Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/B29B2C2C808F11ED965DB751C4F9AE02.roa
File: B29B2C2C808F11ED965DB751C4F9AE02.roa (raw, json)
Hash identifier: fQZRhWkSkeOoplza1YtCy2okXuYW+H3a6FXEsIskBKI=
Subject key identifier: BA:50:A4:18:C4:C9:16:74:74:46:30:E5:B7:B4:EC:06:1F:2B:89:FD
Certificate issuer: /CN=A918D0DE/serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A
Certificate serial: 0A3C
Authority key identifier: 93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/B29B2C2C808F11ED965DB751C4F9AE02.roa
Signing time: Fri 30 Dec 2022 12:58:16 +0000
ROA not before: Fri 30 Dec 2022 12:58:15 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 139052
IP address blocks: 103.139.18.0/23 maxlen: 24
2400:cd60::/32 maxlen: 32
2400:cd60:1000::/36 maxlen: 36
2400:cd60:2000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2620 (0xa3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918D0DE/serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A
Validity
Not Before: Dec 30 12:58:15 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63aee067-ad9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d1:e3:eb:6b:6e:b8:42:ed:f8:e5:3d:d5:82:
35:eb:40:f4:89:a5:0a:7a:51:3b:6a:02:c3:39:77:
67:5d:cb:6a:fb:0f:0e:45:53:bc:6e:93:b0:5a:d2:
d0:57:a2:b1:ca:db:31:f3:e7:45:a9:ac:13:4f:20:
ad:b8:d0:71:68:77:c0:62:41:13:3e:9e:93:da:22:
21:b3:5f:ad:50:a7:0f:5b:78:5c:52:56:ea:8e:6b:
b7:92:9a:93:9d:7f:57:bc:1a:3e:cb:7b:6f:25:58:
04:f0:67:4e:c9:a2:44:1d:de:58:d7:b8:f5:96:cd:
d9:f8:34:49:ea:94:37:66:2c:00:bb:a2:97:a2:1c:
38:76:eb:8f:42:6d:ff:11:c8:32:36:03:10:13:e8:
eb:5e:1f:ae:25:a2:65:5e:3e:ef:37:ab:9f:fd:60:
84:92:b5:2d:69:bb:d9:c7:25:a3:dd:b1:af:aa:0a:
fe:26:b5:2d:74:03:a6:6a:e7:d4:f2:fd:00:82:99:
8c:df:36:88:4f:6d:78:b6:fc:d6:ed:62:04:51:b2:
05:07:a9:8a:89:70:f2:2d:a4:7e:d0:a6:45:8e:30:
ce:3d:43:8f:40:6e:83:a4:7e:65:bb:59:5e:77:35:
56:53:60:b5:04:87:e7:d9:dd:73:1c:cd:9d:78:d9:
97:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:50:A4:18:C4:C9:16:74:74:46:30:E5:B7:B4:EC:06:1F:2B:89:FD
X509v3 Authority Key Identifier:
keyid:93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/B29B2C2C808F11ED965DB751C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.18.0/23
IPv6:
2400:cd60::/32
Signature Algorithm: sha256WithRSAEncryption
67:be:13:83:43:65:c2:e2:05:ab:8d:0a:b9:88:e3:68:9b:cb:
24:1e:9a:81:01:5b:d6:a3:e8:c6:f7:fc:8f:95:d0:37:e2:48:
b5:36:25:a8:dd:7c:7e:52:ea:1c:73:f8:09:9e:af:5d:f2:28:
61:40:42:1f:89:d4:60:4c:37:de:28:26:0e:0e:31:c5:61:a8:
e5:55:80:b9:4e:c2:90:64:8b:d2:c9:de:fc:2a:36:86:86:1d:
6d:05:93:f8:bc:12:30:f6:45:03:1c:9e:90:ec:99:f9:08:2b:
8d:e1:dd:15:f1:d4:33:25:4e:1f:87:61:b7:4f:ed:20:f2:15:
5c:9e:c1:1b:90:ec:92:a8:e1:46:78:ad:0a:f3:0e:c5:c3:e8:
0a:54:1c:92:dd:39:d4:1b:5a:10:60:b8:29:f1:17:43:53:fd:
d1:dc:c1:ef:3e:03:ad:87:be:58:3a:10:0e:cb:7b:de:dc:c0:
1a:03:40:9d:59:f8:d8:bb:24:4f:c6:07:91:45:db:86:3c:c6:
a2:51:f4:77:a2:a5:5d:b4:7a:57:ba:0f:62:69:05:86:22:b6:
2c:77:76:73:f0:b7:c7:40:02:06:ac:04:11:a8:17:0c:c6:c5:
aa:7e:e4:79:c4:5b:c0:1f:5d:fb:72:65:60:15:43:99:b0:03:
08:d4:c9:e5
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCjwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQwREUxMTAvBgNVBAUTKDkzM0M0Q0Q2RDg0MzVDMEY4QkUyRjUyMzQ3MjZENjYx
MEY3RURBM0EwHhcNMjIxMjMwMTI1ODE1WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2FlZTA2Ny1hZDljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4dHj62tuuELt+OU91YI160D0iaUKelE7agLDOXdnXctq+w8ORVO8bpOwWtLQ
V6Kxytsx8+dFqawTTyCtuNBxaHfAYkETPp6T2iIhs1+tUKcPW3hcUlbqjmu3kpqT
nX9XvBo+y3tvJVgE8GdOyaJEHd5Y17j1ls3Z+DRJ6pQ3ZiwAu6KXohw4duuPQm3/
EcgyNgMQE+jrXh+uJaJlXj7vN6uf/WCEkrUtabvZxyWj3bGvqgr+JrUtdAOmaufU
8v0AgpmM3zaIT214tvzW7WIEUbIFB6mKiXDyLaR+0KZFjjDOPUOPQG6DpH5lu1le
dzVWU2C1BIfn2d1zHM2deNmXEwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLpQpBjE
yRZ0dEYw5be07AYfK4n9MB8GA1UdIwQYMBaAFJM8TNbYQ1wPi+L1I0cm1mEPfto6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDBERS9EQTQ1RDQzMDE1
MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhBLUw0dlVqUnliV1lROS0y
am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2t6eE0xdGhEWEEtTDR2VWpSeWJXWVE5LTJqby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQwREUvREE0NUQ0MzAxNTI1MTFFQTgwREJGMDA5QzRGOUFFMDIvQjI5QjJDMkM4
MDhGMTFFRDk2NURCNzUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnixIwDQQCAAIwBwMFACQAzWAwDQYJKoZIhvcNAQELBQAD
ggEBAGe+E4NDZcLiBauNCrmI42ibyyQemoEBW9aj6Mb3/I+V0DfiSLU2JajdfH5S
6hxz+Amer13yKGFAQh+J1GBMN94oJg4OMcVhqOVVgLlOwpBki9LJ3vwqNoaGHW0F
k/i8EjD2RQMcnpDsmfkIK43h3RXx1DMlTh+HYbdP7SDyFVyewRuQ7JKo4UZ4rQrz
DsXD6ApUHJLdOdQbWhBguCnxF0NT/dHcwe8+A62Hvlg6EA7Le97cwBoDQJ1Z+Ni7
JE/GB5FF24Y8xqJR9HeipV20ele6D2JpBYYitix3dnPwt8dAAgasBBGoFwzGxap+
5HnEW8AfXftyZWAVQ5mwAwjUyeU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:50 2023 by rpki-client on console-fra.rpki-client.org