Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6EA5D3C2010511EE8C750D39C4F9AE02.roa
File: 6EA5D3C2010511EE8C750D39C4F9AE02.roa (raw, json)
Hash identifier: Fui5gwOWIS1VLPmuekUuSODWEbo5RzEKYv0iKx/u5dk=
Subject key identifier: 28:9F:F6:AB:0E:04:DB:B1:BC:0F:0E:41:EC:8A:ED:03:BB:16:6D:EF
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 732F
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6EA5D3C2010511EE8C750D39C4F9AE02.roa
Signing time: Fri 02 Jun 2023 05:22:14 +0000
ROA not before: Fri 02 Jun 2023 05:22:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136290
IP address blocks: 103.21.68.0/23 maxlen: 24
103.48.70.0/23 maxlen: 24
2407:b7c0::/32 maxlen: 32
2407:b7c0::/40 maxlen: 48
2407:b7c0:100::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 21 Feb 2024 07:28:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29487 (0x732f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jun 2 05:22:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64797c86-5757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:56:4d:77:cc:08:b1:9a:24:c3:c2:4e:f9:12:
43:c9:c3:e0:0c:31:4b:8e:70:60:b2:69:8a:30:95:
04:20:46:0a:70:7b:d3:95:df:fb:df:d5:7c:19:81:
ca:31:8d:3a:79:68:37:6a:84:e5:3d:2c:1c:8f:74:
ad:db:69:b1:7f:78:0b:00:8f:43:34:8e:0a:97:f4:
40:3b:9e:1b:c2:e1:4f:59:0d:82:5f:a7:4d:3c:4e:
43:75:93:8e:7e:02:5f:25:dc:2a:86:eb:f6:cf:b5:
d7:ff:a9:e1:85:27:d3:1b:3d:4f:17:e6:53:a3:ed:
fb:7a:68:9d:06:9e:44:82:27:5d:a9:c6:d7:fd:f1:
a1:8a:72:ff:bf:40:b8:84:f3:0f:07:32:c6:61:74:
b6:3e:bd:9e:74:3a:db:83:9f:9a:0d:89:01:26:89:
b4:2e:f8:0c:2b:c4:f3:c9:5e:e7:dd:3a:98:e9:22:
13:a9:82:3c:f5:7b:61:15:5e:f2:76:bd:f5:92:a0:
34:00:49:6b:41:ce:b0:08:8d:aa:72:f1:95:fe:e8:
06:6a:27:1c:42:18:05:87:3d:3c:99:bb:c1:40:6a:
ef:36:5b:27:d7:bc:58:23:41:12:00:7d:61:49:7a:
2f:fa:ff:36:9d:26:d2:18:14:a4:cc:af:9a:36:e4:
13:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:9F:F6:AB:0E:04:DB:B1:BC:0F:0E:41:EC:8A:ED:03:BB:16:6D:EF
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6EA5D3C2010511EE8C750D39C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.21.68.0/23
103.48.70.0/23
IPv6:
2407:b7c0::/32
Signature Algorithm: sha256WithRSAEncryption
49:af:a4:ab:e7:b9:b1:d8:09:01:3e:c5:2d:93:1f:a9:ef:85:
54:19:f5:33:cd:c6:20:9e:36:42:4a:6b:48:9a:35:12:ae:43:
c9:26:37:18:64:67:3d:74:cc:cd:06:91:a8:ec:82:2f:dc:d5:
e1:b1:d2:74:94:a8:ef:e2:01:cd:5f:f2:08:0b:13:bb:86:22:
d3:c7:d0:75:7f:74:1b:d3:26:09:04:7b:3c:05:d7:d5:a8:16:
d3:95:cb:d6:bc:f0:55:7d:10:c0:8f:45:47:7b:06:25:ae:8f:
fd:ac:ea:55:00:ab:3e:43:f7:e0:f7:54:be:e3:67:de:c8:c2:
18:bf:07:39:d2:80:80:c0:ca:14:89:d9:fe:ef:7a:0a:f4:96:
f5:f5:a1:02:75:f4:c6:ac:b4:9b:75:4c:d9:02:2e:82:0f:32:
86:92:f0:11:a0:54:a8:dc:5c:01:40:52:9b:1b:24:4a:a9:0a:
60:74:3e:e5:9b:2d:e0:9e:44:db:1d:7d:67:84:75:59:6e:1e:
bb:3a:b9:e0:b1:26:6a:61:c4:a0:53:46:97:72:1d:e9:13:ae:
a6:b4:40:9a:4b:c1:fc:d2:6f:3c:61:3a:bb:1f:7d:5c:44:36:
c2:f6:44:5e:2d:f9:e5:35:7a:bb:68:9d:a4:7c:c8:47:af:36:
b6:e4:04:a0
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICcy8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNjAyMDUyMjE0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc5N2M4Ni01NzU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu1ZNd8wIsZokw8JO+RJDycPgDDFLjnBgsmmKMJUEIEYKcHvTld/739V8GYHK
MY06eWg3aoTlPSwcj3St22mxf3gLAI9DNI4Kl/RAO54bwuFPWQ2CX6dNPE5DdZOO
fgJfJdwqhuv2z7XX/6nhhSfTGz1PF+ZTo+37emidBp5EgiddqcbX/fGhinL/v0C4
hPMPBzLGYXS2Pr2edDrbg5+aDYkBJom0LvgMK8TzyV7n3TqY6SITqYI89XthFV7y
dr31kqA0AElrQc6wCI2qcvGV/ugGaiccQhgFhz08mbvBQGrvNlsn17xYI0ESAH1h
SXov+v82nSbSGBSkzK+aNuQTxQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFCif9qsO
BNuxvA8OQeyK7QO7Fm3vMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNkVBNUQzQzIw
MTA1MTFFRThDNzUwRDM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAFnFUQDBAFnMEYwDQQCAAIwBwMFACQHt8AwDQYJKoZIhvcN
AQELBQADggEBAEmvpKvnubHYCQE+xS2TH6nvhVQZ9TPNxiCeNkJKa0iaNRKuQ8km
NxhkZz10zM0Gkajsgi/c1eGx0nSUqO/iAc1f8ggLE7uGItPH0HV/dBvTJgkEezwF
19WoFtOVy9a88FV9EMCPRUd7BiWuj/2s6lUAqz5D9+D3VL7jZ97Iwhi/BznSgIDA
yhSJ2f7vegr0lvX1oQJ19MastJt1TNkCLoIPMoaS8BGgVKjcXAFAUpsbJEqpCmB0
PuWbLeCeRNsdfWeEdVluHrs6ueCxJmphxKBTRpdyHekTrqa0QJpLwfzSbzxhOrsf
fVxENsL2RF4t+eU1ertonaR8yEevNrbkBKA=
-----END CERTIFICATE-----
Generated at Wed Feb 21 08:49:08 2024 by rpki-client on console-ams.rpki-client.org