Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/03823730C31011ED8DD20D6BC4F9AE02.roa
File: 03823730C31011ED8DD20D6BC4F9AE02.roa (raw, json)
Hash identifier: 9QNiwz0y+rJgitZMGNlp0x9K5u58+6OocSX9yQ0qxQM=
Subject key identifier: 81:7E:7E:59:E6:11:4B:78:33:DB:03:E3:E3:64:59:22:E0:25:7D:99
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6EE3
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/03823730C31011ED8DD20D6BC4F9AE02.roa
Signing time: Wed 10 May 2023 16:36:10 +0000
ROA not before: Wed 10 May 2023 16:36:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 141555
IP address blocks: 103.152.158.0/24 maxlen: 24
103.163.148.0/23 maxlen: 24
2001:df1:3bc0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28387 (0x6ee3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:36:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc7fa-6288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:74:f5:d3:35:97:ba:bb:58:39:af:e3:10:22:
9e:e3:8f:df:3e:99:c5:77:8a:09:77:0b:fa:7e:f9:
4e:02:96:99:a8:64:02:f6:d7:8d:ab:f6:47:bc:f6:
15:52:6d:ff:ac:67:9c:e6:3a:d4:64:f7:33:87:ca:
0f:ec:3d:e3:c3:67:8c:28:f8:3e:f2:96:bb:23:48:
66:00:4b:86:01:5b:86:98:15:73:6c:4b:d4:f0:76:
9a:64:fc:c9:09:90:53:07:2c:f5:30:67:e8:21:63:
2c:a6:d5:9a:a8:3a:46:8b:b4:c7:d7:f7:e4:3d:db:
7e:7e:7b:cc:f1:84:70:84:9e:8c:be:25:d1:75:c8:
20:51:b2:b1:30:3d:b2:38:73:d0:cc:74:4d:e0:ee:
b4:4a:ee:40:e5:cc:88:8f:98:bc:e7:c3:ee:f7:35:
10:dc:00:76:d1:63:61:35:15:6e:88:1f:07:c1:9d:
e0:cb:3f:fe:79:00:bc:51:0f:cb:0f:bb:85:5b:4f:
25:a4:71:b9:23:7e:64:42:3f:0c:ab:62:70:9c:74:
d7:f2:d2:3b:24:03:a1:de:46:bf:d0:96:e9:a1:c6:
69:68:95:14:2a:d2:6a:fc:dc:d5:04:99:9b:cb:30:
6d:bc:05:fe:ea:19:f0:7f:f8:ff:70:be:fd:2b:85:
3a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:7E:7E:59:E6:11:4B:78:33:DB:03:E3:E3:64:59:22:E0:25:7D:99
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/03823730C31011ED8DD20D6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.158.0/24
103.163.148.0/23
IPv6:
2001:df1:3bc0::/48
Signature Algorithm: sha256WithRSAEncryption
14:17:41:49:60:7e:4d:4d:36:e2:c9:61:95:dc:ac:a0:a9:64:
f4:8a:76:51:99:06:2d:b4:d1:79:ca:0d:c3:5f:cd:39:c7:a7:
62:ca:0a:f9:89:10:67:e9:3c:ce:c0:2c:47:12:b8:83:8a:bb:
9c:4b:0a:4a:da:94:93:2d:51:81:6a:05:22:0d:a2:c5:07:1a:
42:fe:75:1c:0c:cb:67:64:10:26:f1:89:6e:2c:00:47:21:b8:
ee:d5:98:98:ea:48:77:d7:89:35:45:69:37:b0:12:51:69:d1:
1f:14:60:f7:93:52:16:14:8f:b7:87:19:65:9c:2f:f0:66:57:
a0:41:a7:3b:09:0d:ec:95:52:74:ef:f2:6a:83:e9:53:93:36:
b8:26:0d:41:eb:52:58:ee:21:b7:0b:b0:e9:64:04:fd:d5:f9:
03:26:48:fe:8b:6e:9b:58:73:96:c3:e9:1a:ee:5d:f0:11:75:
1b:10:27:72:d8:89:02:30:e4:05:f3:13:c9:14:24:a2:8c:4f:
b4:19:c7:9c:55:df:7d:c8:c4:dd:3c:6f:e0:af:1b:23:3c:89:
48:d8:3d:9e:0a:17:f1:50:a4:f0:f7:87:c1:02:bd:23:03:87:
31:af:11:a0:5d:fc:1f:12:4b:28:99:75:c4:e6:a7:85:58:6a:
f4:89:36:f0
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICbuMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYzNjEwWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzdmYS02Mjg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA73T10zWXurtYOa/jECKe44/fPpnFd4oJdwv6fvlOApaZqGQC9teNq/ZHvPYV
Um3/rGec5jrUZPczh8oP7D3jw2eMKPg+8pa7I0hmAEuGAVuGmBVzbEvU8HaaZPzJ
CZBTByz1MGfoIWMsptWaqDpGi7TH1/fkPdt+fnvM8YRwhJ6MviXRdcggUbKxMD2y
OHPQzHRN4O60Su5A5cyIj5i858Pu9zUQ3AB20WNhNRVuiB8HwZ3gyz/+eQC8UQ/L
D7uFW08lpHG5I35kQj8Mq2JwnHTX8tI7JAOh3ka/0JbpocZpaJUUKtJq/NzVBJmb
yzBtvAX+6hnwf/j/cL79K4U6EwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFIF+flnm
EUt4M9sD4+NkWSLgJX2ZMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMDM4MjM3MzBD
MzEwMTFFRDhERDIwRDZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABnmJ4DBAFno5QwDwQCAAIwCQMHACABDfE7wDANBgkqhkiG
9w0BAQsFAAOCAQEAFBdBSWB+TU024slhldysoKlk9Ip2UZkGLbTRecoNw1/NOcen
YsoK+YkQZ+k8zsAsRxK4g4q7nEsKStqUky1RgWoFIg2ixQcaQv51HAzLZ2QQJvGJ
biwARyG47tWYmOpId9eJNUVpN7ASUWnRHxRg95NSFhSPt4cZZZwv8GZXoEGnOwkN
7JVSdO/yaoPpU5M2uCYNQetSWO4htwuw6WQE/dX5AyZI/otum1hzlsPpGu5d8BF1
GxAnctiJAjDkBfMTyRQkooxPtBnHnFXffcjE3Txv4K8bIzyJSNg9ngoX8VCk8PeH
wQK9IwOHMa8RoF38HxJLKJl1xOanhVhq9Ik28A==
-----END CERTIFICATE-----
Generated at Thu Nov 30 10:36:36 2023 by rpki-client on console-ams.rpki-client.org