Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/66CAE2908E7D11EE9CDDE54AC4F9AE02.roa
File: 66CAE2908E7D11EE9CDDE54AC4F9AE02.roa (raw, json)
Hash identifier: jvnsCkOUQShHPvzRyeyHoqmBQqOdl+t79MXuMv+1imc=
Subject key identifier: 43:A1:38:EC:A1:36:C5:44:28:3F:71:56:2D:56:25:1A:E0:11:3B:FB
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7EFB
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/66CAE2908E7D11EE9CDDE54AC4F9AE02.roa
Signing time: Wed 29 Nov 2023 06:24:27 +0000
ROA not before: Wed 29 Nov 2023 06:24:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137389
IP address blocks: 103.107.36.0/24 maxlen: 24
103.107.37.0/24 maxlen: 24
103.112.47.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32507 (0x7efb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Nov 29 06:24:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6566d91b-8acf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:09:da:7a:34:3f:9c:4d:98:fd:52:92:ee:83:
63:7e:aa:d1:ef:18:e6:60:fb:1c:84:33:42:4b:10:
ba:e7:eb:0f:a4:c6:cd:27:aa:e5:d0:33:15:e3:e5:
60:94:c6:9f:d1:43:9f:46:23:eb:04:91:e3:94:04:
92:04:f6:b6:fa:11:fa:f1:9a:b9:f1:43:2b:64:5c:
78:e0:14:6a:2d:69:68:14:9c:7e:b9:1a:8b:46:7f:
d3:db:b6:e9:a8:22:a6:53:7b:7a:a9:82:b1:b8:0a:
c1:a2:27:7a:dd:c8:7d:02:6a:4c:7e:c8:6e:09:89:
48:5b:de:0d:e0:13:8e:83:95:cf:bf:7c:43:82:dd:
8b:62:7c:53:17:78:b5:2a:a7:f5:d9:be:ec:62:e0:
10:77:07:e1:ff:ee:84:e4:1f:6e:bb:4d:aa:1c:6d:
20:13:1b:35:d0:34:cc:dc:df:ca:69:0a:c8:ac:69:
f4:67:d3:42:92:43:eb:13:d5:dc:a8:9b:38:e1:d6:
0d:29:7b:fc:16:59:25:23:6a:a3:e6:6a:fc:b9:12:
d2:d8:1c:74:56:c8:0f:ca:81:1d:d9:eb:31:a2:96:
75:db:3d:93:17:00:5e:59:15:08:e4:b1:d5:f1:8b:
6b:aa:87:66:c4:85:85:9f:cd:02:bf:a0:2e:c2:78:
91:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A1:38:EC:A1:36:C5:44:28:3F:71:56:2D:56:25:1A:E0:11:3B:FB
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/66CAE2908E7D11EE9CDDE54AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.107.36.0/23
103.112.47.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:36:36:90:59:26:59:92:9a:84:c1:ee:97:b8:5b:9d:61:c3:
8d:52:14:06:c6:f3:26:ba:6d:74:8b:6d:a3:c2:0c:d2:fb:43:
20:36:a0:8a:f0:86:fe:e5:81:7c:90:3d:e2:c0:1e:fc:b5:06:
8f:a9:27:51:3c:60:ad:18:d8:84:0f:4f:c1:c1:3d:da:27:8d:
2e:f3:8d:5b:89:87:ec:f7:47:9e:2f:db:52:ef:77:e9:51:7c:
32:69:8a:b2:33:bf:2e:f0:f7:b9:6e:dd:2b:f4:02:66:a1:8e:
f1:87:47:49:60:89:85:e0:9b:b0:32:f0:11:ef:ca:8d:75:1f:
95:eb:fc:7a:c2:c4:53:73:6a:db:d7:3e:17:e1:37:2e:df:2c:
03:ea:c3:11:ce:58:17:5d:34:f4:70:2a:f5:05:19:5b:6f:e8:
03:25:a6:a9:8a:5e:b3:aa:bd:c9:1e:ec:aa:ac:c1:9b:f5:a8:
ae:e4:17:76:4c:08:59:4e:4f:bb:e7:c9:c4:e7:5f:43:9a:2a:
b6:34:4c:8f:26:40:d4:b6:97:2d:76:9e:d9:04:80:e8:98:bc:
6b:a7:8c:ec:6b:a7:0b:81:fd:cc:a1:7c:bb:e6:cc:cf:2a:8c:
82:5a:47:4c:05:ae:e2:73:f3:3e:43:18:ff:1a:ea:e3:a7:61:
9e:4b:82:11
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICfvswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMTI5MDYyNDI3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTY2ZDkxYi04YWNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsQnaejQ/nE2Y/VKS7oNjfqrR7xjmYPschDNCSxC65+sPpMbNJ6rl0DMV4+Vg
lMaf0UOfRiPrBJHjlASSBPa2+hH68Zq58UMrZFx44BRqLWloFJx+uRqLRn/T27bp
qCKmU3t6qYKxuArBoid63ch9AmpMfshuCYlIW94N4BOOg5XPv3xDgt2LYnxTF3i1
Kqf12b7sYuAQdwfh/+6E5B9uu02qHG0gExs10DTM3N/KaQrIrGn0Z9NCkkPrE9Xc
qJs44dYNKXv8FlklI2qj5mr8uRLS2Bx0VsgPyoEd2esxopZ12z2TFwBeWRUI5LHV
8YtrqodmxIWFn80Cv6AuwniRsQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEOhOOyh
NsVEKD9xVi1WJRrgETv7MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNjZDQUUyOTA4
RTdEMTFFRTlDRERFNTRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnayQDBABncC8wDQYJKoZIhvcNAQELBQADggEBAAs2NpBZ
JlmSmoTB7pe4W51hw41SFAbG8ya6bXSLbaPCDNL7QyA2oIrwhv7lgXyQPeLAHvy1
Bo+pJ1E8YK0Y2IQPT8HBPdonjS7zjVuJh+z3R54v21Lvd+lRfDJpirIzvy7w97lu
3Sv0AmahjvGHR0lgiYXgm7Ay8BHvyo11H5Xr/HrCxFNzatvXPhfhNy7fLAPqwxHO
WBddNPRwKvUFGVtv6AMlpqmKXrOqvcke7KqswZv1qK7kF3ZMCFlOT7vnycTnX0Oa
KrY0TI8mQNS2ly12ntkEgOiYvGunjOxrpwuB/cyhfLvmzM8qjIJaR0wFruJz8z5D
GP8a6uOnYZ5LghE=
-----END CERTIFICATE-----
Generated at Mon Dec 4 11:15:14 2023 by rpki-client on console-ams.rpki-client.org