Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2456/458009AC2CBF11EC91C4E016C4F9AE02/0180A79E2D3611EC9886BD35C4F9AE02.roa
File: 0180A79E2D3611EC9886BD35C4F9AE02.roa (raw, json)
Hash identifier: HcqrKeBpGnRcSypXXxoGPYyBCk9QQ5ORhtwwtfH8liM=
Subject key identifier: 9F:69:48:91:E6:85:A1:8E:A9:88:C9:DE:3A:31:E7:C5:0B:0C:FD:AE
Certificate issuer: /CN=A91B2456/serialNumber=5D92576D45D27F3D15535499D40CC97E4293A968
Certificate serial: 03E6
Authority key identifier: 5D:92:57:6D:45:D2:7F:3D:15:53:54:99:D4:0C:C9:7E:42:93:A9:68
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XZJXbUXSfz0VU1SZ1AzJfkKTqWg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B2456/458009AC2CBF11EC91C4E016C4F9AE02/0180A79E2D3611EC9886BD35C4F9AE02.roa
Signing time: Wed 03 Apr 2024 02:34:48 +0000
ROA not before: Wed 03 Apr 2024 02:34:48 +0000
ROA not after: Thu 01 Aug 2024 00:00:00 +0000
asID: 147305
IP address blocks: 103.174.156.0/24 maxlen: 24
103.174.157.0/24 maxlen: 24
2400:1420:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Sun 28 Apr 2024 22:45:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 998 (0x3e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B2456/serialNumber=5D92576D45D27F3D15535499D40CC97E4293A968
Validity
Not Before: Apr 3 02:34:48 2024 GMT
Not After : Aug 1 00:00:00 2024 GMT
Subject: CN=660cc048-cd4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:99:1d:2a:b4:e6:2a:0f:34:cd:33:77:18:9f:
ed:42:7a:6c:43:20:03:4c:a5:d8:e1:df:b8:98:b6:
b2:c1:5a:f2:e0:04:6a:ce:48:c6:50:a9:e5:07:6a:
2b:be:76:24:4d:f2:24:cc:55:72:44:40:4a:17:9f:
b7:f9:d0:53:be:af:5f:2b:ea:18:38:20:6d:6f:d8:
9d:04:9e:b0:1a:81:7c:cc:a7:35:ff:9d:6f:2b:38:
68:d0:85:7f:7d:bf:ee:fc:2e:b1:41:f4:31:f4:b6:
94:6c:13:24:bc:d1:13:8b:5d:84:d0:9d:f1:91:5d:
50:40:dd:42:2e:ac:29:79:06:2b:9a:69:7c:5d:b1:
73:c4:f8:42:21:10:89:ce:61:d1:36:1b:cf:0f:55:
37:69:21:76:4f:8e:08:7f:c4:05:e1:5d:fb:00:8d:
db:4b:c2:9d:b9:2d:b8:bb:c5:c7:cf:64:e4:a3:94:
cc:c8:3f:a6:02:25:8c:2f:81:b0:7c:bb:68:f0:10:
f0:83:c5:e2:57:19:f9:6e:b6:80:2e:c8:90:d7:05:
11:bd:99:57:b7:4a:b0:41:68:de:78:cd:fd:7d:bd:
b2:60:61:e4:fb:bb:4c:83:d7:e8:ac:e0:1e:b9:27:
ba:d3:37:7a:50:c3:61:af:7a:47:fa:4c:7f:2a:e5:
fe:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:69:48:91:E6:85:A1:8E:A9:88:C9:DE:3A:31:E7:C5:0B:0C:FD:AE
X509v3 Authority Key Identifier:
keyid:5D:92:57:6D:45:D2:7F:3D:15:53:54:99:D4:0C:C9:7E:42:93:A9:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B2456/458009AC2CBF11EC91C4E016C4F9AE02/XZJXbUXSfz0VU1SZ1AzJfkKTqWg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XZJXbUXSfz0VU1SZ1AzJfkKTqWg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2456/458009AC2CBF11EC91C4E016C4F9AE02/0180A79E2D3611EC9886BD35C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.156.0/23
IPv6:
2400:1420:1000::/36
Signature Algorithm: sha256WithRSAEncryption
70:37:8a:d3:44:51:bb:32:8e:87:45:a3:f7:48:0b:64:52:ff:
39:14:d0:41:7d:2d:aa:e5:bc:ad:1a:64:1a:5f:a9:c3:f5:7a:
62:13:dd:3d:6e:5c:90:70:0f:a7:f1:25:3e:37:ea:c2:55:b1:
6a:18:79:cb:de:0b:83:aa:f3:ba:79:f0:dd:eb:10:51:b6:9c:
79:c4:50:b9:3b:d5:46:e3:26:5c:af:50:2f:95:72:22:31:e9:
50:37:6f:83:58:8b:01:38:df:c8:b1:ec:0f:4b:4e:21:21:23:
e0:1b:dd:86:9d:7e:94:1c:18:93:c5:b7:c0:8b:d5:69:02:1b:
fc:ba:4c:54:24:c9:aa:72:4f:be:99:46:26:f4:a7:d6:76:d8:
8d:ce:67:18:87:06:ec:66:ad:eb:f3:16:91:50:48:3b:e4:ec:
28:8f:70:39:b7:6c:cd:c8:80:6e:ff:17:86:30:f8:f8:c6:23:
8b:c1:9e:5e:ee:3b:2b:4b:f0:24:4d:74:65:a2:2f:29:0a:e1:
f0:aa:20:00:cd:21:d6:05:00:97:da:14:43:02:f5:27:0e:34:
72:14:6c:fb:3f:94:82:23:56:97:c2:4e:5f:4a:97:39:f2:91:
0b:66:bf:e7:81:47:2d:10:37:83:ed:b0:47:ac:6c:01:7a:8f:
84:2e:24:ec
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICA+YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjI0NTYxMTAvBgNVBAUTKDVEOTI1NzZENDVEMjdGM0QxNTUzNTQ5OUQ0MENDOTdF
NDI5M0E5NjgwHhcNMjQwNDAzMDIzNDQ4WhcNMjQwODAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBjYzA0OC1jZDRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2pkdKrTmKg80zTN3GJ/tQnpsQyADTKXY4d+4mLaywVry4ARqzkjGUKnlB2or
vnYkTfIkzFVyREBKF5+3+dBTvq9fK+oYOCBtb9idBJ6wGoF8zKc1/51vKzho0IV/
fb/u/C6xQfQx9LaUbBMkvNETi12E0J3xkV1QQN1CLqwpeQYrmml8XbFzxPhCIRCJ
zmHRNhvPD1U3aSF2T44If8QF4V37AI3bS8KduS24u8XHz2Tko5TMyD+mAiWML4Gw
fLto8BDwg8XiVxn5braALsiQ1wURvZlXt0qwQWjeeM39fb2yYGHk+7tMg9forOAe
uSe60zd6UMNhr3pH+kx/KuX+HQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJ9pSJHm
haGOqYjJ3jox58ULDP2uMB8GA1UdIwQYMBaAFF2SV21F0n89FVNUmdQMyX5Ck6lo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjQ1Ni80NTgwMDlBQzJD
QkYxMUVDOTFDNEUwMTZDNEY5QUUwMi9YWkpYYlVYU2Z6MFZVMVNaMUF6SmZrS1Rx
V2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1haSlhiVVhTZnowVlUxU1oxQXpKZmtLVHFXZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjI0NTYvNDU4MDA5QUMyQ0JGMTFFQzkxQzRFMDE2QzRGOUFFMDIvMDE4MEE3OUUy
RDM2MTFFQzk4ODZCRDM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBAFnrpwwDgQCAAIwCAMGBCQAFCAQMA0GCSqGSIb3DQEBCwUA
A4IBAQBwN4rTRFG7Mo6HRaP3SAtkUv85FNBBfS2q5bytGmQaX6nD9XpiE909blyQ
cA+n8SU+N+rCVbFqGHnL3guDqvO6efDd6xBRtpx5xFC5O9VG4yZcr1AvlXIiMelQ
N2+DWIsBON/IsewPS04hISPgG92GnX6UHBiTxbfAi9VpAhv8ukxUJMmqck++mUYm
9KfWdtiNzmcYhwbsZq3r8xaRUEg75Owoj3A5t2zNyIBu/xeGMPj4xiOLwZ5e7jsr
S/AkTXRloi8pCuHwqiAAzSHWBQCX2hRDAvUnDjRyFGz7P5SCI1aXwk5fSpc58pEL
Zr/ngUctEDeD7bBHrGwBeo+ELiTs
-----END CERTIFICATE-----
Generated at Mon Apr 29 02:53:58 2024 by rpki-client on console-fra.rpki-client.org