Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1A817BAE1C8D11EE84AD5926C4F9AE02.roa
File: 1A817BAE1C8D11EE84AD5926C4F9AE02.roa (raw, json)
Hash identifier: xK1R0d2HOe5fgTUCVn/BoNkW31Vv+lJO3xrWaRW0D1o=
Subject key identifier: E0:F7:F5:6E:5B:79:30:08:2C:EB:E1:D6:88:42:9D:B9:C9:FD:26:70
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7915
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1A817BAE1C8D11EE84AD5926C4F9AE02.roa
Signing time: Thu 31 Aug 2023 11:47:53 +0000
ROA not before: Thu 31 Aug 2023 11:47:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150030
IP address blocks: 103.165.72.0/23 maxlen: 24
103.171.111.0/24 maxlen: 24
103.178.160.0/23 maxlen: 24
103.178.166.0/23 maxlen: 24
103.178.202.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30997 (0x7915)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 31 11:47:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64f07de9-a48d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:1d:06:20:79:dd:01:6a:13:9f:ea:e4:01:0c:
09:6f:29:5b:9a:09:ce:5f:43:63:07:91:30:a4:5f:
e2:69:0f:02:62:53:9b:f7:d8:da:ed:01:65:76:9b:
cc:9f:bf:66:0c:4b:16:df:74:1d:7a:a9:90:4e:a1:
06:79:61:bd:ed:9f:60:4a:34:77:d9:30:79:62:14:
19:41:04:eb:72:73:9e:50:47:9c:d8:8c:95:fa:45:
c2:1a:12:3b:18:ca:be:0f:c9:15:5e:2d:17:73:70:
c8:cc:68:2d:ca:ae:1c:b9:d9:80:a1:b3:22:51:f9:
7b:88:c3:f2:0f:c7:d8:7d:58:6e:48:7c:2f:38:2f:
03:e0:b5:be:ca:e7:b7:1a:24:46:3b:68:5b:45:fa:
54:52:60:0d:a8:1a:5b:26:b8:59:35:8d:1d:8e:52:
b6:09:28:2b:81:0d:d1:ce:65:ed:65:ed:87:07:0d:
94:3d:0f:2c:7c:34:ec:16:1a:f9:55:fe:c6:ac:45:
c9:31:b1:7a:c6:ce:72:2c:fd:a8:c5:f3:ae:31:40:
bd:08:df:9f:4a:8b:fc:69:ab:1a:9c:03:86:1c:65:
aa:c0:1f:82:e9:dd:20:04:1c:74:f1:3a:ba:15:44:
6a:dc:24:00:f6:88:60:94:51:0f:0e:b0:e3:9f:fd:
56:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:F7:F5:6E:5B:79:30:08:2C:EB:E1:D6:88:42:9D:B9:C9:FD:26:70
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1A817BAE1C8D11EE84AD5926C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.165.72.0/23
103.171.111.0/24
103.178.160.0/23
103.178.166.0/23
103.178.202.0/23
Signature Algorithm: sha256WithRSAEncryption
61:51:71:7e:c2:8b:af:78:5f:6a:aa:8a:26:11:0a:d1:82:00:
20:69:03:a4:75:9b:50:d8:40:c4:d0:06:86:27:60:a2:62:74:
ed:86:e3:4b:e4:af:95:e0:94:21:2f:e6:dc:77:e0:c5:95:90:
06:4d:34:54:82:19:2b:b1:ce:2e:08:3f:fe:62:ca:a5:68:0d:
b1:dc:13:40:c8:d4:5e:33:73:27:1a:e2:42:94:fa:1f:68:bc:
80:ff:39:88:e6:a8:2a:ef:4f:0e:73:b0:b2:5e:48:45:5e:a9:
48:b2:83:d9:8d:60:5f:7f:68:5b:10:72:41:59:84:f2:08:96:
25:e5:42:2a:04:3e:1d:fe:c1:fb:af:39:af:bf:16:8d:a4:39:
83:43:b9:c7:ef:4d:0f:b7:ac:f6:5e:3b:77:3a:22:56:f7:1d:
76:47:44:6b:1e:b3:0c:11:3c:98:5a:72:5a:5b:56:3e:d2:58:
6f:10:37:74:93:35:a7:65:14:36:9f:8b:2b:22:a1:0d:90:7a:
81:f6:c0:51:b2:09:41:39:df:e9:bd:ad:94:02:66:d3:a0:dc:
95:b5:70:f5:97:b7:8e:9a:0f:47:0c:2d:48:a7:2e:2b:69:aa:
05:a7:0f:90:9c:d3:ca:2f:bc:cb:8b:1f:3f:bc:44:70:88:5d:
0d:05:e7:6f
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICeRUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwODMxMTE0NzUzWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGYwN2RlOS1hNDhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2x0GIHndAWoTn+rkAQwJbylbmgnOX0NjB5EwpF/iaQ8CYlOb99ja7QFldpvM
n79mDEsW33QdeqmQTqEGeWG97Z9gSjR32TB5YhQZQQTrcnOeUEec2IyV+kXCGhI7
GMq+D8kVXi0Xc3DIzGgtyq4cudmAobMiUfl7iMPyD8fYfVhuSHwvOC8D4LW+yue3
GiRGO2hbRfpUUmANqBpbJrhZNY0djlK2CSgrgQ3RzmXtZe2HBw2UPQ8sfDTsFhr5
Vf7GrEXJMbF6xs5yLP2oxfOuMUC9CN+fSov8aasanAOGHGWqwB+C6d0gBBx08Tq6
FURq3CQA9ohglFEPDrDjn/1WKQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFOD39W5b
eTAILOvh1ohCnbnJ/SZwMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMUE4MTdCQUUx
QzhEMTFFRTg0QUQ1OTI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAFnpUgDBABnq28DBAFnsqADBAFnsqYDBAFnssowDQYJKoZI
hvcNAQELBQADggEBAGFRcX7Ci694X2qqiiYRCtGCACBpA6R1m1DYQMTQBoYnYKJi
dO2G40vkr5XglCEv5tx34MWVkAZNNFSCGSuxzi4IP/5iyqVoDbHcE0DI1F4zcyca
4kKU+h9ovID/OYjmqCrvTw5zsLJeSEVeqUiyg9mNYF9/aFsQckFZhPIIliXlQioE
Ph3+wfuvOa+/Fo2kOYNDucfvTQ+3rPZeO3c6Ilb3HXZHRGseswwRPJhaclpbVj7S
WG8QN3STNadlFDafiysioQ2QeoH2wFGyCUE53+m9rZQCZtOg3JW1cPWXt46aD0cM
LUinLitpqgWnD5Cc08ovvMuLHz+8RHCIXQ0F528=
-----END CERTIFICATE-----
Generated at Wed Nov 1 07:41:23 2023 by rpki-client on console-ams.rpki-client.org