Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2B888386643E11EE8E1EA64EC4F9AE02.roa
File: 2B888386643E11EE8E1EA64EC4F9AE02.roa (raw, json)
Hash identifier: yPPvKqx4HPQUEHvzobQKj2o4PtjGxeP94mNjQZZsz2o=
Subject key identifier: DD:77:B0:51:02:BF:2B:6E:2C:DD:17:43:7D:F4:D6:D9:D9:A6:BF:A2
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7B63
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2B888386643E11EE8E1EA64EC4F9AE02.roa
Signing time: Fri 06 Oct 2023 11:47:48 +0000
ROA not before: Fri 06 Oct 2023 11:47:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150039
IP address blocks: 103.29.62.0/23 maxlen: 24
2001:df2:240::/48 maxlen: 49
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31587 (0x7b63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Oct 6 11:47:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=651ff3e3-3371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:84:c8:b9:5f:1e:1e:9f:07:df:bc:17:d4:a0:
4a:fc:26:df:57:75:49:99:af:f2:0e:ed:ed:b3:59:
43:69:9f:55:b6:23:1b:33:3f:ce:24:80:af:31:88:
16:6c:97:e2:42:13:23:8f:ad:5d:c2:83:69:9f:f4:
77:3b:67:6a:a7:77:90:28:9e:a7:cc:e9:10:fe:94:
8b:77:ff:4c:32:ce:8e:ed:87:9a:dd:5a:16:d1:83:
69:9a:a9:58:98:47:19:e4:91:cf:d3:c9:48:65:b4:
a1:41:aa:1b:76:7b:bb:8f:44:f3:8b:ef:cd:80:31:
bf:a0:bc:4b:7c:de:41:e6:1c:13:b0:5c:58:e6:df:
55:11:f9:11:d7:5f:2b:f0:cf:c8:f2:59:1b:0a:38:
57:8c:fa:53:89:50:aa:20:e1:81:40:91:6e:f0:cb:
34:c8:d9:36:df:ab:87:35:2b:c5:23:79:0e:1b:2c:
25:b9:83:71:af:c4:6f:b4:b7:b2:dd:d0:f7:97:f6:
db:b3:63:6f:75:09:03:b8:27:81:bd:b2:b3:8d:bd:
f3:fa:6a:96:1b:16:73:e9:02:cd:1e:e4:f2:85:8e:
46:fa:a0:8d:a2:02:db:bd:d0:83:ac:6e:4a:b8:2b:
16:9d:fb:ab:80:3a:8a:85:22:8a:4f:1d:a6:a7:7c:
a6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:77:B0:51:02:BF:2B:6E:2C:DD:17:43:7D:F4:D6:D9:D9:A6:BF:A2
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2B888386643E11EE8E1EA64EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.29.62.0/23
IPv6:
2001:df2:240::/48
Signature Algorithm: sha256WithRSAEncryption
93:4a:8b:43:fe:e4:5c:fd:98:af:0a:17:e6:64:cf:5f:c0:81:
6b:a4:31:73:3d:f1:57:85:b3:c0:e7:af:dd:96:2b:37:c3:c1:
6e:5f:84:1b:79:9a:1b:15:00:fd:d9:39:2f:df:80:c8:b6:76:
76:b6:0f:62:7b:54:74:32:e0:89:20:f0:cc:f7:7a:29:37:e0:
27:10:70:73:12:e7:df:d4:a3:b9:a3:48:e8:d8:a9:78:5a:90:
fb:55:ab:56:53:f6:34:76:01:66:3c:60:c3:43:d9:cb:02:46:
9d:72:25:a0:54:21:a7:c2:50:bc:05:e7:39:23:9c:32:d4:f7:
cf:3e:6c:28:ee:c5:6a:39:84:a1:b2:8e:b3:10:16:30:e1:e0:
2c:37:84:49:e4:31:0e:1b:16:b0:33:f0:6f:f1:6f:27:6d:2b:
ac:e4:2c:6f:00:42:72:28:fd:7d:56:8c:ab:0b:78:4f:92:88:
16:99:92:4c:12:30:d9:34:ba:3b:52:f2:dc:3e:07:26:a2:3c:
bc:14:43:ef:9d:bd:c4:01:0d:1b:2e:85:93:e0:a2:f0:50:b7:
a3:26:ef:12:2d:7a:9d:5b:9d:65:b4:73:6b:0a:74:25:77:51:
53:b6:f2:ee:67:a3:19:4c:11:ee:af:12:37:19:35:f6:8b:36:
6f:aa:8b:f1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICe2MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMDA2MTE0NzQ4WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFmZjNlMy0zMzcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuYTIuV8eHp8H37wX1KBK/CbfV3VJma/yDu3ts1lDaZ9VtiMbMz/OJICvMYgW
bJfiQhMjj61dwoNpn/R3O2dqp3eQKJ6nzOkQ/pSLd/9MMs6O7Yea3VoW0YNpmqlY
mEcZ5JHP08lIZbShQaobdnu7j0Tzi+/NgDG/oLxLfN5B5hwTsFxY5t9VEfkR118r
8M/I8lkbCjhXjPpTiVCqIOGBQJFu8Ms0yNk236uHNSvFI3kOGywluYNxr8RvtLey
3dD3l/bbs2NvdQkDuCeBvbKzjb3z+mqWGxZz6QLNHuTyhY5G+qCNogLbvdCDrG5K
uCsWnfurgDqKhSKKTx2mp3ymqQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFN13sFEC
vytuLN0XQ3301tnZpr+iMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMkI4ODgzODY2
NDNFMTFFRThFMUVBNjRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnHT4wDwQCAAIwCQMHACABDfICQDANBgkqhkiG9w0BAQsF
AAOCAQEAk0qLQ/7kXP2YrwoX5mTPX8CBa6Qxcz3xV4WzwOev3ZYrN8PBbl+EG3ma
GxUA/dk5L9+AyLZ2drYPYntUdDLgiSDwzPd6KTfgJxBwcxLn39SjuaNI6NipeFqQ
+1WrVlP2NHYBZjxgw0PZywJGnXIloFQhp8JQvAXnOSOcMtT3zz5sKO7FajmEobKO
sxAWMOHgLDeESeQxDhsWsDPwb/FvJ20rrOQsbwBCcij9fVaMqwt4T5KIFpmSTBIw
2TS6O1Ly3D4HJqI8vBRD7529xAENGy6Fk+Ci8FC3oybvEi16nVudZbRzawp0JXdR
U7by7mejGUwR7q8SNxk19os2b6qL8Q==
-----END CERTIFICATE-----
Generated at Thu Nov 30 08:50:08 2023 by rpki-client on console-ams.rpki-client.org