Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F715C/5F0726384F3311EE966E0F72C4F9AE02/9C1D03685C7511EEB5E18E22C4F9AE02.roa
File: 9C1D03685C7511EEB5E18E22C4F9AE02.roa (raw, json)
Hash identifier: nDvj3S9yXNKAY4UzS5w30Hdfy/cr+aYsziCMcF4Tf48=
Subject key identifier: 6A:EA:82:4B:1A:88:58:07:4F:BF:4B:11:7C:98:EF:6E:60:82:45:75
Certificate issuer: /CN=A91F715C/serialNumber=E77132E4FEAD04EED4FE946D607A0DCB57A42065
Certificate serial: 22
Authority key identifier: E7:71:32:E4:FE:AD:04:EE:D4:FE:94:6D:60:7A:0D:CB:57:A4:20:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/53Ey5P6tBO7U_pRtYHoNy1ekIGU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F715C/5F0726384F3311EE966E0F72C4F9AE02/9C1D03685C7511EEB5E18E22C4F9AE02.roa
Signing time: Tue 26 Sep 2023 14:04:30 +0000
ROA not before: Tue 26 Sep 2023 14:04:29 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 212238
IP address blocks: 103.72.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Jan 2024 09:18:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34 (0x22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F715C/serialNumber=E77132E4FEAD04EED4FE946D607A0DCB57A42065
Validity
Not Before: Sep 26 14:04:29 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6512e4ed-4687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4c:5c:dd:f8:14:c4:f1:9a:2f:85:11:0a:3d:
aa:4e:c4:d3:e1:8f:15:bc:4b:37:2e:2e:c9:b6:6d:
d2:01:3c:0b:7a:98:54:a3:2c:8b:5f:d3:42:5d:33:
89:59:dd:9d:7b:e9:f2:7e:ba:56:9b:65:17:97:f0:
95:11:61:69:e7:43:15:2e:90:a4:ea:45:d1:02:b2:
31:e9:ce:40:54:8f:0a:1b:35:87:20:0d:a2:6d:7e:
c5:53:5c:b1:e7:ad:97:6d:82:d5:53:42:62:64:8b:
83:97:25:f2:fc:f9:01:aa:30:92:37:06:9a:e7:03:
45:37:1d:dd:0a:fa:fc:46:49:6f:b2:2f:46:33:32:
ef:6d:46:2c:0c:c2:9e:94:e8:63:0f:1f:6d:f4:fd:
e2:e4:1b:46:f9:52:8d:62:9b:dc:46:d4:79:2a:2d:
2f:08:54:60:65:ea:c8:22:b8:ad:7f:b0:16:29:ec:
14:50:10:67:f5:c6:68:c1:b3:ac:05:72:fe:8f:4f:
d4:d6:9a:c2:dc:17:8f:ae:ee:b2:f2:8e:8e:6f:17:
40:a9:59:49:0c:e4:52:ca:c8:93:35:99:e0:e6:15:
5e:d2:e2:6b:14:01:6d:21:ec:ca:0c:dd:4d:e3:01:
e5:46:f9:ea:2d:a2:10:2c:ac:53:40:df:b9:35:50:
f0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:EA:82:4B:1A:88:58:07:4F:BF:4B:11:7C:98:EF:6E:60:82:45:75
X509v3 Authority Key Identifier:
keyid:E7:71:32:E4:FE:AD:04:EE:D4:FE:94:6D:60:7A:0D:CB:57:A4:20:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F715C/5F0726384F3311EE966E0F72C4F9AE02/53Ey5P6tBO7U_pRtYHoNy1ekIGU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/53Ey5P6tBO7U_pRtYHoNy1ekIGU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F715C/5F0726384F3311EE966E0F72C4F9AE02/9C1D03685C7511EEB5E18E22C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.62.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:43:ad:54:db:71:5b:82:0f:a2:cf:c7:61:6b:38:4c:59:a2:
7f:bd:2d:a4:5c:c8:f6:87:40:22:ee:ae:7e:33:80:89:86:56:
55:89:01:22:bb:b7:84:b0:29:f7:00:b3:2c:c4:fe:54:5d:d7:
c6:af:b1:be:bd:40:84:a0:35:ba:ec:1c:f4:aa:97:d6:ec:54:
f0:a9:45:8d:a8:53:35:fd:ee:bd:e6:a1:28:6a:21:bd:bd:56:
8a:da:e4:01:06:ab:ba:6b:9f:07:b0:fe:2f:50:ef:b8:19:c1:
7b:24:ce:cf:fb:20:86:5d:1b:d4:94:a2:a5:9f:9e:51:01:e3:
79:2f:81:8e:c3:34:09:6f:11:2c:65:6a:c8:07:4c:e7:86:e7:
77:b1:8b:9c:51:4b:eb:63:f7:1a:38:22:39:d1:62:dd:51:9a:
a0:1f:03:96:57:62:d4:da:04:a4:06:ed:f2:27:b9:3c:e8:6d:
65:46:cc:09:91:f1:6b:d8:43:31:0a:71:31:5c:da:4a:48:53:
b9:df:59:41:63:c3:09:e3:75:04:fa:63:13:5a:5c:ac:22:ec:
0a:8a:a0:0a:98:21:54:0a:a8:ea:fd:36:8e:a0:a0:3e:10:09:
c3:dc:7f:cc:2f:7a:d2:7b:99:9a:3b:a1:78:0f:f7:e2:b0:a7:
ff:f3:38:52
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
NzE1QzExMC8GA1UEBRMoRTc3MTMyRTRGRUFEMDRFRUQ0RkU5NDZENjA3QTBEQ0I1
N0E0MjA2NTAeFw0yMzA5MjYxNDA0MjlaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MTJlNGVkLTQ2ODcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCkTFzd+BTE8ZovhREKPapOxNPhjxW8SzcuLsm2bdIBPAt6mFSjLItf00JdM4lZ
3Z176fJ+ulabZReX8JURYWnnQxUukKTqRdECsjHpzkBUjwobNYcgDaJtfsVTXLHn
rZdtgtVTQmJki4OXJfL8+QGqMJI3BprnA0U3Hd0K+vxGSW+yL0YzMu9tRiwMwp6U
6GMPH230/eLkG0b5Uo1im9xG1HkqLS8IVGBl6sgiuK1/sBYp7BRQEGf1xmjBs6wF
cv6PT9TWmsLcF4+u7rLyjo5vF0CpWUkM5FLKyJM1meDmFV7S4msUAW0h7MoM3U3j
AeVG+eotohAsrFNA37k1UPBLAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUauqCSxqI
WAdPv0sRfJjvbmCCRXUwHwYDVR0jBBgwFoAU53Ey5P6tBO7U/pRtYHoNy1ekIGUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY3MTVDLzVGMDcyNjM4NEYz
MzExRUU5NjZFMEY3MkM0RjlBRTAyLzUzRXk1UDZ0Qk83VV9wUnRZSG9OeTFla0lH
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNTNFeTVQNnRCTzdVX3BSdFlIb055MWVrSUdVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NzE1Qy81RjA3MjYzODRGMzMxMUVFOTY2RTBGNzJDNEY5QUUwMi85QzFEMDM2ODVD
NzUxMUVFQjVFMThFMjJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdIPjANBgkqhkiG9w0BAQsFAAOCAQEAt0OtVNtxW4IPos/H
YWs4TFmif70tpFzI9odAIu6ufjOAiYZWVYkBIru3hLAp9wCzLMT+VF3Xxq+xvr1A
hKA1uuwc9KqX1uxU8KlFjahTNf3uveahKGohvb1WitrkAQarumufB7D+L1DvuBnB
eyTOz/sghl0b1JSipZ+eUQHjeS+BjsM0CW8RLGVqyAdM54bnd7GLnFFL62P3Gjgi
OdFi3VGaoB8Dlldi1NoEpAbt8ie5POhtZUbMCZHxa9hDMQpxMVzaSkhTud9ZQWPD
CeN1BPpjE1pcrCLsCoqgCpghVAqo6v02jqCgPhAJw9x/zC960nuZmjuheA/34rCn
//M4Ug==
-----END CERTIFICATE-----
Generated at Sun Jan 14 11:43:07 2024 by rpki-client on console-ams.rpki-client.org