Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2EF6F366F2F811EDB99A1477C4F9AE02.roa
File: 2EF6F366F2F811EDB99A1477C4F9AE02.roa (raw, json)
Hash identifier: 9J+FzYwqvSCFItRY7sAnKyH3Qkafl6hugc21OxDWzfY=
Subject key identifier: B1:1B:C7:CA:52:87:E7:FF:8F:00:A7:0C:7B:F8:3E:70:CD:E1:52:87
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7214
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2EF6F366F2F811EDB99A1477C4F9AE02.roa
Signing time: Mon 15 May 2023 08:12:08 +0000
ROA not before: Mon 15 May 2023 08:12:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132976
IP address blocks: 103.72.176.0/24 maxlen: 24
103.72.177.0/24 maxlen: 24
103.72.178.0/24 maxlen: 24
103.72.179.0/24 maxlen: 24
103.99.216.0/22 maxlen: 24
103.162.206.0/24 maxlen: 24
103.167.29.0/24 maxlen: 24
103.173.41.0/24 maxlen: 24
103.180.72.0/24 maxlen: 24
103.210.40.0/22 maxlen: 24
103.243.44.0/22 maxlen: 24
150.242.20.0/24 maxlen: 24
150.242.21.0/24 maxlen: 24
150.242.22.0/24 maxlen: 24
150.242.23.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29204 (0x7214)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 15 08:12:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6461e957-eec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:96:ba:03:ab:a1:74:fc:6a:81:37:2e:d2:79:
47:c3:1c:97:0c:88:3c:b5:6d:95:e2:79:86:fc:fd:
af:bd:19:3c:dd:0f:98:cd:ab:92:21:33:c7:61:7d:
22:cc:49:7d:e4:f0:81:58:bc:46:01:89:4a:9b:69:
3e:4a:cd:cd:e0:ba:8a:4c:d1:88:da:da:de:7e:96:
af:d0:86:0a:89:59:47:1a:41:f7:0b:91:27:ee:d1:
cc:76:fd:44:9a:0f:7d:9b:38:1b:81:d5:47:3d:7a:
55:bf:e8:e2:98:86:64:2c:35:50:75:f2:ec:e9:ce:
1d:ad:51:80:83:6a:9b:4a:7a:91:ed:ab:ef:30:48:
2f:be:25:c2:e3:79:a4:f1:2d:23:57:04:d9:87:d3:
b2:25:c7:a3:ca:82:18:03:bd:c2:e3:88:90:be:87:
39:6a:5f:40:bc:33:70:e2:a8:a5:21:de:9c:5d:4a:
d9:e4:25:85:72:5d:c2:f3:a6:f7:db:b8:22:cd:3b:
56:24:fb:6b:4f:4f:32:be:2a:5f:86:74:1f:bd:af:
cb:8d:a3:54:bd:02:2a:bd:7c:49:40:8c:fb:dd:f6:
96:94:8c:df:fc:7f:fd:de:f7:a1:23:a3:6f:8a:71:
ea:42:e6:c4:98:a8:22:fc:89:37:02:a7:e1:73:0d:
32:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:1B:C7:CA:52:87:E7:FF:8F:00:A7:0C:7B:F8:3E:70:CD:E1:52:87
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2EF6F366F2F811EDB99A1477C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.176.0/22
103.99.216.0/22
103.162.206.0/24
103.167.29.0/24
103.173.41.0/24
103.180.72.0/24
103.210.40.0/22
103.243.44.0/22
150.242.20.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:31:29:3f:6b:b3:19:bb:b0:68:82:51:6c:ec:7d:3d:53:5a:
26:aa:63:cc:15:fc:bb:1b:b2:be:29:f6:69:22:66:42:41:db:
4d:a5:f8:54:8d:db:6f:00:77:fe:c7:f6:36:62:c6:5e:d4:fd:
be:f4:34:6e:7c:55:6e:c9:6e:6d:d6:73:99:7d:a9:30:fa:71:
a3:6d:a3:05:c5:e7:74:67:7d:cb:27:80:7d:dc:da:3b:5f:65:
39:e9:c9:d2:f5:90:f8:4e:8f:5f:ec:30:0f:eb:0d:90:cc:26:
e6:de:87:26:ca:1e:30:3c:3e:fa:e8:50:f6:7c:72:5f:0e:8b:
1a:9d:2a:4e:0e:ad:03:19:4f:59:0b:70:6d:8c:5b:12:5d:a2:
c9:64:07:b4:4c:84:09:37:f4:63:3e:63:40:c1:b0:d4:52:09:
a9:91:09:58:94:71:08:a8:93:f3:dd:ca:18:d2:88:31:4f:18:
01:95:a6:9f:43:c1:5d:af:57:33:28:87:27:40:df:74:e0:d7:
3e:24:59:71:c1:af:60:0f:f3:1b:6f:73:c0:34:c6:91:3c:e0:
28:a4:0a:01:af:97:92:0c:92:c9:a7:d3:3b:c9:2d:86:f6:8c:
69:5d:8a:7b:cf:7a:36:e5:50:f3:eb:7d:75:df:e4:b7:5f:c6:
4e:95:90:5a
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgICchQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTE1MDgxMjA4WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDYxZTk1Ny1lZWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy5a6A6uhdPxqgTcu0nlHwxyXDIg8tW2V4nmG/P2vvRk83Q+YzauSITPHYX0i
zEl95PCBWLxGAYlKm2k+Ss3N4LqKTNGI2trefpav0IYKiVlHGkH3C5En7tHMdv1E
mg99mzgbgdVHPXpVv+jimIZkLDVQdfLs6c4drVGAg2qbSnqR7avvMEgvviXC43mk
8S0jVwTZh9OyJcejyoIYA73C44iQvoc5al9AvDNw4qilId6cXUrZ5CWFcl3C86b3
27gizTtWJPtrT08yvipfhnQfva/LjaNUvQIqvXxJQIz73faWlIzf/H/93vehI6Nv
inHqQubEmKgi/Ik3Aqfhcw0y6QIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFLEbx8pS
h+f/jwCnDHv4PnDN4VKHMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMkVGNkYzNjZG
MkY4MTFFREI5OUExNDc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E
QDA+MDwEAgABMDYDBAJnSLADBAJnY9gDBABnos4DBABnpx0DBABnrSkDBABntEgD
BAJn0igDBAJn8ywDBAKW8hQwDQYJKoZIhvcNAQELBQADggEBAB4xKT9rsxm7sGiC
UWzsfT1TWiaqY8wV/Lsbsr4p9mkiZkJB202l+FSN228Ad/7H9jZixl7U/b70NG58
VW7Jbm3Wc5l9qTD6caNtowXF53RnfcsngH3c2jtfZTnpydL1kPhOj1/sMA/rDZDM
JubehybKHjA8PvroUPZ8cl8OixqdKk4OrQMZT1kLcG2MWxJdoslkB7RMhAk39GM+
Y0DBsNRSCamRCViUcQiok/PdyhjSiDFPGAGVpp9DwV2vVzMohydA33Tg1z4kWXHB
r2AP8xtvc8A0xpE84CikCgGvl5IMksmn0zvJLYb2jGldinvPejblUPPrfXXf5Ldf
xk6VkFo=
-----END CERTIFICATE-----
Generated at Tue Sep 5 11:42:35 2023 by rpki-client on console-ams.rpki-client.org