Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9133CD2/45F3AA7EAC1611EDB947B860C4F9AE02/C1E7447CAC1811EDA8A31B61C4F9AE02.roa
File: C1E7447CAC1811EDA8A31B61C4F9AE02.roa (raw, json)
Hash identifier: 98+iZebrw7jfDpHpe2Oijdj9V13HnwTaUJ2Zxc/Ozus=
Subject key identifier: BA:F5:78:06:35:DD:DD:33:D7:22:CD:09:A6:50:D1:A9:E7:5D:02:EA
Certificate issuer: /CN=A9133CD2/serialNumber=9AAC156FA918B4305741DAE9D5DBA2933746CE87
Certificate serial: BB
Authority key identifier: 9A:AC:15:6F:A9:18:B4:30:57:41:DA:E9:D5:DB:A2:93:37:46:CE:87
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mqwVb6kYtDBXQdrp1duikzdGzoc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9133CD2/45F3AA7EAC1611EDB947B860C4F9AE02/C1E7447CAC1811EDA8A31B61C4F9AE02.roa
Signing time: Wed 07 Feb 2024 05:16:48 +0000
ROA not before: Wed 07 Feb 2024 05:16:48 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 135345
IP address blocks: 103.179.144.0/24 maxlen: 24
103.179.145.0/24 maxlen: 24
2400:4ce0::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 22 May 2024 05:56:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 187 (0xbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9133CD2/serialNumber=9AAC156FA918B4305741DAE9D5DBA2933746CE87
Validity
Not Before: Feb 7 05:16:48 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65c3123f-8200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e6:b4:af:96:0f:10:e4:de:97:0c:12:87:06:
c5:54:52:d0:bf:b3:36:66:db:2e:ac:30:a5:86:60:
8c:d1:d4:22:17:e1:18:6c:bc:7e:0f:b5:a1:7c:07:
53:1b:06:41:0d:e6:3e:0b:c0:25:7c:69:83:4a:c0:
a1:5c:f2:a8:44:bb:57:c4:60:d9:97:1f:0a:28:46:
0a:62:bb:19:f9:a0:5d:bf:8b:0b:38:d7:c7:3f:2b:
4e:34:70:af:15:9d:6f:aa:2d:a3:a0:85:a2:9e:85:
c3:bf:70:3b:81:da:c3:f7:af:bb:28:ab:ac:30:f3:
18:3e:b8:20:32:0e:d9:30:0e:5a:b5:26:8f:c6:d5:
82:9a:7e:dd:c5:b9:66:41:b8:89:6d:08:15:52:5b:
9f:7f:9e:d5:04:e8:85:33:ef:00:05:77:9f:15:01:
0d:1b:e5:f6:57:20:ff:ef:96:98:78:bd:f5:cf:b7:
b8:1b:17:6b:ca:e7:d7:18:30:7d:39:b4:3a:68:43:
fd:0a:84:12:a6:96:83:c2:0f:16:53:c8:5f:0c:bb:
d8:c0:9f:0e:d1:ba:37:da:ec:cb:e4:6a:ec:25:ac:
dc:0e:8e:25:15:31:98:c8:6a:06:07:77:1d:83:bf:
f3:8e:bb:d4:92:17:bc:34:f2:60:e6:00:63:36:6f:
11:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:F5:78:06:35:DD:DD:33:D7:22:CD:09:A6:50:D1:A9:E7:5D:02:EA
X509v3 Authority Key Identifier:
keyid:9A:AC:15:6F:A9:18:B4:30:57:41:DA:E9:D5:DB:A2:93:37:46:CE:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9133CD2/45F3AA7EAC1611EDB947B860C4F9AE02/mqwVb6kYtDBXQdrp1duikzdGzoc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mqwVb6kYtDBXQdrp1duikzdGzoc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9133CD2/45F3AA7EAC1611EDB947B860C4F9AE02/C1E7447CAC1811EDA8A31B61C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.144.0/23
IPv6:
2400:4ce0::/32
Signature Algorithm: sha256WithRSAEncryption
76:bf:80:1b:7c:11:2a:7b:b1:e2:c1:36:4a:a3:b5:9d:9c:00:
14:01:38:01:d5:7a:ba:d3:2a:81:45:61:6b:02:8d:9e:a9:cc:
6b:80:2f:d6:ee:63:ab:7d:38:94:f8:91:d4:cc:14:00:87:d3:
8c:b4:dc:5d:47:ae:5a:50:2b:a2:b0:da:43:23:3a:72:28:e3:
4c:70:62:03:f2:27:03:0a:16:33:b8:17:9f:f4:1b:e0:97:9a:
98:16:58:1c:8c:b7:e3:b1:41:3a:ee:45:1e:19:6e:d1:4c:be:
92:1f:08:d3:24:96:f5:2a:89:26:10:2a:9c:56:01:e0:2a:51:
c1:a2:ad:f4:1c:6f:71:d0:ee:fa:87:3e:7a:48:7f:2d:d1:36:
b1:f9:d5:b3:26:8d:d5:92:74:b5:bd:7b:53:c3:4b:7b:20:c2:
5b:81:f6:fa:2b:a2:13:ac:aa:75:99:a4:b0:f1:0f:2a:d9:ad:
fe:58:c5:b5:31:b2:4c:c3:c8:83:49:59:d4:de:f4:42:c7:e5:
ad:be:1d:81:e3:2b:57:c8:e2:b9:8b:c9:71:47:1a:3f:3d:7b:
80:19:ff:06:95:94:b9:86:19:45:75:75:ce:1f:24:e1:06:6f:
d5:6e:86:e4:7c:a7:51:66:9c:dd:87:98:06:1d:78:5a:26:61:
74:da:61:87
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICALswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzNDRDIxMTAvBgNVBAUTKDlBQUMxNTZGQTkxOEI0MzA1NzQxREFFOUQ1REJBMjkz
Mzc0NkNFODcwHhcNMjQwMjA3MDUxNjQ4WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWMzMTIzZi04MjAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp+a0r5YPEOTelwwShwbFVFLQv7M2ZtsurDClhmCM0dQiF+EYbLx+D7WhfAdT
GwZBDeY+C8AlfGmDSsChXPKoRLtXxGDZlx8KKEYKYrsZ+aBdv4sLONfHPytONHCv
FZ1vqi2joIWinoXDv3A7gdrD96+7KKusMPMYPrggMg7ZMA5atSaPxtWCmn7dxblm
QbiJbQgVUluff57VBOiFM+8ABXefFQENG+X2VyD/75aYeL31z7e4GxdryufXGDB9
ObQ6aEP9CoQSppaDwg8WU8hfDLvYwJ8O0bo32uzL5GrsJazcDo4lFTGYyGoGB3cd
g7/zjrvUkhe8NPJg5gBjNm8RDQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLr1eAY1
3d0z1yLNCaZQ0annXQLqMB8GA1UdIwQYMBaAFJqsFW+pGLQwV0Ha6dXbopM3Rs6H
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzM0NEMi80NUYzQUE3RUFD
MTYxMUVEQjk0N0I4NjBDNEY5QUUwMi9tcXdWYjZrWXREQlhRZHJwMWR1aWt6ZEd6
b2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21xd1ZiNmtZdERCWFFkcnAxZHVpa3pkR3pvYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzNDRDIvNDVGM0FBN0VBQzE2MTFFREI5NDdCODYwQzRGOUFFMDIvQzFFNzQ0N0NB
QzE4MTFFREE4QTMxQjYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFns5AwDQQCAAIwBwMFACQATOAwDQYJKoZIhvcNAQELBQAD
ggEBAHa/gBt8ESp7seLBNkqjtZ2cABQBOAHVerrTKoFFYWsCjZ6pzGuAL9buY6t9
OJT4kdTMFACH04y03F1HrlpQK6Kw2kMjOnIo40xwYgPyJwMKFjO4F5/0G+CXmpgW
WByMt+OxQTruRR4ZbtFMvpIfCNMklvUqiSYQKpxWAeAqUcGirfQcb3HQ7vqHPnpI
fy3RNrH51bMmjdWSdLW9e1PDS3sgwluB9vorohOsqnWZpLDxDyrZrf5YxbUxskzD
yINJWdTe9ELH5a2+HYHjK1fI4rmLyXFHGj89e4AZ/waVlLmGGUV1dc4fJOEGb9Vu
huR8p1FmnN2HmAYdeFomYXTaYYc=
-----END CERTIFICATE-----
Generated at Wed May 22 08:02:33 2024 by rpki-client on console-fra.rpki-client.org