Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/0B579C38B12411ECADC6301EC4F9AE02.roa
File: 0B579C38B12411ECADC6301EC4F9AE02.roa (raw, json)
Hash identifier: GKUog5Jo1XzniDvFRDQVeaTdsg04e/j+9GvydpyruNo=
Subject key identifier: 6D:43:73:84:83:27:AA:DA:87:EA:64:42:DC:99:39:25:83:2F:6A:E6
Certificate issuer: /CN=A9158E8E/serialNumber=5F2E5E62932BB50A85FF2F9A5F31B2BADD5F34AC
Certificate serial: 01C3
Authority key identifier: 5F:2E:5E:62:93:2B:B5:0A:85:FF:2F:9A:5F:31:B2:BA:DD:5F:34:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xy5eYpMrtQqF_y-aXzGyut1fNKw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/0B579C38B12411ECADC6301EC4F9AE02.roa
Signing time: Fri 27 Jan 2023 04:53:44 +0000
ROA not before: Fri 27 Jan 2023 04:53:44 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 23750
IP address blocks: 103.159.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 10:56:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 451 (0x1c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158E8E/serialNumber=5F2E5E62932BB50A85FF2F9A5F31B2BADD5F34AC
Validity
Not Before: Jan 27 04:53:44 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63d358d7-7b64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ac:c9:76:d9:6a:03:8b:32:66:26:f9:96:75:
8f:e5:a0:7f:30:f0:1a:b5:12:12:94:35:70:c2:96:
b4:0a:8c:42:24:77:32:c6:0b:a3:25:f9:b6:dc:ca:
b7:4e:ad:05:d7:c6:1b:74:3b:1c:35:d0:6f:3c:0c:
6d:a1:89:0c:86:91:26:83:93:13:41:1c:45:d6:66:
a8:40:83:74:6d:ca:ed:a1:a3:96:01:2d:a4:20:99:
3b:a7:13:2a:3d:01:51:51:dd:91:ba:ce:cf:0e:b2:
4b:00:d4:6b:72:e1:dd:7d:4e:f9:9f:ff:35:fe:f2:
06:b4:4c:4d:db:2a:4e:de:d6:60:1b:07:13:25:9a:
fd:9c:8e:28:60:3a:7c:2e:8e:f6:0f:d7:56:9a:2a:
e0:32:00:77:82:81:d4:b4:e0:63:6c:09:d7:f9:c2:
60:ae:22:7b:3f:9a:1a:24:9a:bd:2c:8b:2a:aa:29:
2a:e2:3d:bb:c0:28:40:d6:18:ca:52:62:76:c3:dd:
fe:5b:da:ce:44:62:20:65:e3:6b:0f:7c:98:3d:8b:
43:67:b7:8f:9f:d7:68:af:7b:33:d1:6f:71:77:48:
f8:1f:a1:1e:cd:49:9d:7d:75:f6:d9:d0:e2:5e:4e:
c2:52:f7:46:84:cc:e2:69:de:d7:03:f9:5e:c0:62:
0e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:43:73:84:83:27:AA:DA:87:EA:64:42:DC:99:39:25:83:2F:6A:E6
X509v3 Authority Key Identifier:
keyid:5F:2E:5E:62:93:2B:B5:0A:85:FF:2F:9A:5F:31:B2:BA:DD:5F:34:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/Xy5eYpMrtQqF_y-aXzGyut1fNKw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xy5eYpMrtQqF_y-aXzGyut1fNKw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/0B579C38B12411ECADC6301EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.79.0/24
Signature Algorithm: sha256WithRSAEncryption
10:6e:86:db:8e:ac:88:81:fb:5c:05:a0:04:bc:83:f3:ed:cd:
0f:c2:10:89:c1:cf:3c:e3:60:15:18:7c:53:ba:98:85:3f:35:
5a:a8:dd:2b:25:c4:88:4a:0c:0a:25:aa:3e:7b:ef:6b:11:d3:
9f:e3:9e:3d:fd:08:5d:dd:94:87:52:5c:9e:9c:5b:e8:b6:43:
6e:99:21:0a:7f:53:86:75:f7:81:d0:7e:d3:68:a1:1c:39:d1:
9e:30:b3:95:09:4c:b1:bb:72:97:ab:e8:ae:eb:e1:8f:76:bc:
3f:22:f6:4a:39:52:a1:29:24:8a:42:2c:e3:84:bc:b0:e0:f6:
cb:95:1c:cd:45:01:0a:9d:a1:f7:9c:0f:52:bc:1c:c3:af:d1:
ea:a8:8a:06:bb:75:82:29:04:fa:13:fe:65:ca:12:1a:86:b1:
61:01:37:59:0e:2e:ea:fd:e5:a0:4c:15:b2:91:a5:af:98:0b:
77:65:14:7c:70:b6:e8:ea:dd:b4:ee:b7:3a:bb:d2:bf:fa:68:
76:3b:26:36:1e:93:66:4f:25:86:5c:65:7a:4d:f5:8f:de:77:
a5:20:1d:56:04:b1:30:f3:4e:4d:79:8d:30:b9:11:51:3c:7a:
eb:18:a7:7f:d6:12:f2:46:3b:0f:26:c1:0f:ff:d5:bf:7d:1f:
0c:c7:75:1a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAcMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NThFOEUxMTAvBgNVBAUTKDVGMkU1RTYyOTMyQkI1MEE4NUZGMkY5QTVGMzFCMkJB
REQ1RjM0QUMwHhcNMjMwMTI3MDQ1MzQ0WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2QzNThkNy03YjY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA36zJdtlqA4syZib5lnWP5aB/MPAatRISlDVwwpa0CoxCJHcyxgujJfm23Mq3
Tq0F18YbdDscNdBvPAxtoYkMhpEmg5MTQRxF1maoQIN0bcrtoaOWAS2kIJk7pxMq
PQFRUd2Rus7PDrJLANRrcuHdfU75n/81/vIGtExN2ypO3tZgGwcTJZr9nI4oYDp8
Lo72D9dWmirgMgB3goHUtOBjbAnX+cJgriJ7P5oaJJq9LIsqqikq4j27wChA1hjK
UmJ2w93+W9rORGIgZeNrD3yYPYtDZ7ePn9dor3sz0W9xd0j4H6EezUmdfXX22dDi
Xk7CUvdGhMziad7XA/lewGIOAQIDAQABo4IClTCCApEwHQYDVR0OBBYEFG1Dc4SD
J6rah+pkQtyZOSWDL2rmMB8GA1UdIwQYMBaAFF8uXmKTK7UKhf8vml8xsrrdXzSs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEU4RS8wNEZCQjhGMEFF
MEYxMUVDQTAyMDU2NjZDNEY5QUUwMi9YeTVlWXBNcnRRcUZfeS1hWHpHeXV0MWZO
S3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1h5NWVZcE1ydFFxRl95LWFYekd5dXQxZk5Ldy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NThFOEUvMDRGQkI4RjBBRTBGMTFFQ0EwMjA1NjY2QzRGOUFFMDIvMEI1NzlDMzhC
MTI0MTFFQ0FEQzYzMDFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnn08wDQYJKoZIhvcNAQELBQADggEBABBuhtuOrIiB+1wF
oAS8g/PtzQ/CEInBzzzjYBUYfFO6mIU/NVqo3SslxIhKDAolqj5772sR05/jnj39
CF3dlIdSXJ6cW+i2Q26ZIQp/U4Z194HQftNooRw50Z4ws5UJTLG7cper6K7r4Y92
vD8i9ko5UqEpJIpCLOOEvLDg9suVHM1FAQqdofecD1K8HMOv0eqoiga7dYIpBPoT
/mXKEhqGsWEBN1kOLur95aBMFbKRpa+YC3dlFHxwtujq3bTutzq70r/6aHY7JjYe
k2ZPJYZcZXpN9Y/ed6UgHVYEsTDzTk15jTC5EVE8eusYp3/WEvJGOw8mwQ//1b99
HwzHdRo=
-----END CERTIFICATE-----
Generated at Thu Feb 29 14:06:36 2024 by rpki-client on console-fra.rpki-client.org