Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/04A674544B6211EC92C7DA57C4F9AE02.roa
File: 04A674544B6211EC92C7DA57C4F9AE02.roa (raw, json)
Hash identifier: P1hMK9pSc3FyuavdAJIoNOQikl6kIgK1TrSMO0iJ2CU=
Subject key identifier: A0:44:8F:D6:92:5D:32:4F:91:72:B4:90:71:01:B0:98:83:94:5C:D8
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7000
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/04A674544B6211EC92C7DA57C4F9AE02.roa
Signing time: Wed 10 May 2023 16:41:29 +0000
ROA not before: Wed 10 May 2023 16:41:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147256
IP address blocks: 103.84.106.0/23 maxlen: 24
103.176.162.0/23 maxlen: 24
2001:df0:11c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28672 (0x7000)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:41:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc939-ec97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:e5:2a:0e:e6:92:7c:0b:fa:df:e8:ab:07:23:
c4:bf:4d:66:01:b3:2b:5f:04:b2:c7:d5:a0:12:29:
64:11:86:68:ac:4d:99:e3:b6:50:14:44:ea:2b:73:
ba:2c:3b:c2:f2:44:f8:86:8c:2d:85:03:d1:65:91:
ce:47:9a:fd:b1:2b:67:d7:2e:86:7c:92:01:c0:82:
88:19:d1:eb:3c:59:37:f5:ea:ac:3d:8d:eb:59:a1:
c3:b9:6b:1e:6f:e7:7f:c0:b5:07:44:6a:4a:f1:8a:
67:40:14:b4:22:10:68:6d:cb:e9:05:96:37:49:dc:
47:56:fa:17:ee:0c:83:9b:06:74:b0:44:04:55:cb:
fa:02:f5:9c:1e:2f:87:d9:80:1b:43:ed:83:4b:fc:
02:39:80:18:36:0d:ab:07:2c:47:6e:76:8b:71:e9:
c1:42:75:61:c6:8f:71:c4:3a:76:49:b2:1f:9a:20:
e6:ad:13:9f:30:bd:33:21:d4:f4:71:95:61:66:92:
2f:58:a1:30:cb:66:f0:95:07:b5:6b:7b:db:1b:e0:
38:e1:35:be:bc:e5:b9:49:fc:23:ef:61:8c:a0:73:
68:80:9b:42:98:24:43:0d:d1:d0:1e:7c:b7:fe:09:
31:88:39:b8:81:16:5d:e4:dd:05:e1:84:c1:69:27:
f7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:44:8F:D6:92:5D:32:4F:91:72:B4:90:71:01:B0:98:83:94:5C:D8
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/04A674544B6211EC92C7DA57C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.84.106.0/23
103.176.162.0/23
IPv6:
2001:df0:11c0::/48
Signature Algorithm: sha256WithRSAEncryption
2e:19:35:6d:af:ca:08:60:d4:2f:28:1f:98:16:cd:e8:ac:91:
9f:21:e3:47:9c:2a:69:38:39:4b:a7:dd:3d:6a:e0:7f:8a:00:
59:18:21:e6:54:d7:91:8b:81:5f:67:2d:a8:0f:d1:f2:6d:6b:
d5:ce:64:e0:67:b0:53:26:fd:43:d7:83:6d:0d:1c:88:2b:56:
03:9a:fe:13:4d:e2:87:9f:fa:1a:32:d1:6c:b1:0f:d1:5e:b7:
68:ea:0d:80:43:21:ea:ce:e7:d5:d3:3d:98:a3:2f:02:a0:49:
4a:10:2d:4b:92:74:4a:eb:5f:79:d0:19:ee:d6:d0:13:d1:03:
a3:eb:c9:d1:db:35:b5:2d:75:8e:64:25:bf:bc:6a:e7:ef:aa:
45:a5:18:eb:bc:96:a1:04:ff:3e:f3:34:29:8f:ad:b4:5f:62:
45:62:67:49:0a:39:03:64:31:86:dc:91:60:83:ce:d6:fe:e9:
60:02:27:b4:cf:2e:79:d1:ce:1f:48:d0:c3:8f:e8:1d:16:22:
c9:a5:19:84:2f:af:a1:20:56:f3:b1:ab:f4:09:ad:08:4c:a3:
fe:6f:30:0e:d7:9b:ff:47:55:6a:b8:1f:a3:ed:13:d2:07:e9:
52:42:31:57:be:54:f3:81:ad:61:95:0b:d7:d9:f1:f6:24:3a:
41:9a:06:d9
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICcAAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTY0MTI5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzkzOS1lYzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5uUqDuaSfAv63+irByPEv01mAbMrXwSyx9WgEilkEYZorE2Z47ZQFETqK3O6
LDvC8kT4howthQPRZZHOR5r9sStn1y6GfJIBwIKIGdHrPFk39eqsPY3rWaHDuWse
b+d/wLUHRGpK8YpnQBS0IhBobcvpBZY3SdxHVvoX7gyDmwZ0sEQEVcv6AvWcHi+H
2YAbQ+2DS/wCOYAYNg2rByxHbnaLcenBQnVhxo9xxDp2SbIfmiDmrROfML0zIdT0
cZVhZpIvWKEwy2bwlQe1a3vbG+A44TW+vOW5Sfwj72GMoHNogJtCmCRDDdHQHny3
/gkxiDm4gRZd5N0F4YTBaSf3aQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFKBEj9aS
XTJPkXK0kHEBsJiDlFzYMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMDRBNjc0NTQ0
QjYyMTFFQzkyQzdEQTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAFnVGoDBAFnsKIwDwQCAAIwCQMHACABDfARwDANBgkqhkiG
9w0BAQsFAAOCAQEALhk1ba/KCGDULygfmBbN6KyRnyHjR5wqaTg5S6fdPWrgf4oA
WRgh5lTXkYuBX2ctqA/R8m1r1c5k4GewUyb9Q9eDbQ0ciCtWA5r+E03ih5/6GjLR
bLEP0V63aOoNgEMh6s7n1dM9mKMvAqBJShAtS5J0SutfedAZ7tbQE9EDo+vJ0ds1
tS11jmQlv7xq5++qRaUY67yWoQT/PvM0KY+ttF9iRWJnSQo5A2QxhtyRYIPO1v7p
YAIntM8uedHOH0jQw4/oHRYiyaUZhC+voSBW87Gr9AmtCEyj/m8wDteb/0dVargf
o+0T0gfpUkIxV75U84GtYZUL19nx9iQ6QZoG2Q==
-----END CERTIFICATE-----
Generated at Wed Aug 2 09:25:17 2023 by rpki-client on console-fra.rpki-client.org