Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4343C2D04C2C11EEBEACC480C4F9AE02.roa
File: 4343C2D04C2C11EEBEACC480C4F9AE02.roa (raw, json)
Hash identifier: TJHF/JipP8FMpa1uNasm4NFz00f02vt/T1AK5du9q28=
Subject key identifier: AE:8D:27:61:C5:2D:DD:EB:13:21:2B:88:9E:87:AD:9B:D5:38:81:E3
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 79C7
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4343C2D04C2C11EEBEACC480C4F9AE02.roa
Signing time: Tue 05 Sep 2023 20:39:09 +0000
ROA not before: Tue 05 Sep 2023 20:39:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135235
IP address blocks: 103.221.80.0/22 maxlen: 24
2001:df1:d7c0::/48 maxlen: 48
2001:df2:de40::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31175 (0x79c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Sep 5 20:39:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64f791ec-8fa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:51:0c:a6:a8:2a:2e:47:c4:88:a6:ea:52:24:
24:e5:d3:cc:7f:cd:15:44:94:ca:e7:52:bd:bb:74:
be:44:07:2e:78:5d:7f:f6:fe:19:62:e4:fc:dd:bb:
56:8b:a0:ec:de:55:63:21:69:0b:40:3c:b4:39:e0:
fc:6a:97:16:4b:bb:a7:f5:5a:1c:72:a4:9e:96:bb:
15:42:e9:84:42:24:bf:4e:8f:3d:8f:71:11:72:2e:
7a:4a:3e:c0:85:ef:5a:e2:cd:76:c9:d1:01:51:cc:
40:a7:15:79:8c:a3:37:da:4a:00:a5:a4:d2:d1:88:
2c:e9:81:87:97:40:b8:99:02:17:77:f8:5a:50:ba:
57:03:b9:4a:16:44:3c:47:c8:08:44:f4:e8:4e:44:
fb:85:50:b5:b9:66:d7:b6:47:02:28:b1:50:81:e1:
77:79:c4:06:de:78:5f:62:b8:26:18:dc:78:7e:bb:
11:46:20:7e:5b:d8:c1:8c:d7:20:01:7f:ac:ad:1b:
ac:e9:ac:e9:07:b3:a0:95:1f:e5:28:c3:70:77:54:
bd:6e:86:ea:03:3f:52:99:55:11:c2:f4:d6:78:21:
59:da:57:c0:3f:ff:4c:c3:55:74:4d:27:05:2d:dd:
02:8f:58:d3:fe:05:d8:f8:1e:d0:14:5b:91:b9:b9:
2e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:8D:27:61:C5:2D:DD:EB:13:21:2B:88:9E:87:AD:9B:D5:38:81:E3
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4343C2D04C2C11EEBEACC480C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.80.0/22
IPv6:
2001:df1:d7c0::/48
2001:df2:de40::/48
Signature Algorithm: sha256WithRSAEncryption
87:68:bc:f7:ef:be:4f:c2:f1:ee:87:46:04:d3:54:a6:39:d5:
b1:5d:49:54:de:49:cd:d7:f4:bb:a1:5f:73:0a:4a:f4:35:25:
78:17:04:04:80:36:2f:81:e7:c4:91:62:8c:a3:d7:11:ce:df:
ee:5b:e7:8c:e6:ed:81:0b:6d:8d:14:ab:a0:c1:31:98:b7:04:
66:a6:47:31:8e:a5:fd:84:66:90:68:c5:cc:4b:c9:a5:86:98:
95:d0:9a:83:73:53:8c:a8:ce:f2:ef:a6:b1:fa:58:8d:58:b1:
8f:10:29:38:9f:81:6e:76:26:da:15:8c:45:66:d6:da:12:f9:
73:18:a0:30:65:cf:ad:24:9e:60:52:18:3d:77:fb:d5:39:9f:
5b:5e:fc:b7:70:79:09:85:e6:a7:18:03:22:02:f5:9c:72:75:
7b:27:71:38:c0:0b:ce:4d:f2:d3:27:f0:0f:65:42:9e:9b:29:
94:45:a4:6b:c1:b6:be:86:6e:6b:4b:06:3d:18:26:9d:cd:d2:
20:e5:ad:d3:49:82:e1:e1:5a:0a:ad:67:3b:ca:86:57:d6:09:
6e:33:ea:a2:8f:10:22:16:54:ab:4e:e9:2c:95:7c:5c:88:ba:
7f:b3:cf:1f:1b:7a:1c:2d:9d:d0:3f:e8:15:a3:cb:d6:0e:34:
b2:83:be:31
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICeccwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwOTA1MjAzOTA4WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY3OTFlYy04ZmE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3lEMpqgqLkfEiKbqUiQk5dPMf80VRJTK51K9u3S+RAcueF1/9v4ZYuT83btW
i6Ds3lVjIWkLQDy0OeD8apcWS7un9VoccqSelrsVQumEQiS/To89j3ERci56Sj7A
he9a4s12ydEBUcxApxV5jKM32koApaTS0Ygs6YGHl0C4mQIXd/haULpXA7lKFkQ8
R8gIRPToTkT7hVC1uWbXtkcCKLFQgeF3ecQG3nhfYrgmGNx4frsRRiB+W9jBjNcg
AX+srRus6azpB7OglR/lKMNwd1S9bobqAz9SmVURwvTWeCFZ2lfAP/9Mw1V0TScF
Ld0Cj1jT/gXY+B7QFFuRubkuJQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFK6NJ2HF
Ld3rEyEriJ6HrZvVOIHjMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNDM0M0MyRDA0
QzJDMTFFRUJFQUNDNDgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMAwEAgABMAYDBAJn3VAwGAQCAAIwEgMHACABDfHXwAMHACABDfLeQDANBgkq
hkiG9w0BAQsFAAOCAQEAh2i89+++T8Lx7odGBNNUpjnVsV1JVN5Jzdf0u6FfcwpK
9DUleBcEBIA2L4HnxJFijKPXEc7f7lvnjObtgQttjRSroMExmLcEZqZHMY6l/YRm
kGjFzEvJpYaYldCag3NTjKjO8u+msfpYjVixjxApOJ+BbnYm2hWMRWbW2hL5cxig
MGXPrSSeYFIYPXf71TmfW178t3B5CYXmpxgDIgL1nHJ1eydxOMALzk3y0yfwD2VC
npsplEWka8G2voZua0sGPRgmnc3SIOWt00mC4eFaCq1nO8qGV9YJbjPqoo8QIhZU
q07pLJV8XIi6f7PPHxt6HC2d0D/oFaPL1g40soO+MQ==
-----END CERTIFICATE-----
Generated at Fri Dec 15 12:55:58 2023 by rpki-client on console-ams.rpki-client.org