Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/55F9847E451211EB826EBD37C4F9AE02.roa
File: 55F9847E451211EB826EBD37C4F9AE02.roa (raw, json)
Hash identifier: hyMl0VhFZ/vyIVAo3eTK5jPlDgFQjPIETRWLvpn2GPI=
Subject key identifier: 3A:3F:9B:75:79:2D:49:F8:63:D3:95:67:A9:44:7F:75:69:FB:29:A7
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6B20
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/55F9847E451211EB826EBD37C4F9AE02.roa
Signing time: Wed 10 May 2023 16:18:08 +0000
ROA not before: Wed 10 May 2023 16:18:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134305
IP address blocks: 103.60.212.0/22 maxlen: 23
103.60.212.0/23 maxlen: 24
103.60.214.0/24 maxlen: 24
157.119.108.0/22 maxlen: 24
2001:df4:9300::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27424 (0x6b20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:18:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc3bf-9cbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:10:c1:29:0a:67:6b:7a:12:8d:ed:fc:d4:e9:
fd:e2:f4:33:77:d8:55:00:7c:cb:40:da:d7:6d:fa:
e4:85:65:09:54:26:40:f4:09:ec:c4:59:44:75:df:
fb:33:05:c1:69:33:ff:98:f2:ff:73:de:33:df:dd:
41:82:9c:7e:3f:b4:ba:29:b0:29:98:64:da:a9:36:
18:13:40:6c:e2:c7:05:8c:97:a0:a9:79:b3:a8:98:
2e:9b:81:09:ee:e8:87:88:5c:f7:67:7a:a6:ef:49:
54:15:27:e5:bf:75:48:ab:91:f3:74:bf:f7:1a:f3:
39:db:24:97:17:eb:62:a8:f1:e2:fe:7c:25:02:07:
30:a2:1a:db:c0:ce:3a:55:78:48:e2:e4:e0:0d:05:
f2:2b:24:0d:06:36:d6:2a:8e:a3:ca:31:b0:46:11:
c4:4b:90:ba:3a:b4:72:df:07:95:a3:17:d1:e2:ee:
26:50:1d:a8:10:f7:30:34:c4:24:e0:7b:d5:e3:56:
b5:66:88:35:f5:ca:d3:d3:ab:62:2f:fd:40:6d:37:
fb:c1:dd:2c:e4:a5:bb:2c:e5:6d:63:7e:0b:68:b7:
3d:70:fb:3a:2a:c0:fe:97:cb:93:22:7b:24:60:73:
2a:21:1b:1d:97:d0:81:bb:d3:25:61:fb:21:b7:4f:
de:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:3F:9B:75:79:2D:49:F8:63:D3:95:67:A9:44:7F:75:69:FB:29:A7
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/55F9847E451211EB826EBD37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.60.212.0/22
157.119.108.0/22
IPv6:
2001:df4:9300::/48
Signature Algorithm: sha256WithRSAEncryption
0b:73:99:af:3c:ca:d3:83:4c:69:84:89:f0:a9:61:05:52:2b:
bc:c3:98:31:a4:82:5f:bf:53:c7:76:7e:8d:bb:ca:8d:30:8f:
94:09:51:e1:4d:54:0e:d0:c3:ea:00:ef:4b:df:33:ff:11:fc:
24:fe:0d:10:27:3e:e5:8c:0b:01:58:3c:1a:06:63:0a:1e:52:
bc:c0:f1:3d:80:fe:c9:45:f3:c3:5d:ac:b7:8e:da:4c:61:e1:
17:4f:91:10:c4:88:96:b1:0e:cb:30:fe:d7:36:53:d7:e9:c4:
c6:9d:5f:4d:e5:c2:f2:14:37:e6:ac:ba:88:b1:5c:00:ab:a2:
66:cc:86:99:a9:1b:a2:ac:94:1b:c3:49:a9:13:f1:69:40:45:
94:d0:50:c2:10:82:7a:18:6b:88:d3:57:eb:8e:e6:cd:2a:4b:
d4:c6:94:53:2d:39:8b:33:bf:30:e1:99:c0:30:0d:97:e7:91:
6b:50:0d:c3:04:da:59:89:c1:c2:a5:d2:2b:8b:cc:e6:90:65:
e7:c4:d0:63:82:63:c3:6f:93:48:1e:67:7f:b8:9e:dc:27:0c:
87:ac:dd:90:d6:80:d9:df:d5:ed:68:1e:69:b6:e2:b5:41:d3:
79:91:0f:26:3b:75:f2:64:c5:bc:ae:21:af:bd:f7:95:86:1f:
e8:6b:12:2e
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICayAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYxODA4WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzNiZi05Y2JjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0RDBKQpna3oSje381On94vQzd9hVAHzLQNrXbfrkhWUJVCZA9AnsxFlEdd/7
MwXBaTP/mPL/c94z391Bgpx+P7S6KbApmGTaqTYYE0Bs4scFjJegqXmzqJgum4EJ
7uiHiFz3Z3qm70lUFSflv3VIq5HzdL/3GvM52ySXF+tiqPHi/nwlAgcwohrbwM46
VXhI4uTgDQXyKyQNBjbWKo6jyjGwRhHES5C6OrRy3weVoxfR4u4mUB2oEPcwNMQk
4HvV41a1Zog19crT06tiL/1AbTf7wd0s5KW7LOVtY34LaLc9cPs6KsD+l8uTInsk
YHMqIRsdl9CBu9MlYfsht0/ehwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFDo/m3V5
LUn4Y9OVZ6lEf3Vp+ymnMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNTVGOTg0N0U0
NTEyMTFFQjgyNkVCRDM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAJnPNQDBAKdd2wwDwQCAAIwCQMHACABDfSTADANBgkqhkiG
9w0BAQsFAAOCAQEAC3OZrzzK04NMaYSJ8KlhBVIrvMOYMaSCX79Tx3Z+jbvKjTCP
lAlR4U1UDtDD6gDvS98z/xH8JP4NECc+5YwLAVg8GgZjCh5SvMDxPYD+yUXzw12s
t47aTGHhF0+REMSIlrEOyzD+1zZT1+nExp1fTeXC8hQ35qy6iLFcAKuiZsyGmakb
oqyUG8NJqRPxaUBFlNBQwhCCehhriNNX647mzSpL1MaUUy05izO/MOGZwDANl+eR
a1ANwwTaWYnBwqXSK4vM5pBl58TQY4Jjw2+TSB5nf7ie3CcMh6zdkNaA2d/V7Wge
abbitUHTeZEPJjt18mTFvK4hr733lYYf6GsSLg==
-----END CERTIFICATE-----
Generated at Thu Nov 23 07:05:20 2023 by rpki-client on console-fra.rpki-client.org