Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/B79A37A2454211EBAE62CF6BC4F9AE02.roa
File: B79A37A2454211EBAE62CF6BC4F9AE02.roa (raw, json)
Hash identifier: 5wosXWIzBjMb+3CjmWEpl/JhTjF9J2jpogEpz7mcKrY=
Subject key identifier: A7:51:8D:41:62:1F:AA:94:87:62:A9:B3:EB:8F:8A:B1:BC:92:B0:3D
Certificate issuer: /CN=A911DFB8/serialNumber=AEBB93EA7A2FC69E2C19CCE782EEF5DDB1CA32BD
Certificate serial: 0560
Authority key identifier: AE:BB:93:EA:7A:2F:C6:9E:2C:19:CC:E7:82:EE:F5:DD:B1:CA:32:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rruT6novxp4sGczngu713bHKMr0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/B79A37A2454211EBAE62CF6BC4F9AE02.roa
Signing time: Fri 03 Mar 2023 00:50:52 +0000
ROA not before: Fri 03 Mar 2023 00:50:52 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 133448
IP address blocks: 103.108.184.0/24 maxlen: 24
103.108.185.0/24 maxlen: 24
103.116.132.0/24 maxlen: 24
103.116.133.0/24 maxlen: 24
2001:df4:1500::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1376 (0x560)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911DFB8/serialNumber=AEBB93EA7A2FC69E2C19CCE782EEF5DDB1CA32BD
Validity
Not Before: Mar 3 00:50:52 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=6401446c-1159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:0c:14:2c:da:3a:4d:f7:0c:8e:70:09:4b:85:
00:2f:ce:23:3c:e3:a8:74:d4:54:5f:42:12:f4:94:
23:96:2a:e2:b4:38:9e:7e:dd:0d:ab:48:97:77:90:
a1:b5:55:b2:9e:94:d7:35:58:5a:f6:28:81:ec:b7:
80:33:84:77:a9:c7:95:aa:68:03:70:00:18:7c:ad:
83:df:d0:fc:d5:2d:2f:1a:8b:4f:9d:47:ff:3d:c7:
b6:b6:36:7d:a9:da:f0:2e:8e:a5:1f:76:d7:54:d1:
4d:87:2a:6d:5b:d1:47:0f:30:b9:29:e3:df:61:02:
2d:75:73:01:d6:07:b2:06:e5:a8:67:9f:41:c2:11:
a1:40:a1:24:0d:99:11:a8:6c:88:6d:69:ee:e5:03:
79:63:10:af:85:83:80:b1:89:19:75:89:cc:ee:a5:
b4:ff:31:bf:da:84:ce:f6:4b:aa:1e:fc:a7:87:98:
29:be:d9:6d:93:1e:7d:5c:c4:29:45:94:e6:d0:b0:
1d:0a:4e:a9:f9:10:87:95:65:4b:f8:69:50:2b:5e:
db:78:ac:6a:4b:34:67:b8:c6:13:21:70:0b:75:9c:
ba:6c:ce:a7:a5:f1:df:d3:f5:db:43:60:04:76:e0:
b1:f1:7b:1e:56:d3:fe:b4:8c:5d:c1:3b:e0:1e:3f:
1f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:51:8D:41:62:1F:AA:94:87:62:A9:B3:EB:8F:8A:B1:BC:92:B0:3D
X509v3 Authority Key Identifier:
keyid:AE:BB:93:EA:7A:2F:C6:9E:2C:19:CC:E7:82:EE:F5:DD:B1:CA:32:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/rruT6novxp4sGczngu713bHKMr0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rruT6novxp4sGczngu713bHKMr0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/B79A37A2454211EBAE62CF6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.108.184.0/23
103.116.132.0/23
IPv6:
2001:df4:1500::/48
Signature Algorithm: sha256WithRSAEncryption
10:7f:33:4d:c6:0c:12:f8:87:f7:d9:56:e1:0b:4c:35:c6:c2:
53:9f:97:75:b7:48:44:d5:17:4c:6f:83:4b:27:73:ed:86:1b:
a6:d9:c3:e3:79:9a:79:83:59:6e:f8:c5:a2:cf:2d:6e:e9:4d:
c6:22:66:d3:2e:cc:d6:53:6d:a4:71:5e:bd:07:2b:02:3b:5e:
5f:8f:91:8d:30:f9:cd:16:07:0a:99:04:9c:a9:97:a5:ec:73:
30:a9:0a:27:75:1c:6e:94:1a:2b:7d:33:d7:35:49:44:bf:35:
80:87:e5:0a:ae:96:ce:63:40:93:f5:4c:82:d4:34:a4:98:a5:
d8:71:73:aa:3f:4c:af:2d:12:a5:ee:38:c4:5c:ba:46:2a:03:
01:8c:ad:b7:4b:96:37:40:f1:78:d6:01:88:2e:3a:b2:95:46:
79:f1:b3:8f:cd:5b:de:c5:49:63:98:54:b4:0a:04:d3:bf:bb:
69:27:fa:bb:8f:cc:4a:b1:0c:ee:3b:82:8d:3b:25:b7:0c:76:
4d:6d:89:84:dd:32:35:06:90:96:9f:e7:d4:93:85:57:7c:dd:
bf:85:3d:bf:87:1c:ed:99:37:f5:41:5a:40:91:98:5d:e9:48:
45:e1:fb:67:c2:77:b2:d2:19:d4:46:3d:4a:7b:80:ef:88:38:
f6:18:35:07
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICBWAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MURGQjgxMTAvBgNVBAUTKEFFQkI5M0VBN0EyRkM2OUUyQzE5Q0NFNzgyRUVGNURE
QjFDQTMyQkQwHhcNMjMwMzAzMDA1MDUyWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDAxNDQ2Yy0xMTU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1AwULNo6TfcMjnAJS4UAL84jPOOodNRUX0IS9JQjliritDieft0Nq0iXd5Ch
tVWynpTXNVha9iiB7LeAM4R3qceVqmgDcAAYfK2D39D81S0vGotPnUf/Pce2tjZ9
qdrwLo6lH3bXVNFNhyptW9FHDzC5KePfYQItdXMB1geyBuWoZ59BwhGhQKEkDZkR
qGyIbWnu5QN5YxCvhYOAsYkZdYnM7qW0/zG/2oTO9kuqHvynh5gpvtltkx59XMQp
RZTm0LAdCk6p+RCHlWVL+GlQK17beKxqSzRnuMYTIXALdZy6bM6npfHf0/XbQ2AE
duCx8XseVtP+tIxdwTvgHj8fawIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFKdRjUFi
H6qUh2Kps+uPirG8krA9MB8GA1UdIwQYMBaAFK67k+p6L8aeLBnM54Lu9d2xyjK9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExREZCOC85MDBFQUM1NDQ1
M0QxMUVCQjU1QTYyMjVDNEY5QUUwMi9ycnVUNm5vdnhwNHNHY3puZ3U3MTNiSEtN
cjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JydVQ2bm92eHA0c0djem5ndTcxM2JIS01yMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MURGQjgvOTAwRUFDNTQ0NTNEMTFFQkI1NUE2MjI1QzRGOUFFMDIvQjc5QTM3QTI0
NTQyMTFFQkFFNjJDRjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAFnbLgDBAFndIQwDwQCAAIwCQMHACABDfQVADANBgkqhkiG
9w0BAQsFAAOCAQEAEH8zTcYMEviH99lW4QtMNcbCU5+XdbdIRNUXTG+DSydz7YYb
ptnD43maeYNZbvjFos8tbulNxiJm0y7M1lNtpHFevQcrAjteX4+RjTD5zRYHCpkE
nKmXpexzMKkKJ3UcbpQaK30z1zVJRL81gIflCq6WzmNAk/VMgtQ0pJil2HFzqj9M
ry0Spe44xFy6RioDAYytt0uWN0DxeNYBiC46spVGefGzj81b3sVJY5hUtAoE07+7
aSf6u4/MSrEM7juCjTsltwx2TW2JhN0yNQaQlp/n1JOFV3zdv4U9v4cc7Zk39UFa
QJGYXelIReH7Z8J3stIZ1EY9SnuA74g49hg1Bw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 10:26:01 2023 by rpki-client on console-ams.rpki-client.org