Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91209D3/6540C95A724811EDB2260477C4F9AE02/D0E1C62A724B11EDA156B97BC4F9AE02.roa
File: D0E1C62A724B11EDA156B97BC4F9AE02.roa (raw, json)
Hash identifier: gblbFqyv5VPQyDoJJtE0AAMVWnUi4ZZ3NlbufJ1si7Q=
Subject key identifier: 83:3A:1C:28:0C:95:54:70:71:3C:CD:B3:EE:64:01:6C:DD:F8:1A:90
Certificate issuer: /CN=A91209D3/serialNumber=0B15B1FDA3B76A51C3272441404BE9C98C3D610F
Certificate serial: 42
Authority key identifier: 0B:15:B1:FD:A3:B7:6A:51:C3:27:24:41:40:4B:E9:C9:8C:3D:61:0F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CxWx_aO3alHDJyRBQEvpyYw9YQ8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91209D3/6540C95A724811EDB2260477C4F9AE02/D0E1C62A724B11EDA156B97BC4F9AE02.roa
Signing time: Mon 27 Mar 2023 07:17:15 +0000
ROA not before: Mon 27 Mar 2023 07:17:15 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 15580
IP address blocks: 103.119.72.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 07:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66 (0x42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91209D3/serialNumber=0B15B1FDA3B76A51C3272441404BE9C98C3D610F
Validity
Not Before: Mar 27 07:17:15 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=642142fb-b468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f1:3f:bf:cc:93:3d:43:4c:d0:3f:c3:d3:65:
f2:73:92:b8:43:22:c5:72:d8:15:d4:7e:91:46:09:
0f:5e:47:b1:89:ae:ad:be:14:fa:fd:cb:d1:08:66:
5c:2d:ec:f9:1c:24:35:94:6d:16:bc:bd:6b:af:d2:
ad:de:96:e8:73:cc:44:b0:2a:4a:25:2c:b2:4e:ed:
3b:fd:8c:46:13:11:4a:76:3f:d1:35:f3:ab:de:ed:
8f:bb:2b:25:05:33:58:37:1a:88:2c:24:1d:b2:22:
8b:2e:1a:35:2f:1d:84:b6:6a:f4:23:ac:fd:d9:ec:
0f:3c:21:b4:be:cf:9e:a0:f5:32:ab:4e:02:a7:dd:
4a:20:61:e6:1f:db:91:52:b8:36:4e:17:9b:6f:9b:
36:64:6c:42:a1:7b:f7:20:54:98:8c:56:42:d4:ee:
54:a2:5d:c4:a8:99:9b:64:ed:a0:66:31:27:59:cd:
c0:a5:c9:2a:26:af:07:5b:87:e7:7b:64:18:39:16:
8a:68:db:ab:17:57:11:6c:9e:8f:ff:8a:20:26:b8:
a9:2a:69:bd:5e:72:c4:fd:31:98:ee:0c:9e:52:dc:
63:6d:4e:09:24:fd:cd:8b:5a:d9:8a:d4:41:83:f2:
5f:19:cf:c5:87:14:24:eb:6d:4f:a8:85:b8:98:cd:
7f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:3A:1C:28:0C:95:54:70:71:3C:CD:B3:EE:64:01:6C:DD:F8:1A:90
X509v3 Authority Key Identifier:
keyid:0B:15:B1:FD:A3:B7:6A:51:C3:27:24:41:40:4B:E9:C9:8C:3D:61:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91209D3/6540C95A724811EDB2260477C4F9AE02/CxWx_aO3alHDJyRBQEvpyYw9YQ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CxWx_aO3alHDJyRBQEvpyYw9YQ8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91209D3/6540C95A724811EDB2260477C4F9AE02/D0E1C62A724B11EDA156B97BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.119.72.0/23
Signature Algorithm: sha256WithRSAEncryption
72:07:ac:50:70:22:e2:d4:34:21:bd:9b:a9:46:61:7e:c4:7f:
c0:8f:35:f5:79:47:1d:ce:43:11:44:33:6d:07:d9:ac:e7:77:
5f:0d:8b:0b:89:ed:55:a6:1c:61:be:42:2a:f6:15:c0:86:d6:
6f:5a:23:47:36:09:f5:66:d4:5e:27:f8:d1:91:7b:04:09:01:
34:d5:11:1d:2d:1a:44:a0:5c:18:55:62:f6:38:65:03:c7:26:
31:e4:49:af:60:0d:49:48:d2:67:3a:49:d4:fd:b2:af:d4:28:
c9:82:de:23:37:1a:8f:61:70:2d:53:ef:11:c5:a7:b7:f4:d8:
8f:45:1f:91:6a:b8:34:b4:65:f8:12:5c:82:65:c8:92:53:59:
51:a7:d4:d0:3b:c9:a9:59:13:62:3f:6c:2b:ff:73:66:91:17:
24:0f:99:94:b1:59:83:96:26:89:a7:1f:ca:18:d8:3e:c4:ac:
7f:66:12:43:e7:e3:3d:e8:1b:4c:db:b8:53:af:c9:6f:17:91:
1f:07:57:c0:4b:e2:0e:c0:04:bf:0b:cd:8a:e0:2c:bb:35:c3:
33:da:ea:b0:3e:2c:14:7e:00:bb:c4:80:f8:e7:17:cd:48:a7:
8f:d1:dc:9e:37:2c:c7:bf:82:df:9f:0a:be:9b:5e:c1:61:bd:
26:50:f5:0d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBQjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
MDlEMzExMC8GA1UEBRMoMEIxNUIxRkRBM0I3NkE1MUMzMjcyNDQxNDA0QkU5Qzk4
QzNENjEwRjAeFw0yMzAzMjcwNzE3MTVaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MjE0MmZiLWI0NjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC78T+/zJM9Q0zQP8PTZfJzkrhDIsVy2BXUfpFGCQ9eR7GJrq2+FPr9y9EIZlwt
7PkcJDWUbRa8vWuv0q3eluhzzESwKkolLLJO7Tv9jEYTEUp2P9E186ve7Y+7KyUF
M1g3GogsJB2yIosuGjUvHYS2avQjrP3Z7A88IbS+z56g9TKrTgKn3UogYeYf25FS
uDZOF5tvmzZkbEKhe/cgVJiMVkLU7lSiXcSomZtk7aBmMSdZzcClySomrwdbh+d7
ZBg5Fopo26sXVxFsno//iiAmuKkqab1ecsT9MZjuDJ5S3GNtTgkk/c2LWtmK1EGD
8l8Zz8WHFCTrbU+ohbiYzX+nAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUgzocKAyV
VHBxPM2z7mQBbN34GpAwHwYDVR0jBBgwFoAUCxWx/aO3alHDJyRBQEvpyYw9YQ8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIwOUQzLzY1NDBDOTVBNzI0
ODExRURCMjI2MDQ3N0M0RjlBRTAyL0N4V3hfYU8zYWxIREp5UkJRRXZweVl3OVlR
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQ3hXeF9hTzNhbEhESnlSQlFFdnB5WXc5WVE4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
MDlEMy82NTQwQzk1QTcyNDgxMUVEQjIyNjA0NzdDNEY5QUUwMi9EMEUxQzYyQTcy
NEIxMUVEQTE1NkI5N0JDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWd3SDANBgkqhkiG9w0BAQsFAAOCAQEAcgesUHAi4tQ0Ib2b
qUZhfsR/wI819XlHHc5DEUQzbQfZrOd3Xw2LC4ntVaYcYb5CKvYVwIbWb1ojRzYJ
9WbUXif40ZF7BAkBNNURHS0aRKBcGFVi9jhlA8cmMeRJr2ANSUjSZzpJ1P2yr9Qo
yYLeIzcaj2FwLVPvEcWnt/TYj0UfkWq4NLRl+BJcgmXIklNZUafU0DvJqVkTYj9s
K/9zZpEXJA+ZlLFZg5YmiacfyhjYPsSsf2YSQ+fjPegbTNu4U6/JbxeRHwdXwEvi
DsAEvwvNiuAsuzXDM9rqsD4sFH4Au8SA+OcXzUinj9Hcnjcsx7+C358KvptewWG9
JlD1DQ==
-----END CERTIFICATE-----
Generated at Wed Jan 31 09:31:21 2024 by rpki-client on console-fra.rpki-client.org