Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F715C/5F0726384F3311EE966E0F72C4F9AE02/290C6478B2BE11EEB3703266C4F9AE02.roa
File: 290C6478B2BE11EEB3703266C4F9AE02.roa (raw, json)
Hash identifier: TizGZv74cc6YwI96YTvJGfgLIKax7KhT9lvi+U6d7lQ=
Subject key identifier: 79:67:B5:28:48:1D:67:80:33:C0:02:52:98:CF:55:57:C1:DB:A5:1B
Certificate issuer: /CN=A91F715C/serialNumber=E77132E4FEAD04EED4FE946D607A0DCB57A42065
Certificate serial: 5F
Authority key identifier: E7:71:32:E4:FE:AD:04:EE:D4:FE:94:6D:60:7A:0D:CB:57:A4:20:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/53Ey5P6tBO7U_pRtYHoNy1ekIGU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F715C/5F0726384F3311EE966E0F72C4F9AE02/290C6478B2BE11EEB3703266C4F9AE02.roa
Signing time: Sun 14 Jan 2024 09:21:12 +0000
ROA not before: Sun 14 Jan 2024 09:21:12 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 151790
IP address blocks: 103.72.62.0/24 maxlen: 24
103.72.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 May 2024 07:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95 (0x5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F715C/serialNumber=E77132E4FEAD04EED4FE946D607A0DCB57A42065
Validity
Not Before: Jan 14 09:21:12 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65a3a787-fa53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:11:2e:df:e8:42:6a:b2:e2:c8:f4:7b:cb:32:
45:12:b8:cc:bb:6b:60:ec:8b:c9:f8:04:db:18:62:
aa:21:7e:60:1d:08:3b:01:db:85:91:ad:bb:17:fb:
7a:fa:1a:66:da:08:4d:83:e1:84:91:27:9c:06:cf:
90:2b:b8:69:0a:3f:f8:97:16:67:b6:44:1a:53:60:
6d:8e:60:b4:6b:e0:47:a3:a8:90:f8:64:83:ee:a7:
56:fc:c3:20:97:a1:03:38:06:b9:68:33:a8:a5:d6:
5b:28:59:20:77:02:23:2c:dc:f1:81:1c:d2:b0:37:
76:81:e5:d1:7b:35:f5:30:fd:e9:cf:ea:88:fe:10:
a4:28:13:d9:b1:65:c3:73:6a:c2:0a:19:5f:4e:99:
22:cf:1d:2e:5f:a5:21:7b:9a:e8:5c:1e:7b:e1:3d:
67:18:e8:8a:63:d9:64:f1:b9:b4:7c:4a:a5:ee:34:
3d:bc:60:99:33:f0:f0:e3:2a:ad:1d:21:7d:79:06:
14:1f:fd:41:32:60:36:7b:1b:d9:0d:6a:71:f7:29:
df:76:4b:ae:a3:67:9d:a7:65:7b:5e:29:8f:18:94:
e0:4d:90:a1:c5:80:75:fb:92:32:d3:eb:6f:0d:74:
13:76:10:44:09:7c:0d:3f:ca:64:9d:a8:27:22:8e:
cd:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:67:B5:28:48:1D:67:80:33:C0:02:52:98:CF:55:57:C1:DB:A5:1B
X509v3 Authority Key Identifier:
keyid:E7:71:32:E4:FE:AD:04:EE:D4:FE:94:6D:60:7A:0D:CB:57:A4:20:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F715C/5F0726384F3311EE966E0F72C4F9AE02/53Ey5P6tBO7U_pRtYHoNy1ekIGU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/53Ey5P6tBO7U_pRtYHoNy1ekIGU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F715C/5F0726384F3311EE966E0F72C4F9AE02/290C6478B2BE11EEB3703266C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.62.0/23
Signature Algorithm: sha256WithRSAEncryption
21:e2:07:b7:1a:a6:16:41:56:ff:45:10:74:a3:62:84:45:9f:
95:ea:ef:c3:c7:6b:1e:1f:ef:59:00:b8:58:d0:31:4e:25:92:
7e:f8:b6:98:b4:a1:90:d2:8a:6f:84:64:83:01:9d:41:2d:6f:
66:a7:33:c3:c9:75:bb:4f:ca:f0:5a:e3:7f:02:9d:9b:98:61:
84:6b:c0:34:e4:49:6d:4b:6f:d1:6c:da:f7:15:2b:3c:a4:34:
15:6f:1c:3c:d6:40:e3:75:99:83:c7:ff:ca:ff:af:7b:9c:b1:
fa:e9:c0:dd:b7:fc:70:7a:28:f9:f7:74:04:71:b5:a2:61:48:
14:4b:75:26:3b:d2:33:d9:dd:88:81:13:92:9d:0f:78:15:ea:
fe:d4:6d:09:05:5f:c1:ca:b6:49:f1:9d:2a:ee:c4:4f:33:44:
73:5e:18:d5:73:2b:dd:2e:f5:e3:9a:9e:22:a6:42:e7:1f:13:
00:66:33:49:da:6b:5f:86:c9:87:79:74:81:e2:93:ff:a3:df:
dc:14:5b:c2:b5:5e:7b:60:e9:59:d7:f2:06:ca:c9:0f:d2:c3:
42:53:2d:fe:2a:5e:31:d7:6b:c2:b2:45:b9:4b:22:0b:19:9b:
d2:73:46:a4:6e:2a:96:d8:2e:6b:a6:cf:b4:34:fb:e1:a8:01:
f1:d8:69:8d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBXzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
NzE1QzExMC8GA1UEBRMoRTc3MTMyRTRGRUFEMDRFRUQ0RkU5NDZENjA3QTBEQ0I1
N0E0MjA2NTAeFw0yNDAxMTQwOTIxMTJaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YTNhNzg3LWZhNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCsES7f6EJqsuLI9HvLMkUSuMy7a2Dsi8n4BNsYYqohfmAdCDsB24WRrbsX+3r6
GmbaCE2D4YSRJ5wGz5AruGkKP/iXFme2RBpTYG2OYLRr4EejqJD4ZIPup1b8wyCX
oQM4BrloM6il1lsoWSB3AiMs3PGBHNKwN3aB5dF7NfUw/enP6oj+EKQoE9mxZcNz
asIKGV9OmSLPHS5fpSF7muhcHnvhPWcY6Ipj2WTxubR8SqXuND28YJkz8PDjKq0d
IX15BhQf/UEyYDZ7G9kNanH3Kd92S66jZ52nZXteKY8YlOBNkKHFgHX7kjLT628N
dBN2EEQJfA0/ymSdqCcijs1HAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUeWe1KEgd
Z4AzwAJSmM9VV8HbpRswHwYDVR0jBBgwFoAU53Ey5P6tBO7U/pRtYHoNy1ekIGUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY3MTVDLzVGMDcyNjM4NEYz
MzExRUU5NjZFMEY3MkM0RjlBRTAyLzUzRXk1UDZ0Qk83VV9wUnRZSG9OeTFla0lH
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNTNFeTVQNnRCTzdVX3BSdFlIb055MWVrSUdVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NzE1Qy81RjA3MjYzODRGMzMxMUVFOTY2RTBGNzJDNEY5QUUwMi8yOTBDNjQ3OEIy
QkUxMUVFQjM3MDMyNjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWdIPjANBgkqhkiG9w0BAQsFAAOCAQEAIeIHtxqmFkFW/0UQ
dKNihEWflervw8drHh/vWQC4WNAxTiWSfvi2mLShkNKKb4RkgwGdQS1vZqczw8l1
u0/K8FrjfwKdm5hhhGvANORJbUtv0Wza9xUrPKQ0FW8cPNZA43WZg8f/yv+ve5yx
+unA3bf8cHoo+fd0BHG1omFIFEt1JjvSM9ndiIETkp0PeBXq/tRtCQVfwcq2SfGd
Ku7ETzNEc14Y1XMr3S7145qeIqZC5x8TAGYzSdprX4bJh3l0geKT/6Pf3BRbwrVe
e2DpWdfyBsrJD9LDQlMt/ipeMddrwrJFuUsiCxmb0nNGpG4qltgua6bPtDT74agB
8dhpjQ==
-----END CERTIFICATE-----
Generated at Tue May 21 12:18:03 2024 by rpki-client on console-ams.rpki-client.org