Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9133CD2/45F3AA7EAC1611EDB947B860C4F9AE02/19EC3DA4180011EFA54E0D68C4F9AE02.roa
File: 19EC3DA4180011EFA54E0D68C4F9AE02.roa (raw, json)
Hash identifier: 63CrQ4mYG/Ikv0PtXnggjiQpcA47L5AXL/lv/rxvvVY=
Subject key identifier: 25:47:86:C4:7E:F0:CA:6D:2B:53:FF:12:05:4A:61:F0:E6:53:A9:26
Certificate issuer: /CN=A9133CD2/serialNumber=9AAC156FA918B4305741DAE9D5DBA2933746CE87
Certificate serial: 013A
Authority key identifier: 9A:AC:15:6F:A9:18:B4:30:57:41:DA:E9:D5:DB:A2:93:37:46:CE:87
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mqwVb6kYtDBXQdrp1duikzdGzoc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9133CD2/45F3AA7EAC1611EDB947B860C4F9AE02/19EC3DA4180011EFA54E0D68C4F9AE02.roa
Signing time: Thu 26 Sep 2024 09:21:25 +0000
ROA not before: Thu 26 Sep 2024 09:21:25 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 135345
IP address blocks: 103.179.144.0/24 maxlen: 24
103.179.145.0/24 maxlen: 24
2400:4ce0::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 27 Sep 2024 05:40:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 314 (0x13a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9133CD2/serialNumber=9AAC156FA918B4305741DAE9D5DBA2933746CE87
Validity
Not Before: Sep 26 09:21:25 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=66f52795-2367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:7a:05:77:8e:5c:36:23:25:fe:8c:1e:c2:a7:
0e:74:50:a2:ee:b9:83:17:d4:d0:a7:8b:f2:f9:96:
e4:06:98:03:34:e2:67:61:5f:37:49:01:f4:09:ae:
51:17:53:f2:ba:e4:86:90:b2:b2:0b:bc:b4:e9:a6:
81:30:20:93:df:cd:d2:ab:e2:56:a5:64:e1:8d:f3:
2b:d2:df:45:f7:ca:50:01:07:0b:1d:df:b3:57:bf:
22:0a:06:fb:c0:8f:6c:c8:e6:24:c7:04:92:ac:11:
e4:11:c0:93:a6:f3:9e:13:26:35:a4:02:6d:c8:2b:
9a:37:ab:c1:85:eb:e6:0e:ba:eb:b4:2f:63:fa:06:
75:51:95:62:78:0a:e8:83:56:2f:c4:68:f7:77:fe:
aa:a4:ee:5e:1d:cf:ed:c8:8b:65:5e:99:ea:fb:4a:
eb:aa:1c:7e:c7:87:b4:de:08:97:93:2b:9d:04:3e:
c3:fb:e5:c5:98:cf:ae:af:d7:af:0e:5a:e5:40:05:
d5:dc:57:5a:ce:cf:84:e1:9d:a3:51:19:33:b3:2c:
ed:57:b6:c4:fa:3e:3a:5a:ff:9e:1c:e6:18:55:88:
25:01:d6:ad:8e:bb:68:b5:31:9f:de:5c:ae:a6:ed:
96:52:53:ad:89:af:7c:96:84:79:47:4e:a8:6e:f4:
3f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:47:86:C4:7E:F0:CA:6D:2B:53:FF:12:05:4A:61:F0:E6:53:A9:26
X509v3 Authority Key Identifier:
keyid:9A:AC:15:6F:A9:18:B4:30:57:41:DA:E9:D5:DB:A2:93:37:46:CE:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9133CD2/45F3AA7EAC1611EDB947B860C4F9AE02/mqwVb6kYtDBXQdrp1duikzdGzoc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mqwVb6kYtDBXQdrp1duikzdGzoc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9133CD2/45F3AA7EAC1611EDB947B860C4F9AE02/19EC3DA4180011EFA54E0D68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.144.0/23
IPv6:
2400:4ce0::/32
Signature Algorithm: sha256WithRSAEncryption
73:f1:a5:c9:58:4c:66:5e:ea:22:d8:b6:93:55:b3:08:69:d4:
fe:5f:e7:be:87:fd:6f:d4:fe:e2:4d:ae:78:b7:70:cd:06:94:
f5:9a:8f:dd:f2:21:e7:aa:dd:c3:97:e2:69:39:eb:2b:3b:4b:
94:9f:c1:f0:86:92:6c:44:74:32:74:ab:35:b9:24:78:02:ad:
14:09:fe:e3:82:25:48:e3:67:f4:ab:a0:01:82:19:0d:a7:9d:
ad:52:00:52:07:90:8d:4e:1c:f0:92:ee:40:b8:ab:12:95:24:
18:df:97:eb:17:7b:14:77:cc:ba:df:00:3f:7b:56:41:83:d0:
60:d7:51:77:7b:98:65:ab:81:e1:d1:16:43:03:92:86:74:11:
c4:35:04:d9:2f:87:8a:d9:72:06:c1:f9:42:20:11:20:53:1d:
af:7c:04:f4:a2:83:1a:bd:d4:97:fb:93:0a:b2:b6:e1:62:6e:
e7:43:4b:76:c2:2e:7d:b4:85:b6:17:2c:17:ca:1a:d9:20:00:
95:2e:db:4f:b4:64:e9:22:97:67:b7:b9:ea:b3:70:7b:c6:52:
88:d6:f2:24:14:95:78:6c:30:a9:12:6f:1d:73:05:2b:a9:d4:
5f:05:5c:2f:02:6a:2d:03:3b:2c:ce:d0:4e:de:dd:5f:d1:fa:
58:c9:e2:30
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICATowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzNDRDIxMTAvBgNVBAUTKDlBQUMxNTZGQTkxOEI0MzA1NzQxREFFOUQ1REJBMjkz
Mzc0NkNFODcwHhcNMjQwOTI2MDkyMTI1WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY1Mjc5NS0yMzY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6XoFd45cNiMl/owewqcOdFCi7rmDF9TQp4vy+ZbkBpgDNOJnYV83SQH0Ca5R
F1PyuuSGkLKyC7y06aaBMCCT383Sq+JWpWThjfMr0t9F98pQAQcLHd+zV78iCgb7
wI9syOYkxwSSrBHkEcCTpvOeEyY1pAJtyCuaN6vBhevmDrrrtC9j+gZ1UZVieAro
g1YvxGj3d/6qpO5eHc/tyItlXpnq+0rrqhx+x4e03giXkyudBD7D++XFmM+ur9ev
DlrlQAXV3Fdazs+E4Z2jURkzsyztV7bE+j46Wv+eHOYYVYglAdatjrtotTGf3lyu
pu2WUlOtia98loR5R06obvQ/RwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFCVHhsR+
8MptK1P/EgVKYfDmU6kmMB8GA1UdIwQYMBaAFJqsFW+pGLQwV0Ha6dXbopM3Rs6H
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzM0NEMi80NUYzQUE3RUFD
MTYxMUVEQjk0N0I4NjBDNEY5QUUwMi9tcXdWYjZrWXREQlhRZHJwMWR1aWt6ZEd6
b2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21xd1ZiNmtZdERCWFFkcnAxZHVpa3pkR3pvYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzNDRDIvNDVGM0FBN0VBQzE2MTFFREI5NDdCODYwQzRGOUFFMDIvMTlFQzNEQTQx
ODAwMTFFRkE1NEUwRDY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFns5AwDQQCAAIwBwMFACQATOAwDQYJKoZIhvcNAQELBQAD
ggEBAHPxpclYTGZe6iLYtpNVswhp1P5f576H/W/U/uJNrni3cM0GlPWaj93yIeeq
3cOX4mk56ys7S5SfwfCGkmxEdDJ0qzW5JHgCrRQJ/uOCJUjjZ/SroAGCGQ2nna1S
AFIHkI1OHPCS7kC4qxKVJBjfl+sXexR3zLrfAD97VkGD0GDXUXd7mGWrgeHRFkMD
koZ0EcQ1BNkvh4rZcgbB+UIgESBTHa98BPSigxq91Jf7kwqytuFibudDS3bCLn20
hbYXLBfKGtkgAJUu20+0ZOkil2e3ueqzcHvGUojW8iQUlXhsMKkSbx1zBSup1F8F
XC8Cai0DOyzO0E7e3V/R+ljJ4jA=
-----END CERTIFICATE-----
Generated at Fri Sep 27 09:13:58 2024 by rpki-client on console-ams.rpki-client.org