Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2EA432E034E711ED92B15482C4F9AE02.roa
File: 2EA432E034E711ED92B15482C4F9AE02.roa (raw, json)
Hash identifier: Tx6bl9govk+Y+dCTcCq5gsRYB2qUbgpTxhr9LhRWF7Y=
Subject key identifier: EE:1D:6D:6C:CC:D1:02:EF:2F:17:73:E0:45:89:59:78:92:25:D0:26
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 73E4
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2EA432E034E711ED92B15482C4F9AE02.roa
Signing time: Wed 14 Jun 2023 05:22:01 +0000
ROA not before: Wed 14 Jun 2023 05:22:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137159
IP address blocks: 103.108.12.0/22 maxlen: 24
2405:ad40::/32 maxlen: 32
2405:ad40::/40 maxlen: 48
2405:ad40:100::/40 maxlen: 48
2405:ad40:200::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29668 (0x73e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jun 14 05:22:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64894e79-54d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d4:ee:fa:e0:b7:fe:f6:8b:e2:2e:96:12:84:
bb:e2:60:7b:55:8f:7f:a0:2c:fb:78:80:ee:92:02:
58:98:69:78:7e:f1:4d:12:f0:a1:87:c3:e2:20:69:
bd:9d:92:dd:9e:5f:32:55:06:6c:4d:3a:19:99:40:
30:4f:f7:23:f5:5a:ec:11:89:2c:aa:6e:2a:57:48:
e0:db:bd:29:8c:7e:7f:10:48:17:a0:72:8b:21:b5:
86:d7:c3:cf:ef:72:ae:dc:f6:c5:be:a5:2b:ea:47:
2c:e9:35:90:00:fe:c6:91:52:aa:60:0e:6e:88:00:
91:8b:33:ea:d9:2f:7d:87:31:e4:43:04:1b:fd:5d:
1f:f9:9d:e8:9e:81:16:38:82:33:b5:d1:77:6c:09:
9b:ff:49:b7:f1:97:64:7b:76:f0:68:8b:37:fd:ee:
6d:a7:a5:a5:cb:26:df:8c:44:47:25:f7:cb:58:61:
f9:76:d2:31:1e:f3:93:4f:7f:98:5b:1f:a1:20:c5:
4d:6d:01:11:a0:a6:5e:3c:fd:be:51:9c:09:16:69:
8a:11:a3:60:45:cd:42:74:1f:86:63:6c:8d:50:bf:
8c:e3:fa:16:ad:b3:a7:4b:1d:b5:51:65:e4:e0:3b:
a4:41:d3:9d:79:79:6d:0e:92:b6:50:e7:e4:48:12:
80:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:1D:6D:6C:CC:D1:02:EF:2F:17:73:E0:45:89:59:78:92:25:D0:26
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2EA432E034E711ED92B15482C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.108.12.0/22
IPv6:
2405:ad40::/32
Signature Algorithm: sha256WithRSAEncryption
81:f6:e1:68:25:19:73:cd:13:9b:df:ec:fb:a5:c6:3b:d6:0f:
f3:b1:90:32:08:70:dc:54:32:79:cb:7b:95:c7:64:a0:76:23:
10:e5:28:cd:f2:b1:63:87:13:e2:63:8e:1e:3c:cd:15:12:18:
9c:1f:3e:f1:71:d6:34:e7:70:05:25:2e:64:fe:78:2a:4c:62:
72:3a:6d:53:ac:85:92:fa:25:3f:f9:cd:1a:94:b0:98:64:57:
f3:6e:b2:08:65:d2:60:7e:85:31:e3:6f:48:91:b6:18:19:44:
6f:30:41:b6:5d:68:a0:28:7e:57:26:73:ae:f5:4c:44:9d:9c:
65:a9:20:87:27:40:1c:7b:69:6c:18:48:7a:d1:5e:ac:50:62:
26:f6:c5:d4:ec:94:7f:50:24:56:26:9e:a3:28:7b:c0:e3:6a:
f4:3c:b2:58:5d:12:4d:26:0d:aa:c2:b6:bd:f9:78:e8:63:86:
65:4a:68:23:d9:2f:e4:3b:1f:d3:db:33:0e:c9:34:97:2b:fa:
f1:8a:54:50:5c:25:63:ac:9f:2a:7d:5b:04:8f:7e:a5:80:bb:
e8:dd:77:5f:73:8e:2e:0d:41:27:1b:61:13:cc:68:47:da:aa:
bf:14:25:54:41:7a:ba:fd:15:4f:31:07:59:e9:8e:de:d6:2f:
41:c5:19:59
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICc+QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNjE0MDUyMjAxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDg5NGU3OS01NGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvtTu+uC3/vaL4i6WEoS74mB7VY9/oCz7eIDukgJYmGl4fvFNEvChh8PiIGm9
nZLdnl8yVQZsTToZmUAwT/cj9VrsEYksqm4qV0jg270pjH5/EEgXoHKLIbWG18PP
73Ku3PbFvqUr6kcs6TWQAP7GkVKqYA5uiACRizPq2S99hzHkQwQb/V0f+Z3onoEW
OIIztdF3bAmb/0m38Zdke3bwaIs3/e5tp6WlyybfjERHJffLWGH5dtIxHvOTT3+Y
Wx+hIMVNbQERoKZePP2+UZwJFmmKEaNgRc1CdB+GY2yNUL+M4/oWrbOnSx21UWXk
4DukQdOdeXltDpK2UOfkSBKAPwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFO4dbWzM
0QLvLxdz4EWJWXiSJdAmMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMkVBNDMyRTAz
NEU3MTFFRDkyQjE1NDgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnbAwwDQQCAAIwBwMFACQFrUAwDQYJKoZIhvcNAQELBQAD
ggEBAIH24WglGXPNE5vf7PulxjvWD/OxkDIIcNxUMnnLe5XHZKB2IxDlKM3ysWOH
E+Jjjh48zRUSGJwfPvFx1jTncAUlLmT+eCpMYnI6bVOshZL6JT/5zRqUsJhkV/Nu
sghl0mB+hTHjb0iRthgZRG8wQbZdaKAoflcmc671TESdnGWpIIcnQBx7aWwYSHrR
XqxQYib2xdTslH9QJFYmnqMoe8DjavQ8slhdEk0mDarCtr35eOhjhmVKaCPZL+Q7
H9PbMw7JNJcr+vGKVFBcJWOsnyp9WwSPfqWAu+jdd19zji4NQScbYRPMaEfaqr8U
JVRBerr9FU8xB1npjt7WL0HFGVk=
-----END CERTIFICATE-----
Generated at Mon Dec 11 06:28:55 2023 by rpki-client on console-fra.rpki-client.org