Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/71267B1067E011EDBECF3A51C4F9AE02.roa
File: 71267B1067E011EDBECF3A51C4F9AE02.roa (raw, json)
Hash identifier: uwymnEMzCyt3UM6vU9wEUc8JZw0wFg3Q21aQLXlsG10=
Subject key identifier: B1:B2:E7:A4:03:CF:52:6E:A5:C8:ED:9E:05:52:D5:A1:2E:87:4F:60
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7768
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/71267B1067E011EDBECF3A51C4F9AE02.roa
Signing time: Fri 11 Aug 2023 11:33:35 +0000
ROA not before: Fri 11 Aug 2023 11:33:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150101
IP address blocks: 45.125.252.0/24 maxlen: 24
45.125.253.0/24 maxlen: 24
45.125.254.0/24 maxlen: 24
45.125.255.0/24 maxlen: 24
103.199.184.0/24 maxlen: 24
103.199.185.0/24 maxlen: 24
103.199.186.0/24 maxlen: 24
103.199.187.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30568 (0x7768)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 11 11:33:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64d61c8f-1ff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5f:b7:6f:52:8f:0f:7f:7e:d9:d8:d7:62:6c:
92:df:12:e7:db:6f:e7:e9:9a:e2:88:ca:7c:ff:71:
d7:70:ec:3c:a4:8d:31:5b:93:b0:a3:df:e2:e6:85:
2f:3c:2e:18:7a:bf:b1:c0:71:ae:83:72:b4:a2:e1:
99:4b:ab:55:f4:4c:2e:92:6d:a3:29:4f:b5:00:20:
6b:53:2b:d0:fc:82:89:11:11:ac:c4:31:97:cd:56:
42:ff:d3:fd:91:55:00:b2:53:d6:6a:ce:00:19:9c:
d1:7b:1e:28:67:9f:c4:56:09:92:a7:b1:4e:0e:a4:
d4:a7:2b:a9:0d:86:6d:59:43:a7:a2:f2:65:24:75:
41:0d:72:96:91:d7:a7:77:cc:74:6f:fc:33:05:8f:
41:96:97:30:89:67:38:d8:21:6d:12:93:f2:4b:72:
64:5b:6d:7b:95:ee:00:d6:fb:01:e3:7f:fa:5f:4b:
dc:0e:12:d8:f5:61:e6:d5:20:1e:63:8d:c6:86:6f:
85:d1:a9:04:7a:a7:9b:52:13:87:02:3e:af:e6:ff:
de:5b:44:48:32:89:99:d1:61:73:5f:89:32:f3:76:
ec:07:07:bf:94:6e:1c:95:b9:be:89:c8:fe:fa:83:
a7:be:d9:f2:84:31:44:25:73:53:8a:d2:d7:59:8f:
c7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B2:E7:A4:03:CF:52:6E:A5:C8:ED:9E:05:52:D5:A1:2E:87:4F:60
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/71267B1067E011EDBECF3A51C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.125.252.0/22
103.199.184.0/22
Signature Algorithm: sha256WithRSAEncryption
01:54:21:f0:5c:7c:b2:c0:0d:97:90:af:49:c7:f1:b6:f3:b3:
9b:9a:4f:c5:19:9e:cf:45:ad:9e:73:4a:f8:4e:38:ea:af:bb:
bf:63:99:47:6d:68:54:0a:12:44:a1:b3:33:4f:23:05:0f:fb:
60:59:8b:fc:e9:bf:41:0f:1e:1f:c0:dc:fc:9d:0a:63:5a:80:
78:ee:12:68:cb:22:9e:2e:fb:bc:53:1a:8e:c9:a8:78:eb:45:
2f:e0:8a:c1:86:13:7e:75:53:58:10:91:6b:17:7b:c9:10:01:
50:d0:ef:97:21:11:f0:80:8b:fd:d4:dc:dc:b7:39:38:dc:b2:
40:99:c2:cd:fa:b8:a4:b3:ac:f4:2e:45:cf:6f:ae:8f:3b:e0:
ba:2d:2f:4b:0c:66:8f:bc:89:a2:4f:34:5b:e6:bc:0f:5b:62:
4d:0d:3b:aa:82:9c:91:88:36:0f:ea:09:62:95:60:d5:39:b6:
82:03:54:d3:48:85:6d:8f:54:62:94:fe:14:00:48:0c:42:5a:
95:bd:2c:ef:59:8e:cc:fe:a0:a0:03:96:2a:34:49:cb:c1:2d:
0d:6f:3f:6c:b3:77:33:14:66:b8:e4:2a:76:aa:c2:a3:6e:07:
b9:3f:2f:18:fb:a7:0e:eb:f5:70:79:92:35:c9:71:d3:4c:3a:
7a:cc:5f:9c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICd2gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwODExMTEzMzM1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQ2MWM4Zi0xZmY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv1+3b1KPD39+2djXYmyS3xLn22/n6ZriiMp8/3HXcOw8pI0xW5Owo9/i5oUv
PC4Yer+xwHGug3K0ouGZS6tV9Ewukm2jKU+1ACBrUyvQ/IKJERGsxDGXzVZC/9P9
kVUAslPWas4AGZzRex4oZ5/EVgmSp7FODqTUpyupDYZtWUOnovJlJHVBDXKWkden
d8x0b/wzBY9BlpcwiWc42CFtEpPyS3JkW217le4A1vsB43/6X0vcDhLY9WHm1SAe
Y43Ghm+F0akEeqebUhOHAj6v5v/eW0RIMomZ0WFzX4ky83bsBwe/lG4clbm+icj+
+oOnvtnyhDFEJXNTitLXWY/HzQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLGy56QD
z1JupcjtngVS1aEuh09gMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNzEyNjdCMTA2
N0UwMTFFREJFQ0YzQTUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAItffwDBAJnx7gwDQYJKoZIhvcNAQELBQADggEBAAFUIfBc
fLLADZeQr0nH8bbzs5uaT8UZns9FrZ5zSvhOOOqvu79jmUdtaFQKEkShszNPIwUP
+2BZi/zpv0EPHh/A3PydCmNagHjuEmjLIp4u+7xTGo7JqHjrRS/gisGGE351U1gQ
kWsXe8kQAVDQ75chEfCAi/3U3Ny3OTjcskCZws36uKSzrPQuRc9vro874LotL0sM
Zo+8iaJPNFvmvA9bYk0NO6qCnJGINg/qCWKVYNU5toIDVNNIhW2PVGKU/hQASAxC
WpW9LO9Zjsz+oKADlio0ScvBLQ1vP2yzdzMUZrjkKnaqwqNuB7k/Lxj7pw7r9XB5
kjXJcdNMOnrMX5w=
-----END CERTIFICATE-----
Generated at Tue Nov 7 06:00:09 2023 by rpki-client on console-fra.rpki-client.org