Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/8693111C5B4611EDB3C1D217C4F9AE02.roa
File: 8693111C5B4611EDB3C1D217C4F9AE02.roa (raw, json)
Hash identifier: H5EnjejStFDnqY2VCsGYCtkM4UD6on8T0KdQ8bxRBtE=
Subject key identifier: BE:CE:B5:8C:56:38:43:E5:86:67:3F:FF:F8:BC:66:FF:01:C5:3E:31
Certificate issuer: /CN=A912438F/serialNumber=C888D1EEE04BEF3E815F09DDFA19193D699B4F47
Certificate serial: 065F
Authority key identifier: C8:88:D1:EE:E0:4B:EF:3E:81:5F:09:DD:FA:19:19:3D:69:9B:4F:47
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yIjR7uBL7z6BXwnd-hkZPWmbT0c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/8693111C5B4611EDB3C1D217C4F9AE02.roa
Signing time: Fri 12 Jan 2024 23:10:48 +0000
ROA not before: Fri 12 Jan 2024 23:10:48 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 139325
IP address blocks: 103.158.158.0/23 maxlen: 23
103.158.158.0/24 maxlen: 24
103.158.159.0/24 maxlen: 24
2001:df5:5b80::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 01 Feb 2024 18:06:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1631 (0x65f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912438F/serialNumber=C888D1EEE04BEF3E815F09DDFA19193D699B4F47
Validity
Not Before: Jan 12 23:10:48 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65a1c6f8-5884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b5:02:52:cf:92:05:84:7a:ca:da:41:72:3a:
2d:96:07:74:5b:4a:78:df:cb:b6:83:94:39:53:f6:
81:85:42:06:3b:81:14:af:94:03:c2:c7:83:9d:71:
ed:92:1a:09:82:16:e2:af:f6:3c:cf:07:5d:f1:0f:
31:48:63:72:8f:8e:58:4d:73:4f:a6:98:df:ef:14:
30:1a:58:bb:05:38:31:d0:1f:d6:2f:5e:b7:ad:a3:
6c:20:a5:d2:24:db:56:d3:72:69:f5:87:bf:23:4a:
3e:93:63:be:e6:72:f8:a8:c4:ea:b9:c7:1d:b1:c6:
7d:bc:2d:9d:74:dd:d9:98:49:16:0e:83:e5:57:ca:
34:d5:c6:f6:fa:09:e8:fb:ec:4c:ff:c0:47:7f:7b:
c0:5c:fe:0d:e7:84:97:ac:5d:23:c4:63:7c:8a:15:
80:ac:db:07:f3:66:2c:6c:64:f0:96:04:22:41:b0:
ff:a9:fd:a8:8d:af:11:64:0a:2b:10:e3:02:a6:26:
6d:e0:df:41:40:6b:bd:36:75:4c:cc:7a:b4:38:07:
ec:6f:f4:af:7b:d9:e9:43:48:f6:24:79:eb:4a:2e:
79:7d:f3:47:66:15:36:45:48:e3:96:8f:76:9c:85:
e7:9d:cb:b6:b4:f3:31:e5:ea:a0:71:a3:85:a3:30:
93:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:CE:B5:8C:56:38:43:E5:86:67:3F:FF:F8:BC:66:FF:01:C5:3E:31
X509v3 Authority Key Identifier:
keyid:C8:88:D1:EE:E0:4B:EF:3E:81:5F:09:DD:FA:19:19:3D:69:9B:4F:47
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/yIjR7uBL7z6BXwnd-hkZPWmbT0c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yIjR7uBL7z6BXwnd-hkZPWmbT0c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/8693111C5B4611EDB3C1D217C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.158.158.0/23
IPv6:
2001:df5:5b80::/48
Signature Algorithm: sha256WithRSAEncryption
a2:17:f9:1b:81:c2:5c:40:8e:fb:45:46:1a:37:47:17:c3:9e:
20:94:8f:a5:36:59:a2:a7:ec:2f:bd:80:3b:d2:47:0d:85:6b:
6b:fe:c2:d7:dc:b8:12:59:66:15:3f:36:29:36:d7:77:ef:52:
8c:7b:dd:2a:c4:c0:4e:e8:06:a1:69:52:75:af:d7:da:e8:85:
76:d1:d0:7d:62:67:d7:27:24:1e:09:11:ad:f8:ff:46:b5:33:
f8:8c:4a:d9:74:4a:5a:8c:8c:f8:cd:06:6c:d0:5f:4c:ac:cb:
02:3b:70:77:04:49:ff:f1:43:20:db:af:6a:b2:99:a5:dc:0d:
35:d1:b2:e3:eb:c2:15:00:66:41:8c:ee:f1:ab:7b:0d:73:ae:
76:30:44:48:68:ed:e8:9d:a8:84:6c:4b:68:20:dd:cd:4a:23:
52:0e:a4:b2:6e:77:10:94:89:39:fb:dc:fe:e0:9e:05:40:4c:
35:98:e4:06:f3:e3:b1:2d:81:80:2d:26:07:b7:8c:5e:c2:df:
17:2f:a4:c2:43:95:40:a9:d2:5e:24:98:7b:ac:63:14:98:50:
8b:ef:02:a4:6c:a9:e5:54:12:3a:0a:14:27:ae:14:2a:06:4f:
d9:82:2a:3d:2e:2f:83:0f:4f:01:3a:50:d8:5a:45:fd:fa:7d:
3c:ac:56:a3
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBl8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQzOEYxMTAvBgNVBAUTKEM4ODhEMUVFRTA0QkVGM0U4MTVGMDlEREZBMTkxOTNE
Njk5QjRGNDcwHhcNMjQwMTEyMjMxMDQ4WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWExYzZmOC01ODg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA17UCUs+SBYR6ytpBcjotlgd0W0p438u2g5Q5U/aBhUIGO4EUr5QDwseDnXHt
khoJghbir/Y8zwdd8Q8xSGNyj45YTXNPppjf7xQwGli7BTgx0B/WL163raNsIKXS
JNtW03Jp9Ye/I0o+k2O+5nL4qMTquccdscZ9vC2ddN3ZmEkWDoPlV8o01cb2+gno
++xM/8BHf3vAXP4N54SXrF0jxGN8ihWArNsH82YsbGTwlgQiQbD/qf2oja8RZAor
EOMCpiZt4N9BQGu9NnVMzHq0OAfsb/Sve9npQ0j2JHnrSi55ffNHZhU2RUjjlo92
nIXnncu2tPMx5eqgcaOFozCTzQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFL7OtYxW
OEPlhmc///i8Zv8BxT4xMB8GA1UdIwQYMBaAFMiI0e7gS+8+gV8J3foZGT1pm09H
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDM4Ri9DNzU5MEJENjI1
QUUxMUVCOEVFQzIyMEFDNEY5QUUwMi95SWpSN3VCTDd6NkJYd25kLWhrWlBXbWJU
MGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lJalI3dUJMN3o2Qlh3bmQtaGtaUFdtYlQwYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQzOEYvQzc1OTBCRDYyNUFFMTFFQjhFRUMyMjBBQzRGOUFFMDIvODY5MzExMUM1
QjQ2MTFFREIzQzFEMjE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnnp4wDwQCAAIwCQMHACABDfVbgDANBgkqhkiG9w0BAQsF
AAOCAQEAohf5G4HCXECO+0VGGjdHF8OeIJSPpTZZoqfsL72AO9JHDYVra/7C19y4
EllmFT82KTbXd+9SjHvdKsTATugGoWlSda/X2uiFdtHQfWJn1yckHgkRrfj/RrUz
+IxK2XRKWoyM+M0GbNBfTKzLAjtwdwRJ//FDINuvarKZpdwNNdGy4+vCFQBmQYzu
8at7DXOudjBESGjt6J2ohGxLaCDdzUojUg6ksm53EJSJOfvc/uCeBUBMNZjkBvPj
sS2BgC0mB7eMXsLfFy+kwkOVQKnSXiSYe6xjFJhQi+8CpGyp5VQSOgoUJ64UKgZP
2YIqPS4vgw9PATpQ2FpF/fp9PKxWow==
-----END CERTIFICATE-----
Generated at Thu Feb 1 22:03:28 2024 by rpki-client on console-ams.rpki-client.org