Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6BEBF582AC0911EC8249F738C4F9AE02.roa
File: 6BEBF582AC0911EC8249F738C4F9AE02.roa (raw, json)
Hash identifier: spcy9l1/2QZpx6duoclQ3hEFEj6WoMS3c/98zl6W5sQ=
Subject key identifier: 57:3B:71:D2:0E:90:F8:A9:E9:CD:77:AE:9F:C7:50:2B:3B:38:94:B0
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6F44
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6BEBF582AC0911EC8249F738C4F9AE02.roa
Signing time: Wed 10 May 2023 16:37:59 +0000
ROA not before: Wed 10 May 2023 16:37:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142419
IP address blocks: 103.170.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jan 2024 06:03:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28484 (0x6f44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:37:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc867-79d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d4:eb:1a:e0:17:99:dc:18:c3:45:f0:36:b1:
34:7b:95:2e:e8:cd:06:66:b3:40:72:71:7b:82:28:
eb:9d:1d:bc:96:c5:ea:ce:be:04:5e:95:ce:fd:d0:
d5:66:73:50:cd:5b:29:32:e3:ac:a9:19:95:6e:6a:
cb:61:61:be:14:e0:06:e6:9e:99:ab:23:2f:fc:e5:
9f:aa:a5:5e:72:60:48:b6:3a:6d:64:83:7a:04:99:
9a:2e:0e:a1:2f:62:2a:e7:32:47:c7:c0:fa:ee:76:
16:8a:b9:95:b2:6a:f9:b2:2f:7a:22:40:d4:e7:f8:
66:a7:d7:c3:f3:b5:95:2b:a4:8f:d4:a3:f7:a5:66:
d1:e0:c4:8f:f9:9f:84:45:2d:9c:67:67:0f:c4:ba:
89:61:52:86:e8:b6:5e:b2:11:8d:63:ca:30:75:b3:
aa:00:75:c3:9a:f8:54:e1:99:4d:59:ac:1e:7e:9c:
87:8f:26:f8:c9:a9:d8:77:69:0e:8c:cc:42:f1:3d:
ba:6e:e2:60:51:51:5d:03:d3:15:d5:c4:e3:0b:5a:
e4:86:cd:2a:a6:92:b4:87:73:82:b0:1c:14:61:84:
d4:90:24:41:39:e2:f3:25:f9:6a:33:75:31:e7:fb:
e3:77:76:38:c0:ac:7b:f0:1e:91:d5:96:6b:f5:d1:
1b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:3B:71:D2:0E:90:F8:A9:E9:CD:77:AE:9F:C7:50:2B:3B:38:94:B0
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6BEBF582AC0911EC8249F738C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.170.21.0/24
Signature Algorithm: sha256WithRSAEncryption
32:e2:60:e0:82:90:b2:e5:87:79:76:bd:7e:56:bb:80:6b:6e:
b5:a4:72:8e:30:d7:c0:f5:3a:5a:2e:98:10:d5:bf:07:2c:93:
39:0b:67:af:64:e4:56:9d:99:96:dd:03:c9:fc:d7:e6:6d:41:
97:f6:98:56:2e:17:b9:9a:0e:bc:f9:37:9e:39:cf:83:89:c6:
19:18:17:40:5d:1e:28:73:4e:df:cd:1d:f1:c1:a3:b8:d9:4d:
28:f4:ac:44:b5:e5:20:9a:41:04:73:08:0f:ba:a5:0f:92:47:
c0:54:56:44:22:32:a9:9e:d3:f4:5a:be:57:08:3e:41:37:a0:
4e:5b:cf:63:d5:41:0d:45:2c:e0:7d:6e:5a:c5:43:59:62:8d:
5f:64:e6:4e:06:72:a8:6e:25:2c:6a:8e:75:da:a3:b2:82:a6:
46:8c:9e:3f:0f:ef:9e:97:fe:57:9b:b6:10:a4:9c:b6:59:3a:
24:4c:16:99:b6:98:ea:5f:13:35:9f:19:3a:9f:7a:fe:0a:5d:
c7:54:5a:1c:5f:ae:74:21:48:24:97:fc:22:a2:72:a7:36:90:
78:cd:69:eb:ae:e9:e1:bf:bf:e6:28:a2:93:8a:7f:5c:7e:38:
19:fe:75:c5:2e:87:bd:96:db:9b:ec:23:cb:af:d6:c4:13:1c:
d2:f9:23:cd
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICb0QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYzNzU5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzg2Ny03OWQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw9TrGuAXmdwYw0XwNrE0e5Uu6M0GZrNAcnF7gijrnR28lsXqzr4EXpXO/dDV
ZnNQzVspMuOsqRmVbmrLYWG+FOAG5p6ZqyMv/OWfqqVecmBItjptZIN6BJmaLg6h
L2Iq5zJHx8D67nYWirmVsmr5si96IkDU5/hmp9fD87WVK6SP1KP3pWbR4MSP+Z+E
RS2cZ2cPxLqJYVKG6LZeshGNY8owdbOqAHXDmvhU4ZlNWawefpyHjyb4yanYd2kO
jMxC8T26buJgUVFdA9MV1cTjC1rkhs0qppK0h3OCsBwUYYTUkCRBOeLzJflqM3Ux
5/vjd3Y4wKx78B6R1ZZr9dEb5QIDAQABo4IClTCCApEwHQYDVR0OBBYEFFc7cdIO
kPip6c13rp/HUCs7OJSwMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNkJFQkY1ODJB
QzA5MTFFQzgyNDlGNzM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnqhUwDQYJKoZIhvcNAQELBQADggEBADLiYOCCkLLlh3l2
vX5Wu4BrbrWkco4w18D1OloumBDVvwcskzkLZ69k5FadmZbdA8n81+ZtQZf2mFYu
F7maDrz5N545z4OJxhkYF0BdHihzTt/NHfHBo7jZTSj0rES15SCaQQRzCA+6pQ+S
R8BUVkQiMqme0/RavlcIPkE3oE5bz2PVQQ1FLOB9blrFQ1lijV9k5k4GcqhuJSxq
jnXao7KCpkaMnj8P756X/lebthCknLZZOiRMFpm2mOpfEzWfGTqfev4KXcdUWhxf
rnQhSCSX/CKicqc2kHjNaeuu6eG/v+YoopOKf1x+OBn+dcUuh72W25vsI8uv1sQT
HNL5I80=
-----END CERTIFICATE-----
Generated at Tue Jan 9 07:14:14 2024 by rpki-client on console-fra.rpki-client.org