Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/0AAD1948B12411ECADC6301EC4F9AE02.roa
File: 0AAD1948B12411ECADC6301EC4F9AE02.roa (raw, json)
Hash identifier: 3IwUiX8txFKbusi50J10gXIlaZhz4gL8XXIxqYmTvGU=
Subject key identifier: D4:A2:F9:47:A3:57:58:CE:06:B8:E9:97:4D:40:89:63:66:1F:B2:F3
Certificate issuer: /CN=A9158E8E/serialNumber=5F2E5E62932BB50A85FF2F9A5F31B2BADD5F34AC
Certificate serial: 01C1
Authority key identifier: 5F:2E:5E:62:93:2B:B5:0A:85:FF:2F:9A:5F:31:B2:BA:DD:5F:34:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xy5eYpMrtQqF_y-aXzGyut1fNKw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/0AAD1948B12411ECADC6301EC4F9AE02.roa
Signing time: Fri 27 Jan 2023 04:53:42 +0000
ROA not before: Fri 27 Jan 2023 04:53:42 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 141431
IP address blocks: 103.159.78.0/24 maxlen: 24
103.159.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 10:55:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 449 (0x1c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158E8E/serialNumber=5F2E5E62932BB50A85FF2F9A5F31B2BADD5F34AC
Validity
Not Before: Jan 27 04:53:42 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63d358d5-7dbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b2:53:75:83:21:95:3d:ed:e1:04:11:88:69:
f6:f7:9d:42:0e:6f:ed:5e:f5:a8:61:bd:6d:4a:72:
2e:f6:43:75:b6:81:71:be:2a:34:48:4b:b6:31:24:
fe:5c:84:90:84:0a:9c:d7:cc:c7:fc:2d:7a:48:7a:
05:ae:de:6b:ff:f8:46:18:01:83:65:18:68:86:39:
2e:af:0a:d3:92:d3:75:0b:6d:c0:0e:31:cb:33:37:
40:c1:d6:b7:bc:4e:49:a1:72:c7:6a:5d:1d:0e:cd:
8d:65:11:c4:5e:5f:4e:29:12:33:e9:35:da:2b:e5:
75:b7:2e:0c:9f:f8:35:fa:c2:89:f8:71:41:33:ab:
e6:cf:21:29:18:09:96:25:0e:2b:c6:65:08:8a:20:
d7:6e:a9:28:b5:e2:fe:a1:f4:18:92:e7:e3:e6:70:
73:e8:55:c7:1d:a3:ee:7b:12:bc:a1:8b:45:1b:b2:
af:ef:8b:7e:b0:5b:a7:4b:70:c6:9e:c2:01:5b:90:
ee:cf:d1:c1:a4:cd:9c:0f:63:f5:27:6e:96:85:9d:
c5:47:77:54:00:52:c6:93:0f:eb:95:2e:dd:aa:69:
19:b8:ea:dd:82:fe:53:16:3c:47:e6:ab:0b:75:c0:
8a:02:45:1d:7e:0a:dd:be:0a:66:f7:02:c9:96:2f:
bc:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:A2:F9:47:A3:57:58:CE:06:B8:E9:97:4D:40:89:63:66:1F:B2:F3
X509v3 Authority Key Identifier:
keyid:5F:2E:5E:62:93:2B:B5:0A:85:FF:2F:9A:5F:31:B2:BA:DD:5F:34:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/Xy5eYpMrtQqF_y-aXzGyut1fNKw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xy5eYpMrtQqF_y-aXzGyut1fNKw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/0AAD1948B12411ECADC6301EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.78.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:49:2d:45:2c:65:84:25:b3:6d:d1:74:05:55:54:e8:fe:6a:
bf:6b:15:35:8b:bf:57:15:75:a0:87:ae:82:d8:07:67:79:73:
4f:7c:e8:de:da:2e:2f:5e:77:3c:70:15:1f:f9:1a:8e:76:f8:
70:41:55:11:71:60:9f:32:ee:99:ff:93:43:33:20:6e:bb:f6:
a0:d6:0a:08:98:86:5f:04:0a:1f:18:fd:70:e0:5d:aa:80:bf:
36:79:11:28:e6:ad:38:a3:cd:e5:84:e7:19:07:e3:ac:39:18:
8f:01:05:8a:1c:7d:9a:26:86:d4:79:d6:3f:cc:3c:af:88:d4:
54:29:64:84:b1:64:42:cc:b8:9d:41:f5:d6:6a:01:ed:c5:43:
78:32:e4:99:4c:6e:11:d9:59:6f:16:0d:7b:92:3c:62:11:9b:
d8:fa:38:13:f9:8d:f5:04:46:5f:02:b0:fb:9a:c5:c1:c6:e5:
7f:f2:73:6f:2c:74:f5:1c:04:0b:24:9d:25:6b:13:d4:f4:8a:
ac:43:c7:73:71:1b:28:fe:9d:f8:3b:63:22:17:09:a2:b8:cb:
eb:24:35:63:c9:51:ae:19:24:14:2a:06:35:bd:43:7c:85:ec:
d2:d2:9d:f0:b2:a8:31:16:9a:1b:a9:28:cb:5b:6f:46:93:a4:
e0:f2:88:50
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAcEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NThFOEUxMTAvBgNVBAUTKDVGMkU1RTYyOTMyQkI1MEE4NUZGMkY5QTVGMzFCMkJB
REQ1RjM0QUMwHhcNMjMwMTI3MDQ1MzQyWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2QzNThkNS03ZGJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAorJTdYMhlT3t4QQRiGn2951CDm/tXvWoYb1tSnIu9kN1toFxvio0SEu2MST+
XISQhAqc18zH/C16SHoFrt5r//hGGAGDZRhohjkurwrTktN1C23ADjHLMzdAwda3
vE5JoXLHal0dDs2NZRHEXl9OKRIz6TXaK+V1ty4Mn/g1+sKJ+HFBM6vmzyEpGAmW
JQ4rxmUIiiDXbqkoteL+ofQYkufj5nBz6FXHHaPuexK8oYtFG7Kv74t+sFunS3DG
nsIBW5Duz9HBpM2cD2P1J26WhZ3FR3dUAFLGkw/rlS7dqmkZuOrdgv5TFjxH5qsL
dcCKAkUdfgrdvgpm9wLJli+8WQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNSi+Uej
V1jOBrjpl01AiWNmH7LzMB8GA1UdIwQYMBaAFF8uXmKTK7UKhf8vml8xsrrdXzSs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEU4RS8wNEZCQjhGMEFF
MEYxMUVDQTAyMDU2NjZDNEY5QUUwMi9YeTVlWXBNcnRRcUZfeS1hWHpHeXV0MWZO
S3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1h5NWVZcE1ydFFxRl95LWFYekd5dXQxZk5Ldy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NThFOEUvMDRGQkI4RjBBRTBGMTFFQ0EwMjA1NjY2QzRGOUFFMDIvMEFBRDE5NDhC
MTI0MTFFQ0FEQzYzMDFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnn04wDQYJKoZIhvcNAQELBQADggEBAKRJLUUsZYQls23R
dAVVVOj+ar9rFTWLv1cVdaCHroLYB2d5c0986N7aLi9edzxwFR/5Go52+HBBVRFx
YJ8y7pn/k0MzIG679qDWCgiYhl8ECh8Y/XDgXaqAvzZ5ESjmrTijzeWE5xkH46w5
GI8BBYocfZomhtR51j/MPK+I1FQpZISxZELMuJ1B9dZqAe3FQ3gy5JlMbhHZWW8W
DXuSPGIRm9j6OBP5jfUERl8CsPuaxcHG5X/yc28sdPUcBAsknSVrE9T0iqxDx3Nx
Gyj+nfg7YyIXCaK4y+skNWPJUa4ZJBQqBjW9Q3yF7NLSnfCyqDEWmhupKMtbb0aT
pODyiFA=
-----END CERTIFICATE-----
Generated at Thu Feb 29 14:02:43 2024 by rpki-client on console-ams.rpki-client.org