Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9127733/ADDC3B3E458D11EBA39AC740C4F9AE02/D0414FC0E28911EDAAB93724C4F9AE02.roa
File: D0414FC0E28911EDAAB93724C4F9AE02.roa (raw, json)
Hash identifier: 8SzF5yLkLemc3+nUolHW3rfviV6biyoZnWHm8rzi8sk=
Subject key identifier: AD:F5:49:82:16:2E:A2:A8:41:D5:93:86:49:69:08:F6:8F:1D:18:D8
Certificate issuer: /CN=A9127733/serialNumber=4275515200B039672AFA0E85877D4E3FE70D89D7
Certificate serial: 05F1
Authority key identifier: 42:75:51:52:00:B0:39:67:2A:FA:0E:85:87:7D:4E:3F:E7:0D:89:D7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QnVRUgCwOWcq-g6Fh31OP-cNidc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9127733/ADDC3B3E458D11EBA39AC740C4F9AE02/D0414FC0E28911EDAAB93724C4F9AE02.roa
Signing time: Tue 31 Oct 2023 23:51:10 +0000
ROA not before: Tue 31 Oct 2023 23:51:10 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 47869
IP address blocks: 103.101.0.0/23 maxlen: 24
2401:c740::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 26 Jan 2024 22:25:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1521 (0x5f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9127733/serialNumber=4275515200B039672AFA0E85877D4E3FE70D89D7
Validity
Not Before: Oct 31 23:51:10 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=654192ee-31f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5a:99:9a:43:89:9c:4b:75:f2:ff:c6:67:e5:
16:72:87:e8:c1:9b:da:8e:d4:cd:1a:14:e4:d4:9d:
55:34:9f:7d:79:94:bd:7b:39:4e:c7:60:81:fd:e5:
33:ae:f6:aa:be:e1:aa:99:cf:c8:4c:dc:d0:07:cc:
ca:98:0b:fc:57:f7:1f:cd:73:dd:1c:4c:30:e6:89:
19:e6:ed:cd:18:f0:29:21:63:5c:c6:3e:04:44:03:
e0:d5:32:9f:71:88:9c:84:7f:3c:d7:7f:18:0b:65:
cf:ef:15:28:1d:be:b7:29:82:4c:56:8f:45:08:e3:
25:72:99:d9:9f:c9:8e:32:fe:a0:4b:39:23:0c:56:
1d:0b:fa:04:30:a2:91:c9:d9:fe:df:73:61:55:f5:
ed:81:c1:72:80:c2:a0:01:9c:eb:2b:54:15:61:4c:
6e:48:2c:4c:9a:18:0b:0b:d1:a1:50:9a:29:c0:1c:
f1:af:dc:a7:fa:c4:19:ca:29:a6:6e:d4:fc:b2:c3:
e6:75:96:00:68:6b:a7:8e:a6:1d:5f:07:9d:e4:25:
d3:63:a5:03:2a:a9:10:e8:67:f9:89:45:6b:fe:c7:
70:63:72:fa:08:42:b0:9c:83:dc:88:f1:c8:4e:95:
17:d5:27:05:00:d4:b7:2d:67:d1:5f:ad:63:5e:e7:
b6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:F5:49:82:16:2E:A2:A8:41:D5:93:86:49:69:08:F6:8F:1D:18:D8
X509v3 Authority Key Identifier:
keyid:42:75:51:52:00:B0:39:67:2A:FA:0E:85:87:7D:4E:3F:E7:0D:89:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9127733/ADDC3B3E458D11EBA39AC740C4F9AE02/QnVRUgCwOWcq-g6Fh31OP-cNidc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QnVRUgCwOWcq-g6Fh31OP-cNidc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127733/ADDC3B3E458D11EBA39AC740C4F9AE02/D0414FC0E28911EDAAB93724C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.101.0.0/23
IPv6:
2401:c740::/32
Signature Algorithm: sha256WithRSAEncryption
3c:2c:c4:ba:98:c0:65:af:6b:04:8e:29:b2:d7:51:7f:ba:78:
11:a2:ef:c5:a3:28:27:6a:bd:e3:3e:07:6b:15:ba:1a:cf:c4:
0c:bd:06:23:c2:7e:57:86:06:a9:31:02:df:db:9e:7b:08:f8:
ac:07:2f:95:a9:8c:bd:37:80:13:f7:5a:85:b3:2c:89:dd:51:
98:d2:c3:5f:8b:84:ec:ed:af:c5:37:7b:6c:a5:81:f5:3c:ed:
1f:b0:da:2c:e4:67:d2:b0:e8:46:fa:af:47:9b:b8:aa:55:da:
9d:f5:7f:31:4e:70:05:4f:98:4a:60:e0:04:6f:71:b4:8e:50:
af:2a:fc:e1:48:29:c0:69:f1:5c:cc:d1:67:e3:9c:22:fd:42:
e0:79:73:8b:e6:b8:09:d3:cf:b5:ae:42:3c:d5:30:f3:68:12:
71:4a:e1:15:5c:76:a6:6f:4f:33:f1:18:17:44:95:f9:41:0e:
7f:db:bb:9f:a1:0d:9a:d5:5e:33:b0:3e:6b:c6:60:6c:99:f2:
bf:47:01:04:03:c4:52:37:af:3a:69:ee:f2:ab:ac:b6:38:22:
41:5b:c6:02:ba:df:38:65:2a:fc:ba:4b:b3:6b:03:32:e8:52:
99:5c:7d:1d:6b:bf:77:83:84:cf:50:38:1c:88:b9:ba:b2:ea:
a8:65:ce:7a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBfEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjc3MzMxMTAvBgNVBAUTKDQyNzU1MTUyMDBCMDM5NjcyQUZBMEU4NTg3N0Q0RTNG
RTcwRDg5RDcwHhcNMjMxMDMxMjM1MTEwWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQxOTJlZS0zMWYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz1qZmkOJnEt18v/GZ+UWcofowZvajtTNGhTk1J1VNJ99eZS9ezlOx2CB/eUz
rvaqvuGqmc/ITNzQB8zKmAv8V/cfzXPdHEww5okZ5u3NGPApIWNcxj4ERAPg1TKf
cYichH88138YC2XP7xUoHb63KYJMVo9FCOMlcpnZn8mOMv6gSzkjDFYdC/oEMKKR
ydn+33NhVfXtgcFygMKgAZzrK1QVYUxuSCxMmhgLC9GhUJopwBzxr9yn+sQZyimm
btT8ssPmdZYAaGunjqYdXwed5CXTY6UDKqkQ6Gf5iUVr/sdwY3L6CEKwnIPciPHI
TpUX1ScFANS3LWfRX61jXue2mwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFK31SYIW
LqKoQdWThklpCPaPHRjYMB8GA1UdIwQYMBaAFEJ1UVIAsDlnKvoOhYd9Tj/nDYnX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzczMy9BRERDM0IzRTQ1
OEQxMUVCQTM5QUM3NDBDNEY5QUUwMi9RblZSVWdDd09XY3EtZzZGaDMxT1AtY05p
ZGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FuVlJVZ0N3T1djcS1nNkZoMzFPUC1jTmlkYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjc3MzMvQUREQzNCM0U0NThEMTFFQkEzOUFDNzQwQzRGOUFFMDIvRDA0MTRGQzBF
Mjg5MTFFREFBQjkzNzI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnZQAwDQQCAAIwBwMFACQBx0AwDQYJKoZIhvcNAQELBQAD
ggEBADwsxLqYwGWvawSOKbLXUX+6eBGi78WjKCdqveM+B2sVuhrPxAy9BiPCfleG
BqkxAt/bnnsI+KwHL5WpjL03gBP3WoWzLIndUZjSw1+LhOztr8U3e2ylgfU87R+w
2izkZ9Kw6Eb6r0ebuKpV2p31fzFOcAVPmEpg4ARvcbSOUK8q/OFIKcBp8VzM0Wfj
nCL9QuB5c4vmuAnTz7WuQjzVMPNoEnFK4RVcdqZvTzPxGBdElflBDn/bu5+hDZrV
XjOwPmvGYGyZ8r9HAQQDxFI3rzpp7vKrrLY4IkFbxgK63zhlKvy6S7NrAzLoUplc
fR1rv3eDhM9QOByIubqy6qhlzno=
-----END CERTIFICATE-----
Generated at Sat Jan 27 01:37:02 2024 by rpki-client on console-ams.rpki-client.org