Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/22E9381C7A9911EE8F236255C4F9AE02.roa
File: 22E9381C7A9911EE8F236255C4F9AE02.roa (raw, json)
Hash identifier: Fz3uGUZ3whfV6rS7gLoNAVpN2G3e0oa9eHiLfp6J0Fk=
Subject key identifier: F8:82:BF:56:C1:D2:62:C9:7D:C7:DC:35:A7:0D:11:B0:CE:0D:99:8A
Certificate issuer: /CN=A916D8D9/serialNumber=031C9C26E5BAB1B01AF18A0BB1B970AB5773456B
Certificate serial: 04E7
Authority key identifier: 03:1C:9C:26:E5:BA:B1:B0:1A:F1:8A:0B:B1:B9:70:AB:57:73:45:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AxycJuW6sbAa8YoLsblwq1dzRWs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/22E9381C7A9911EE8F236255C4F9AE02.roa
Signing time: Fri 29 Dec 2023 00:42:47 +0000
ROA not before: Fri 29 Dec 2023 00:42:47 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 60117
IP address blocks: 103.79.17.0/24 maxlen: 24
103.79.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 07:48:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1255 (0x4e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916D8D9/serialNumber=031C9C26E5BAB1B01AF18A0BB1B970AB5773456B
Validity
Not Before: Dec 29 00:42:47 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=658e1607-5ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:67:fc:22:dd:af:e1:f2:b7:66:f2:f6:f8:0b:
b3:60:a5:ff:d5:17:5b:c8:44:9c:cc:e7:42:21:97:
9b:b1:9f:58:20:41:eb:36:ab:bf:7a:b1:40:d6:b2:
e4:e5:70:a8:c5:56:b0:55:be:64:95:81:b1:1a:dd:
a0:2f:34:4e:f8:9e:df:bb:97:ba:c1:12:83:2e:19:
fc:4b:36:1b:f0:35:b4:e7:fa:9b:a0:da:68:be:70:
d1:43:d7:85:66:23:fd:d0:f5:e1:34:41:4c:94:3b:
37:b2:12:d7:fc:01:ad:1e:40:fb:62:7a:11:82:05:
8f:2b:0e:5e:ba:63:16:39:c5:16:8d:ac:34:78:02:
8f:15:d5:f3:99:ea:30:f4:4b:21:a5:4a:72:49:5f:
c9:42:72:51:db:e1:91:1c:37:e4:f0:52:13:b0:57:
45:cd:ce:34:cb:76:d7:cc:88:c7:9e:53:c9:7f:e0:
09:30:e1:67:79:2c:0b:61:e8:d7:71:c9:a7:9f:82:
12:0e:fa:43:36:1d:e1:da:0b:e8:94:d7:30:47:8f:
6b:82:b3:2a:7c:86:46:5e:53:d2:17:04:4c:81:89:
17:20:b5:7b:11:f0:bd:3e:1d:1a:ee:dd:4e:12:57:
b2:62:7b:e4:0e:16:44:da:9f:4f:78:28:92:34:0b:
ec:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:82:BF:56:C1:D2:62:C9:7D:C7:DC:35:A7:0D:11:B0:CE:0D:99:8A
X509v3 Authority Key Identifier:
keyid:03:1C:9C:26:E5:BA:B1:B0:1A:F1:8A:0B:B1:B9:70:AB:57:73:45:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/AxycJuW6sbAa8YoLsblwq1dzRWs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AxycJuW6sbAa8YoLsblwq1dzRWs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/22E9381C7A9911EE8F236255C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.79.17.0/24
103.79.19.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:99:d5:65:1c:e8:13:35:b2:d3:44:6a:4c:47:3a:38:ac:6a:
a1:93:e7:d3:2a:6d:69:fc:1a:a2:3d:ab:c5:ff:1f:79:ab:51:
68:46:75:74:84:10:6b:47:7c:ed:3a:19:0d:ee:0e:ac:3d:2d:
9d:45:ed:a9:bd:c2:73:a3:e0:f3:cb:2d:c9:6d:11:03:23:0c:
a2:5e:33:ac:4d:b0:26:aa:00:0e:91:21:6a:67:ca:bd:c2:87:
6d:35:ea:27:eb:83:08:12:e5:4f:7d:6a:ad:f5:da:d4:02:a2:
b9:b6:10:f0:56:c6:13:36:bd:7a:99:17:24:10:33:38:9c:2a:
18:ef:a9:cf:30:87:b3:8a:76:53:49:29:71:31:9e:cc:67:5d:
50:51:5e:37:64:a4:5f:24:e8:a2:d6:2f:26:a7:8a:ac:19:2f:
74:0f:c8:f2:a1:7d:f9:cb:16:c9:45:b9:3e:42:8e:1b:99:c0:
fa:6a:3c:99:10:a7:e2:a7:89:24:73:d8:f5:a0:73:21:db:7f:
55:dc:2c:8a:24:d9:d0:3e:f6:8b:dc:6b:5f:48:88:9f:fd:69:
07:a4:40:53:61:91:ed:61:aa:12:b3:5a:c0:a5:c8:c8:8b:c3:
c4:a6:a1:9a:05:19:2f:56:53:00:8b:47:25:be:5d:b9:ee:56:
68:49:6c:41
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBOcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQ4RDkxMTAvBgNVBAUTKDAzMUM5QzI2RTVCQUIxQjAxQUYxOEEwQkIxQjk3MEFC
NTc3MzQ1NkIwHhcNMjMxMjI5MDA0MjQ3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NThlMTYwNy01ZWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7Wf8It2v4fK3ZvL2+AuzYKX/1RdbyESczOdCIZebsZ9YIEHrNqu/erFA1rLk
5XCoxVawVb5klYGxGt2gLzRO+J7fu5e6wRKDLhn8SzYb8DW05/qboNpovnDRQ9eF
ZiP90PXhNEFMlDs3shLX/AGtHkD7YnoRggWPKw5eumMWOcUWjaw0eAKPFdXzmeow
9EshpUpySV/JQnJR2+GRHDfk8FITsFdFzc40y3bXzIjHnlPJf+AJMOFneSwLYejX
ccmnn4ISDvpDNh3h2gvolNcwR49rgrMqfIZGXlPSFwRMgYkXILV7EfC9Ph0a7t1O
EleyYnvkDhZE2p9PeCiSNAvsawIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPiCv1bB
0mLJfcfcNacNEbDODZmKMB8GA1UdIwQYMBaAFAMcnCblurGwGvGKC7G5cKtXc0Vr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDhEOS81NDgzQkZCNkM4
RkIxMUVCQkE1QkFFNTFDNEY5QUUwMi9BeHljSnVXNnNiQWE4WW9Mc2Jsd3ExZHpS
V3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0F4eWNKdVc2c2JBYThZb0xzYmx3cTFkelJXcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQ4RDkvNTQ4M0JGQjZDOEZCMTFFQkJBNUJBRTUxQzRGOUFFMDIvMjJFOTM4MUM3
QTk5MTFFRThGMjM2MjU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnTxEDBABnTxMwDQYJKoZIhvcNAQELBQADggEBAHuZ1WUc
6BM1stNEakxHOjisaqGT59MqbWn8GqI9q8X/H3mrUWhGdXSEEGtHfO06GQ3uDqw9
LZ1F7am9wnOj4PPLLcltEQMjDKJeM6xNsCaqAA6RIWpnyr3Ch2016ifrgwgS5U99
aq312tQCorm2EPBWxhM2vXqZFyQQMzicKhjvqc8wh7OKdlNJKXExnsxnXVBRXjdk
pF8k6KLWLyaniqwZL3QPyPKhffnLFslFuT5CjhuZwPpqPJkQp+KniSRz2PWgcyHb
f1XcLIok2dA+9ovca19IiJ/9aQekQFNhke1hqhKzWsClyMiLw8SmoZoFGS9WUwCL
RyW+XbnuVmhJbEE=
-----END CERTIFICATE-----
Generated at Mon Feb 12 12:06:06 2024 by rpki-client on console-fra.rpki-client.org