Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/72737BF2690211EEB9965771C4F9AE02.roa
File: 72737BF2690211EEB9965771C4F9AE02.roa (raw, json)
Hash identifier: ynQw/v4rKfcwqtV7LpiD4ltyn/gTBE7is0g0Ecl3oww=
Subject key identifier: 3F:F6:B9:53:A0:96:7E:3C:21:66:A7:61:CD:89:30:0E:13:CA:CF:93
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7BE0
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/72737BF2690211EEB9965771C4F9AE02.roa
Signing time: Fri 13 Oct 2023 11:05:37 +0000
ROA not before: Fri 13 Oct 2023 11:05:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138768
IP address blocks: 103.69.239.0/24 maxlen: 24
103.88.56.0/24 maxlen: 24
103.139.190.0/23 maxlen: 24
103.178.176.0/24 maxlen: 24
103.178.177.0/24 maxlen: 24
103.184.236.0/24 maxlen: 24
103.184.237.0/24 maxlen: 24
103.191.202.0/23 maxlen: 24
2001:df0:3bc0::/48 maxlen: 48
2001:df0:9340::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31712 (0x7be0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Oct 13 11:05:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65292481-2b4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8f:6c:c6:dc:cb:5f:8f:6d:e0:4b:c6:4b:a8:
2f:d7:5e:42:82:09:6e:54:65:45:6c:2b:48:dc:37:
85:64:71:c3:8f:17:03:50:0c:ca:8d:e8:51:27:e6:
74:1c:e0:41:3e:ca:30:58:fe:bd:cf:5d:c0:0e:0c:
87:85:f0:27:4b:66:61:c1:6d:ce:96:03:97:fc:9d:
9b:1c:d2:5f:05:37:91:0f:f3:73:11:17:7c:ea:e7:
4d:0a:b6:90:c3:9a:65:57:1d:be:f1:56:1a:5c:ab:
89:ba:33:0e:ae:32:cc:cd:45:55:f6:8b:64:51:37:
eb:8e:03:2e:ad:d5:00:7f:cc:6d:d9:e8:88:8f:e6:
72:c1:87:08:0a:70:21:86:f8:06:66:09:08:0b:4e:
72:64:00:27:ca:78:4e:a6:e2:78:ef:c4:39:4c:bf:
e3:4d:3d:64:7f:69:2a:68:a0:f4:60:77:42:21:93:
09:27:f4:15:7d:c3:9d:78:e5:13:1f:a3:15:57:31:
ea:d2:11:59:cd:6d:d6:15:22:2b:f6:dc:86:43:8c:
4d:72:56:9e:d8:76:65:dd:55:e4:d8:82:d2:21:34:
36:73:7b:7b:61:e2:98:f0:7a:4a:a8:91:55:e3:bb:
c3:a1:e1:5a:40:af:9b:e2:21:7b:07:9c:77:5f:d9:
27:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:F6:B9:53:A0:96:7E:3C:21:66:A7:61:CD:89:30:0E:13:CA:CF:93
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/72737BF2690211EEB9965771C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.69.239.0/24
103.88.56.0/24
103.139.190.0/23
103.178.176.0/23
103.184.236.0/23
103.191.202.0/23
IPv6:
2001:df0:3bc0::/48
2001:df0:9340::/48
Signature Algorithm: sha256WithRSAEncryption
65:cc:c9:86:54:e9:43:53:92:85:fe:ce:c8:81:7e:6c:e0:fc:
db:0a:dd:ad:89:4f:20:db:4f:ab:3b:d4:87:88:9c:bf:12:fc:
85:57:10:47:bb:80:09:65:2c:91:f0:66:94:02:e3:f8:60:9d:
79:30:5e:b1:83:ad:c9:ed:0a:6b:63:6b:9b:aa:d7:77:61:ba:
c5:f3:11:7b:b3:2f:4a:c5:76:a5:de:09:69:c8:30:7f:cc:36:
a3:73:22:6c:c3:29:b0:1c:6b:0b:df:18:8b:5d:7b:f3:64:6f:
f8:65:1a:e4:40:23:01:37:96:4d:69:0f:c1:20:2e:93:1f:1a:
7b:f9:0d:02:57:13:fa:fa:cb:29:c1:f4:b7:d7:66:af:c1:d8:
21:b5:2e:7f:fd:79:71:5f:68:91:35:e4:b0:07:6f:6e:e3:0d:
9d:d8:c7:6e:83:d9:5f:df:1d:8f:09:f2:95:55:ea:be:9e:4c:
bb:a7:e4:e9:65:2e:88:a0:cb:aa:ab:dc:02:a4:66:36:8b:0b:
dc:0d:d0:d2:e8:62:a5:50:58:5f:12:ea:8d:6e:8d:c2:49:df:
00:14:92:5e:58:0d:68:8f:45:47:45:b5:6d:6f:85:2a:fe:b8:
24:a6:d0:e7:37:62:2d:58:74:38:c8:55:08:1a:33:9c:0b:83:
fe:38:d0:19
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgICe+AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMDEzMTEwNTM3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI5MjQ4MS0yYjRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsI9sxtzLX49t4EvGS6gv115CggluVGVFbCtI3DeFZHHDjxcDUAzKjehRJ+Z0
HOBBPsowWP69z13ADgyHhfAnS2ZhwW3OlgOX/J2bHNJfBTeRD/NzERd86udNCraQ
w5plVx2+8VYaXKuJujMOrjLMzUVV9otkUTfrjgMurdUAf8xt2eiIj+ZywYcICnAh
hvgGZgkIC05yZAAnynhOpuJ478Q5TL/jTT1kf2kqaKD0YHdCIZMJJ/QVfcOdeOUT
H6MVVzHq0hFZzW3WFSIr9tyGQ4xNclae2HZl3VXk2ILSITQ2c3t7YeKY8HpKqJFV
47vDoeFaQK+b4iF7B5x3X9knUQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFD/2uVOg
ln48IWanYc2JMA4Tys+TMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNzI3MzdCRjI2
OTAyMTFFRUI5OTY1NzcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVwYIKwYBBQUHAQcBAf8E
SDBGMCoEAgABMCQDBABnRe8DBABnWDgDBAFni74DBAFnsrADBAFnuOwDBAFnv8ow
GAQCAAIwEgMHACABDfA7wAMHACABDfCTQDANBgkqhkiG9w0BAQsFAAOCAQEAZczJ
hlTpQ1OShf7OyIF+bOD82wrdrYlPINtPqzvUh4icvxL8hVcQR7uACWUskfBmlALj
+GCdeTBesYOtye0Ka2Nrm6rXd2G6xfMRe7MvSsV2pd4Jacgwf8w2o3MibMMpsBxr
C98Yi11782Rv+GUa5EAjATeWTWkPwSAukx8ae/kNAlcT+vrLKcH0t9dmr8HYIbUu
f/15cV9okTXksAdvbuMNndjHboPZX98djwnylVXqvp5Mu6fk6WUuiKDLqqvcAqRm
NosL3A3Q0uhipVBYXxLqjW6NwknfABSSXlgNaI9FR0W1bW+FKv64JKbQ5zdiLVh0
OMhVCBoznAuD/jjQGQ==
-----END CERTIFICATE-----
Generated at Tue Oct 17 11:57:40 2023 by rpki-client on console-ams.rpki-client.org