Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911FF25/6064BAB252F411EE898B9B43C4F9AE02/61DBB7FA685D11EEB1779948C4F9AE02.roa
File: 61DBB7FA685D11EEB1779948C4F9AE02.roa (raw, json)
Hash identifier: br/E4OraGCpVZh6m8400ZaBnimLWgSn8YJu0sbc+ZZM=
Subject key identifier: A8:89:08:93:2B:F2:DF:22:B6:AA:C9:32:6A:9B:84:E3:21:2A:D3:D5
Certificate issuer: /CN=A911FF25/serialNumber=F11F249B821DFCC2B1B97AF4E70526DD933A127D
Certificate serial: 11
Authority key identifier: F1:1F:24:9B:82:1D:FC:C2:B1:B9:7A:F4:E7:05:26:DD:93:3A:12:7D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8R8km4Id_MKxuXr05wUm3ZM6En0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911FF25/6064BAB252F411EE898B9B43C4F9AE02/61DBB7FA685D11EEB1779948C4F9AE02.roa
Signing time: Wed 11 Oct 2023 17:41:18 +0000
ROA not before: Wed 11 Oct 2023 17:41:18 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 151791
IP address blocks: 103.72.64.0/23 maxlen: 23
103.72.64.0/24 maxlen: 24
2001:df2:e840::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 11 Oct 2023 17:54:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17 (0x11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911FF25/serialNumber=F11F249B821DFCC2B1B97AF4E70526DD933A127D
Validity
Not Before: Oct 11 17:41:18 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6526de3e-b7a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:96:66:4f:79:50:7c:59:30:e9:75:71:3b:76:
c1:2f:18:f9:1f:08:4f:f3:b4:f2:20:fa:38:3d:b2:
cc:41:e4:2c:1e:1c:31:cb:dc:90:0c:1d:cf:7a:cb:
72:0d:63:f6:93:b8:81:9c:d1:8f:ea:32:b4:cd:02:
6b:e3:c6:1d:ce:70:51:b4:5a:42:bc:6a:59:da:e8:
8c:8a:8e:aa:d1:21:18:ae:50:49:19:38:6b:86:58:
d3:6d:97:13:23:59:00:a1:26:20:de:23:2e:ab:d4:
b3:6d:c2:6d:5e:8a:17:3d:55:dd:cd:91:16:9c:97:
4b:5a:cd:73:d0:e5:44:fa:e3:24:08:d7:24:70:f2:
45:13:a6:a2:80:dd:b4:85:d0:ec:b7:16:6d:26:54:
11:42:97:15:70:e1:bd:93:eb:14:35:a3:d2:1f:f7:
f8:cc:61:9e:7c:06:5c:31:88:87:2f:45:de:f9:f9:
82:79:2c:79:84:5f:82:d4:96:54:8d:e4:64:42:9c:
64:ff:b5:6f:51:9e:d9:2e:8e:b7:ea:68:9c:15:bd:
c3:2e:63:8f:83:67:31:40:fe:4e:9e:62:53:a6:df:
25:7e:ac:0f:45:c0:b0:4c:81:cb:08:2c:07:b8:4b:
59:39:9e:d2:4d:75:02:39:f3:ff:b1:49:69:0c:85:
67:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:89:08:93:2B:F2:DF:22:B6:AA:C9:32:6A:9B:84:E3:21:2A:D3:D5
X509v3 Authority Key Identifier:
keyid:F1:1F:24:9B:82:1D:FC:C2:B1:B9:7A:F4:E7:05:26:DD:93:3A:12:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911FF25/6064BAB252F411EE898B9B43C4F9AE02/8R8km4Id_MKxuXr05wUm3ZM6En0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8R8km4Id_MKxuXr05wUm3ZM6En0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911FF25/6064BAB252F411EE898B9B43C4F9AE02/61DBB7FA685D11EEB1779948C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.64.0/23
IPv6:
2001:df2:e840::/48
Signature Algorithm: sha256WithRSAEncryption
59:93:4f:fa:c6:ef:68:83:14:7d:6c:8c:42:26:39:ff:d6:45:
fc:66:3f:1d:28:29:0d:69:74:9a:fe:a0:0b:e0:29:44:5e:df:
d2:a5:9d:8c:8f:4e:36:72:53:ad:dc:ce:03:8d:b3:b2:43:7e:
24:c4:94:e4:12:00:41:02:07:98:26:68:90:6f:ab:c1:f2:b6:
04:50:30:92:8d:a4:e1:2b:b4:a2:5b:4d:c7:a8:91:a0:26:9e:
94:69:7f:38:aa:38:1d:bc:bf:62:fc:c1:91:8d:46:3a:ee:51:
e2:92:88:e4:a2:a7:e9:67:84:58:8a:22:93:28:fd:37:fe:e8:
f8:12:14:62:55:13:5a:55:49:3b:56:ef:54:07:40:7e:9f:0a:
fa:20:a5:78:eb:cc:53:23:34:f5:6a:ab:fe:4e:c2:43:95:a2:
91:68:ab:a3:93:80:9c:88:43:a6:6e:87:47:bc:95:e0:89:57:
62:2d:49:08:7f:da:c9:84:fc:a7:9f:72:da:8c:12:be:61:9c:
0c:a5:4d:fb:b3:d0:6c:6a:05:9d:ae:23:88:29:f4:97:bb:13:
7f:8f:2a:74:1e:fb:56:b3:1c:07:3b:a9:a3:23:57:6a:ad:53:
17:d3:b1:1b:2d:66:2a:d7:40:0b:82:15:f1:5b:5d:06:d1:0f:
0e:d5:e5:0f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBETANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
RkYyNTExMC8GA1UEBRMoRjExRjI0OUI4MjFERkNDMkIxQjk3QUY0RTcwNTI2REQ5
MzNBMTI3RDAeFw0yMzEwMTExNzQxMThaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MjZkZTNlLWI3YTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDvlmZPeVB8WTDpdXE7dsEvGPkfCE/ztPIg+jg9ssxB5CweHDHL3JAMHc96y3IN
Y/aTuIGc0Y/qMrTNAmvjxh3OcFG0WkK8alna6IyKjqrRIRiuUEkZOGuGWNNtlxMj
WQChJiDeIy6r1LNtwm1eihc9Vd3NkRacl0tazXPQ5UT64yQI1yRw8kUTpqKA3bSF
0Oy3Fm0mVBFClxVw4b2T6xQ1o9If9/jMYZ58BlwxiIcvRd75+YJ5LHmEX4LUllSN
5GRCnGT/tW9RntkujrfqaJwVvcMuY4+DZzFA/k6eYlOm3yV+rA9FwLBMgcsILAe4
S1k5ntJNdQI58/+xSWkMhWcvAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUqIkIkyvy
3yK2qskyapuE4yEq09UwHwYDVR0jBBgwFoAU8R8km4Id/MKxuXr05wUm3ZM6En0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFGRjI1LzYwNjRCQUIyNTJG
NDExRUU4OThCOUI0M0M0RjlBRTAyLzhSOGttNElkX01LeHVYcjA1d1VtM1pNNkVu
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOFI4a200SWRfTUt4dVhyMDV3VW0zWk02RW4wLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
RkYyNS82MDY0QkFCMjUyRjQxMUVFODk4QjlCNDNDNEY5QUUwMi82MURCQjdGQTY4
NUQxMUVFQjE3Nzk5NDhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWdIQDAPBAIAAjAJAwcAIAEN8uhAMA0GCSqGSIb3DQEBCwUA
A4IBAQBZk0/6xu9ogxR9bIxCJjn/1kX8Zj8dKCkNaXSa/qAL4ClEXt/SpZ2Mj042
clOt3M4DjbOyQ34kxJTkEgBBAgeYJmiQb6vB8rYEUDCSjaThK7SiW03HqJGgJp6U
aX84qjgdvL9i/MGRjUY67lHikojkoqfpZ4RYiiKTKP03/uj4EhRiVRNaVUk7Vu9U
B0B+nwr6IKV468xTIzT1aqv+TsJDlaKRaKujk4CciEOmbodHvJXgiVdiLUkIf9rJ
hPynn3LajBK+YZwMpU37s9BsagWdriOIKfSXuxN/jyp0HvtWsxwHO6mjI1dqrVMX
07EbLWYq10ALghXxW10G0Q8O1eUP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-ams.rpki-client.org