Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/36D1F466905311EE97D9203CC4F9AE02.roa
File: 36D1F466905311EE97D9203CC4F9AE02.roa (raw, json)
Hash identifier: 6eY8jLOr1HCehQn2/2+gAp/axleMNzcbUJwoeZpLOnY=
Subject key identifier: EB:CB:79:61:3A:C4:42:AC:86:47:0E:63:4A:7F:E9:79:81:15:03:17
Certificate issuer: /CN=A916D8D9/serialNumber=031C9C26E5BAB1B01AF18A0BB1B970AB5773456B
Certificate serial: 04E4
Authority key identifier: 03:1C:9C:26:E5:BA:B1:B0:1A:F1:8A:0B:B1:B9:70:AB:57:73:45:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AxycJuW6sbAa8YoLsblwq1dzRWs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/36D1F466905311EE97D9203CC4F9AE02.roa
Signing time: Fri 29 Dec 2023 00:42:45 +0000
ROA not before: Fri 29 Dec 2023 00:42:45 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 150177
IP address blocks: 103.79.16.0/24 maxlen: 24
103.79.18.0/24 maxlen: 24
122.50.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 15:44:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1252 (0x4e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916D8D9/serialNumber=031C9C26E5BAB1B01AF18A0BB1B970AB5773456B
Validity
Not Before: Dec 29 00:42:45 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=658e1604-172a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bb:06:a5:20:c4:cc:43:0f:38:e3:e0:00:65:
4e:70:2c:73:81:60:19:08:33:8e:ba:44:83:6e:92:
0e:24:c6:3d:a1:fb:42:fb:9f:2d:ad:81:31:13:95:
43:10:c1:0d:d5:73:22:52:95:5f:8d:80:91:98:da:
ef:19:e4:8d:17:d7:b6:15:58:08:34:8b:72:a8:de:
73:a9:4b:7d:d6:13:98:0e:74:a2:9e:a4:73:9e:3c:
92:f9:10:47:14:90:6f:69:0b:11:06:73:df:11:b2:
0e:74:8d:13:8c:a6:e2:8b:9c:36:15:fb:54:b2:e0:
20:f8:95:ee:2b:90:ef:61:ef:da:b1:b2:65:10:a2:
f2:3e:c3:0f:e2:34:ee:c5:12:55:5d:4a:66:fa:91:
6e:9b:8d:94:9a:6b:42:d5:90:de:73:f1:91:9a:19:
67:a3:0f:da:7e:a2:f3:5e:7c:b3:26:38:1f:74:58:
26:40:9d:94:80:7b:73:a1:ad:ab:76:4c:09:88:22:
3e:96:7e:03:e9:72:c0:e5:92:2c:19:07:2d:8d:06:
98:31:f5:0c:3b:03:00:25:29:0a:fc:d2:19:a2:e7:
e5:d3:d8:6c:47:37:3f:0c:03:17:99:80:41:ff:10:
48:23:c0:8b:bf:0f:7b:45:6b:5e:89:11:fd:f8:50:
44:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:CB:79:61:3A:C4:42:AC:86:47:0E:63:4A:7F:E9:79:81:15:03:17
X509v3 Authority Key Identifier:
keyid:03:1C:9C:26:E5:BA:B1:B0:1A:F1:8A:0B:B1:B9:70:AB:57:73:45:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/AxycJuW6sbAa8YoLsblwq1dzRWs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AxycJuW6sbAa8YoLsblwq1dzRWs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/36D1F466905311EE97D9203CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.79.16.0/24
103.79.18.0/24
122.50.3.0/24
Signature Algorithm: sha256WithRSAEncryption
18:4d:97:51:54:7e:ca:97:0e:47:91:b7:1b:55:44:7a:a4:80:
6d:83:64:2e:e0:5a:bb:69:6c:61:1d:aa:81:e9:3d:86:a3:b7:
5d:96:3b:f9:0c:08:bf:43:cd:25:da:c5:78:b6:48:42:13:e7:
7a:d8:3d:2d:42:bb:fe:3d:a0:df:8a:cd:ab:ce:f2:3b:1a:74:
7b:84:21:da:9f:f1:b0:c5:0e:59:55:74:e5:0d:85:f2:8b:dc:
7c:b2:b3:1a:b8:10:9a:25:fb:79:ed:de:d0:a3:98:6c:22:ff:
77:03:b1:13:14:61:11:1f:21:67:95:ce:6b:16:27:55:f5:46:
3d:4e:39:6b:38:af:94:7c:da:aa:17:3d:2f:1c:0c:5e:e4:7b:
75:65:bc:6b:10:74:c8:12:74:8d:d2:24:f3:12:ed:b3:81:5b:
3c:ab:ab:18:ab:4a:7f:fa:cf:6a:58:b7:20:58:c9:19:4c:7d:
7f:60:c2:bd:3e:6e:65:00:31:89:bf:f0:cb:c8:fc:f3:3f:49:
f6:6b:ec:7f:c3:a6:bf:81:0b:80:2f:ca:71:c7:19:c4:6e:b5:
f6:3b:95:cd:dc:33:b2:1c:69:f7:92:b0:63:19:f0:ab:58:30:
65:b2:c3:7c:95:8b:2d:54:bc:a8:f4:2d:fe:ea:24:6f:c0:a0:
bf:fb:aa:f6
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBOQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQ4RDkxMTAvBgNVBAUTKDAzMUM5QzI2RTVCQUIxQjAxQUYxOEEwQkIxQjk3MEFC
NTc3MzQ1NkIwHhcNMjMxMjI5MDA0MjQ1WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NThlMTYwNC0xNzJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv7sGpSDEzEMPOOPgAGVOcCxzgWAZCDOOukSDbpIOJMY9oftC+58trYExE5VD
EMEN1XMiUpVfjYCRmNrvGeSNF9e2FVgINItyqN5zqUt91hOYDnSinqRznjyS+RBH
FJBvaQsRBnPfEbIOdI0TjKbii5w2FftUsuAg+JXuK5DvYe/asbJlEKLyPsMP4jTu
xRJVXUpm+pFum42UmmtC1ZDec/GRmhlnow/afqLzXnyzJjgfdFgmQJ2UgHtzoa2r
dkwJiCI+ln4D6XLA5ZIsGQctjQaYMfUMOwMAJSkK/NIZoufl09hsRzc/DAMXmYBB
/xBII8CLvw97RWteiRH9+FBEUwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFOvLeWE6
xEKshkcOY0p/6XmBFQMXMB8GA1UdIwQYMBaAFAMcnCblurGwGvGKC7G5cKtXc0Vr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDhEOS81NDgzQkZCNkM4
RkIxMUVCQkE1QkFFNTFDNEY5QUUwMi9BeHljSnVXNnNiQWE4WW9Mc2Jsd3ExZHpS
V3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0F4eWNKdVc2c2JBYThZb0xzYmx3cTFkelJXcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQ4RDkvNTQ4M0JGQjZDOEZCMTFFQkJBNUJBRTUxQzRGOUFFMDIvMzZEMUY0NjY5
MDUzMTFFRTk3RDkyMDNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABnTxADBABnTxIDBAB6MgMwDQYJKoZIhvcNAQELBQADggEB
ABhNl1FUfsqXDkeRtxtVRHqkgG2DZC7gWrtpbGEdqoHpPYajt12WO/kMCL9DzSXa
xXi2SEIT53rYPS1Cu/49oN+KzavO8jsadHuEIdqf8bDFDllVdOUNhfKL3Hyysxq4
EJol+3nt3tCjmGwi/3cDsRMUYREfIWeVzmsWJ1X1Rj1OOWs4r5R82qoXPS8cDF7k
e3VlvGsQdMgSdI3SJPMS7bOBWzyrqxirSn/6z2pYtyBYyRlMfX9gwr0+bmUAMYm/
8MvI/PM/SfZr7H/Dpr+BC4AvynHHGcRutfY7lc3cM7IcafeSsGMZ8KtYMGWyw3yV
iy1UvKj0Lf7qJG/AoL/7qvY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org