Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D971/DE25B86856A411EDA8C00C3EC4F9AE02/79D4312E657B11EDAE8AE90EC4F9AE02.roa
File: 79D4312E657B11EDAE8AE90EC4F9AE02.roa (raw, json)
Hash identifier: SPwuW0ojFyWqE378gaA4iVrlxVuFMxlEpFAjl6pbX+w=
Subject key identifier: C5:34:4C:FA:0C:9B:73:E6:71:3A:91:03:8E:35:15:AA:51:67:32:02
Certificate issuer: /CN=A911D971/serialNumber=764D1CE6727D31BD8F39662E2004C4689DA6B7E5
Certificate serial: C9
Authority key identifier: 76:4D:1C:E6:72:7D:31:BD:8F:39:66:2E:20:04:C4:68:9D:A6:B7:E5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dk0c5nJ9Mb2POWYuIATEaJ2mt-U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D971/DE25B86856A411EDA8C00C3EC4F9AE02/79D4312E657B11EDAE8AE90EC4F9AE02.roa
Signing time: Fri 03 Nov 2023 04:55:01 +0000
ROA not before: Fri 03 Nov 2023 04:55:01 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 140077
IP address blocks: 103.24.16.0/24 maxlen: 24
103.24.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 10:57:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 201 (0xc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D971/serialNumber=764D1CE6727D31BD8F39662E2004C4689DA6B7E5
Validity
Not Before: Nov 3 04:55:01 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=65447d24-c6ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:53:fd:c8:25:65:5e:ff:04:96:60:28:0d:df:
59:18:fb:84:e4:2f:95:6c:e3:82:9d:49:1d:e7:55:
a4:09:9d:66:72:34:d4:76:98:09:93:2a:11:ea:53:
72:4d:6c:bf:76:64:8e:b9:34:6a:4a:33:d5:4c:27:
44:28:13:2f:a1:1a:65:bc:2a:c6:30:89:5d:10:55:
26:0d:d4:11:aa:81:7e:92:db:b3:86:38:0d:30:f6:
2d:b3:0a:31:d3:fb:56:a1:8a:0b:37:38:3c:8e:0a:
6b:92:20:c9:9d:4e:52:e4:72:37:d1:b4:72:6e:2e:
c2:15:6b:06:a0:6f:50:3f:6f:33:d8:b2:7a:94:ca:
74:b2:9f:3c:d9:76:e3:c1:71:4d:d5:0b:ca:57:b8:
2c:80:7f:ac:cc:89:81:c5:e0:cd:ca:5b:de:23:cf:
3b:56:ec:3a:9d:51:5d:3d:09:dc:70:4d:d7:60:84:
6e:74:04:0b:aa:6c:ed:15:0b:62:f2:bf:59:9f:01:
61:c4:f6:46:a6:30:34:19:69:c7:a4:7f:c9:af:d2:
85:18:d9:6a:d9:fc:48:a7:1c:ff:aa:f2:12:a1:2a:
30:7f:5e:da:63:08:57:17:fb:56:3e:92:5f:fe:c9:
7a:5c:5d:97:79:45:88:5b:c2:48:61:52:d2:f2:8d:
3e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:34:4C:FA:0C:9B:73:E6:71:3A:91:03:8E:35:15:AA:51:67:32:02
X509v3 Authority Key Identifier:
keyid:76:4D:1C:E6:72:7D:31:BD:8F:39:66:2E:20:04:C4:68:9D:A6:B7:E5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D971/DE25B86856A411EDA8C00C3EC4F9AE02/dk0c5nJ9Mb2POWYuIATEaJ2mt-U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dk0c5nJ9Mb2POWYuIATEaJ2mt-U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D971/DE25B86856A411EDA8C00C3EC4F9AE02/79D4312E657B11EDAE8AE90EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.24.16.0/23
Signature Algorithm: sha256WithRSAEncryption
44:ce:a0:af:aa:7f:4d:03:a0:2b:54:73:e8:2e:42:61:09:2c:
05:94:7e:e7:84:78:0d:96:18:87:4e:84:2d:47:42:4c:8c:f6:
ac:54:ba:c2:a3:5e:36:cb:7e:64:48:bd:57:1a:d4:29:1d:db:
80:37:31:c1:70:01:90:35:5d:79:68:4b:b4:9c:d9:3c:c1:61:
8d:a4:81:88:ab:67:85:cb:d1:79:69:07:4f:46:c2:ce:f6:fe:
60:9d:36:0f:e4:eb:b4:62:2d:3e:cd:95:25:7b:69:f6:2c:74:
5e:e3:3c:08:14:a7:d7:dc:cb:40:08:d3:06:31:d5:5c:dd:23:
32:6b:d8:38:1a:78:57:be:9e:4c:bb:c4:98:de:99:e2:ec:bb:
d5:36:f7:40:0e:47:83:97:d0:63:ed:b9:6d:e9:27:6c:58:3e:
68:9d:da:f6:b9:2d:49:74:e9:9f:f2:56:4d:fd:9d:e4:d7:41:
6c:68:bc:34:11:0e:e5:21:79:83:5c:70:4d:5c:b6:27:a1:4f:
13:21:7b:06:d2:50:86:4e:4c:cc:10:1d:23:11:b9:14:8f:a5:
41:90:b1:9b:38:47:8c:67:14:9a:54:fd:be:48:a9:c8:5f:0e:
c1:e0:1e:39:17:b2:7e:1b:34:e1:f4:64:a1:c4:53:af:ac:48:
4e:64:4d:34
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ5NzExMTAvBgNVBAUTKDc2NEQxQ0U2NzI3RDMxQkQ4RjM5NjYyRTIwMDRDNDY4
OURBNkI3RTUwHhcNMjMxMTAzMDQ1NTAxWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ0N2QyNC1jNmFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2VP9yCVlXv8ElmAoDd9ZGPuE5C+VbOOCnUkd51WkCZ1mcjTUdpgJkyoR6lNy
TWy/dmSOuTRqSjPVTCdEKBMvoRplvCrGMIldEFUmDdQRqoF+ktuzhjgNMPYtswox
0/tWoYoLNzg8jgprkiDJnU5S5HI30bRybi7CFWsGoG9QP28z2LJ6lMp0sp882Xbj
wXFN1QvKV7gsgH+szImBxeDNylveI887Vuw6nVFdPQnccE3XYIRudAQLqmztFQti
8r9ZnwFhxPZGpjA0GWnHpH/Jr9KFGNlq2fxIpxz/qvISoSowf17aYwhXF/tWPpJf
/sl6XF2XeUWIW8JIYVLS8o0+bwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMU0TPoM
m3PmcTqRA441FapRZzICMB8GA1UdIwQYMBaAFHZNHOZyfTG9jzlmLiAExGidprfl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDk3MS9ERTI1Qjg2ODU2
QTQxMUVEQThDMDBDM0VDNEY5QUUwMi9kazBjNW5KOU1iMlBPV1l1SUFURWFKMm10
LVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RrMGM1bko5TWIyUE9XWXVJQVRFYUoybXQtVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ5NzEvREUyNUI4Njg1NkE0MTFFREE4QzAwQzNFQzRGOUFFMDIvNzlENDMxMkU2
NTdCMTFFREFFOEFFOTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnGBAwDQYJKoZIhvcNAQELBQADggEBAETOoK+qf00DoCtU
c+guQmEJLAWUfueEeA2WGIdOhC1HQkyM9qxUusKjXjbLfmRIvVca1Ckd24A3McFw
AZA1XXloS7Sc2TzBYY2kgYirZ4XL0XlpB09Gws72/mCdNg/k67RiLT7NlSV7afYs
dF7jPAgUp9fcy0AI0wYx1VzdIzJr2DgaeFe+nky7xJjemeLsu9U290AOR4OX0GPt
uW3pJ2xYPmid2va5LUl06Z/yVk39neTXQWxovDQRDuUheYNccE1ctiehTxMhewbS
UIZOTMwQHSMRuRSPpUGQsZs4R4xnFJpU/b5IqchfDsHgHjkXsn4bNOH0ZKHEU6+s
SE5kTTQ=
-----END CERTIFICATE-----
Generated at Thu Feb 29 14:06:36 2024 by rpki-client on console-fra.rpki-client.org