Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9160C86/83CC49E099F311ECB58EC70EC4F9AE02/D8FB39F8C13F11ECAD6BA680C4F9AE02.roa
File: D8FB39F8C13F11ECAD6BA680C4F9AE02.roa (raw, json)
Hash identifier: z3qLzVlN2JtuVJjRW9+TLmK4ohorJrqNYoftcdOjV9Q=
Subject key identifier: 13:DC:51:2E:56:BD:F0:E6:FE:40:F5:62:3C:DE:64:90:EB:D2:B3:99
Certificate issuer: /CN=A9160C86/serialNumber=754C7A08920B75DE6E1B37A3B54B8D5325D8DF73
Certificate serial: 025F
Authority key identifier: 75:4C:7A:08:92:0B:75:DE:6E:1B:37:A3:B5:4B:8D:53:25:D8:DF:73
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dUx6CJILdd5uGzejtUuNUyXY33M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9160C86/83CC49E099F311ECB58EC70EC4F9AE02/D8FB39F8C13F11ECAD6BA680C4F9AE02.roa
Signing time: Fri 01 Sep 2023 02:33:39 +0000
ROA not before: Fri 01 Sep 2023 02:33:39 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 397373
IP address blocks: 103.129.52.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Nov 2023 08:27:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 607 (0x25f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9160C86/serialNumber=754C7A08920B75DE6E1B37A3B54B8D5325D8DF73
Validity
Not Before: Sep 1 02:33:39 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64f14d82-9ce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:88:e9:fa:70:73:c6:fd:34:08:9c:b8:13:5b:
14:2b:c0:df:82:f7:40:59:99:b2:ed:b5:91:62:6d:
a2:e0:dd:42:47:49:d5:f5:cb:9b:f8:db:c4:da:f6:
6e:da:41:a8:b6:1a:ac:6e:ff:02:ab:91:ac:bc:81:
5b:fa:a5:49:f2:05:3e:bd:10:4b:28:81:0d:c4:3e:
16:25:c3:fc:2b:e4:35:47:ea:77:fb:57:a0:3a:af:
43:ee:27:ee:89:8f:c1:88:79:10:e2:9f:0a:b7:c3:
a8:e1:5b:fd:8c:7e:df:9b:1b:b0:48:2e:ee:9c:86:
60:bc:75:5c:7e:70:63:0d:03:40:b7:2a:3a:4b:69:
09:78:db:31:c9:18:bb:91:f0:cb:7b:00:f1:9c:e7:
85:ed:68:63:3c:6b:b3:0e:8e:4b:e3:b4:5f:34:8e:
73:69:39:e5:dd:b3:04:6d:df:41:53:bd:62:23:a8:
06:32:24:cc:4c:da:6a:16:54:40:73:d6:e2:3f:6e:
71:76:a6:4c:f1:a7:60:a9:af:d9:ea:d9:5a:4f:3f:
b5:39:e1:c2:12:e7:8d:d6:ec:d5:05:6b:ec:87:6b:
a5:33:d6:58:2b:7a:44:36:ec:de:96:7c:5e:82:f5:
23:70:6f:8f:86:eb:0f:d8:4a:40:cf:6c:69:f9:fd:
7c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:DC:51:2E:56:BD:F0:E6:FE:40:F5:62:3C:DE:64:90:EB:D2:B3:99
X509v3 Authority Key Identifier:
keyid:75:4C:7A:08:92:0B:75:DE:6E:1B:37:A3:B5:4B:8D:53:25:D8:DF:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9160C86/83CC49E099F311ECB58EC70EC4F9AE02/dUx6CJILdd5uGzejtUuNUyXY33M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dUx6CJILdd5uGzejtUuNUyXY33M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9160C86/83CC49E099F311ECB58EC70EC4F9AE02/D8FB39F8C13F11ECAD6BA680C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.52.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:7f:34:e5:d4:a4:b1:d4:ec:17:46:ca:77:65:6d:50:75:99:
1d:aa:68:9b:d7:dc:3d:f2:b1:44:99:53:e3:e0:5b:bd:2a:45:
e9:40:ba:e0:79:2b:a6:77:77:e5:5f:8e:36:85:a9:6c:c8:7d:
04:1c:56:b4:1b:83:b1:fc:0a:3d:62:5f:bb:19:9d:7e:68:33:
8e:00:0a:e0:d6:08:3a:20:91:68:56:a9:56:c8:aa:fc:3d:ae:
e0:3e:6e:dc:86:c6:1c:d0:a3:d6:03:d0:de:dd:f6:14:3d:fa:
13:ce:ad:bd:3a:6d:36:ed:4e:4f:04:72:dc:e5:04:b7:ca:cb:
6b:2f:99:db:c5:0f:77:44:53:2f:56:4d:5a:48:1a:f5:f0:73:
f7:a6:ea:d6:67:94:58:b8:6c:4d:f6:66:15:e4:fe:37:0c:0f:
ba:8a:a0:01:ed:e8:a0:e4:e6:97:f3:19:d7:3b:82:61:66:79:
be:40:4b:18:8f:88:15:3b:39:6a:6f:7d:77:eb:f5:6a:64:6f:
3f:12:9a:4e:07:3d:c9:43:ef:ef:92:e8:94:ad:36:a4:ad:a7:
4e:33:04:20:77:b5:97:a4:09:0e:40:0d:3e:19:1a:02:01:17:
7b:f9:15:47:2b:7e:dc:e4:54:67:0f:56:ec:2b:74:27:80:7a:
b7:4c:aa:00
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAl8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjBDODYxMTAvBgNVBAUTKDc1NEM3QTA4OTIwQjc1REU2RTFCMzdBM0I1NEI4RDUz
MjVEOERGNzMwHhcNMjMwOTAxMDIzMzM5WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGYxNGQ4Mi05Y2UxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwYjp+nBzxv00CJy4E1sUK8DfgvdAWZmy7bWRYm2i4N1CR0nV9cub+NvE2vZu
2kGothqsbv8Cq5GsvIFb+qVJ8gU+vRBLKIENxD4WJcP8K+Q1R+p3+1egOq9D7ifu
iY/BiHkQ4p8Kt8Oo4Vv9jH7fmxuwSC7unIZgvHVcfnBjDQNAtyo6S2kJeNsxyRi7
kfDLewDxnOeF7WhjPGuzDo5L47RfNI5zaTnl3bMEbd9BU71iI6gGMiTMTNpqFlRA
c9biP25xdqZM8adgqa/Z6tlaTz+1OeHCEueN1uzVBWvsh2ulM9ZYK3pENuzelnxe
gvUjcG+PhusP2EpAz2xp+f182wIDAQABo4IClTCCApEwHQYDVR0OBBYEFBPcUS5W
vfDm/kD1YjzeZJDr0rOZMB8GA1UdIwQYMBaAFHVMegiSC3Xebhs3o7VLjVMl2N9z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MEM4Ni84M0NDNDlFMDk5
RjMxMUVDQjU4RUM3MEVDNEY5QUUwMi9kVXg2Q0pJTGRkNXVHemVqdFV1TlV5WFkz
M00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RVeDZDSklMZGQ1dUd6ZWp0VXVOVXlYWTMzTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjBDODYvODNDQzQ5RTA5OUYzMTFFQ0I1OEVDNzBFQzRGOUFFMDIvRDhGQjM5RjhD
MTNGMTFFQ0FENkJBNjgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJngTQwDQYJKoZIhvcNAQELBQADggEBAKh/NOXUpLHU7BdG
yndlbVB1mR2qaJvX3D3ysUSZU+PgW70qRelAuuB5K6Z3d+VfjjaFqWzIfQQcVrQb
g7H8Cj1iX7sZnX5oM44ACuDWCDogkWhWqVbIqvw9ruA+btyGxhzQo9YD0N7d9hQ9
+hPOrb06bTbtTk8EctzlBLfKy2svmdvFD3dEUy9WTVpIGvXwc/em6tZnlFi4bE32
ZhXk/jcMD7qKoAHt6KDk5pfzGdc7gmFmeb5ASxiPiBU7OWpvfXfr9Wpkbz8Smk4H
PclD7++S6JStNqStp04zBCB3tZekCQ5ADT4ZGgIBF3v5FUcrftzkVGcPVuwrdCeA
erdMqgA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org