Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F0D04BC2D76E11ED9B44A011C4F9AE02.roa
File: F0D04BC2D76E11ED9B44A011C4F9AE02.roa (raw, json)
Hash identifier: 5Ng4qdRc+/k1dyrU437z0TVCbugge6J8Yqfw18jc7VY=
Subject key identifier: 74:5E:A9:EA:B1:1D:17:B5:17:E6:B4:21:30:AF:D2:4E:21:7B:B2:39
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 713B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F0D04BC2D76E11ED9B44A011C4F9AE02.roa
Signing time: Wed 10 May 2023 16:47:14 +0000
ROA not before: Wed 10 May 2023 16:47:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150656
IP address blocks: 103.79.48.0/23 maxlen: 24
2001:df1:e540::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 Feb 2024 06:27:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28987 (0x713b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:47:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bca92-2fa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:74:18:65:53:db:49:6d:58:c1:6a:27:ac:dd:
5e:f8:37:31:17:91:f9:a1:6c:96:2e:b6:e0:e7:dc:
7e:83:d5:e4:94:b0:6d:fb:2d:87:d1:1d:40:af:57:
0a:80:31:56:ab:ca:ab:dd:02:f3:38:20:8c:c1:2e:
58:09:f7:6a:08:80:90:f8:8a:a0:27:6c:48:41:58:
42:da:15:5c:13:28:cb:37:ba:7a:d9:01:ad:42:29:
9e:71:fd:21:1f:ad:e2:91:c2:15:6d:6a:22:e9:c5:
fb:2e:3b:c6:04:12:90:4f:60:d5:29:3c:ec:81:e7:
96:fa:5e:48:98:be:f4:8a:45:be:9e:dc:d1:7b:16:
b1:59:e4:20:8b:6d:b8:fd:9c:56:ac:c4:46:98:04:
6f:68:3c:44:a2:ad:be:0a:1a:a3:d1:8f:25:61:42:
3d:f1:c6:30:e8:c6:9c:77:f4:7d:b0:ee:30:b1:4c:
0a:9e:a8:73:2c:42:b3:f3:6c:4a:7b:e8:75:2b:fd:
26:db:da:22:14:bc:79:67:9e:07:25:47:b8:75:70:
10:bb:01:b3:2d:ef:d6:43:26:f4:92:35:dc:19:16:
ac:bc:ae:d9:b8:9a:dc:ed:5e:f9:8b:bc:30:51:07:
cc:89:07:6a:07:79:ab:f3:3e:da:26:07:bd:bc:b6:
cc:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:5E:A9:EA:B1:1D:17:B5:17:E6:B4:21:30:AF:D2:4E:21:7B:B2:39
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F0D04BC2D76E11ED9B44A011C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.79.48.0/23
IPv6:
2001:df1:e540::/48
Signature Algorithm: sha256WithRSAEncryption
16:44:78:03:a6:af:63:7b:f3:98:cb:20:80:98:a5:e4:c9:90:
7d:af:75:c7:a2:9c:a2:41:8c:79:a2:54:06:9f:88:11:4f:5d:
57:b2:0a:e3:2e:e9:ac:1a:97:60:fc:59:4a:ce:37:38:76:b8:
58:ba:26:04:59:af:c2:62:68:f7:49:65:eb:85:74:53:80:e9:
67:13:fc:f0:c0:5b:51:88:68:19:ca:89:da:ce:96:43:3c:62:
04:a0:04:84:fd:22:3d:31:69:6c:6b:1a:b2:30:b9:21:1c:fc:
61:4c:52:b7:1d:79:f8:33:41:25:6c:f0:d2:0b:42:ab:e0:40:
77:72:2b:30:59:5b:d4:a3:62:66:73:f6:b9:7e:15:db:07:7f:
10:89:6a:25:fa:26:4a:a7:06:d6:34:50:f2:25:78:ac:9d:c8:
a9:f2:ca:b6:9b:d3:58:d9:65:4f:99:05:5f:24:93:25:45:39:
ff:44:9a:b2:40:4a:fc:c4:37:0a:de:17:cc:b2:e8:65:f9:a9:
06:9c:a5:ae:ca:87:65:4e:40:6d:c6:ea:fa:5e:65:4d:42:84:
06:1f:41:54:62:5f:3d:06:84:5b:86:11:0a:c1:2b:57:d6:91:
56:c3:e3:c3:ad:e7:b0:ce:88:ac:d4:4b:03:d6:27:69:8e:8d:
04:09:6d:2d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICcTswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTY0NzE0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViY2E5Mi0yZmE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyXQYZVPbSW1YwWonrN1e+DcxF5H5oWyWLrbg59x+g9XklLBt+y2H0R1Ar1cK
gDFWq8qr3QLzOCCMwS5YCfdqCICQ+IqgJ2xIQVhC2hVcEyjLN7p62QGtQimecf0h
H63ikcIVbWoi6cX7LjvGBBKQT2DVKTzsgeeW+l5ImL70ikW+ntzRexaxWeQgi224
/ZxWrMRGmARvaDxEoq2+Chqj0Y8lYUI98cYw6Macd/R9sO4wsUwKnqhzLEKz82xK
e+h1K/0m29oiFLx5Z54HJUe4dXAQuwGzLe/WQyb0kjXcGRasvK7ZuJrc7V75i7ww
UQfMiQdqB3mr8z7aJge9vLbMeQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFHReqeqx
HRe1F+a0ITCv0k4he7I5MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRjBEMDRCQzJE
NzZFMTFFRDlCNDRBMDExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnTzAwDwQCAAIwCQMHACABDfHlQDANBgkqhkiG9w0BAQsF
AAOCAQEAFkR4A6avY3vzmMsggJil5MmQfa91x6KcokGMeaJUBp+IEU9dV7IK4y7p
rBqXYPxZSs43OHa4WLomBFmvwmJo90ll64V0U4DpZxP88MBbUYhoGcqJ2s6WQzxi
BKAEhP0iPTFpbGsasjC5IRz8YUxStx15+DNBJWzw0gtCq+BAd3IrMFlb1KNiZnP2
uX4V2wd/EIlqJfomSqcG1jRQ8iV4rJ3IqfLKtpvTWNllT5kFXySTJUU5/0SaskBK
/MQ3Ct4XzLLoZfmpBpylrsqHZU5Abcbq+l5lTUKEBh9BVGJfPQaEW4YRCsErV9aR
VsPjw63nsM6IrNRLA9YnaY6NBAltLQ==
-----END CERTIFICATE-----
Generated at Tue Feb 27 07:15:24 2024 by rpki-client on console-fra.rpki-client.org