Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6B8C8CDAED6411ED93157847C4F9AE02.roa
File: 6B8C8CDAED6411ED93157847C4F9AE02.roa (raw, json)
Hash identifier: kqKzmnAfj3XuW0OZeliv++U5SRgkSIoXyMSSgbMnP9E=
Subject key identifier: 6D:E0:28:A3:CC:DB:54:1B:CA:98:7F:EA:16:B0:E1:01:24:B3:A0:3A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 72D2
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6B8C8CDAED6411ED93157847C4F9AE02.roa
Signing time: Fri 26 May 2023 13:02:11 +0000
ROA not before: Fri 26 May 2023 13:02:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58906
IP address blocks: 43.240.5.0/24 maxlen: 24
45.64.9.0/24 maxlen: 24
45.248.25.0/24 maxlen: 24
103.47.14.0/24 maxlen: 24
103.62.147.0/24 maxlen: 24
103.98.53.0/24 maxlen: 24
103.101.117.0/24 maxlen: 24
103.182.160.0/23 maxlen: 24
103.211.190.0/23 maxlen: 24
103.225.204.0/24 maxlen: 24
103.248.120.0/24 maxlen: 24
103.248.122.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29394 (0x72d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 26 13:02:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6470add3-f819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:30:8d:84:63:ee:75:aa:6b:57:57:21:bb:0a:
83:e6:df:ff:44:0c:fc:ae:a5:24:91:22:71:e1:b6:
c9:35:56:11:2f:88:23:b1:2a:ee:b9:87:86:8b:3d:
02:3d:6b:7d:20:6d:f1:64:d9:1f:54:9e:5a:4c:60:
b8:b8:84:8f:a9:53:00:b3:cb:f4:21:80:95:18:69:
c0:b4:11:f1:2a:1d:35:03:cf:b1:66:36:46:ce:02:
21:9a:01:5c:95:1a:1b:5e:b4:51:3e:a7:8f:a3:d3:
a0:16:08:7b:d2:f8:b7:f4:32:7e:36:02:3a:7c:f4:
94:c2:e5:e4:4b:45:5a:67:65:cd:73:ec:01:df:23:
f6:47:13:b5:5d:64:b7:da:b2:ca:35:73:be:64:30:
af:2b:d1:9e:63:6a:ca:89:16:d5:b0:49:8f:cd:a2:
9c:f3:03:4a:b1:ba:cf:65:e6:6b:e9:8f:5f:69:12:
49:63:ce:c5:bc:f7:d6:5a:02:fe:a2:a1:9f:8e:88:
a2:e0:b1:a1:23:b7:29:b4:4f:68:d3:c0:4d:74:70:
86:68:99:7d:b0:10:a4:ae:42:52:3a:ea:a0:d0:1d:
58:26:28:9a:cd:e8:fd:b6:87:26:4a:a5:7e:27:86:
1e:4a:f2:a5:c4:f8:eb:12:5a:77:e9:ac:16:b7:32:
db:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E0:28:A3:CC:DB:54:1B:CA:98:7F:EA:16:B0:E1:01:24:B3:A0:3A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6B8C8CDAED6411ED93157847C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.5.0/24
45.64.9.0/24
45.248.25.0/24
103.47.14.0/24
103.62.147.0/24
103.98.53.0/24
103.101.117.0/24
103.182.160.0/23
103.211.190.0/23
103.225.204.0/24
103.248.120.0/24
103.248.122.0/23
Signature Algorithm: sha256WithRSAEncryption
84:a5:68:93:9f:fc:1f:cd:c7:d1:9d:cb:8d:b2:01:3f:ec:4c:
e2:10:6a:fa:08:15:bf:10:c4:79:ca:f4:60:2e:a9:58:98:58:
99:5a:1e:b8:1b:61:c0:0b:ab:19:83:8b:34:96:6f:ed:0f:fc:
87:07:ff:6f:26:f4:eb:7b:9a:71:73:56:12:da:8b:4b:d3:40:
bc:34:78:f5:a6:d8:ff:f5:e7:8c:6e:f5:fe:52:e7:61:5f:21:
0f:b9:e2:d1:a4:cd:9a:a9:d5:75:44:7f:61:74:16:9d:5e:b4:
72:7f:aa:aa:68:51:0e:e7:64:43:48:a8:1f:e6:fa:53:c9:85:
26:56:fc:42:d1:2a:e7:83:1d:1c:dc:6b:b8:9f:43:1b:d6:51:
b5:a5:a1:d2:a2:96:bb:4a:9d:cd:6a:24:65:cd:bf:01:ad:9a:
59:13:a8:d0:3f:f1:f7:c6:a5:84:24:f9:ec:0c:95:ef:c7:9d:
66:02:43:30:64:61:c2:21:83:bb:e9:99:ba:2f:c9:10:dc:5d:
02:2c:d4:d0:88:7b:ab:b2:79:16:8c:c6:10:f0:b0:1f:fa:08:
47:ff:38:38:13:91:9d:29:97:27:6a:04:c1:1b:e5:ab:4c:e0:
23:50:af:73:84:f2:a6:04:6d:db:f9:0f:a0:fc:c8:14:69:80:
87:90:5c:1d
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgICctIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTI2MTMwMjExWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDcwYWRkMy1mODE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxzCNhGPudaprV1chuwqD5t//RAz8rqUkkSJx4bbJNVYRL4gjsSruuYeGiz0C
PWt9IG3xZNkfVJ5aTGC4uISPqVMAs8v0IYCVGGnAtBHxKh01A8+xZjZGzgIhmgFc
lRobXrRRPqePo9OgFgh70vi39DJ+NgI6fPSUwuXkS0VaZ2XNc+wB3yP2RxO1XWS3
2rLKNXO+ZDCvK9GeY2rKiRbVsEmPzaKc8wNKsbrPZeZr6Y9faRJJY87FvPfWWgL+
oqGfjoii4LGhI7cptE9o08BNdHCGaJl9sBCkrkJSOuqg0B1YJiiazej9tocmSqV+
J4YeSvKlxPjrElp36awWtzLb2QIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFG3gKKPM
21Qbyph/6haw4QEks6A6MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNkI4QzhDREFF
RDY0MTFFRDkzMTU3ODQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYQYIKwYBBQUHAQcBAf8E
UjBQME4EAgABMEgDBAAr8AUDBAAtQAkDBAAt+BkDBABnLw4DBABnPpMDBABnYjUD
BABnZXUDBAFntqADBAFn074DBABn4cwDBABn+HgDBAFn+HowDQYJKoZIhvcNAQEL
BQADggEBAISlaJOf/B/Nx9Gdy42yAT/sTOIQavoIFb8QxHnK9GAuqViYWJlaHrgb
YcALqxmDizSWb+0P/IcH/28m9Ot7mnFzVhLai0vTQLw0ePWm2P/154xu9f5S52Ff
IQ+54tGkzZqp1XVEf2F0Fp1etHJ/qqpoUQ7nZENIqB/m+lPJhSZW/ELRKueDHRzc
a7ifQxvWUbWlodKilrtKnc1qJGXNvwGtmlkTqNA/8ffGpYQk+ewMle/HnWYCQzBk
YcIhg7vpmbovyRDcXQIs1NCIe6uyeRaMxhDwsB/6CEf/ODgTkZ0plydqBMEb5atM
4CNQr3OE8qYEbdv5D6D8yBRpgIeQXB0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:52 2023 by rpki-client on console-ams.rpki-client.org