Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/CB54291496B111EF98502356C4F9AE02.roa
File: CB54291496B111EF98502356C4F9AE02.roa (raw, json)
Hash identifier: B7kI0WkXqd9TVcty7Ds1TnmgU0iEr4BMszFBu8WjJr8=
Subject key identifier: 7D:9E:BF:29:27:93:18:73:50:56:B7:DC:88:18:D2:E1:6B:72:B3:EA
Certificate issuer: /CN=A91A0E9D/serialNumber=D21B0D5AC5AF91900F50AD96003313E51ED60A10
Certificate serial: 03
Authority key identifier: D2:1B:0D:5A:C5:AF:91:90:0F:50:AD:96:00:33:13:E5:1E:D6:0A:10
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0hsNWsWvkZAPUK2WADMT5R7WChA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/CB54291496B111EF98502356C4F9AE02.roa
Signing time: Wed 30 Oct 2024 11:26:24 +0000
ROA not before: Wed 30 Oct 2024 11:26:24 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 63851
IP address blocks: 103.42.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 30 Oct 2024 15:18:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0E9D/serialNumber=D21B0D5AC5AF91900F50AD96003313E51ED60A10
Validity
Not Before: Oct 30 11:26:24 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=672217df-3136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a4:ef:b5:87:62:3d:e7:02:f8:a0:2c:c3:cc:
30:b5:4d:56:9e:be:62:01:a8:06:b0:71:92:53:10:
8c:f2:11:bd:24:f7:68:24:07:f9:d4:af:9d:09:56:
6d:3c:c9:af:0a:e0:00:af:60:ea:9a:55:61:39:fa:
bc:fa:69:f4:eb:a4:85:07:0d:d9:a9:b2:c0:85:09:
4c:f6:49:92:1e:27:78:6d:f8:47:0f:9d:0e:bb:6c:
c0:e8:fc:3d:36:d7:c2:66:70:9c:41:ff:9e:87:f3:
2b:9a:8c:36:8d:09:44:0f:77:52:4c:2b:06:34:66:
e8:30:20:77:0b:24:88:9f:36:64:56:ea:1e:49:0a:
ba:0e:92:21:5d:af:6b:d3:42:62:f9:57:65:b5:b9:
9f:4b:2f:34:33:35:33:be:8d:0c:3d:5d:f9:0c:58:
d7:1f:05:34:66:c0:b3:52:5e:79:80:67:c0:4a:fe:
6a:17:ec:3c:e3:14:58:7f:41:96:a9:e4:83:75:d0:
a8:73:eb:c5:2b:b0:1b:30:f3:77:48:48:4d:f2:5e:
21:1c:58:bc:9a:d9:84:f2:df:d1:af:99:36:48:01:
a3:af:aa:ae:75:f7:35:73:47:40:87:fb:11:7b:96:
17:22:33:67:80:c3:57:e7:5f:d7:be:0c:71:cd:c6:
87:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:9E:BF:29:27:93:18:73:50:56:B7:DC:88:18:D2:E1:6B:72:B3:EA
X509v3 Authority Key Identifier:
keyid:D2:1B:0D:5A:C5:AF:91:90:0F:50:AD:96:00:33:13:E5:1E:D6:0A:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0hsNWsWvkZAPUK2WADMT5R7WChA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/CB54291496B111EF98502356C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.42.152.0/22
Signature Algorithm: sha256WithRSAEncryption
f5:87:38:f9:42:58:1f:3e:b5:6c:66:d5:25:0f:cc:c3:76:fa:
ef:de:ed:0b:64:6e:a8:85:e1:f3:5e:d6:ce:28:05:60:0d:56:
a6:e4:39:57:42:9a:66:e1:71:8d:29:6a:e8:05:df:12:67:22:
5a:d2:9a:72:35:bf:1e:13:28:2f:11:c8:93:b8:94:d6:15:b0:
89:f7:44:c7:6d:d2:f1:9f:7d:28:03:51:66:3d:55:5b:73:d5:
ca:f3:ce:9f:a7:e8:7a:70:3c:1d:43:77:dc:a0:bb:ff:fd:1a:
6f:b5:f8:22:d4:01:e6:fa:01:f5:07:09:de:79:e0:15:54:7a:
2a:f6:36:5d:81:c8:c9:9f:92:73:2b:8f:99:f2:e9:53:97:d3:
f0:52:72:65:ae:2f:95:83:bf:01:3f:a4:e4:7c:a6:47:22:c9:
15:21:74:2c:ae:31:62:e8:70:e8:24:bf:7f:57:16:01:1d:ee:
41:47:32:b5:ec:10:d6:4b:f8:08:c1:1a:2d:f8:2e:50:0d:f5:
cc:d6:9c:a8:01:70:3a:7e:6f:94:57:39:25:c3:ac:db:c7:e2:
4f:8f:af:c6:b0:84:a4:63:df:67:80:4b:92:9d:a7:28:db:21:
b5:00:5d:0f:36:39:37:f7:ec:50:65:5e:9a:3b:23:d2:0d:6b:
31:0f:87:e1
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MEU5RDExMC8GA1UEBRMoRDIxQjBENUFDNUFGOTE5MDBGNTBBRDk2MDAzMzEzRTUx
RUQ2MEExMDAeFw0yNDEwMzAxMTI2MjRaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MjIxN2RmLTMxMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCypO+1h2I95wL4oCzDzDC1TVaevmIBqAawcZJTEIzyEb0k92gkB/nUr50JVm08
ya8K4ACvYOqaVWE5+rz6afTrpIUHDdmpssCFCUz2SZIeJ3ht+EcPnQ67bMDo/D02
18JmcJxB/56H8yuajDaNCUQPd1JMKwY0ZugwIHcLJIifNmRW6h5JCroOkiFdr2vT
QmL5V2W1uZ9LLzQzNTO+jQw9XfkMWNcfBTRmwLNSXnmAZ8BK/moX7DzjFFh/QZap
5IN10Khz68UrsBsw83dISE3yXiEcWLya2YTy39GvmTZIAaOvqq519zVzR0CH+xF7
lhciM2eAw1fnX9e+DHHNxoc7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUfZ6/KSeT
GHNQVrfciBjS4Wtys+owHwYDVR0jBBgwFoAU0hsNWsWvkZAPUK2WADMT5R7WChAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEwRTlELzk1NjlBREI0OTVE
QjExRUZBNEUyRkI0NUM0RjlBRTAyLzBoc05Xc1d2a1pBUFVLMldBRE1UNVI3V0No
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMGhzTldzV3ZrWkFQVUsyV0FETVQ1UjdXQ2hBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MEU5RC85NTY5QURCNDk1REIxMUVGQTRFMkZCNDVDNEY5QUUwMi9DQjU0MjkxNDk2
QjExMUVGOTg1MDIzNTZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAmcqmDANBgkqhkiG9w0BAQsFAAOCAQEA9Yc4+UJYHz61bGbV
JQ/Mw3b6797tC2RuqIXh817WzigFYA1WpuQ5V0KaZuFxjSlq6AXfEmciWtKacjW/
HhMoLxHIk7iU1hWwifdEx23S8Z99KANRZj1VW3PVyvPOn6foenA8HUN33KC7//0a
b7X4ItQB5voB9QcJ3nngFVR6KvY2XYHIyZ+ScyuPmfLpU5fT8FJyZa4vlYO/AT+k
5HymRyLJFSF0LK4xYuhw6CS/f1cWAR3uQUcytewQ1kv4CMEaLfguUA31zNacqAFw
On5vlFc5JcOs28fiT4+vxrCEpGPfZ4BLkp2nKNshtQBdDzY5N/fsUGVemjsj0g1r
MQ+H4Q==
-----END CERTIFICATE-----
Generated at Wed Oct 30 19:19:40 2024 by rpki-client on console-ams.rpki-client.org