Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D323/220A1FD809EB11EFBC4D1534C4F9AE02/1FDB429A09F111EF8BA1EB1FC4F9AE02.roa
File: 1FDB429A09F111EF8BA1EB1FC4F9AE02.roa (raw, json)
Hash identifier: DiQV7X5bRxbnCv4CDN7bk5R+E40JC31iI/Y+XLITdVQ=
Subject key identifier: 99:DD:45:9A:11:07:B2:7C:B1:8B:1B:D7:47:D2:12:22:2A:5D:A2:FB
Certificate issuer: /CN=A918D323/serialNumber=C70DE278AB7726D29CA3A8C02407AA5BAE12EC0A
Certificate serial: 03
Authority key identifier: C7:0D:E2:78:AB:77:26:D2:9C:A3:A8:C0:24:07:AA:5B:AE:12:EC:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xw3ieKt3JtKco6jAJAeqW64S7Ao.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918D323/220A1FD809EB11EFBC4D1534C4F9AE02/1FDB429A09F111EF8BA1EB1FC4F9AE02.roa
Signing time: Sat 04 May 2024 08:34:30 +0000
ROA not before: Sat 04 May 2024 08:34:30 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 131299
IP address blocks: 103.68.112.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 04 May 2024 10:58:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918D323/serialNumber=C70DE278AB7726D29CA3A8C02407AA5BAE12EC0A
Validity
Not Before: May 4 08:34:30 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=6635f316-5545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cb:e2:a9:16:46:56:26:33:d5:f8:a7:f4:1c:
27:64:3d:68:1e:4f:92:42:8d:63:3c:01:78:13:7a:
11:ed:7b:29:62:af:20:1d:5b:3d:b4:69:77:df:2c:
7d:98:9e:4c:35:0b:01:8c:c6:b6:70:27:62:1f:66:
ec:df:4e:e8:b3:c1:48:4c:cf:80:fd:4f:60:45:57:
48:2b:4c:58:f3:56:46:15:4d:ea:06:e3:2a:35:9d:
ac:c3:a0:7f:5d:37:e6:e0:c5:d2:88:4a:5b:39:26:
62:38:8b:7b:c5:f1:20:47:47:79:90:33:28:22:55:
67:b7:4e:1e:6e:de:16:ed:c1:db:24:ec:e3:8b:7b:
55:3e:64:d3:db:83:2a:01:1c:5b:61:71:af:75:b2:
6e:b6:05:14:77:73:b6:7d:6e:4d:68:2f:b1:10:47:
d0:62:d6:73:d3:62:19:0b:4a:7b:79:6d:17:7a:c1:
a8:5f:17:a6:bb:5a:ff:26:db:f4:80:6d:dd:4a:f3:
d2:f1:b6:b4:8b:f0:7b:57:62:ca:55:e4:c7:b6:db:
9f:38:7d:bd:b1:49:54:89:ab:6a:24:d7:55:3b:b5:
7f:57:18:74:b7:9b:26:d2:65:a8:4f:5d:28:6e:3c:
09:48:cb:1c:76:75:64:e0:0d:d1:d5:3d:b6:40:79:
1d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:DD:45:9A:11:07:B2:7C:B1:8B:1B:D7:47:D2:12:22:2A:5D:A2:FB
X509v3 Authority Key Identifier:
keyid:C7:0D:E2:78:AB:77:26:D2:9C:A3:A8:C0:24:07:AA:5B:AE:12:EC:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918D323/220A1FD809EB11EFBC4D1534C4F9AE02/xw3ieKt3JtKco6jAJAeqW64S7Ao.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xw3ieKt3JtKco6jAJAeqW64S7Ao.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D323/220A1FD809EB11EFBC4D1534C4F9AE02/1FDB429A09F111EF8BA1EB1FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.68.112.0/22
Signature Algorithm: sha256WithRSAEncryption
c0:71:58:50:24:d8:35:6a:02:07:5d:8e:9a:a9:5b:0d:b9:7d:
c3:fe:0b:3d:a7:ec:40:15:8e:22:d2:0c:36:e0:8e:3d:e8:b7:
27:41:d7:b1:b1:bf:63:95:09:dc:c9:ec:35:e4:e0:35:48:01:
ce:55:2e:7b:b0:82:52:ca:0f:f0:68:08:bd:82:5e:5b:9f:97:
49:0c:b2:71:94:39:b2:48:3a:19:f8:0c:5e:2c:ae:5c:b9:de:
07:df:3f:41:5d:4e:93:fc:0a:4e:51:35:8a:d9:fd:66:da:c6:
5e:5d:d7:16:70:a6:ff:90:cf:da:b5:f6:f2:f2:19:8e:34:7e:
09:28:0e:da:08:55:79:3e:14:30:4c:c3:3a:ba:1e:83:26:51:
52:6c:58:31:25:18:0d:24:ee:cc:11:a9:9a:6b:6c:e3:24:c3:
20:7c:1c:3f:ad:81:98:ed:0e:34:d7:a3:46:31:1c:f0:f8:f3:
92:3e:6b:ac:93:a3:db:cb:22:8d:c7:c7:56:b5:68:3a:63:9e:
4b:ea:e5:c8:e6:2c:6f:67:b1:ff:e4:0f:1d:e0:bf:ce:63:c0:
bf:c2:db:f9:00:6e:ab:02:5c:99:7b:66:22:bd:60:2e:3f:48:
5e:3d:53:e6:30:de:29:09:49:f0:01:a8:70:b3:68:e7:7d:83:
22:07:23:c5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
RDMyMzExMC8GA1UEBRMoQzcwREUyNzhBQjc3MjZEMjlDQTNBOEMwMjQwN0FBNUJB
RTEyRUMwQTAeFw0yNDA1MDQwODM0MzBaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MzVmMzE2LTU1NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCdy+KpFkZWJjPV+Kf0HCdkPWgeT5JCjWM8AXgTehHteyliryAdWz20aXffLH2Y
nkw1CwGMxrZwJ2IfZuzfTuizwUhMz4D9T2BFV0grTFjzVkYVTeoG4yo1nazDoH9d
N+bgxdKISls5JmI4i3vF8SBHR3mQMygiVWe3Th5u3hbtwdsk7OOLe1U+ZNPbgyoB
HFthca91sm62BRR3c7Z9bk1oL7EQR9Bi1nPTYhkLSnt5bRd6wahfF6a7Wv8m2/SA
bd1K89LxtrSL8HtXYspV5Me22584fb2xSVSJq2ok11U7tX9XGHS3mybSZahPXShu
PAlIyxx2dWTgDdHVPbZAeR0HAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUmd1FmhEH
snyxixvXR9ISIipdovswHwYDVR0jBBgwFoAUxw3ieKt3JtKco6jAJAeqW64S7Aow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThEMzIzLzIyMEExRkQ4MDlF
QjExRUZCQzREMTUzNEM0RjlBRTAyL3h3M2llS3QzSnRLY282akFKQWVxVzY0UzdB
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIveHczaWVLdDNKdEtjbzZqQUpBZXFXNjRTN0FvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
RDMyMy8yMjBBMUZEODA5RUIxMUVGQkM0RDE1MzRDNEY5QUUwMi8xRkRCNDI5QTA5
RjExMUVGOEJBMUVCMUZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAmdEcDANBgkqhkiG9w0BAQsFAAOCAQEAwHFYUCTYNWoCB12O
mqlbDbl9w/4LPafsQBWOItIMNuCOPei3J0HXsbG/Y5UJ3MnsNeTgNUgBzlUue7CC
UsoP8GgIvYJeW5+XSQyycZQ5skg6GfgMXiyuXLneB98/QV1Ok/wKTlE1itn9ZtrG
Xl3XFnCm/5DP2rX28vIZjjR+CSgO2ghVeT4UMEzDOroegyZRUmxYMSUYDSTuzBGp
mmts4yTDIHwcP62BmO0ONNejRjEc8Pjzkj5rrJOj28sijcfHVrVoOmOeS+rlyOYs
b2ex/+QPHeC/zmPAv8Lb+QBuqwJcmXtmIr1gLj9IXj1T5jDeKQlJ8AGocLNo532D
IgcjxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:26 2024 by rpki-client on console-ams.rpki-client.org