Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915EFDF/0BDD7EA2E90C11EA965C2A2FC4F9AE02/2F7054268B7311EF8A89F811C4F9AE02.roa
File: 2F7054268B7311EF8A89F811C4F9AE02.roa (raw, json)
Hash identifier: JCAZ5j1WaXpssLz33FHbCuOEzu/x5XO5SMQR38zvzFE=
Subject key identifier: 41:85:66:76:7F:A4:F1:6C:4D:63:A4:BD:69:41:7A:EF:14:28:C2:AF
Certificate issuer: /CN=A915EFDF/serialNumber=E8C21B03B65083B21BFA37526D12B341F249CC8B
Certificate serial: 079C
Authority key identifier: E8:C2:1B:03:B6:50:83:B2:1B:FA:37:52:6D:12:B3:41:F2:49:CC:8B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6MIbA7ZQg7Ib-jdSbRKzQfJJzIs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915EFDF/0BDD7EA2E90C11EA965C2A2FC4F9AE02/2F7054268B7311EF8A89F811C4F9AE02.roa
Signing time: Wed 23 Oct 2024 08:46:07 +0000
ROA not before: Wed 23 Oct 2024 08:46:07 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 834
IP address blocks: 103.72.100.0/24 maxlen: 24
103.72.101.0/24 maxlen: 24
103.72.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Oct 2024 11:14:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1948 (0x79c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915EFDF/serialNumber=E8C21B03B65083B21BFA37526D12B341F249CC8B
Validity
Not Before: Oct 23 08:46:07 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=6718b7cf-7dcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3e:bd:bb:55:e4:a1:e0:7f:a0:f2:3f:29:ac:
97:3a:37:50:e5:8f:c0:e6:8f:dd:e5:50:2f:ff:df:
96:d0:84:40:cc:93:dd:a0:c4:0b:a8:ec:22:4e:77:
b8:fe:ed:cc:18:fe:ff:c6:74:3c:42:aa:3d:26:d4:
76:14:28:5c:d4:93:bc:c5:26:eb:ef:1b:6f:d0:b3:
6f:fc:6c:2f:ec:5b:9e:bc:cd:65:ae:57:be:d8:2e:
06:09:ff:95:4e:3e:f7:dd:55:31:4d:9f:a6:ea:4d:
d9:70:ef:2c:5c:3a:7d:ae:fd:67:37:2f:45:9a:bb:
3e:96:93:f7:46:1c:9c:52:36:a7:33:e2:e6:dc:96:
4a:73:1e:26:50:63:ab:02:52:e8:c7:3b:c3:42:5c:
4e:da:9c:e5:82:25:c1:67:27:2d:35:69:dd:61:5a:
0d:75:07:33:18:a6:57:63:52:1a:68:d6:63:37:2a:
ae:36:34:e5:c4:9f:16:7f:18:e6:2f:77:80:4c:da:
03:87:04:0f:6e:2f:15:f4:67:ce:de:ef:1d:d4:70:
1e:f6:ef:8a:44:d7:72:74:1c:cf:6d:80:08:58:50:
c9:4e:cb:c5:53:6c:b8:5c:aa:bc:0b:06:c6:d9:39:
af:ad:25:64:52:d5:10:39:57:fc:e9:b3:ed:1d:3e:
c6:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:85:66:76:7F:A4:F1:6C:4D:63:A4:BD:69:41:7A:EF:14:28:C2:AF
X509v3 Authority Key Identifier:
keyid:E8:C2:1B:03:B6:50:83:B2:1B:FA:37:52:6D:12:B3:41:F2:49:CC:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915EFDF/0BDD7EA2E90C11EA965C2A2FC4F9AE02/6MIbA7ZQg7Ib-jdSbRKzQfJJzIs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6MIbA7ZQg7Ib-jdSbRKzQfJJzIs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EFDF/0BDD7EA2E90C11EA965C2A2FC4F9AE02/2F7054268B7311EF8A89F811C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.100.0-103.72.102.255
Signature Algorithm: sha256WithRSAEncryption
96:55:ed:4a:41:55:7b:ec:70:d3:0c:c3:01:d1:38:42:97:e8:
52:44:d9:34:bf:d1:5b:7a:11:33:a6:dd:b4:f3:3c:9d:79:f7:
10:b7:35:09:e5:52:21:62:7e:23:0d:d3:02:50:0c:e7:83:59:
c9:70:6d:ba:07:9b:a9:66:6d:17:41:8c:02:4d:da:e7:70:58:
0c:c5:35:44:30:b1:87:1d:3a:db:28:df:ab:dc:cc:50:3c:3d:
52:9c:62:ca:94:2e:da:e3:61:f2:e4:3e:2d:e6:f6:9c:50:c2:
bc:d2:dc:96:45:22:a5:4a:2b:86:12:fc:ce:11:ce:5c:61:b5:
55:33:a5:53:59:98:28:21:bd:13:a5:9d:0c:73:1f:3a:77:d6:
b6:71:51:6f:ce:1c:90:bf:4e:78:59:d1:4b:05:be:71:f4:0a:
04:4b:33:30:30:e3:31:a0:66:7e:9c:be:8f:63:fc:de:9f:1f:
4c:4c:c9:4b:15:dc:ed:76:3b:27:00:fd:b9:74:d2:b3:8c:05:
db:b6:b7:c9:6d:fb:02:91:02:8b:2d:90:26:65:98:65:22:08:
7e:ac:f0:0f:41:b7:b7:f3:ef:b4:2f:f3:33:05:ff:59:61:69:
1f:f3:d7:2e:c5:a9:4a:c1:ee:b3:55:fd:28:54:09:f4:e4:78:
cc:56:79:bd
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICB5wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUVGREYxMTAvBgNVBAUTKEU4QzIxQjAzQjY1MDgzQjIxQkZBMzc1MjZEMTJCMzQx
RjI0OUNDOEIwHhcNMjQxMDIzMDg0NjA3WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzE4YjdjZi03ZGNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApj69u1XkoeB/oPI/KayXOjdQ5Y/A5o/d5VAv/9+W0IRAzJPdoMQLqOwiTne4
/u3MGP7/xnQ8Qqo9JtR2FChc1JO8xSbr7xtv0LNv/Gwv7FuevM1lrle+2C4GCf+V
Tj733VUxTZ+m6k3ZcO8sXDp9rv1nNy9Fmrs+lpP3RhycUjanM+Lm3JZKcx4mUGOr
AlLoxzvDQlxO2pzlgiXBZyctNWndYVoNdQczGKZXY1IaaNZjNyquNjTlxJ8Wfxjm
L3eATNoDhwQPbi8V9GfO3u8d1HAe9u+KRNdydBzPbYAIWFDJTsvFU2y4XKq8CwbG
2TmvrSVkUtUQOVf86bPtHT7GIQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFEGFZnZ/
pPFsTWOkvWlBeu8UKMKvMB8GA1UdIwQYMBaAFOjCGwO2UIOyG/o3Um0Ss0HyScyL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUZERi8wQkREN0VBMkU5
MEMxMUVBOTY1QzJBMkZDNEY5QUUwMi82TUliQTdaUWc3SWItamRTYlJLelFmSkp6
SXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZNSWJBN1pRZzdJYi1qZFNiUkt6UWZKSnpJcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUVGREYvMEJERDdFQTJFOTBDMTFFQTk2NUMyQTJGQzRGOUFFMDIvMkY3MDU0MjY4
QjczMTFFRjhBODlGODExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAmdIZAMEAGdIZjANBgkqhkiG9w0BAQsFAAOCAQEAllXt
SkFVe+xw0wzDAdE4QpfoUkTZNL/RW3oRM6bdtPM8nXn3ELc1CeVSIWJ+Iw3TAlAM
54NZyXBtugebqWZtF0GMAk3a53BYDMU1RDCxhx062yjfq9zMUDw9UpxiypQu2uNh
8uQ+Leb2nFDCvNLclkUipUorhhL8zhHOXGG1VTOlU1mYKCG9E6WdDHMfOnfWtnFR
b84ckL9OeFnRSwW+cfQKBEszMDDjMaBmfpy+j2P83p8fTEzJSxXc7XY7JwD9uXTS
s4wF27a3yW37ApECiy2QJmWYZSIIfqzwD0G3t/PvtC/zMwX/WWFpH/PXLsWpSsHu
s1X9KFQJ9OR4zFZ5vQ==
-----END CERTIFICATE-----
Generated at Thu Oct 24 16:00:44 2024 by rpki-client on console-ams.rpki-client.org