Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0CCF800C417A11EE81B86F18C4F9AE02.roa
File: 0CCF800C417A11EE81B86F18C4F9AE02.roa (raw, json)
Hash identifier: bI3MD/xnYeqruzcwmWSjv8MMNNDFp6XgzZqbqY+LuR8=
Subject key identifier: 47:22:C5:F2:A3:57:33:FB:B4:9F:F8:21:60:A0:EF:02:40:19:E5:70
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7855
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0CCF800C417A11EE81B86F18C4F9AE02.roa
Signing time: Wed 23 Aug 2023 05:58:15 +0000
ROA not before: Wed 23 Aug 2023 05:58:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133311
IP address blocks: 103.98.79.0/24 maxlen: 24
103.100.80.0/22 maxlen: 24
103.127.60.0/23 maxlen: 24
103.158.178.0/24 maxlen: 24
103.158.179.0/24 maxlen: 24
103.160.28.0/23 maxlen: 24
103.163.54.0/23 maxlen: 23
103.174.240.0/23 maxlen: 24
103.181.22.0/23 maxlen: 23
103.181.23.0/24 maxlen: 24
103.199.98.0/24 maxlen: 24
103.199.99.0/24 maxlen: 24
103.199.116.0/24 maxlen: 24
103.201.136.0/24 maxlen: 24
103.201.137.0/24 maxlen: 24
103.201.138.0/24 maxlen: 24
103.225.174.0/24 maxlen: 24
160.202.156.0/24 maxlen: 24
160.202.157.0/24 maxlen: 24
160.202.158.0/24 maxlen: 24
160.202.159.0/24 maxlen: 24
2001:df1:95c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30805 (0x7855)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 23 05:58:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64e59ff7-24fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:8f:3f:01:e0:30:2e:af:30:15:be:36:78:f6:
41:05:b0:2d:b0:5a:83:2b:06:3e:71:80:77:36:91:
2a:1b:fb:0e:d3:cd:1a:e5:15:7f:0a:2f:b8:95:6f:
48:e5:9a:ce:26:a4:01:39:49:f0:57:2e:31:29:48:
1a:02:b9:36:29:54:ac:3e:0c:0d:ab:e0:64:8a:42:
20:89:9e:59:fc:09:1e:73:4b:fd:d7:a5:e0:d6:4a:
cf:bc:15:a4:f7:f0:b1:49:34:07:2e:3d:d2:13:3a:
73:5f:ec:22:23:ea:52:a4:cb:93:25:5d:ef:00:26:
bd:a8:c5:0f:9d:5b:3f:c7:a5:f2:f5:b6:00:3e:58:
6b:4c:08:0f:f7:1c:07:ff:d7:f6:81:c0:fe:1f:24:
82:41:69:96:d9:45:e6:b0:2d:36:9a:37:b1:de:2f:
04:8e:c0:67:37:67:82:64:f0:0f:a5:43:2e:98:10:
e4:cb:46:28:e9:5b:d5:1b:52:4f:0a:e1:7a:3e:a0:
07:d3:6d:cb:12:e7:2d:2d:04:76:5d:23:a4:65:c6:
53:f6:61:57:24:77:53:8b:ac:78:fe:8d:3f:78:33:
92:f8:e3:87:d3:cc:bd:14:80:24:7f:36:33:ec:b6:
c1:00:c6:e7:b2:48:9b:f9:ba:ec:27:c8:78:e4:ab:
5b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:22:C5:F2:A3:57:33:FB:B4:9F:F8:21:60:A0:EF:02:40:19:E5:70
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0CCF800C417A11EE81B86F18C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.98.79.0/24
103.100.80.0/22
103.127.60.0/23
103.158.178.0/23
103.160.28.0/23
103.163.54.0/23
103.174.240.0/23
103.181.22.0/23
103.199.98.0/23
103.199.116.0/24
103.201.136.0-103.201.138.255
103.225.174.0/24
160.202.156.0/22
IPv6:
2001:df1:95c0::/48
Signature Algorithm: sha256WithRSAEncryption
29:05:bb:9a:f5:f6:65:8d:e6:8a:c9:59:9f:3e:b9:44:61:a3:
ef:d3:3f:7c:a0:02:81:fe:62:2b:9e:59:60:11:36:e2:27:cf:
da:0b:24:15:7f:60:47:bb:fd:81:fe:4b:97:79:79:06:27:f9:
71:06:97:90:3c:6a:04:6e:ba:18:c7:56:4b:82:0f:da:17:d7:
55:de:e5:e8:e5:b1:a0:1d:c4:c0:1e:2b:15:33:c3:01:98:10:
ed:02:88:03:40:11:24:9a:5c:87:fd:16:8a:00:39:b2:8a:88:
a0:e5:85:9c:42:2f:ee:b6:92:d2:44:1c:dc:4a:ef:78:ab:25:
bd:a8:30:f8:19:3e:7a:fa:99:1b:05:ff:8b:fb:6d:17:f3:ae:
77:06:09:80:d5:e4:ef:44:5e:0d:c4:d2:cf:cc:d3:2b:b2:62:
fa:c3:05:4a:cd:9b:6f:3c:0f:d1:ca:ea:0f:7e:b4:ae:44:fd:
84:15:95:b0:75:17:e8:1f:7f:ad:73:a1:7f:29:5c:65:7e:81:
e1:ec:76:94:6e:d6:c4:4c:42:0a:33:b5:7e:7b:e6:87:9b:1f:
92:65:ba:c4:6c:12:85:cf:11:ff:98:d9:a2:cb:31:53:3a:a3:
95:bc:93:54:5d:a8:5f:67:c8:6b:5e:2c:9e:ef:33:b7:38:49:
d6:b0:9f:4f
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgICeFUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwODIzMDU1ODE1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGU1OWZmNy0yNGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0o8/AeAwLq8wFb42ePZBBbAtsFqDKwY+cYB3NpEqG/sO080a5RV/Ci+4lW9I
5ZrOJqQBOUnwVy4xKUgaArk2KVSsPgwNq+BkikIgiZ5Z/Akec0v916Xg1krPvBWk
9/CxSTQHLj3SEzpzX+wiI+pSpMuTJV3vACa9qMUPnVs/x6Xy9bYAPlhrTAgP9xwH
/9f2gcD+HySCQWmW2UXmsC02mjex3i8EjsBnN2eCZPAPpUMumBDky0Yo6VvVG1JP
CuF6PqAH023LEuctLQR2XSOkZcZT9mFXJHdTi6x4/o0/eDOS+OOH08y9FIAkfzYz
7LbBAMbnskib+brsJ8h45KtbqwIDAQABo4IC9zCCAvMwHQYDVR0OBBYEFEcixfKj
VzP7tJ/4IWCg7wJAGeVwMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMENDRjgwMEM0
MTdBMTFFRTgxQjg2RjE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYAGCCsGAQUFBwEHAQH/
BHEwbzBcBAIAATBWAwQAZ2JPAwQCZ2RQAwQBZ388AwQBZ56yAwQBZ6AcAwQBZ6M2
AwQBZ67wAwQBZ7UWAwQBZ8diAwQAZ8d0MAwDBANnyYgDBABnyYoDBABn4a4DBAKg
ypwwDwQCAAIwCQMHACABDfGVwDANBgkqhkiG9w0BAQsFAAOCAQEAKQW7mvX2ZY3m
islZnz65RGGj79M/fKACgf5iK55ZYBE24ifP2gskFX9gR7v9gf5Ll3l5Bif5cQaX
kDxqBG66GMdWS4IP2hfXVd7l6OWxoB3EwB4rFTPDAZgQ7QKIA0ARJJpch/0WigA5
soqIoOWFnEIv7raS0kQc3ErveKslvagw+Bk+evqZGwX/i/ttF/OudwYJgNXk70Re
DcTSz8zTK7Ji+sMFSs2bbzwP0crqD360rkT9hBWVsHUX6B9/rXOhfylcZX6B4ex2
lG7WxExCCjO1fnvmh5sfkmW6xGwShc8R/5jZossxUzqjlbyTVF2oX2fIa14snu8z
tzhJ1rCfTw==
-----END CERTIFICATE-----
Generated at Thu Oct 19 11:31:07 2023 by rpki-client on console-ams.rpki-client.org