Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F349D/1996353601D611ED92E11E46C4F9AE02/5432625C01D911EDA7CC764DC4F9AE02.roa
File: 5432625C01D911EDA7CC764DC4F9AE02.roa (raw, json)
Hash identifier: Ny/wCxB7Id9pJJ3kuLW40Y8+2yLLlKEO5bo5n1rG6G4=
Subject key identifier: 45:63:E9:F1:36:9D:9D:29:8C:02:E6:7D:3F:5A:32:A8:C6:5F:F8:02
Certificate issuer: /CN=A91F349D/serialNumber=F811081125A6E8788582E8D0E3AAD7C6C1D19F99
Certificate serial: 0197
Authority key identifier: F8:11:08:11:25:A6:E8:78:85:82:E8:D0:E3:AA:D7:C6:C1:D1:9F:99
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-BEIESWm6HiFgujQ46rXxsHRn5k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F349D/1996353601D611ED92E11E46C4F9AE02/5432625C01D911EDA7CC764DC4F9AE02.roa
Signing time: Mon 01 Jan 2024 04:05:27 +0000
ROA not before: Mon 01 Jan 2024 04:05:27 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 59218
IP address blocks: 103.243.72.0/24 maxlen: 24
103.243.73.0/24 maxlen: 24
103.243.74.0/24 maxlen: 24
103.243.75.0/24 maxlen: 24
2001:df4:f000::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 19 Feb 2024 09:16:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 407 (0x197)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F349D/serialNumber=F811081125A6E8788582E8D0E3AAD7C6C1D19F99
Validity
Not Before: Jan 1 04:05:27 2024 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=65923a07-eb70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:6e:60:3d:f7:6b:41:99:41:d0:3e:a9:e4:17:
f6:3b:29:4e:46:9c:75:ec:2a:a0:5b:f0:ab:ee:31:
98:0c:cd:3f:cc:9d:6b:88:14:84:e2:c0:ae:d5:fb:
91:4e:53:5d:1e:d6:03:2a:0e:a6:87:3e:69:27:6c:
9f:2b:5a:d9:a5:07:62:a7:15:32:38:c8:6a:9a:2b:
ea:6c:4d:75:17:8e:84:f5:70:a3:8b:ef:a1:7e:6f:
ef:de:98:98:ce:4b:ac:13:4c:af:d7:09:36:7a:67:
be:3a:9a:ec:f3:ac:d6:92:b6:48:c3:5a:bf:a1:c0:
de:e5:9a:6d:d8:32:9e:9b:72:4b:83:8c:83:b7:01:
63:f7:09:37:57:63:e2:ac:1d:96:bb:28:39:e4:47:
85:f3:76:c7:22:27:09:aa:66:ca:6a:3f:02:4e:b2:
63:07:7c:be:54:89:86:7f:bb:c2:91:86:3d:09:2f:
f1:73:93:21:68:5a:58:21:e0:00:81:b1:ba:d1:7e:
f1:47:5b:e3:3f:3a:8e:68:74:a8:94:0f:64:dd:47:
c6:c0:45:4e:34:3a:a9:54:33:b2:6b:e2:f4:a9:18:
f1:1d:d7:ce:fd:82:6e:ac:24:93:b0:91:1b:5c:62:
3b:28:fb:d8:6b:51:9a:a2:9d:bf:bb:8f:e2:c5:da:
c2:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:63:E9:F1:36:9D:9D:29:8C:02:E6:7D:3F:5A:32:A8:C6:5F:F8:02
X509v3 Authority Key Identifier:
keyid:F8:11:08:11:25:A6:E8:78:85:82:E8:D0:E3:AA:D7:C6:C1:D1:9F:99
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F349D/1996353601D611ED92E11E46C4F9AE02/-BEIESWm6HiFgujQ46rXxsHRn5k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-BEIESWm6HiFgujQ46rXxsHRn5k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F349D/1996353601D611ED92E11E46C4F9AE02/5432625C01D911EDA7CC764DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.243.72.0/22
IPv6:
2001:df4:f000::/48
Signature Algorithm: sha256WithRSAEncryption
65:08:73:9c:5f:62:f6:ab:06:24:a9:00:59:4f:d6:e5:02:62:
34:d6:60:ff:4e:23:aa:93:52:63:59:7b:d6:58:e1:9d:ce:ac:
0d:75:3a:65:ff:2c:ea:b4:15:bc:df:00:50:c6:08:d1:3d:07:
4e:e6:1e:04:9b:18:6b:a8:7c:ca:6e:03:1d:9e:9f:88:04:75:
b3:2b:43:56:aa:9d:5a:ae:b5:57:12:25:39:5d:1d:ae:08:7d:
86:92:ee:c7:36:e2:11:65:29:ab:42:52:a8:be:9f:65:7a:52:
87:0f:c9:f0:2f:57:a4:73:6a:58:92:7f:f9:1c:e3:15:7b:89:
8a:1a:fe:40:1d:91:1e:60:05:0b:67:be:82:df:3a:d9:09:b9:
0d:12:94:9b:15:16:6d:a7:a0:b1:c2:75:71:8e:a9:26:63:0b:
5d:ed:97:f8:3c:ce:67:8c:27:6d:ae:7e:fc:02:46:e9:31:dd:
a4:b9:90:36:1e:4a:43:77:0c:61:f8:3e:ec:22:05:f3:c7:a3:
cb:e9:18:c7:93:31:41:82:0b:e7:56:0d:d8:53:db:d8:5b:09:
b4:38:2a:a4:76:a5:eb:99:c0:c7:4f:ee:8c:2c:0e:20:80:fa:
92:c4:c4:88:99:c9:5a:3f:a9:14:a2:05:cd:da:af:96:f8:d9:
52:66:bf:32
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjM0OUQxMTAvBgNVBAUTKEY4MTEwODExMjVBNkU4Nzg4NTgyRThEMEUzQUFEN0M2
QzFEMTlGOTkwHhcNMjQwMTAxMDQwNTI3WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTkyM2EwNy1lYjcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA225gPfdrQZlB0D6p5Bf2OylORpx17CqgW/Cr7jGYDM0/zJ1riBSE4sCu1fuR
TlNdHtYDKg6mhz5pJ2yfK1rZpQdipxUyOMhqmivqbE11F46E9XCji++hfm/v3piY
zkusE0yv1wk2eme+Oprs86zWkrZIw1q/ocDe5Zpt2DKem3JLg4yDtwFj9wk3V2Pi
rB2Wuyg55EeF83bHIicJqmbKaj8CTrJjB3y+VImGf7vCkYY9CS/xc5MhaFpYIeAA
gbG60X7xR1vjPzqOaHSolA9k3UfGwEVONDqpVDOya+L0qRjxHdfO/YJurCSTsJEb
XGI7KPvYa1Gaop2/u4/ixdrCnQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFEVj6fE2
nZ0pjALmfT9aMqjGX/gCMB8GA1UdIwQYMBaAFPgRCBElpuh4hYLo0OOq18bB0Z+Z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMzQ5RC8xOTk2MzUzNjAx
RDYxMUVEOTJFMTFFNDZDNEY5QUUwMi8tQkVJRVNXbTZIaUZndWpRNDZyWHhzSFJu
NWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1CRUlFU1dtNkhpRmd1alE0NnJYeHNIUm41ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjM0OUQvMTk5NjM1MzYwMUQ2MTFFRDkyRTExRTQ2QzRGOUFFMDIvNTQzMjYyNUMw
MUQ5MTFFREE3Q0M3NjREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAJn80gwDwQCAAIwCQMHACABDfTwADANBgkqhkiG9w0BAQsF
AAOCAQEAZQhznF9i9qsGJKkAWU/W5QJiNNZg/04jqpNSY1l71ljhnc6sDXU6Zf8s
6rQVvN8AUMYI0T0HTuYeBJsYa6h8ym4DHZ6fiAR1sytDVqqdWq61VxIlOV0drgh9
hpLuxzbiEWUpq0JSqL6fZXpShw/J8C9XpHNqWJJ/+RzjFXuJihr+QB2RHmAFC2e+
gt862Qm5DRKUmxUWbaegscJ1cY6pJmMLXe2X+DzOZ4wnba5+/AJG6THdpLmQNh5K
Q3cMYfg+7CIF88ejy+kYx5MxQYIL51YN2FPb2FsJtDgqpHal65nAx0/ujCwOIID6
ksTEiJnJWj+pFKIFzdqvlvjZUma/Mg==
-----END CERTIFICATE-----
Generated at Mon Feb 19 12:16:53 2024 by rpki-client on console-ams.rpki-client.org