Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DCFFF5FC76F211EDB61D420FC4F9AE02.roa
File: DCFFF5FC76F211EDB61D420FC4F9AE02.roa (raw, json)
Hash identifier: I6RggYf5WL6PftoGsNDjMd6Pv1MeDHPRXbmQCryZRuc=
Subject key identifier: DC:A2:C1:58:13:84:EC:1B:68:5F:7C:FE:D8:3A:3D:D1:98:60:48:F6
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7107
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DCFFF5FC76F211EDB61D420FC4F9AE02.roa
Signing time: Wed 10 May 2023 16:46:17 +0000
ROA not before: Wed 10 May 2023 16:46:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150581
IP address blocks: 103.48.22.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Mar 2024 12:48:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28935 (0x7107)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:46:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bca59-8de4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:cc:87:38:ff:93:3c:54:f6:8b:b9:d8:ab:e5:
5d:27:ec:c9:81:da:38:cc:19:2f:58:91:21:a1:72:
18:fe:23:34:ce:d4:09:b3:0a:40:ce:ce:00:69:5c:
8c:c7:80:fe:a4:70:7c:85:49:20:5d:f5:b2:d0:fd:
27:c1:79:a5:44:1c:a0:25:1b:63:97:b0:2d:85:4b:
94:14:0e:42:26:f8:8d:0d:49:1a:50:2b:52:8a:45:
2d:ae:33:97:b7:04:30:c3:e8:3c:ee:c6:b6:fb:fb:
7c:42:22:26:01:34:a8:86:03:50:c4:a4:81:1a:dd:
6d:ee:15:60:19:48:17:58:14:a6:76:77:7b:00:8a:
b6:3b:3c:e6:15:26:85:5b:9a:2b:64:da:69:6a:9f:
1e:03:03:50:90:b0:65:87:51:ab:b3:f5:df:49:87:
ce:9d:b7:d6:fb:a4:9b:6f:cc:72:24:c8:30:14:9c:
9e:d5:ff:27:96:4a:70:3b:ef:ae:e8:44:46:3c:88:
96:65:9f:88:e4:8a:60:df:52:43:8c:c0:fd:90:f8:
87:7d:c6:7d:96:8f:29:03:99:6e:0e:6e:55:9a:c8:
e6:d2:f6:d6:15:a0:a9:ec:e5:90:0d:59:b9:2f:51:
b3:66:39:6a:24:ae:9b:3c:df:fa:f6:b1:f5:c9:9f:
3b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A2:C1:58:13:84:EC:1B:68:5F:7C:FE:D8:3A:3D:D1:98:60:48:F6
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DCFFF5FC76F211EDB61D420FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.48.22.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:76:89:fd:6a:5b:33:00:f1:18:4a:3f:00:59:c8:7b:9f:e0:
cd:aa:81:d5:a5:17:7e:1d:0a:93:e1:0f:b6:00:58:09:0f:6a:
29:9f:ce:7c:5e:4b:d8:49:80:72:a2:1e:f4:65:4d:de:d6:51:
46:0d:b4:6d:2b:5a:97:b7:3d:07:3e:03:18:fa:9e:a6:8d:46:
fe:ab:ed:dc:5c:77:50:ca:91:49:9a:b2:c6:6f:db:7d:b4:eb:
d1:e6:97:01:83:56:ff:f0:da:3c:ea:bd:12:87:4d:8a:dc:77:
98:f8:30:29:0b:7a:1d:2d:59:ed:34:a1:7f:ce:76:1f:78:ff:
ae:4a:1a:2a:3f:bb:3a:72:7f:bf:8e:28:ff:9d:38:d1:1e:f4:
d2:89:df:1c:70:d1:08:fa:57:19:a8:14:36:c1:f8:e3:50:a6:
f4:88:0a:07:d0:79:96:d9:0d:96:50:f3:7a:36:a6:49:51:d0:
46:84:cd:69:3a:ea:ba:87:57:57:73:68:07:40:12:07:fc:39:
d6:40:0d:c1:07:48:b8:8e:f3:51:39:5d:df:8b:3e:89:27:25:
aa:59:c7:41:8e:07:3f:36:df:c4:61:04:4c:a2:87:2f:87:0d:
b3:1d:b6:fd:23:81:39:0b:1c:f9:66:8f:2d:e2:a7:af:b5:1f:
b7:5d:45:33
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICcQcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTY0NjE3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViY2E1OS04ZGU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy8yHOP+TPFT2i7nYq+VdJ+zJgdo4zBkvWJEhoXIY/iM0ztQJswpAzs4AaVyM
x4D+pHB8hUkgXfWy0P0nwXmlRBygJRtjl7AthUuUFA5CJviNDUkaUCtSikUtrjOX
twQww+g87sa2+/t8QiImATSohgNQxKSBGt1t7hVgGUgXWBSmdnd7AIq2OzzmFSaF
W5orZNppap8eAwNQkLBlh1Grs/XfSYfOnbfW+6Sbb8xyJMgwFJye1f8nlkpwO++u
6ERGPIiWZZ+I5Ipg31JDjMD9kPiHfcZ9lo8pA5luDm5Vmsjm0vbWFaCp7OWQDVm5
L1GzZjlqJK6bPN/69rH1yZ87JwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNyiwVgT
hOwbaF98/tg6PdGYYEj2MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRENGRkY1RkM3
NkYyMTFFREI2MUQ0MjBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnMBYwDQYJKoZIhvcNAQELBQADggEBAIt2if1qWzMA8RhK
PwBZyHuf4M2qgdWlF34dCpPhD7YAWAkPaimfznxeS9hJgHKiHvRlTd7WUUYNtG0r
Wpe3PQc+Axj6nqaNRv6r7dxcd1DKkUmassZv232069HmlwGDVv/w2jzqvRKHTYrc
d5j4MCkLeh0tWe00oX/Odh94/65KGio/uzpyf7+OKP+dONEe9NKJ3xxw0Qj6Vxmo
FDbB+ONQpvSICgfQeZbZDZZQ83o2pklR0EaEzWk66rqHV1dzaAdAEgf8OdZADcEH
SLiO81E5Xd+LPoknJapZx0GOBz8238RhBEyihy+HDbMdtv0jgTkLHPlmjy3ip6+1
H7ddRTM=
-----END CERTIFICATE-----
Generated at Tue Mar 19 17:35:24 2024 by rpki-client on console-fra.rpki-client.org