Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4F75E130BDCF11EA8755D90DC4F9AE02.roa
File: 4F75E130BDCF11EA8755D90DC4F9AE02.roa (raw, json)
Hash identifier: IlhHGOAJQOIr+mexPSQJj00zlLWWpMRvIPa+R2Bu4TU=
Subject key identifier: F3:71:E2:F8:9C:B1:1F:04:FD:FE:5A:F5:C0:58:E9:FB:5A:2E:62:EC
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7EB1
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4F75E130BDCF11EA8755D90DC4F9AE02.roa
Signing time: Thu 23 Nov 2023 07:26:26 +0000
ROA not before: Thu 23 Nov 2023 07:26:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132757
IP address blocks: 45.251.232.0/22 maxlen: 24
103.141.92.0/23 maxlen: 24
103.166.109.0/24 maxlen: 24
103.220.208.0/22 maxlen: 24
103.240.26.0/23 maxlen: 24
2401:2ba0::/32 maxlen: 34
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32433 (0x7eb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Nov 23 07:26:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=655efea1-bfdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:9e:75:3a:96:2d:b1:06:e8:35:4e:12:8d:bb:
69:fb:2d:84:e1:16:bc:fa:25:2d:0d:86:e9:0a:51:
14:6c:f4:53:63:00:61:6e:2b:2e:4b:f1:d1:e8:ca:
0e:94:86:f2:f5:e6:98:4f:9e:68:87:7e:0c:65:2d:
40:6e:d9:64:23:5c:60:6f:fd:1f:3b:e2:ee:55:d0:
47:14:31:54:36:d4:b7:4a:14:39:72:45:e1:32:2e:
83:30:09:f6:91:5b:f0:12:76:82:43:bc:79:a4:6c:
dd:42:6a:ec:80:41:9f:f5:ce:87:db:ea:cf:6a:be:
c4:a2:0c:fa:75:b1:66:89:39:23:05:22:ee:b5:a5:
06:98:9d:d8:33:37:2d:70:05:f6:30:cd:e2:10:c2:
49:53:ef:7b:70:36:2f:84:46:4c:dc:80:25:30:c8:
b0:c7:6b:ed:3f:1a:c8:26:15:6d:31:7f:31:85:2a:
7a:14:5f:23:91:ac:f8:e3:49:5e:cd:94:fe:10:4f:
ea:c3:87:b1:5a:d0:79:6e:5f:df:ec:43:46:f4:87:
ae:f0:fa:73:9a:4f:ef:31:45:56:fa:24:44:6e:ce:
71:dd:90:c9:41:fb:fe:5f:b7:44:2b:d0:40:db:24:
71:86:91:a4:7b:ed:2f:21:1f:81:7e:c6:20:6b:f4:
39:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:71:E2:F8:9C:B1:1F:04:FD:FE:5A:F5:C0:58:E9:FB:5A:2E:62:EC
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4F75E130BDCF11EA8755D90DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.251.232.0/22
103.141.92.0/23
103.166.109.0/24
103.220.208.0/22
103.240.26.0/23
IPv6:
2401:2ba0::/32
Signature Algorithm: sha256WithRSAEncryption
77:e9:05:3e:0a:60:35:45:cd:2c:77:b3:f2:46:82:f7:3c:8b:
4e:40:33:05:9f:88:91:ca:f2:8d:b7:05:de:c7:73:92:ff:e4:
bf:74:2e:66:69:26:02:e8:83:34:94:40:57:d5:07:c0:18:1d:
3e:14:db:e0:a4:d7:45:b3:40:3d:7e:60:ec:02:3a:30:8c:e6:
c8:f1:a0:22:a0:b5:5d:91:d3:59:93:60:0c:87:04:3e:8a:f9:
72:9c:e5:fa:76:9e:1b:99:61:63:73:03:d5:9c:3f:c0:d7:d1:
49:e1:a9:ce:ce:7f:64:c1:a1:0c:ec:da:c9:e2:f5:1a:f9:80:
03:0e:13:72:0e:65:89:85:1a:2d:b9:fc:ef:9f:fa:e1:9e:04:
84:e9:ab:5c:5d:31:46:22:70:c9:9c:32:84:d7:ed:42:6e:35:
c4:ab:17:36:da:23:73:3d:d3:fa:54:8a:84:db:3c:25:54:de:
30:4b:f9:49:e0:7d:9e:85:01:40:7b:37:99:63:2f:c8:db:71:
56:ef:5e:37:79:f0:51:55:5f:73:bb:97:70:83:8a:f5:22:11:
4a:f0:2f:df:7a:66:e1:d0:99:ed:e8:36:b3:ac:69:fc:47:ec:
f1:a5:64:7b:e5:78:cb:85:bd:47:d1:b6:dc:42:16:3b:57:f3:
91:37:9c:3a
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICfrEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMTIzMDcyNjI2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVlZmVhMS1iZmRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2J51OpYtsQboNU4Sjbtp+y2E4Ra8+iUtDYbpClEUbPRTYwBhbisuS/HR6MoO
lIby9eaYT55oh34MZS1AbtlkI1xgb/0fO+LuVdBHFDFUNtS3ShQ5ckXhMi6DMAn2
kVvwEnaCQ7x5pGzdQmrsgEGf9c6H2+rPar7Eogz6dbFmiTkjBSLutaUGmJ3YMzct
cAX2MM3iEMJJU+97cDYvhEZM3IAlMMiwx2vtPxrIJhVtMX8xhSp6FF8jkaz440le
zZT+EE/qw4exWtB5bl/f7ENG9Ieu8Ppzmk/vMUVW+iREbs5x3ZDJQfv+X7dEK9BA
2yRxhpGke+0vIR+BfsYga/Q5nwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFPNx4vic
sR8E/f5a9cBY6ftaLmLsMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNEY3NUUxMzBC
RENGMTFFQTg3NTVEOTBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAIt++gDBAFnjVwDBABnpm0DBAJn3NADBAFn8BowDQQCAAIw
BwMFACQBK6AwDQYJKoZIhvcNAQELBQADggEBAHfpBT4KYDVFzSx3s/JGgvc8i05A
MwWfiJHK8o23Bd7Hc5L/5L90LmZpJgLogzSUQFfVB8AYHT4U2+Ck10WzQD1+YOwC
OjCM5sjxoCKgtV2R01mTYAyHBD6K+XKc5fp2nhuZYWNzA9WcP8DX0Unhqc7Of2TB
oQzs2sni9Rr5gAMOE3IOZYmFGi25/O+f+uGeBITpq1xdMUYicMmcMoTX7UJuNcSr
FzbaI3M90/pUioTbPCVU3jBL+UngfZ6FAUB7N5ljL8jbcVbvXjd58FFVX3O7l3CD
ivUiEUrwL996ZuHQme3oNrOsafxH7PGlZHvleMuFvUfRttxCFjtX85E3nDo=
-----END CERTIFICATE-----
Generated at Fri Dec 29 12:57:21 2023 by rpki-client on console-fra.rpki-client.org