Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915EFDF/0BDD7EA2E90C11EA965C2A2FC4F9AE02/84F043C8E90D11EA80A27F31C4F9AE02.roa
File: 84F043C8E90D11EA80A27F31C4F9AE02.roa (raw, json)
Hash identifier: sVHJSrW29/PUckngwFo4QOiyWMz1QHuF9PrWeEfuVDE=
Subject key identifier: 2F:92:1F:FB:89:C9:8A:35:CC:AC:D1:36:3D:7C:4A:31:8C:DA:9C:E4
Certificate issuer: /CN=A915EFDF/serialNumber=E8C21B03B65083B21BFA37526D12B341F249CC8B
Certificate serial: 0779
Authority key identifier: E8:C2:1B:03:B6:50:83:B2:1B:FA:37:52:6D:12:B3:41:F2:49:CC:8B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6MIbA7ZQg7Ib-jdSbRKzQfJJzIs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915EFDF/0BDD7EA2E90C11EA965C2A2FC4F9AE02/84F043C8E90D11EA80A27F31C4F9AE02.roa
Signing time: Mon 30 Sep 2024 21:40:23 +0000
ROA not before: Mon 30 Sep 2024 21:40:23 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 17483
IP address blocks: 103.72.100.0/24 maxlen: 24
103.72.101.0/24 maxlen: 24
103.72.102.0/24 maxlen: 24
103.72.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 09:21:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1913 (0x779)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915EFDF/serialNumber=E8C21B03B65083B21BFA37526D12B341F249CC8B
Validity
Not Before: Sep 30 21:40:23 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66fb1ac7-24b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ff:f8:b8:d8:32:f1:32:a9:b9:96:b6:41:92:
a4:4b:62:09:d2:b1:3b:d3:bc:d4:40:a3:fe:b9:f4:
e2:d9:8b:26:b7:67:c4:b7:c4:1e:d1:c6:9a:c9:d7:
4c:c7:57:0c:b5:64:41:16:da:d5:5d:5b:55:65:5e:
8b:84:1c:85:b4:66:b0:29:a5:a0:92:f0:01:b4:5c:
dd:a4:e6:93:87:80:57:72:f8:ba:61:35:93:3d:08:
c1:ad:d9:8c:50:80:25:f8:d1:f4:a2:ce:6d:1b:c9:
9d:7a:82:84:3d:ff:e3:79:6d:ce:42:61:8b:6d:ac:
77:0c:c8:39:45:d0:cf:23:9a:5f:42:f9:06:ff:09:
d5:26:24:c5:a3:bb:a7:81:45:22:69:c3:1b:72:9b:
b2:a1:21:c6:09:2d:cd:f3:f0:eb:18:79:f5:05:75:
6e:e7:e3:27:e9:2d:38:42:b2:23:23:89:14:fb:61:
c1:74:a2:cc:f8:05:ba:34:85:42:e2:f6:99:e5:a0:
8e:6d:0c:2a:73:62:ff:30:5c:b5:62:8a:a1:0c:b7:
e9:85:52:f7:07:a0:12:e8:88:98:39:b7:11:58:ca:
25:8d:7d:9a:3a:16:85:83:4b:02:fd:ce:8a:ff:19:
9d:2d:ab:f1:08:6e:2e:d8:65:1b:87:78:7f:b8:ca:
f0:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:92:1F:FB:89:C9:8A:35:CC:AC:D1:36:3D:7C:4A:31:8C:DA:9C:E4
X509v3 Authority Key Identifier:
keyid:E8:C2:1B:03:B6:50:83:B2:1B:FA:37:52:6D:12:B3:41:F2:49:CC:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915EFDF/0BDD7EA2E90C11EA965C2A2FC4F9AE02/6MIbA7ZQg7Ib-jdSbRKzQfJJzIs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6MIbA7ZQg7Ib-jdSbRKzQfJJzIs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EFDF/0BDD7EA2E90C11EA965C2A2FC4F9AE02/84F043C8E90D11EA80A27F31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.100.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:72:90:95:ab:c5:93:0c:13:ad:ef:64:7b:0e:5f:1f:50:af:
cd:71:0b:e0:31:e3:f0:71:02:35:ad:53:84:85:2f:4b:33:7e:
1b:85:f4:f8:36:28:73:76:7c:df:99:42:1c:e3:2c:cf:50:68:
6c:c3:1c:ab:e3:05:45:b4:01:c1:77:ae:be:68:07:59:94:d6:
ef:de:b6:42:c6:12:9c:05:da:08:54:c7:19:52:0f:c9:42:ab:
df:70:42:14:ac:5d:d2:66:8e:46:ef:e0:41:35:5c:59:c1:c8:
53:ac:1f:37:a6:90:05:27:2b:ff:51:96:ec:40:69:26:aa:da:
4f:73:5d:46:1e:80:d7:90:6a:3f:79:ee:d5:4a:66:03:22:53:
08:e6:b6:6e:78:06:e6:19:e0:2f:e6:52:1a:82:38:fd:58:c9:
28:13:7a:03:fc:0b:25:f4:af:fd:09:43:ba:24:74:7c:01:c5:
76:6b:e8:bc:3b:c0:12:05:40:e9:14:eb:35:b3:49:53:3f:a0:
d0:fd:28:b7:c2:5b:af:67:a3:72:a1:bf:8c:89:92:95:03:46:
ff:53:fe:cb:99:c8:db:aa:a0:b7:d4:d0:76:4d:7e:bf:9c:3b:
c3:61:b6:e0:b3:d0:af:f2:7b:e9:d6:27:d1:23:66:87:30:69:
bd:bb:72:3d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB3kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUVGREYxMTAvBgNVBAUTKEU4QzIxQjAzQjY1MDgzQjIxQkZBMzc1MjZEMTJCMzQx
RjI0OUNDOEIwHhcNMjQwOTMwMjE0MDIzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZiMWFjNy0yNGI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzv/4uNgy8TKpuZa2QZKkS2IJ0rE707zUQKP+ufTi2Ysmt2fEt8Qe0caayddM
x1cMtWRBFtrVXVtVZV6LhByFtGawKaWgkvABtFzdpOaTh4BXcvi6YTWTPQjBrdmM
UIAl+NH0os5tG8mdeoKEPf/jeW3OQmGLbax3DMg5RdDPI5pfQvkG/wnVJiTFo7un
gUUiacMbcpuyoSHGCS3N8/DrGHn1BXVu5+Mn6S04QrIjI4kU+2HBdKLM+AW6NIVC
4vaZ5aCObQwqc2L/MFy1YoqhDLfphVL3B6AS6IiYObcRWMoljX2aOhaFg0sC/c6K
/xmdLavxCG4u2GUbh3h/uMrwVwIDAQABo4IClTCCApEwHQYDVR0OBBYEFC+SH/uJ
yYo1zKzRNj18SjGM2pzkMB8GA1UdIwQYMBaAFOjCGwO2UIOyG/o3Um0Ss0HyScyL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUZERi8wQkREN0VBMkU5
MEMxMUVBOTY1QzJBMkZDNEY5QUUwMi82TUliQTdaUWc3SWItamRTYlJLelFmSkp6
SXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZNSWJBN1pRZzdJYi1qZFNiUkt6UWZKSnpJcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUVGREYvMEJERDdFQTJFOTBDMTFFQTk2NUMyQTJGQzRGOUFFMDIvODRGMDQzQzhF
OTBEMTFFQTgwQTI3RjMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnSGQwDQYJKoZIhvcNAQELBQADggEBAI1ykJWrxZMME63v
ZHsOXx9Qr81xC+Ax4/BxAjWtU4SFL0szfhuF9Pg2KHN2fN+ZQhzjLM9QaGzDHKvj
BUW0AcF3rr5oB1mU1u/etkLGEpwF2ghUxxlSD8lCq99wQhSsXdJmjkbv4EE1XFnB
yFOsHzemkAUnK/9RluxAaSaq2k9zXUYegNeQaj957tVKZgMiUwjmtm54BuYZ4C/m
UhqCOP1YySgTegP8CyX0r/0JQ7okdHwBxXZr6Lw7wBIFQOkU6zWzSVM/oND9KLfC
W69no3Khv4yJkpUDRv9T/suZyNuqoLfU0HZNfr+cO8NhtuCz0K/ye+nWJ9EjZocw
ab27cj0=
-----END CERTIFICATE-----
Generated at Tue Oct 8 13:32:51 2024 by rpki-client on console-fra.rpki-client.org