Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/858F05F4E59911ED960FB828C4F9AE02.roa
File: 858F05F4E59911ED960FB828C4F9AE02.roa (raw, json)
Hash identifier: 2PgQbMrLrEcMKpHJfXduYGc6tOI8pZZeBOguxoeRQPE=
Subject key identifier: C2:0C:38:7D:0F:95:D2:9E:99:87:0E:3D:BD:8B:FC:90:FB:61:6F:3F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6A7F
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/858F05F4E59911ED960FB828C4F9AE02.roa
Signing time: Wed 10 May 2023 16:15:05 +0000
ROA not before: Wed 10 May 2023 16:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133309
IP address blocks: 103.43.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 10:32:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27263 (0x6a7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc308-0766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:66:c2:f1:96:d1:70:e9:bd:a2:d8:c7:96:22:
30:b1:55:32:a0:d7:2f:03:31:07:e3:12:d7:1c:f3:
08:b0:88:40:d6:fd:8e:1d:56:eb:d9:9e:7c:18:6a:
f0:60:6a:2e:e3:d6:f1:9e:a6:ab:b6:e6:55:fd:07:
0a:26:d9:5a:21:00:05:30:84:43:8f:b6:7e:be:8b:
a6:56:ef:f3:70:01:a9:0e:87:7a:69:7b:a7:51:bb:
e9:25:b4:85:39:e3:b2:78:2b:5d:e5:ca:b9:3e:66:
49:51:d7:60:2f:0c:f3:e6:76:60:6b:00:83:18:0e:
2c:80:ec:e1:26:c8:b3:3c:39:cd:51:64:43:a6:27:
fd:b6:b3:82:15:79:c6:7c:65:d7:87:6b:81:94:4f:
94:74:a3:fb:aa:f4:be:80:56:aa:e2:d8:8d:8c:86:
d2:7d:51:65:1b:b1:9f:d8:85:51:d2:7b:bf:a7:67:
97:3f:ca:3a:41:61:2b:95:6a:2a:67:59:1d:c0:29:
8b:3e:2e:78:f7:fd:01:57:2c:d7:33:38:d3:f3:ff:
8c:c3:7f:29:a8:ce:84:77:76:0c:3a:ae:ee:fe:cd:
2c:d0:7e:38:66:c2:8f:8e:97:58:bb:98:24:79:ea:
38:9a:f9:67:7e:c7:c2:b3:b3:24:85:f0:53:98:81:
55:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:0C:38:7D:0F:95:D2:9E:99:87:0E:3D:BD:8B:FC:90:FB:61:6F:3F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/858F05F4E59911ED960FB828C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.43.36.0/24
Signature Algorithm: sha256WithRSAEncryption
30:d4:52:45:30:93:4c:43:c4:64:06:94:ef:43:4d:1d:e0:5e:
c1:0c:d8:d4:c4:3b:29:45:44:be:a5:5a:fc:80:a9:f9:f5:1b:
f1:d2:d4:5a:73:b4:0e:2f:29:07:36:ad:26:63:bf:2d:1d:a4:
28:1c:27:86:9b:a5:f3:45:37:26:25:90:89:a6:b1:8b:ab:94:
aa:0a:31:8c:8d:2c:b0:22:c5:80:fd:32:18:91:09:af:21:90:
55:c0:a6:27:55:86:5a:a8:d6:47:de:c4:26:7f:31:51:33:16:
8b:16:e2:b3:f3:e3:ff:58:11:c1:54:02:a3:a8:af:4d:f1:3a:
a8:71:17:f4:6a:72:09:82:94:62:c0:f4:51:b3:b5:1b:da:34:
99:91:1a:b1:47:a8:d3:c5:99:af:c0:fc:14:ad:fd:60:8a:fb:
9e:14:4b:4c:29:db:4b:49:f0:e9:a9:ec:23:8c:ee:c4:0a:a4:
13:2e:31:ce:b1:c4:7b:af:79:53:09:5d:25:1f:67:df:30:6e:
85:6b:7d:61:22:e9:9a:99:82:4c:d2:21:d7:9f:ad:50:0f:fe:
d1:55:aa:63:05:a8:01:fe:08:47:99:b9:30:84:82:b7:48:83:
47:e4:6d:71:09:ec:8b:85:83:cb:15:7e:d4:fd:05:46:7f:12:
b6:9e:92:db
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICan8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYxNTA1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzMwOC0wNzY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt2bC8ZbRcOm9otjHliIwsVUyoNcvAzEH4xLXHPMIsIhA1v2OHVbr2Z58GGrw
YGou49bxnqartuZV/QcKJtlaIQAFMIRDj7Z+voumVu/zcAGpDod6aXunUbvpJbSF
OeOyeCtd5cq5PmZJUddgLwzz5nZgawCDGA4sgOzhJsizPDnNUWRDpif9trOCFXnG
fGXXh2uBlE+UdKP7qvS+gFaq4tiNjIbSfVFlG7Gf2IVR0nu/p2eXP8o6QWErlWoq
Z1kdwCmLPi549/0BVyzXMzjT8/+Mw38pqM6Ed3YMOq7u/s0s0H44ZsKPjpdYu5gk
eeo4mvlnfsfCs7MkhfBTmIFVSQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMIMOH0P
ldKemYcOPb2L/JD7YW8/MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvODU4RjA1RjRF
NTk5MTFFRDk2MEZCODI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnKyQwDQYJKoZIhvcNAQELBQADggEBADDUUkUwk0xDxGQG
lO9DTR3gXsEM2NTEOylFRL6lWvyAqfn1G/HS1FpztA4vKQc2rSZjvy0dpCgcJ4ab
pfNFNyYlkImmsYurlKoKMYyNLLAixYD9MhiRCa8hkFXApidVhlqo1kfexCZ/MVEz
FosW4rPz4/9YEcFUAqOor03xOqhxF/RqcgmClGLA9FGztRvaNJmRGrFHqNPFma/A
/BSt/WCK+54US0wp20tJ8Omp7COM7sQKpBMuMc6xxHuveVMJXSUfZ98wboVrfWEi
6ZqZgkzSIdefrVAP/tFVqmMFqAH+CEeZuTCEgrdIg0fkbXEJ7IuFg8sVftT9BUZ/
Eraekts=
-----END CERTIFICATE-----
Generated at Wed Jan 31 14:51:06 2024 by rpki-client on console-fra.rpki-client.org