Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911E2E0/B3E815DC9E4611E588D46016C4F9AE02/2B928FFAC83D11ECA689513FC4F9AE02.roa
File: 2B928FFAC83D11ECA689513FC4F9AE02.roa (raw, json)
Hash identifier: bL6hMT1uPmo5AMDOwZEN+cO7lX4KgGmt1v1eDLpUJ8w=
Subject key identifier: 35:0F:A4:7C:54:F7:73:5B:DA:61:55:08:E8:32:12:2F:7B:AF:C9:DF
Certificate issuer: /CN=A911E2E0/serialNumber=ED68CA6A2D12A88CC7D296A2BC2BF1519A0B5FF3
Certificate serial: 2044
Authority key identifier: ED:68:CA:6A:2D:12:A8:8C:C7:D2:96:A2:BC:2B:F1:51:9A:0B:5F:F3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7WjKai0SqIzH0paivCvxUZoLX_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911E2E0/B3E815DC9E4611E588D46016C4F9AE02/2B928FFAC83D11ECA689513FC4F9AE02.roa
Signing time: Wed 27 Jul 2022 04:42:36 +0000
ROA not before: Wed 27 Jul 2022 04:42:36 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 55559
IP address blocks: 103.120.120.0/22 maxlen: 22
103.120.120.0/24 maxlen: 24
103.120.121.0/24 maxlen: 24
103.120.122.0/24 maxlen: 24
103.120.123.0/24 maxlen: 24
2403:1600::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8260 (0x2044)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911E2E0/serialNumber=ED68CA6A2D12A88CC7D296A2BC2BF1519A0B5FF3
Validity
Not Before: Jul 27 04:42:36 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62e0c23b-9779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:81:b8:be:ff:5a:b6:3d:04:00:83:8a:0a:0d:
17:58:a9:22:c3:51:48:d4:09:97:49:6e:a2:a8:e5:
4b:67:5c:57:d4:59:fd:c8:2d:04:e9:76:84:1f:98:
d1:65:72:42:a3:50:9d:f8:44:3c:5d:4d:07:b7:fc:
e4:ff:b2:34:97:e9:d9:e2:1f:b1:54:22:f8:05:de:
65:ae:93:2e:e3:19:ab:95:3c:58:77:79:81:18:a4:
61:58:dc:7e:86:bb:9f:33:a9:43:cc:96:87:41:79:
f1:e9:5a:6d:18:41:1a:8d:f7:75:30:d1:0d:26:10:
e7:45:73:3b:0c:e7:0e:99:7c:f4:15:9c:ba:5f:10:
2d:92:bd:cd:78:ac:6a:fe:a4:fd:ab:62:b9:ec:53:
f3:9d:c9:32:db:25:8c:eb:43:69:a4:3d:81:16:e4:
bc:58:cb:13:2b:5f:06:5a:34:87:8d:75:b3:4f:fa:
f9:c2:aa:7b:13:9b:25:db:72:31:b6:ef:dd:37:5b:
3f:fa:75:b3:83:89:64:0b:5a:25:61:c9:79:68:7d:
7d:8a:1f:da:0b:5c:d5:07:71:dd:22:1f:bc:92:e0:
f0:25:f8:c5:bd:5b:34:2e:46:01:8d:51:2a:8a:bc:
11:3f:32:2a:51:f7:cb:31:20:4b:47:dd:17:e4:a7:
e2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:0F:A4:7C:54:F7:73:5B:DA:61:55:08:E8:32:12:2F:7B:AF:C9:DF
X509v3 Authority Key Identifier:
keyid:ED:68:CA:6A:2D:12:A8:8C:C7:D2:96:A2:BC:2B:F1:51:9A:0B:5F:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911E2E0/B3E815DC9E4611E588D46016C4F9AE02/7WjKai0SqIzH0paivCvxUZoLX_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7WjKai0SqIzH0paivCvxUZoLX_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E2E0/B3E815DC9E4611E588D46016C4F9AE02/2B928FFAC83D11ECA689513FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.120.120.0/22
IPv6:
2403:1600::/32
Signature Algorithm: sha256WithRSAEncryption
8c:44:80:c7:c4:d3:8a:46:11:44:4a:c3:07:dd:f3:9b:d3:b6:
1d:16:f0:43:25:62:3d:b4:cc:7d:4a:04:cb:82:2f:3e:c7:af:
f4:24:70:d5:f8:cc:68:1d:17:ba:be:43:cc:71:12:71:6d:e3:
f7:50:7b:01:46:6e:65:a4:d2:08:c7:f9:e1:56:d7:36:76:ce:
b0:54:72:54:c6:bf:a5:2f:1e:e7:38:ed:79:97:27:9e:c8:20:
88:fc:82:ff:85:c3:8b:ab:99:f9:74:62:05:24:41:2e:0e:fb:
da:a6:99:43:a4:5b:60:5f:8a:1a:10:1f:9b:92:f3:6c:90:40:
c7:05:be:2d:a5:59:c3:3b:f5:ff:18:75:26:5f:ed:4d:e9:44:
57:70:fe:0c:11:f0:68:35:7d:02:43:e4:7b:e9:4e:4c:ae:aa:
9d:b4:6c:15:a1:67:6d:47:63:67:12:f7:84:5e:dc:f3:b1:83:
ca:47:d9:2f:78:c3:85:14:da:09:b3:6c:47:aa:32:23:c7:7f:
5e:a7:c7:c4:08:f3:43:db:55:44:04:35:df:92:f0:38:8e:ec:
b0:9d:aa:74:8d:05:23:55:2d:b8:63:8d:07:d5:4f:6e:8e:db:
04:f6:25:b3:72:ed:5b:9e:f8:8a:47:c3:12:51:10:be:12:fd:
7d:d4:de:f1
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICIEQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUUyRTAxMTAvBgNVBAUTKEVENjhDQTZBMkQxMkE4OENDN0QyOTZBMkJDMkJGMTUx
OUEwQjVGRjMwHhcNMjIwNzI3MDQ0MjM2WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmUwYzIzYi05Nzc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsIG4vv9atj0EAIOKCg0XWKkiw1FI1AmXSW6iqOVLZ1xX1Fn9yC0E6XaEH5jR
ZXJCo1Cd+EQ8XU0Ht/zk/7I0l+nZ4h+xVCL4Bd5lrpMu4xmrlTxYd3mBGKRhWNx+
hrufM6lDzJaHQXnx6VptGEEajfd1MNENJhDnRXM7DOcOmXz0FZy6XxAtkr3NeKxq
/qT9q2K57FPzncky2yWM60NppD2BFuS8WMsTK18GWjSHjXWzT/r5wqp7E5sl23Ix
tu/dN1s/+nWzg4lkC1olYcl5aH19ih/aC1zVB3HdIh+8kuDwJfjFvVs0LkYBjVEq
irwRPzIqUffLMSBLR90X5KfiJwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDUPpHxU
93Nb2mFVCOgyEi97r8nfMB8GA1UdIwQYMBaAFO1oymotEqiMx9KWorwr8VGaC1/z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTJFMC9CM0U4MTVEQzlF
NDYxMUU1ODhENDYwMTZDNEY5QUUwMi83V2pLYWkwU3FJekgwcGFpdkN2eFVab0xY
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdXakthaTBTcUl6SDBwYWl2Q3Z4VVpvTFhfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUUyRTAvQjNFODE1REM5RTQ2MTFFNTg4RDQ2MDE2QzRGOUFFMDIvMkI5MjhGRkFD
ODNEMTFFQ0E2ODk1MTNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJneHgwDQQCAAIwBwMFACQDFgAwDQYJKoZIhvcNAQELBQAD
ggEBAIxEgMfE04pGEURKwwfd85vTth0W8EMlYj20zH1KBMuCLz7Hr/QkcNX4zGgd
F7q+Q8xxEnFt4/dQewFGbmWk0gjH+eFW1zZ2zrBUclTGv6UvHuc47XmXJ57IIIj8
gv+Fw4urmfl0YgUkQS4O+9qmmUOkW2BfihoQH5uS82yQQMcFvi2lWcM79f8YdSZf
7U3pRFdw/gwR8Gg1fQJD5HvpTkyuqp20bBWhZ21HY2cS94Re3POxg8pH2S94w4UU
2gmzbEeqMiPHf16nx8QI80PbVUQENd+S8DiO7LCdqnSNBSNVLbhjjQfVT26O2wT2
JbNy7Vue+IpHwxJREL4S/X3U3vE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:34 2023 by rpki-client on console-ams.rpki-client.org