1:6d:6a:45:64:e8:e7:f5:84:68:63:5c:aa:f3:81:58:71:
64:30:f3:57:2d:9f:56:93:93:3c:a2:08:51:95:da:f6:8b:53:
14:f0:73:d9
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUZGMTUxMTAvBgNVBAUTKDU5OUE3OEQ0QkJDRTEzRDREODEzREVGOTE2N0NEMzU3
NDdFQTAyNjAwHhcNMjMxMTIyMjEyODUzWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVlNzI5NS03NDMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1Apjbo/dXLZEx/on6fL34Y7Kii6XXIX16F8KkQ65ayZXKWS9I4OaMfULT+CG
pTi6G+oL4KYQnjJ+uLFnFBV5cB0vN8jJ3G3CFqXRTUacKeCED/8VBv1s7t/HtZiJ
7xVXJee9/IVeZXUTCYAc4S2rSde7p0eqAPImMg6Y7zAjbleRqUmSxIP6DQukmI6H
qVzdZDSIrPxeztvbRVOQ3qJpDxjBBDsa5VHEQSZKnGxNxmYIGvUcUOH0rBr9VaGy
9NGG7R2DXED5iAp9HTchleUeVdTBK0f47EZu+oe0gYWAyq0YUjGJUZtD91NPYB3R
SAQwLntK+6a2Lz0QN+/9j9hd1QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMf751Dx
G54t/joNWRvx1DilrEuaMB8GA1UdIwQYMBaAFFmaeNS7zhPU2BPe+RZ801dH6gJg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRkYxNS9CNDc4NUJFODhE
NEMxMUVBQkJERDNBNzRDNEY5QUUwMi9XWnA0MUx2T0U5VFlFOTc1Rm56VFYwZnFB
bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dacDQxTHZPRTlUWUU5NzVGbnpUVjBmcUFtQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUZGMTUvQjQ3ODVCRTg4RDRDMTFFQUJCREQzQTc0QzRGOUFFMDIvRjg3NTE1MDJG
RkMyMTFFRDgzRTExNTE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnSAADBAJnwlwwDQYJKoZIhvcNAQELBQADggEBAMoOtvYh
xZFtkQXgr9OXD6P3RaoGOYnLP8sONpGbZkN6D4fNxX7bsMPsbOMFjU1Ic4uJHHfv
+nwHG122am66Bnig5uerLDPRN8jsPIgPb0vljGByF1OKX2RhsyRxLHBERb4btbRC
3aKfmylnqD5B10XSKzgdTXrvangfwBl9BTFp97pg6k8rlF82OE8clnEQ20+dwa1Y
XIf9xD9N0GKaae3gQUaXvQF0cGPrbZQp17zEgel2B7mCS8bzHu7vQTad/YAcap6p
Ouo+J248UMDttahegcqQd5fZ2U2xbWpFZOjn9YRoY1yq84FYcWQw81ctn1aTkzyi
CFGV2vaLUxTwc9k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:56 2024 by rpki-client on console-ams.rpki-client.org