Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F349D/1996353601D611ED92E11E46C4F9AE02/52EF4AE001D911EDA7CC764DC4F9AE02.roa
File: 52EF4AE001D911EDA7CC764DC4F9AE02.roa (raw, json)
Hash identifier: sIb72h78pOjfQ+8TA4TVbXONElkk10Wa3+0+Ez8rUEw=
Subject key identifier: 1A:95:0B:9C:9E:EE:3F:D6:42:08:4C:48:8F:ED:17:FE:2C:84:31:BF
Certificate issuer: /CN=A91F349D/serialNumber=F811081125A6E8788582E8D0E3AAD7C6C1D19F99
Certificate serial: 0195
Authority key identifier: F8:11:08:11:25:A6:E8:78:85:82:E8:D0:E3:AA:D7:C6:C1:D1:9F:99
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-BEIESWm6HiFgujQ46rXxsHRn5k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F349D/1996353601D611ED92E11E46C4F9AE02/52EF4AE001D911EDA7CC764DC4F9AE02.roa
Signing time: Mon 01 Jan 2024 04:05:25 +0000
ROA not before: Mon 01 Jan 2024 04:05:25 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 135602
IP address blocks: 103.243.72.0/24 maxlen: 24
103.243.73.0/24 maxlen: 24
103.243.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 09:16:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 405 (0x195)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F349D/serialNumber=F811081125A6E8788582E8D0E3AAD7C6C1D19F99
Validity
Not Before: Jan 1 04:05:25 2024 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=65923a05-cbc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:21:52:a5:dc:83:78:fd:4e:df:d7:37:a9:79:
c4:f8:26:21:84:28:7e:74:af:f1:1d:6a:88:b2:53:
27:3e:99:ff:1f:18:7e:68:fe:c5:5a:56:6f:31:c7:
cc:df:03:47:4f:4d:bc:4e:50:90:0a:f7:14:ff:98:
92:c9:bd:2b:12:ea:6c:e6:7b:d2:08:f9:14:9f:18:
bb:05:e1:17:ac:96:27:9b:00:37:45:f4:95:7a:25:
f9:c1:0c:17:30:be:71:32:d3:9a:2e:40:59:d9:a7:
c3:0d:40:73:fa:7f:a6:d3:56:af:be:6f:38:4f:11:
4c:db:f3:36:c4:76:25:cc:fa:7c:b1:1a:58:d5:eb:
44:59:20:6c:5c:99:31:04:4e:05:09:20:4b:93:61:
66:fc:7d:90:73:60:6b:26:fb:e0:38:20:05:61:c5:
38:3f:04:cc:08:d0:5e:29:66:2b:35:39:ff:e2:ad:
f6:a3:a0:8d:e8:0b:bc:b7:44:e3:c1:43:06:f7:3a:
40:fc:2b:b7:f6:9c:74:96:79:9a:81:ef:b2:58:01:
b1:6d:30:43:10:da:f2:ac:b9:44:43:09:9c:41:3c:
88:50:36:db:cb:8e:48:76:a6:89:aa:40:48:37:0e:
e5:4f:9d:17:e1:3a:b7:5c:14:0e:70:10:33:4e:a6:
fb:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:95:0B:9C:9E:EE:3F:D6:42:08:4C:48:8F:ED:17:FE:2C:84:31:BF
X509v3 Authority Key Identifier:
keyid:F8:11:08:11:25:A6:E8:78:85:82:E8:D0:E3:AA:D7:C6:C1:D1:9F:99
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F349D/1996353601D611ED92E11E46C4F9AE02/-BEIESWm6HiFgujQ46rXxsHRn5k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-BEIESWm6HiFgujQ46rXxsHRn5k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F349D/1996353601D611ED92E11E46C4F9AE02/52EF4AE001D911EDA7CC764DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.243.72.0-103.243.74.255
Signature Algorithm: sha256WithRSAEncryption
aa:98:37:35:1c:a5:42:a4:bb:6d:a8:9e:32:a9:53:80:b7:b0:
49:7d:2a:13:f6:ce:d1:69:7c:c0:72:6c:64:35:10:d4:ba:d2:
d3:2c:22:99:51:36:fd:6f:0a:a8:49:d7:a3:53:d3:27:85:9b:
d4:47:1a:e5:71:c4:c6:b7:5e:ee:02:6f:2d:1b:3d:fd:33:ff:
a5:b0:e2:75:11:a2:f7:ff:8f:0a:6c:ca:2a:b9:43:ff:71:ef:
7d:bf:b7:aa:43:42:75:c4:0e:61:23:79:95:80:af:3c:2d:4a:
f5:4d:2d:f2:bc:e9:88:60:16:e7:3e:1e:f3:88:b2:ba:e9:75:
14:e9:27:a7:35:48:cb:48:c1:40:c5:2a:5b:29:8a:bb:8e:c1:
13:3e:5c:05:db:3f:0d:d2:1e:2a:c8:4b:cc:ab:43:31:d9:91:
16:b8:2e:21:3b:b9:94:c9:bc:67:fb:d1:66:1c:89:c2:59:b3:
7e:32:8f:4f:e0:da:3f:43:c5:8c:71:35:d1:31:25:d1:a6:f8:
ca:d3:ab:43:70:7b:e5:a9:c5:e4:8f:a1:5c:63:29:1d:04:09:
eb:86:16:a9:77:55:2c:9a:51:19:5a:c8:02:3b:b4:32:b5:31:
f0:6f:65:0e:8f:2d:b1:24:c5:21:28:d2:42:f2:7e:d6:1b:c1:
4f:b9:51:94
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICAZUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjM0OUQxMTAvBgNVBAUTKEY4MTEwODExMjVBNkU4Nzg4NTgyRThEMEUzQUFEN0M2
QzFEMTlGOTkwHhcNMjQwMTAxMDQwNTI1WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTkyM2EwNS1jYmMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqCFSpdyDeP1O39c3qXnE+CYhhCh+dK/xHWqIslMnPpn/Hxh+aP7FWlZvMcfM
3wNHT028TlCQCvcU/5iSyb0rEups5nvSCPkUnxi7BeEXrJYnmwA3RfSVeiX5wQwX
ML5xMtOaLkBZ2afDDUBz+n+m01avvm84TxFM2/M2xHYlzPp8sRpY1etEWSBsXJkx
BE4FCSBLk2Fm/H2Qc2BrJvvgOCAFYcU4PwTMCNBeKWYrNTn/4q32o6CN6Au8t0Tj
wUMG9zpA/Cu39px0lnmage+yWAGxbTBDENryrLlEQwmcQTyIUDbby45IdqaJqkBI
Nw7lT50X4Tq3XBQOcBAzTqb7swIDAQABo4ICnTCCApkwHQYDVR0OBBYEFBqVC5ye
7j/WQghMSI/tF/4shDG/MB8GA1UdIwQYMBaAFPgRCBElpuh4hYLo0OOq18bB0Z+Z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMzQ5RC8xOTk2MzUzNjAx
RDYxMUVEOTJFMTFFNDZDNEY5QUUwMi8tQkVJRVNXbTZIaUZndWpRNDZyWHhzSFJu
NWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1CRUlFU1dtNkhpRmd1alE0NnJYeHNIUm41ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjM0OUQvMTk5NjM1MzYwMUQ2MTFFRDkyRTExRTQ2QzRGOUFFMDIvNTJFRjRBRTAw
MUQ5MTFFREE3Q0M3NjREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEA2fzSAMEAGfzSjANBgkqhkiG9w0BAQsFAAOCAQEAqpg3
NRylQqS7baieMqlTgLewSX0qE/bO0Wl8wHJsZDUQ1LrS0ywimVE2/W8KqEnXo1PT
J4Wb1Eca5XHExrde7gJvLRs9/TP/pbDidRGi9/+PCmzKKrlD/3Hvfb+3qkNCdcQO
YSN5lYCvPC1K9U0t8rzpiGAW5z4e84iyuul1FOknpzVIy0jBQMUqWymKu47BEz5c
Bds/DdIeKshLzKtDMdmRFrguITu5lMm8Z/vRZhyJwlmzfjKPT+DaP0PFjHE10TEl
0ab4ytOrQ3B75anF5I+hXGMpHQQJ64YWqXdVLJpRGVrIAju0MrUx8G9lDo8tsSTF
ISjSQvJ+1hvBT7lRlA==
-----END CERTIFICATE-----
Generated at Mon Feb 19 12:41:44 2024 by rpki-client on console-fra.rpki-client.org