Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0B29B6DABF0911EDB7DFC875C4F9AE02.roa
File: 0B29B6DABF0911EDB7DFC875C4F9AE02.roa (raw, json)
Hash identifier: OwLehXVGd/doWaxPlliyvq0jEvWVn7TnEO6Kr6ji02U=
Subject key identifier: AA:D5:05:22:1D:6D:D0:9C:33:94:AD:AF:3B:A3:06:C1:17:8D:A4:B8
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7117
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0B29B6DABF0911EDB7DFC875C4F9AE02.roa
Signing time: Wed 10 May 2023 16:46:34 +0000
ROA not before: Wed 10 May 2023 16:46:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150604
IP address blocks: 103.181.85.0/24 maxlen: 24
103.182.58.0/24 maxlen: 24
103.182.59.0/24 maxlen: 24
103.187.92.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28951 (0x7117)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:46:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bca6a-c189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a3:b5:92:f8:2b:4b:2a:e9:3c:24:46:d7:64:
42:3c:ab:1f:c2:28:1d:d1:9a:5d:5b:75:20:18:e0:
b7:9d:27:75:f5:ab:3f:30:09:58:36:b3:87:0c:be:
c3:10:53:0d:63:53:18:53:d6:6c:8f:3e:57:68:6c:
52:6b:48:35:e6:f8:64:8e:e1:be:f0:09:c5:ea:d9:
5a:d8:38:96:68:94:c3:e0:9f:3b:e0:23:ca:48:35:
f1:2d:fe:02:95:df:6c:75:3c:e8:54:cf:e5:36:63:
82:ab:72:1e:ab:31:d3:8a:19:47:49:9e:9c:0e:0c:
9a:c9:bb:64:8c:b5:df:61:73:a8:d4:c8:b1:3b:8e:
c1:0a:11:2a:15:ab:94:09:5b:82:54:f5:35:eb:2c:
9d:fd:16:60:8f:e9:1e:07:9a:27:22:59:8d:88:33:
9e:22:d3:2c:41:d0:71:7a:1b:d1:d8:57:c3:c1:2f:
da:75:3a:0d:55:7b:36:d9:60:22:ef:e4:ba:da:d1:
4e:e0:59:58:ef:dd:da:ea:ca:87:34:34:27:3d:7f:
18:72:0c:93:e6:20:a0:74:39:6c:26:5b:41:23:a7:
35:2f:38:a4:6e:04:cd:58:85:07:f0:92:b2:c0:f9:
27:6e:39:bf:37:4e:c4:3f:1f:13:89:53:85:06:44:
9a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D5:05:22:1D:6D:D0:9C:33:94:AD:AF:3B:A3:06:C1:17:8D:A4:B8
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0B29B6DABF0911EDB7DFC875C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.181.85.0/24
103.182.58.0/23
103.187.92.0/23
Signature Algorithm: sha256WithRSAEncryption
59:b3:75:57:d3:94:17:7d:46:bb:f8:d3:89:14:ef:f5:1f:ec:
57:20:49:c0:7f:41:ce:3b:37:70:7a:52:bb:1e:c7:bf:0e:de:
62:3a:07:a1:03:8a:23:36:17:70:f4:c3:c3:4d:9b:ff:2d:d6:
b4:58:ab:c8:3b:fc:0b:2b:7b:97:96:5c:ca:95:0f:43:12:8f:
46:36:53:79:1b:0c:ec:1c:b4:c4:4e:67:5e:2b:d0:8c:e0:2a:
8c:05:21:5e:50:dd:43:7d:47:4a:47:61:1d:74:fe:52:55:38:
30:19:98:0d:46:b1:9b:70:86:b1:87:74:4e:32:ea:88:41:d7:
48:e6:62:83:f9:26:e6:df:8e:be:a6:fc:94:d9:38:10:80:d7:
dd:6e:14:3b:dc:ec:57:5c:c1:5a:ef:36:79:60:17:52:b7:cd:
aa:f0:57:66:45:01:80:5b:a5:bf:b0:b6:c1:62:7e:d0:c4:86:
b1:b1:eb:1e:4e:d1:82:8c:12:8c:4e:0f:f7:f0:20:16:7c:5c:
92:08:12:1d:fe:80:24:1d:9c:aa:a5:7b:65:96:42:2c:b1:1b:
a6:30:0c:66:77:fc:5d:45:5b:42:07:69:88:6c:c0:69:7f:b2:
f2:6c:83:1c:3d:5b:e6:22:48:9d:23:a1:d3:58:4e:3a:a0:57:
75:43:c1:fa
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICcRcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTY0NjM0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViY2E2YS1jMTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt6O1kvgrSyrpPCRG12RCPKsfwigd0ZpdW3UgGOC3nSd19as/MAlYNrOHDL7D
EFMNY1MYU9Zsjz5XaGxSa0g15vhkjuG+8AnF6tla2DiWaJTD4J874CPKSDXxLf4C
ld9sdTzoVM/lNmOCq3IeqzHTihlHSZ6cDgyaybtkjLXfYXOo1MixO47BChEqFauU
CVuCVPU16yyd/RZgj+keB5onIlmNiDOeItMsQdBxehvR2FfDwS/adToNVXs22WAi
7+S62tFO4FlY793a6sqHNDQnPX8YcgyT5iCgdDlsJltBI6c1LzikbgTNWIUH8JKy
wPknbjm/N07EPx8TiVOFBkSaVwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFKrVBSId
bdCcM5StrzujBsEXjaS4MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMEIyOUI2REFC
RjA5MTFFREI3REZDODc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABntVUDBAFntjoDBAFnu1wwDQYJKoZIhvcNAQELBQADggEB
AFmzdVfTlBd9Rrv404kU7/Uf7FcgScB/Qc47N3B6Ursex78O3mI6B6EDiiM2F3D0
w8NNm/8t1rRYq8g7/Asre5eWXMqVD0MSj0Y2U3kbDOwctMROZ14r0IzgKowFIV5Q
3UN9R0pHYR10/lJVODAZmA1GsZtwhrGHdE4y6ohB10jmYoP5Jubfjr6m/JTZOBCA
191uFDvc7FdcwVrvNnlgF1K3zarwV2ZFAYBbpb+wtsFiftDEhrGx6x5O0YKMEoxO
D/fwIBZ8XJIIEh3+gCQdnKqle2WWQiyxG6YwDGZ3/F1FW0IHaYhswGl/svJsgxw9
W+YiSJ0jodNYTjqgV3VDwfo=
-----END CERTIFICATE-----
Generated at Fri Sep 1 12:41:24 2023 by rpki-client on console-ams.rpki-client.org