Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911FF25/6064BAB252F411EE898B9B43C4F9AE02/73BE051457CC11EE9644261AC4F9AE02.roa
File: 73BE051457CC11EE9644261AC4F9AE02.roa (raw, json)
Hash identifier: zeiOQXQDAtA1p/JWc2BbjDXsnRV7eRckXqSMqnHpNnA=
Subject key identifier: 46:EE:B1:51:18:2A:58:07:C6:72:93:3F:98:F0:7A:88:80:E0:DE:10
Certificate issuer: /CN=A911FF25/serialNumber=F11F249B821DFCC2B1B97AF4E70526DD933A127D
Certificate serial: 05
Authority key identifier: F1:1F:24:9B:82:1D:FC:C2:B1:B9:7A:F4:E7:05:26:DD:93:3A:12:7D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8R8km4Id_MKxuXr05wUm3ZM6En0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911FF25/6064BAB252F411EE898B9B43C4F9AE02/73BE051457CC11EE9644261AC4F9AE02.roa
Signing time: Wed 20 Sep 2023 15:43:32 +0000
ROA not before: Wed 20 Sep 2023 15:43:32 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 151791
IP address blocks: 103.72.64.0/23 maxlen: 23
103.72.64.0/24 maxlen: 24
103.72.65.0/24 maxlen: 24
2001:df2:e840::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 11 Oct 2023 17:41:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911FF25/serialNumber=F11F249B821DFCC2B1B97AF4E70526DD933A127D
Validity
Not Before: Sep 20 15:43:32 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=650b1324-3430
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:43:74:7d:98:f0:81:81:13:72:0b:b5:d2:67:
fb:fc:31:03:a1:7b:d6:11:9c:28:a1:9a:ec:d6:75:
b4:1f:65:0b:61:e9:a0:bc:2d:a2:32:10:2c:64:f5:
e8:1d:e7:a9:e1:94:5d:05:3e:85:3e:75:2e:ae:71:
99:47:ec:ea:56:45:c7:a6:e4:74:3a:68:d3:8f:8e:
36:69:c7:8e:e4:80:3f:51:67:01:48:cb:4a:29:bd:
6e:a8:49:83:84:2c:69:56:7b:8f:db:e6:13:05:71:
25:95:29:97:c8:d9:7a:a8:7f:a0:e9:85:71:32:38:
11:d6:58:59:2e:e3:ca:93:63:61:c2:c1:61:4d:29:
7c:9f:00:c1:dd:17:21:67:05:dc:c4:f0:9a:ef:1e:
32:66:97:ee:9e:ab:36:56:3c:51:3d:88:f1:2a:27:
40:14:5c:9d:9c:3b:71:bd:09:56:71:f1:ca:bf:22:
0a:16:d1:f8:85:61:91:13:1e:1e:b7:b5:15:1b:dd:
d0:d5:6a:bb:13:e8:22:d9:5a:25:56:ef:0a:a8:d6:
b4:c4:b2:58:8f:67:b7:48:9a:d9:7b:2b:8a:67:55:
31:b7:85:93:be:60:d0:c2:29:e0:c2:cb:f5:58:51:
c9:3d:b5:5b:2d:d1:b4:d7:30:c9:15:e2:3f:7f:26:
b7:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:EE:B1:51:18:2A:58:07:C6:72:93:3F:98:F0:7A:88:80:E0:DE:10
X509v3 Authority Key Identifier:
keyid:F1:1F:24:9B:82:1D:FC:C2:B1:B9:7A:F4:E7:05:26:DD:93:3A:12:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911FF25/6064BAB252F411EE898B9B43C4F9AE02/8R8km4Id_MKxuXr05wUm3ZM6En0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8R8km4Id_MKxuXr05wUm3ZM6En0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911FF25/6064BAB252F411EE898B9B43C4F9AE02/73BE051457CC11EE9644261AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.64.0/23
IPv6:
2001:df2:e840::/48
Signature Algorithm: sha256WithRSAEncryption
a7:ab:82:7a:e4:d0:cd:a4:8f:1a:d3:aa:20:54:d1:3e:a6:f6:
27:7d:fa:29:4c:94:30:3a:76:fa:2e:e7:8a:06:31:c9:b3:2b:
e7:f5:90:19:00:37:a4:5b:e7:ed:5d:4a:17:38:a7:d2:cc:db:
98:29:c1:98:55:14:d0:e1:4c:e9:79:32:88:11:8e:51:94:4e:
f1:f1:45:77:f0:9f:11:f6:dc:89:f4:52:cc:f9:ed:dc:1e:40:
8c:39:33:e7:5a:03:d6:2f:d6:69:d2:ee:25:3f:69:7e:a8:c2:
51:1d:7b:bf:63:59:5c:2e:6f:7f:aa:ab:41:ef:8f:48:ad:c3:
17:51:39:dc:5d:e9:4c:ad:3d:48:46:35:de:a7:7b:13:e4:dd:
50:ff:40:80:09:f2:15:f6:51:50:a8:c6:a7:1f:0b:8f:48:ab:
f2:bf:f5:cb:71:93:b1:7f:e5:be:3b:9b:e7:b4:90:25:20:ac:
70:90:ef:ef:c5:d9:6a:aa:92:ff:0a:aa:47:e4:30:05:65:e3:
5d:48:81:e2:27:de:2a:b2:e5:fd:c8:29:ac:d9:0f:3a:4b:dc:
cd:43:34:0a:25:8d:52:cf:da:31:9f:1c:11:a5:67:54:69:17:
a4:8f:a0:43:31:a9:32:43:d3:a7:d7:e0:9d:f2:70:ad:d0:96:
17:33:4c:e6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
RkYyNTExMC8GA1UEBRMoRjExRjI0OUI4MjFERkNDMkIxQjk3QUY0RTcwNTI2REQ5
MzNBMTI3RDAeFw0yMzA5MjAxNTQzMzJaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MGIxMzI0LTM0MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/Q3R9mPCBgRNyC7XSZ/v8MQOhe9YRnCihmuzWdbQfZQth6aC8LaIyECxk9egd
56nhlF0FPoU+dS6ucZlH7OpWRcem5HQ6aNOPjjZpx47kgD9RZwFIy0opvW6oSYOE
LGlWe4/b5hMFcSWVKZfI2Xqof6DphXEyOBHWWFku48qTY2HCwWFNKXyfAMHdFyFn
BdzE8JrvHjJml+6eqzZWPFE9iPEqJ0AUXJ2cO3G9CVZx8cq/IgoW0fiFYZETHh63
tRUb3dDVarsT6CLZWiVW7wqo1rTEsliPZ7dImtl7K4pnVTG3hZO+YNDCKeDCy/VY
Uck9tVst0bTXMMkV4j9/JreRAgMBAAGjggKmMIICojAdBgNVHQ4EFgQURu6xURgq
WAfGcpM/mPB6iIDg3hAwHwYDVR0jBBgwFoAU8R8km4Id/MKxuXr05wUm3ZM6En0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFGRjI1LzYwNjRCQUIyNTJG
NDExRUU4OThCOUI0M0M0RjlBRTAyLzhSOGttNElkX01LeHVYcjA1d1VtM1pNNkVu
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOFI4a200SWRfTUt4dVhyMDV3VW0zWk02RW4wLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
RkYyNS82MDY0QkFCMjUyRjQxMUVFODk4QjlCNDNDNEY5QUUwMi83M0JFMDUxNDU3
Q0MxMUVFOTY0NDI2MUFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWdIQDAPBAIAAjAJAwcAIAEN8uhAMA0GCSqGSIb3DQEBCwUA
A4IBAQCnq4J65NDNpI8a06ogVNE+pvYnffopTJQwOnb6LueKBjHJsyvn9ZAZADek
W+ftXUoXOKfSzNuYKcGYVRTQ4UzpeTKIEY5RlE7x8UV38J8R9tyJ9FLM+e3cHkCM
OTPnWgPWL9Zp0u4lP2l+qMJRHXu/Y1lcLm9/qqtB749IrcMXUTncXelMrT1IRjXe
p3sT5N1Q/0CACfIV9lFQqManHwuPSKvyv/XLcZOxf+W+O5vntJAlIKxwkO/vxdlq
qpL/CqpH5DAFZeNdSIHiJ94qsuX9yCms2Q86S9zNQzQKJY1Sz9oxnxwRpWdUaRek
j6BDMakyQ9On1+Cd8nCt0JYXM0zm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-ams.rpki-client.org