Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172EF8/77F98C38DD8C11EABDF0E682C4F9AE02/443E334CDD8E11EA90A06285C4F9AE02.roa
File: 443E334CDD8E11EA90A06285C4F9AE02.roa (raw, json)
Hash identifier: dq3VMuyxSn9JfPYgGhR1jh9zjqHX+J88/oqHYiCFG+A=
Subject key identifier: 22:C5:6B:5D:F6:16:42:B4:DA:82:26:FE:E4:6E:46:E8:86:46:0F:77
Certificate issuer: /CN=A9172EF8/serialNumber=E8DDECEC16FE3485D5B61A65A61EECD75A981B43
Certificate serial: 079A
Authority key identifier: E8:DD:EC:EC:16:FE:34:85:D5:B6:1A:65:A6:1E:EC:D7:5A:98:1B:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6N3s7Bb-NIXVthplph7s11qYG0M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172EF8/77F98C38DD8C11EABDF0E682C4F9AE02/443E334CDD8E11EA90A06285C4F9AE02.roa
Signing time: Mon 28 Oct 2024 21:21:41 +0000
ROA not before: Mon 28 Oct 2024 21:21:41 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 140995
IP address blocks: 103.154.158.0/23 maxlen: 23
103.154.158.0/24 maxlen: 24
103.154.159.0/24 maxlen: 24
2001:df4:8f80::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 01 Nov 2024 15:24:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1946 (0x79a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172EF8/serialNumber=E8DDECEC16FE3485D5B61A65A61EECD75A981B43
Validity
Not Before: Oct 28 21:21:41 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67200065-bacf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c7:b4:a2:25:07:85:4c:6e:ba:49:74:2e:56:
2e:41:cd:cd:48:1a:5e:9d:4e:98:7d:29:0c:35:ea:
bf:8e:1f:4c:b2:92:c8:be:c7:24:05:e9:53:61:31:
63:6b:9c:60:60:3d:46:d4:f3:f0:ce:ed:3d:a6:3b:
45:e2:24:5f:a8:36:67:30:e5:b4:2c:ed:c3:05:7e:
15:4b:a2:3a:25:4f:3e:c4:55:eb:da:e2:a9:34:ad:
59:62:13:83:81:89:39:cf:95:7e:df:92:46:95:09:
9b:7b:f7:4b:dd:c0:b3:2f:74:fa:e3:f0:0d:4e:6e:
c1:c7:7b:84:ac:de:6d:d8:78:89:e1:16:cc:98:c6:
b7:11:38:c6:2f:15:43:21:11:24:a3:a5:1f:2a:98:
ec:39:0b:d3:f9:18:7b:f9:da:0c:f7:a1:42:b2:9c:
1d:40:24:b0:0e:fe:c8:ee:74:7b:d0:3f:d0:0c:c9:
aa:d7:ae:cd:eb:83:83:81:e3:55:8b:ce:14:ae:3b:
f0:60:6a:33:ae:43:01:db:99:2d:6d:a1:24:f4:05:
6e:c0:6f:63:fc:e7:67:7a:b1:1d:0f:b1:8b:74:01:
d5:95:2d:89:ea:b5:e5:66:b5:93:32:06:e9:38:d4:
a6:d2:21:c5:6c:86:78:99:46:fd:ca:ad:f9:34:1d:
6b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:C5:6B:5D:F6:16:42:B4:DA:82:26:FE:E4:6E:46:E8:86:46:0F:77
X509v3 Authority Key Identifier:
keyid:E8:DD:EC:EC:16:FE:34:85:D5:B6:1A:65:A6:1E:EC:D7:5A:98:1B:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172EF8/77F98C38DD8C11EABDF0E682C4F9AE02/6N3s7Bb-NIXVthplph7s11qYG0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6N3s7Bb-NIXVthplph7s11qYG0M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172EF8/77F98C38DD8C11EABDF0E682C4F9AE02/443E334CDD8E11EA90A06285C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.154.158.0/23
IPv6:
2001:df4:8f80::/48
Signature Algorithm: sha256WithRSAEncryption
3c:d0:08:2d:dc:20:32:f3:cc:9d:7d:0b:c4:3e:eb:8f:1d:4c:
8a:43:3a:8a:ab:38:f4:26:c6:f5:ca:ba:7c:f2:b6:36:c4:2b:
5f:94:f8:08:dc:90:a3:4d:65:b8:22:ca:5f:9c:3b:5b:c3:3b:
77:63:9d:7d:41:dc:68:14:28:32:01:38:aa:2f:4f:2d:f8:af:
3a:81:e8:5a:40:a7:8c:f5:19:1e:32:67:7c:9d:3a:cb:9a:e3:
14:cf:de:a4:fc:55:29:f6:d8:35:3a:c3:a7:15:f1:ee:48:c1:
5d:7a:3c:a6:46:34:5c:63:80:98:4c:9a:c5:b5:3a:f7:17:0f:
2f:1d:94:d1:f6:af:a6:78:1a:da:cf:b8:72:25:52:f6:38:08:
d8:69:c5:e7:99:80:4f:5f:65:9c:d7:b3:77:96:84:38:51:b1:
b2:51:26:f9:16:83:9d:89:d5:fc:88:75:96:d0:bc:d1:cc:e5:
82:4d:09:cf:c3:4b:d0:64:2b:d6:b0:bb:ad:59:fa:ba:b2:6a:
d6:9d:ff:dc:5e:1e:cf:86:9e:0c:30:1d:a9:72:ea:c9:43:40:
17:ae:6a:bb:09:6c:ed:9d:f8:e0:2a:ba:0f:a3:7e:e9:9c:45:
cb:cf:30:e5:0a:fd:bf:8f:95:fd:eb:cf:16:0a:52:e5:10:55:
32:51:d8:6d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICB5owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzJFRjgxMTAvBgNVBAUTKEU4RERFQ0VDMTZGRTM0ODVENUI2MUE2NUE2MUVFQ0Q3
NUE5ODFCNDMwHhcNMjQxMDI4MjEyMTQxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzIwMDA2NS1iYWNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtce0oiUHhUxuukl0LlYuQc3NSBpenU6YfSkMNeq/jh9MspLIvsckBelTYTFj
a5xgYD1G1PPwzu09pjtF4iRfqDZnMOW0LO3DBX4VS6I6JU8+xFXr2uKpNK1ZYhOD
gYk5z5V+35JGlQmbe/dL3cCzL3T64/ANTm7Bx3uErN5t2HiJ4RbMmMa3ETjGLxVD
IREko6UfKpjsOQvT+Rh7+doM96FCspwdQCSwDv7I7nR70D/QDMmq167N64ODgeNV
i84UrjvwYGozrkMB25ktbaEk9AVuwG9j/OdnerEdD7GLdAHVlS2J6rXlZrWTMgbp
ONSm0iHFbIZ4mUb9yq35NB1rkQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFCLFa132
FkK02oIm/uRuRuiGRg93MB8GA1UdIwQYMBaAFOjd7OwW/jSF1bYaZaYe7NdamBtD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MkVGOC83N0Y5OEMzOERE
OEMxMUVBQkRGMEU2ODJDNEY5QUUwMi82TjNzN0JiLU5JWFZ0aHBscGg3czExcVlH
ME0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZOM3M3QmItTklYVnRocGxwaDdzMTFxWUcwTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzJFRjgvNzdGOThDMzhERDhDMTFFQUJERjBFNjgyQzRGOUFFMDIvNDQzRTMzNENE
RDhFMTFFQTkwQTA2Mjg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnmp4wDwQCAAIwCQMHACABDfSPgDANBgkqhkiG9w0BAQsF
AAOCAQEAPNAILdwgMvPMnX0LxD7rjx1MikM6iqs49CbG9cq6fPK2NsQrX5T4CNyQ
o01luCLKX5w7W8M7d2OdfUHcaBQoMgE4qi9PLfivOoHoWkCnjPUZHjJnfJ06y5rj
FM/epPxVKfbYNTrDpxXx7kjBXXo8pkY0XGOAmEyaxbU69xcPLx2U0favpnga2s+4
ciVS9jgI2GnF55mAT19lnNezd5aEOFGxslEm+RaDnYnV/Ih1ltC80czlgk0Jz8NL
0GQr1rC7rVn6urJq1p3/3F4ez4aeDDAdqXLqyUNAF65quwls7Z344Cq6D6N+6ZxF
y88w5Qr9v4+V/evPFgpS5RBVMlHYbQ==
-----END CERTIFICATE-----
Generated at Fri Nov 1 17:59:44 2024 by rpki-client on console-fra.rpki-client.org