Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919C19A/24AB2C3E4F8D11EC8157125FC4F9AE02/F8501EF612F511EDA9E7C939C4F9AE02.roa
File: F8501EF612F511EDA9E7C939C4F9AE02.roa (raw, json)
Hash identifier: xVgMpcLrf8vyqdsuRKWDL1O5n+UmIfLq0DuIOjSPbOc=
Subject key identifier: C7:E6:35:9C:10:4E:F5:F4:06:1D:95:94:FA:7E:E1:2A:6B:3B:A7:F9
Certificate issuer: /CN=A919C19A/serialNumber=D89CFF6D7D9551AE704D93E97553616C8DB13F5E
Certificate serial: 02A8
Authority key identifier: D8:9C:FF:6D:7D:95:51:AE:70:4D:93:E9:75:53:61:6C:8D:B1:3F:5E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2Jz_bX2VUa5wTZPpdVNhbI2xP14.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919C19A/24AB2C3E4F8D11EC8157125FC4F9AE02/F8501EF612F511EDA9E7C939C4F9AE02.roa
Signing time: Sun 15 Jan 2023 03:52:59 +0000
ROA not before: Sun 15 Jan 2023 03:52:59 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 141731
IP address blocks: 103.159.126.0/23 maxlen: 23
103.159.126.0/24 maxlen: 24
103.159.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 14:16:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 680 (0x2a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919C19A/serialNumber=D89CFF6D7D9551AE704D93E97553616C8DB13F5E
Validity
Not Before: Jan 15 03:52:59 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63c3789a-77aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7b:d7:3b:f5:cf:cb:e6:e2:c4:a0:a3:20:f5:
c7:e6:04:1c:69:8d:00:c6:a9:97:d3:c6:73:72:0e:
ff:30:7a:29:65:7a:9a:94:83:82:cc:84:59:33:00:
bd:27:e7:a0:b6:05:50:b2:eb:9f:9e:85:fc:09:c4:
2c:63:3e:94:46:27:44:d6:d4:eb:cb:7a:ff:4d:6b:
9c:84:c1:51:6e:4a:06:04:c5:2f:6f:10:3f:48:7a:
20:bb:74:25:a3:d9:e4:49:de:6c:77:f9:d8:1d:99:
d6:9d:12:7a:c7:57:cd:35:38:67:3c:43:52:ef:2f:
25:98:6f:fe:3c:eb:6f:f4:14:6c:33:a8:9c:f7:d2:
42:e1:b4:4d:ab:51:e9:5c:da:13:cf:22:3c:4d:01:
86:1e:11:5f:f9:c1:18:22:14:43:05:3d:c1:03:e5:
71:fe:8b:f2:cf:9d:ae:76:bd:cc:93:6a:e5:57:af:
42:cf:05:50:38:2d:70:08:6f:fe:2e:a9:0d:46:f3:
e0:d6:e5:c2:94:28:88:19:7f:a0:bc:20:71:2e:9a:
a1:32:c6:7a:52:a7:e3:95:3d:8b:e8:de:5c:83:30:
41:e5:6d:b9:3b:6e:6e:c7:a1:3f:ac:df:3e:bb:bc:
e3:dc:7d:5e:6c:6c:03:4a:4b:d9:91:2f:ef:e0:ca:
d2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:E6:35:9C:10:4E:F5:F4:06:1D:95:94:FA:7E:E1:2A:6B:3B:A7:F9
X509v3 Authority Key Identifier:
keyid:D8:9C:FF:6D:7D:95:51:AE:70:4D:93:E9:75:53:61:6C:8D:B1:3F:5E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919C19A/24AB2C3E4F8D11EC8157125FC4F9AE02/2Jz_bX2VUa5wTZPpdVNhbI2xP14.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2Jz_bX2VUa5wTZPpdVNhbI2xP14.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C19A/24AB2C3E4F8D11EC8157125FC4F9AE02/F8501EF612F511EDA9E7C939C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.126.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:cf:0c:ef:b6:d9:be:c1:78:5c:e9:02:11:95:da:71:76:28:
29:16:43:34:cf:e0:f9:a0:cf:e0:a8:0e:e6:7d:9e:cd:3c:e9:
28:d4:10:f4:8e:7e:57:71:f4:bb:d7:ca:c0:bf:01:f9:01:e0:
da:9f:6f:9e:75:8d:e2:0c:24:b6:5f:44:e3:8c:18:f9:c7:fb:
bd:78:28:6e:83:bb:1f:d7:7d:be:c7:a0:3a:e6:24:91:b9:88:
f6:20:13:65:19:bf:2d:53:dc:81:4f:18:9a:5c:cd:41:ef:f8:
2c:44:45:e8:03:ed:c2:b4:30:f0:57:e5:bb:97:c1:6a:cc:34:
9b:59:b0:76:de:21:02:db:79:86:55:13:5d:ab:17:e8:42:16:
0d:05:94:3b:f8:1d:a6:df:60:b6:6d:e8:fe:45:cb:3f:cf:ce:
e8:74:3d:89:ff:a2:97:c6:5a:d7:82:99:82:c6:d5:ea:a7:e9:
54:b8:a8:1d:e3:20:6f:63:cd:55:f7:bc:8b:90:43:93:7e:0e:
d6:26:b5:bc:b6:61:f0:43:f4:f0:50:33:af:99:43:52:08:15:
1f:25:30:86:51:a4:01:67:7d:bb:e0:cc:92:c4:f5:1f:5e:92:
31:c6:a9:45:9c:eb:25:21:42:c1:43:98:04:c1:aa:0f:9f:57:
85:c5:1f:9a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAqgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUMxOUExMTAvBgNVBAUTKEQ4OUNGRjZEN0Q5NTUxQUU3MDREOTNFOTc1NTM2MTZD
OERCMTNGNUUwHhcNMjMwMTE1MDM1MjU5WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2MzNzg5YS03N2FhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0XvXO/XPy+bixKCjIPXH5gQcaY0AxqmX08Zzcg7/MHopZXqalIOCzIRZMwC9
J+egtgVQsuufnoX8CcQsYz6URidE1tTry3r/TWuchMFRbkoGBMUvbxA/SHogu3Ql
o9nkSd5sd/nYHZnWnRJ6x1fNNThnPENS7y8lmG/+POtv9BRsM6ic99JC4bRNq1Hp
XNoTzyI8TQGGHhFf+cEYIhRDBT3BA+Vx/ovyz52udr3Mk2rlV69CzwVQOC1wCG/+
LqkNRvPg1uXClCiIGX+gvCBxLpqhMsZ6UqfjlT2L6N5cgzBB5W25O25ux6E/rN8+
u7zj3H1ebGwDSkvZkS/v4MrSGQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMfmNZwQ
TvX0Bh2VlPp+4SprO6f5MB8GA1UdIwQYMBaAFNic/219lVGucE2T6XVTYWyNsT9e
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzE5QS8yNEFCMkMzRTRG
OEQxMUVDODE1NzEyNUZDNEY5QUUwMi8ySnpfYlgyVlVhNXdUWlBwZFZOaGJJMnhQ
MTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJKel9iWDJWVWE1d1RaUHBkVk5oYkkyeFAxNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUMxOUEvMjRBQjJDM0U0RjhEMTFFQzgxNTcxMjVGQzRGOUFFMDIvRjg1MDFFRjYx
MkY1MTFFREE5RTdDOTM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnn34wDQYJKoZIhvcNAQELBQADggEBAKXPDO+22b7BeFzp
AhGV2nF2KCkWQzTP4Pmgz+CoDuZ9ns086SjUEPSOfldx9LvXysC/AfkB4Nqfb551
jeIMJLZfROOMGPnH+714KG6Dux/Xfb7HoDrmJJG5iPYgE2UZvy1T3IFPGJpczUHv
+CxERegD7cK0MPBX5buXwWrMNJtZsHbeIQLbeYZVE12rF+hCFg0FlDv4HabfYLZt
6P5Fyz/Pzuh0PYn/opfGWteCmYLG1eqn6VS4qB3jIG9jzVX3vIuQQ5N+DtYmtby2
YfBD9PBQM6+ZQ1IIFR8lMIZRpAFnfbvgzJLE9R9ekjHGqUWc6yUhQsFDmATBqg+f
V4XFH5o=
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:58:03 2024 by rpki-client on console.sobornost.net