Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/793CB16AAA0211EE81A35332C4F9AE02.roa
File: 793CB16AAA0211EE81A35332C4F9AE02.roa (raw, json)
Hash identifier: qMx/sjkYf2HQjNG9kqk9mpgJCDXcn4B9ABKqhcl2co4=
Subject key identifier: 02:FA:8B:D5:74:2D:92:14:D8:E2:7E:9D:9A:37:38:EF:87:A0:A4:35
Certificate issuer: /CN=A91EAAF5/serialNumber=4584AEA2394C46D6934E63ED6887D4726FDF7A13
Certificate serial: 0345
Authority key identifier: 45:84:AE:A2:39:4C:46:D6:93:4E:63:ED:68:87:D4:72:6F:DF:7A:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RYSuojlMRtaTTmPtaIfUcm_fehM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/793CB16AAA0211EE81A35332C4F9AE02.roa
Signing time: Sat 03 Feb 2024 02:35:11 +0000
ROA not before: Sat 03 Feb 2024 02:35:11 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 16509
IP address blocks: 103.179.36.0/24 maxlen: 24
2001:df0:45c4::/46 maxlen: 48
2001:df0:45c8::/45 maxlen: 48
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:12:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 837 (0x345)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAAF5/serialNumber=4584AEA2394C46D6934E63ED6887D4726FDF7A13
Validity
Not Before: Feb 3 02:35:11 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65bda65e-496d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:88:f9:5b:49:3c:1d:d2:eb:4b:3f:b4:b2:7f:
4c:de:ac:91:5b:2e:72:24:0e:bb:aa:d2:92:b7:f7:
aa:23:8c:5a:a9:ab:e4:dc:66:f4:4f:fd:01:2c:00:
23:a0:29:1d:40:a9:68:f8:f3:56:95:13:3a:eb:5f:
77:68:09:1a:72:ad:79:05:f4:55:f6:0e:a6:e0:7d:
ae:97:3e:c5:28:b5:44:18:42:64:a3:3b:1f:bf:fa:
d0:8b:8a:59:1a:51:01:78:b1:cb:72:70:7b:f8:08:
85:43:eb:25:4b:18:a2:57:51:b1:54:85:07:79:f4:
db:d7:f9:3a:63:50:20:dd:8f:ba:bc:20:fe:77:7c:
d0:a2:40:38:a7:3c:67:bc:fd:32:53:2d:6a:36:86:
26:b3:a3:d7:c9:b9:9b:50:f1:31:3f:96:4a:89:8e:
20:2d:8b:1f:e6:77:2d:71:6b:0f:3a:3b:1c:2e:57:
93:5b:ce:f4:2c:da:5a:1b:98:a7:9f:04:1f:22:12:
85:4c:92:d3:01:8f:3b:1f:51:84:d9:0b:f0:5c:52:
4b:0c:f8:ef:78:9c:45:f8:65:c7:02:cf:4c:0e:72:
4a:9a:10:7b:a8:85:4d:c0:c0:a6:04:9f:39:73:6d:
c7:02:c3:ad:76:14:c4:79:4b:92:0f:f0:cb:63:4f:
93:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:FA:8B:D5:74:2D:92:14:D8:E2:7E:9D:9A:37:38:EF:87:A0:A4:35
X509v3 Authority Key Identifier:
keyid:45:84:AE:A2:39:4C:46:D6:93:4E:63:ED:68:87:D4:72:6F:DF:7A:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/RYSuojlMRtaTTmPtaIfUcm_fehM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RYSuojlMRtaTTmPtaIfUcm_fehM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/793CB16AAA0211EE81A35332C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.36.0/24
IPv6:
2001:df0:45c4::-2001:df0:45cf:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
54:c7:29:36:fd:cc:d3:2f:4f:06:2c:96:be:5b:62:67:3e:1d:
7c:0a:64:ac:eb:90:1d:a7:40:97:55:e4:4d:26:b8:47:a9:0a:
1b:6e:b3:93:92:a3:05:b8:d2:30:d4:ff:30:ea:f2:2d:51:06:
d5:2d:ce:f5:24:e1:5c:19:57:55:55:1a:5f:da:2b:2a:1d:53:
b6:38:a4:09:da:7a:06:18:a3:88:5d:85:92:af:44:f3:13:41:
47:b3:a1:62:a4:07:0c:2d:44:3e:16:52:7f:4b:69:6d:59:4d:
b1:fb:27:2b:0b:c2:e4:79:3b:ff:cc:cd:33:a5:2d:7a:db:1b:
f4:95:47:81:f6:e1:59:c6:fe:87:9a:f9:3b:2e:bd:42:bd:97:
3c:45:86:2a:18:a0:45:63:7e:4f:3d:47:c9:53:a4:b8:ce:d6:
98:39:d7:a8:f2:de:81:96:69:a8:c1:77:bc:72:dd:6b:09:c4:
fc:72:5a:f9:6a:d7:83:08:d9:49:bd:19:3a:55:ab:fd:1a:85:
73:f9:4b:e7:80:6d:a9:96:54:f9:39:60:86:6b:f6:f7:61:32:
88:01:4c:11:59:76:74:30:11:8c:00:47:f6:1b:9d:2e:4e:6f:
14:d8:10:73:97:63:da:04:65:03:f6:60:b9:61:25:1b:77:bb:
05:d5:1d:1f
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICA0UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFBRjUxMTAvBgNVBAUTKDQ1ODRBRUEyMzk0QzQ2RDY5MzRFNjNFRDY4ODdENDcy
NkZERjdBMTMwHhcNMjQwMjAzMDIzNTExWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWJkYTY1ZS00OTZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyoj5W0k8HdLrSz+0sn9M3qyRWy5yJA67qtKSt/eqI4xaqavk3Gb0T/0BLAAj
oCkdQKlo+PNWlRM66193aAkacq15BfRV9g6m4H2ulz7FKLVEGEJkozsfv/rQi4pZ
GlEBeLHLcnB7+AiFQ+slSxiiV1GxVIUHefTb1/k6Y1Ag3Y+6vCD+d3zQokA4pzxn
vP0yUy1qNoYms6PXybmbUPExP5ZKiY4gLYsf5nctcWsPOjscLleTW870LNpaG5in
nwQfIhKFTJLTAY87H1GE2QvwXFJLDPjveJxF+GXHAs9MDnJKmhB7qIVNwMCmBJ85
c23HAsOtdhTEeUuSD/DLY0+TUwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFAL6i9V0
LZIU2OJ+nZo3OO+HoKQ1MB8GA1UdIwQYMBaAFEWErqI5TEbWk05j7WiH1HJv33oT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUFGNS9FOTlGNTIzQTZF
QzQxMUVDQUZEMjczMzFDNEY5QUUwMi9SWVN1b2psTVJ0YVRUbVB0YUlmVWNtX2Zl
aE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JZU3VvamxNUnRhVFRtUHRhSWZVY21fZmVoTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFBRjUvRTk5RjUyM0E2RUM0MTFFQ0FGRDI3MzMxQzRGOUFFMDIvNzkzQ0IxNkFB
QTAyMTFFRTgxQTM1MzMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMAwEAgABMAYDBABnsyQwGgQCAAIwFDASAwcCIAEN8EXEAwcEIAEN8EXAMA0G
CSqGSIb3DQEBCwUAA4IBAQBUxyk2/czTL08GLJa+W2JnPh18CmSs65Adp0CXVeRN
JrhHqQobbrOTkqMFuNIw1P8w6vItUQbVLc71JOFcGVdVVRpf2isqHVO2OKQJ2noG
GKOIXYWSr0TzE0FHs6FipAcMLUQ+FlJ/S2ltWU2x+ycrC8LkeTv/zM0zpS162xv0
lUeB9uFZxv6Hmvk7Lr1CvZc8RYYqGKBFY35PPUfJU6S4ztaYOdeo8t6BlmmowXe8
ct1rCcT8clr5ateDCNlJvRk6Vav9GoVz+UvngG2pllT5OWCGa/b3YTKIAUwRWXZ0
MBGMAEf2G50uTm8U2BBzl2PaBGUD9mC5YSUbd7sF1R0f
-----END CERTIFICATE-----
Generated at Fri Feb 23 13:40:45 2024 by rpki-client on console-fra.rpki-client.org