Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3E957324877211EEB169CE28C4F9AE02.roa
File: 3E957324877211EEB169CE28C4F9AE02.roa (raw, json)
Hash identifier: GTIYq0lrGMhMa5J7yqs/gk0ydMMzzDNraZzKKr35RBo=
Subject key identifier: C3:19:03:A0:C2:4D:88:4B:74:CE:61:8B:1E:2E:31:8A:E5:63:28:B4
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7E29
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3E957324877211EEB169CE28C4F9AE02.roa
Signing time: Mon 20 Nov 2023 06:58:44 +0000
ROA not before: Mon 20 Nov 2023 06:58:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150091
IP address blocks: 103.179.120.0/24 maxlen: 24
103.179.121.0/24 maxlen: 24
103.180.168.0/23 maxlen: 24
103.181.151.0/24 maxlen: 24
103.181.174.0/24 maxlen: 24
103.181.175.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32297 (0x7e29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Nov 20 06:58:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=655b03a4-0ef4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:9c:49:f6:15:9e:d8:24:e3:f8:f3:ca:e7:1f:
7e:82:44:c0:a9:88:cd:a7:60:58:ae:c6:07:5f:93:
81:e2:e1:a7:82:0c:31:4a:cf:74:d4:ca:6f:93:92:
ad:e6:76:52:ba:e4:3a:57:e3:d2:2d:dd:b9:aa:64:
d1:ed:26:90:da:4e:4c:82:cb:2a:4a:4e:a5:d6:a8:
bc:ce:79:19:76:c8:fc:79:98:48:f3:39:fe:8e:d2:
39:c2:03:3c:68:10:42:6d:88:5f:72:c3:db:1d:e4:
cc:e1:cb:a9:6c:08:9a:c4:cd:62:01:aa:f8:ac:62:
26:3b:f7:56:7e:61:bf:fe:2c:2b:22:15:37:92:03:
5a:20:d0:69:e9:e9:d4:13:ab:c0:68:ad:39:fb:54:
88:d9:da:82:60:85:09:9a:42:55:dd:1a:57:39:c9:
92:15:48:4a:f9:5f:7c:e7:d5:6b:e8:48:cf:c7:0b:
4e:7c:9d:eb:bb:88:04:85:70:20:09:8e:8e:b8:29:
d4:2b:99:08:b4:f3:f2:41:54:5e:29:94:6c:59:5b:
fe:5b:9b:41:8d:c0:be:54:fb:ae:fc:93:bd:28:01:
76:a5:79:5c:e8:92:86:24:71:00:78:4b:9a:53:e5:
d4:c7:1f:49:90:7a:62:3b:dd:db:f5:25:4a:88:22:
49:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:19:03:A0:C2:4D:88:4B:74:CE:61:8B:1E:2E:31:8A:E5:63:28:B4
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3E957324877211EEB169CE28C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.120.0/23
103.180.168.0/23
103.181.151.0/24
103.181.174.0/23
Signature Algorithm: sha256WithRSAEncryption
18:a3:c1:c4:ae:a9:cd:79:c7:7c:3a:58:c3:67:52:8e:9b:30:
37:e1:69:96:53:e0:8e:b0:84:8a:e8:3a:ab:17:e0:0f:75:a6:
00:1e:76:1f:c2:04:18:79:0d:ed:1f:c1:db:c7:f9:66:b8:58:
6d:be:87:8e:be:31:f0:82:17:6f:12:f5:7a:60:37:db:a4:fe:
9d:9e:1d:e1:92:1f:ce:7d:b8:a7:a9:8e:24:dd:72:87:d1:7f:
01:3f:f7:79:57:12:e1:54:99:46:00:b8:7d:23:4d:96:e3:e3:
e3:a5:80:19:2d:31:43:19:19:06:aa:dc:38:e3:ab:5f:3f:3f:
a8:f8:c9:a3:fe:11:c6:34:17:f0:d7:24:1d:f7:89:25:31:fb:
30:d2:37:d7:64:13:fc:82:65:ca:f5:c5:43:99:6e:0a:7e:af:
64:96:e9:dd:58:93:58:ef:fd:12:b0:b5:f7:3f:cf:2f:23:ec:
33:29:11:34:4e:d5:f4:18:92:da:c6:c9:29:f4:37:b2:6b:c2:
00:fe:72:8f:db:c4:41:5d:6d:78:d8:ff:88:10:3c:c0:5d:b3:
ab:aa:f7:09:d8:e7:71:18:22:a4:c4:73:3d:4e:54:cf:a1:24:
e4:ac:6c:b3:53:fb:b9:06:6d:92:96:c1:f2:61:38:e8:36:dd:
9a:a7:d6:ec
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICfikwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMTIwMDY1ODQ0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTViMDNhNC0wZWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxJxJ9hWe2CTj+PPK5x9+gkTAqYjNp2BYrsYHX5OB4uGnggwxSs901Mpvk5Kt
5nZSuuQ6V+PSLd25qmTR7SaQ2k5MgssqSk6l1qi8znkZdsj8eZhI8zn+jtI5wgM8
aBBCbYhfcsPbHeTM4cupbAiaxM1iAar4rGImO/dWfmG//iwrIhU3kgNaINBp6enU
E6vAaK05+1SI2dqCYIUJmkJV3RpXOcmSFUhK+V9859Vr6EjPxwtOfJ3ru4gEhXAg
CY6OuCnUK5kItPPyQVReKZRsWVv+W5tBjcC+VPuu/JO9KAF2pXlc6JKGJHEAeEua
U+XUxx9JkHpiO93b9SVKiCJJ0QIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFMMZA6DC
TYhLdM5hix4uMYrlYyi0MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvM0U5NTczMjQ4
NzcyMTFFRUIxNjlDRTI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAFns3gDBAFntKgDBABntZcDBAFnta4wDQYJKoZIhvcNAQEL
BQADggEBABijwcSuqc15x3w6WMNnUo6bMDfhaZZT4I6whIroOqsX4A91pgAedh/C
BBh5De0fwdvH+Wa4WG2+h46+MfCCF28S9XpgN9uk/p2eHeGSH859uKepjiTdcofR
fwE/93lXEuFUmUYAuH0jTZbj4+OlgBktMUMZGQaq3Djjq18/P6j4yaP+EcY0F/DX
JB33iSUx+zDSN9dkE/yCZcr1xUOZbgp+r2SW6d1Yk1jv/RKwtfc/zy8j7DMpETRO
1fQYktrGySn0N7JrwgD+co/bxEFdbXjY/4gQPMBds6uq9wnY53EYIqTEcz1OVM+h
JOSsbLNT+7kGbZKWwfJhOOg23Zqn1uw=
-----END CERTIFICATE-----
Generated at Mon Nov 20 08:10:10 2023 by rpki-client on console-fra.rpki-client.org