Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/916F749AFA5611EDB88E6A76C4F9AE02.roa
File: 916F749AFA5611EDB88E6A76C4F9AE02.roa (raw, json)
Hash identifier: NAAJHIm7dyOS0x4lQeUQFiU8EKgTyIBR2iPGTBa2l4I=
Subject key identifier: AB:76:C1:F9:72:E3:9E:BC:3B:95:90:1D:19:B2:CC:F9:53:45:9F:6E
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1B60
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/916F749AFA5611EDB88E6A76C4F9AE02.roa
Signing time: Thu 28 Sep 2023 16:34:01 +0000
ROA not before: Thu 28 Sep 2023 16:34:01 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 141342
IP address blocks: 103.12.120.0/24 maxlen: 24
103.12.121.0/24 maxlen: 24
103.12.122.0/24 maxlen: 24
103.12.123.0/24 maxlen: 24
113.203.200.0/24 maxlen: 24
113.203.201.0/24 maxlen: 24
113.203.202.0/24 maxlen: 24
113.203.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Nov 2023 13:24:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7008 (0x1b60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Sep 28 16:34:01 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6515aaf8-cc44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8f:65:39:c6:61:dd:18:28:ce:d1:8d:40:3a:
e9:ff:1c:32:8a:06:32:8b:6b:18:e9:08:f3:64:c3:
04:c2:9b:97:68:21:91:3e:44:ed:cf:5f:27:d8:70:
3e:1e:27:eb:d2:0e:b5:13:42:4e:99:f1:a1:08:64:
21:b8:54:76:51:94:03:70:6c:0d:e6:d5:5b:df:4f:
e7:e7:07:d7:b2:bf:b0:5d:d6:38:0a:60:7f:2b:15:
40:d7:de:57:90:93:97:84:43:30:76:c1:e3:bf:51:
7b:8f:16:f7:5a:c1:c7:ed:68:14:53:9f:12:c8:6e:
13:c1:cf:7d:dc:ce:e5:d0:a1:6f:81:80:1d:55:66:
57:98:ef:9f:38:14:82:58:f3:5f:3c:41:9c:76:c8:
bf:b9:98:a6:aa:d1:65:63:6c:ef:e2:11:5b:b9:e2:
8f:e5:4e:35:d9:96:bb:6b:2f:f6:a3:a9:3e:fe:96:
52:61:8f:64:e5:18:70:46:c0:2c:a8:63:b2:2b:f7:
0d:20:9d:72:61:6c:ce:84:9c:67:c5:56:a2:41:0a:
78:d2:5b:8a:80:f9:df:22:71:1e:13:86:83:be:c1:
77:ce:b5:2c:d4:6d:6f:03:56:12:19:6e:2f:39:de:
9c:48:79:03:a9:0a:19:4b:8c:9d:4c:c4:66:06:53:
a6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:76:C1:F9:72:E3:9E:BC:3B:95:90:1D:19:B2:CC:F9:53:45:9F:6E
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/916F749AFA5611EDB88E6A76C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.12.120.0/22
113.203.200.0/22
Signature Algorithm: sha256WithRSAEncryption
59:4f:cb:64:3d:7e:48:ef:6e:10:16:87:f9:04:15:67:40:07:
a6:51:f4:4b:47:fc:14:ec:18:14:2c:c2:41:a1:86:4c:37:3d:
f2:e2:1d:54:ef:17:05:16:03:97:e9:b9:9a:a1:69:65:6e:f6:
76:83:ec:65:e9:a6:90:6b:db:32:2d:9e:4e:8e:b5:0c:44:86:
9b:d9:41:ab:30:5b:0f:b9:35:2e:ed:cb:98:27:63:29:f9:57:
7a:58:d6:83:03:04:55:e7:9e:63:24:a7:01:8a:4f:14:0f:36:
b8:f1:52:b7:85:f2:e0:21:5d:ed:66:e6:70:6d:48:ee:96:3a:
6a:eb:51:15:46:12:8d:ca:89:bc:52:6e:66:f3:2f:ef:79:30:
4b:47:c6:ad:9a:4b:3d:77:25:36:89:c8:d5:74:52:54:6b:21:
fe:f8:e8:41:aa:df:6b:c2:46:16:4e:c4:22:e6:56:ab:8c:29:
b1:83:fc:4d:70:3d:64:06:26:34:9d:85:d6:fc:90:c6:80:3a:
3f:c2:f3:9d:10:ad:d1:59:aa:3f:cf:a3:15:db:c6:22:93:a0:
14:c5:6d:6f:1f:d5:09:4e:0a:a0:0d:17:06:a3:bb:24:87:aa:
29:3f:07:22:13:5d:4d:7a:40:d3:dc:cf:29:8f:50:0a:9f:6a:
cc:22:4f:7c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICG2AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjMwOTI4MTYzNDAxWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTE1YWFmOC1jYzQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw49lOcZh3RgoztGNQDrp/xwyigYyi2sY6QjzZMMEwpuXaCGRPkTtz18n2HA+
Hifr0g61E0JOmfGhCGQhuFR2UZQDcGwN5tVb30/n5wfXsr+wXdY4CmB/KxVA195X
kJOXhEMwdsHjv1F7jxb3WsHH7WgUU58SyG4Twc993M7l0KFvgYAdVWZXmO+fOBSC
WPNfPEGcdsi/uZimqtFlY2zv4hFbueKP5U412Za7ay/2o6k+/pZSYY9k5RhwRsAs
qGOyK/cNIJ1yYWzOhJxnxVaiQQp40luKgPnfInEeE4aDvsF3zrUs1G1vA1YSGW4v
Od6cSHkDqQoZS4ydTMRmBlOmrwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKt2wfly
4568O5WQHRmyzPlTRZ9uMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvOTE2Rjc0OUFG
QTU2MTFFREI4OEU2QTc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnDHgDBAJxy8gwDQYJKoZIhvcNAQELBQADggEBAFlPy2Q9
fkjvbhAWh/kEFWdAB6ZR9EtH/BTsGBQswkGhhkw3PfLiHVTvFwUWA5fpuZqhaWVu
9naD7GXpppBr2zItnk6OtQxEhpvZQaswWw+5NS7ty5gnYyn5V3pY1oMDBFXnnmMk
pwGKTxQPNrjxUreF8uAhXe1m5nBtSO6WOmrrURVGEo3KibxSbmbzL+95MEtHxq2a
Sz13JTaJyNV0UlRrIf746EGq32vCRhZOxCLmVquMKbGD/E1wPWQGJjSdhdb8kMaA
Oj/C850QrdFZqj/PoxXbxiKToBTFbW8f1QlOCqANFwajuySHqik/ByITXU16QNPc
zymPUAqfaswiT3w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org