Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0E66C5E43BF111EEADB41959C4F9AE02.roa
File: 0E66C5E43BF111EEADB41959C4F9AE02.roa (raw, json)
Hash identifier: MhGf+KVSakbhBHEM/aEfFwqqv3/B16NzzQXlBEcd8YI=
Subject key identifier: 19:BE:30:F3:EC:54:86:CC:29:8C:A9:A7:20:4B:C7:96:15:D7:06:9D
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7781
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0E66C5E43BF111EEADB41959C4F9AE02.roa
Signing time: Wed 16 Aug 2023 04:55:01 +0000
ROA not before: Wed 16 Aug 2023 04:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132752
IP address blocks: 103.163.14.0/23 maxlen: 24
103.168.60.0/24 maxlen: 24
103.171.108.0/24 maxlen: 24
103.179.121.0/24 maxlen: 24
103.180.177.0/24 maxlen: 24
103.214.162.0/24 maxlen: 24
103.214.163.0/24 maxlen: 24
103.229.209.0/24 maxlen: 24
2001:df2:8d40::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30593 (0x7781)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 16 04:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64dc56a5-d4dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6d:ee:c7:f7:ad:af:d0:f9:db:f5:47:96:2e:
c7:c4:c0:97:77:bf:05:46:f2:d0:38:0d:9e:7a:70:
60:ba:61:f2:0b:78:d3:16:32:50:c3:5c:82:bf:4e:
17:6c:7a:ca:a3:03:0a:1a:df:5a:ed:f4:aa:5d:87:
ce:dc:91:fb:0a:ee:02:66:cd:ed:b8:98:fd:8b:a8:
57:dd:b1:85:6b:7b:cd:2d:27:09:83:32:4e:07:35:
9d:80:ad:9a:32:af:7c:5c:56:30:f7:59:00:83:4e:
b4:66:0f:ad:79:9f:3a:28:8c:f3:c3:59:c3:4f:26:
50:ab:a1:c3:59:a4:5c:8a:49:ac:85:06:4a:a1:62:
6c:1a:38:aa:27:0d:f0:2b:a7:fe:3b:41:26:a1:76:
b8:8a:06:e4:05:83:84:b3:5b:b1:89:77:53:d4:84:
c6:bb:3d:b8:67:25:59:91:26:f7:fd:95:f0:cf:90:
fc:36:d0:6c:b6:6d:7e:30:da:5f:e0:1b:d5:08:fb:
71:eb:95:0d:26:c5:a4:4e:b0:5e:de:bf:c0:19:77:
fe:97:2b:e7:57:eb:06:a2:3a:39:3f:5b:dc:5b:e7:
9a:57:5e:e4:55:cf:46:a1:39:44:dd:c8:00:81:72:
0c:af:33:4b:07:1e:5c:36:7c:1e:a0:ca:12:27:b7:
ab:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:BE:30:F3:EC:54:86:CC:29:8C:A9:A7:20:4B:C7:96:15:D7:06:9D
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0E66C5E43BF111EEADB41959C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.163.14.0/23
103.168.60.0/24
103.171.108.0/24
103.179.121.0/24
103.180.177.0/24
103.214.162.0/23
103.229.209.0/24
IPv6:
2001:df2:8d40::/48
Signature Algorithm: sha256WithRSAEncryption
9a:3b:9c:9f:2e:46:d4:83:0a:a9:92:d6:72:d9:08:1f:6c:b4:
00:63:53:39:4d:29:39:49:ac:e2:a9:61:72:39:5e:fc:2c:ba:
87:93:8e:b3:43:f5:cd:ce:64:c2:4c:0c:e0:01:78:57:7a:ed:
c2:fb:b1:db:c2:44:52:93:8f:cf:9b:04:ba:36:93:ec:a2:75:
3a:1b:60:02:65:49:7a:ae:71:97:ea:00:5e:14:a6:98:0e:2b:
20:1e:30:53:b8:23:9d:bf:10:83:7e:15:e8:b8:34:36:dd:bb:
9d:25:9c:83:07:b2:d4:9c:c5:19:cb:e9:a6:e5:e8:c7:41:39:
b4:2c:c3:71:4f:df:d6:0b:16:38:33:48:f3:2f:93:a9:ac:91:
54:27:98:96:b1:ad:0e:dc:1f:aa:f2:c5:50:f9:f5:62:2b:e5:
2e:a8:37:bc:83:c5:b1:ed:c0:1c:24:75:dd:29:c8:b3:c0:00:
c1:15:9f:ad:a9:72:a1:b6:1d:ca:de:a1:b9:eb:19:50:91:40:
5b:ff:ee:43:77:9d:9c:66:15:7e:7f:2d:d2:2c:27:35:8a:d8:
34:40:9c:5b:78:cc:56:a9:0b:4f:0c:bd:af:96:f0:28:66:e2:
80:1c:7a:23:0d:c2:fd:cd:9f:80:9b:66:68:c9:9b:cb:b4:87:
85:40:0d:96
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgICd4EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwODE2MDQ1NTAxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRjNTZhNS1kNGRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArG3ux/etr9D52/VHli7HxMCXd78FRvLQOA2eenBgumHyC3jTFjJQw1yCv04X
bHrKowMKGt9a7fSqXYfO3JH7Cu4CZs3tuJj9i6hX3bGFa3vNLScJgzJOBzWdgK2a
Mq98XFYw91kAg060Zg+teZ86KIzzw1nDTyZQq6HDWaRcikmshQZKoWJsGjiqJw3w
K6f+O0EmoXa4igbkBYOEs1uxiXdT1ITGuz24ZyVZkSb3/ZXwz5D8NtBstm1+MNpf
4BvVCPtx65UNJsWkTrBe3r/AGXf+lyvnV+sGojo5P1vcW+eaV17kVc9GoTlE3cgA
gXIMrzNLBx5cNnweoMoSJ7erjQIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFBm+MPPs
VIbMKYyppyBLx5YV1wadMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMEU2NkM1RTQz
QkYxMTFFRUFEQjQxOTU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVAYIKwYBBQUHAQcBAf8E
RTBDMDAEAgABMCoDBAFnow4DBABnqDwDBABnq2wDBABns3kDBABntLEDBAFn1qID
BABn5dEwDwQCAAIwCQMHACABDfKNQDANBgkqhkiG9w0BAQsFAAOCAQEAmjucny5G
1IMKqZLWctkIH2y0AGNTOU0pOUms4qlhcjle/Cy6h5OOs0P1zc5kwkwM4AF4V3rt
wvux28JEUpOPz5sEujaT7KJ1OhtgAmVJeq5xl+oAXhSmmA4rIB4wU7gjnb8Qg34V
6Lg0Nt27nSWcgwey1JzFGcvppuXox0E5tCzDcU/f1gsWODNI8y+TqayRVCeYlrGt
DtwfqvLFUPn1YivlLqg3vIPFse3AHCR13SnIs8AAwRWfralyobYdyt6huesZUJFA
W//uQ3ednGYVfn8t0iwnNYrYNECcW3jMVqkLTwy9r5bwKGbigBx6Iw3C/c2fgJtm
aMmby7SHhUANlg==
-----END CERTIFICATE-----
Generated at Wed Aug 16 07:50:14 2023 by rpki-client on console-fra.rpki-client.org