Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/753EF5689DE411EC882B4982C4F9AE02.roa
File: 753EF5689DE411EC882B4982C4F9AE02.roa (raw, json)
Hash identifier: HCLTlwcey072QJdQySJE43ghmLyPVmPFSrk2aq2aYE8=
Subject key identifier: 44:B1:59:64:64:E1:68:C2:8F:DC:B8:88:3A:BF:A2:E6:BA:6C:53:75
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6A83
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/753EF5689DE411EC882B4982C4F9AE02.roa
Signing time: Wed 10 May 2023 16:15:09 +0000
ROA not before: Wed 10 May 2023 16:15:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133315
IP address blocks: 43.250.132.0/22 maxlen: 24
43.250.208.0/22 maxlen: 24
103.78.168.0/23 maxlen: 24
103.81.250.0/23 maxlen: 24
103.166.95.0/24 maxlen: 24
103.169.76.0/23 maxlen: 24
103.171.43.0/24 maxlen: 24
103.182.198.0/23 maxlen: 24
103.232.8.0/22 maxlen: 24
103.235.120.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27267 (0x6a83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:15:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc30d-478b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:69:03:62:b2:e1:35:9a:1a:66:96:22:0b:b5:
b2:6f:ed:c4:dd:fc:85:48:85:f8:cc:bd:d9:19:16:
5b:76:5b:2d:05:99:5f:be:ce:45:e6:45:39:a8:af:
89:27:2f:14:22:f7:4d:34:23:97:8f:d2:d8:e0:31:
8c:c9:92:84:0e:e7:9d:bf:ec:19:9f:7b:40:06:07:
43:c7:9c:a0:44:0b:c9:95:0d:79:47:60:74:32:9d:
54:8d:9e:43:7e:7d:1a:e1:4b:3d:81:fa:6b:24:75:
a8:7b:63:f3:af:3a:ef:5f:21:ac:0c:80:fb:45:28:
ac:63:5d:fb:ff:03:2f:96:d5:eb:5f:5c:6c:08:1b:
b6:2a:b5:3b:ad:94:b6:3a:b3:f5:da:89:bc:a0:b3:
f0:5f:63:33:96:f5:47:01:2f:30:fe:f1:23:f7:24:
c7:f4:38:86:ea:dd:53:a1:c4:09:51:1f:40:7c:f2:
15:fd:be:a7:5c:be:bf:95:94:1c:11:e1:1d:53:bf:
e5:e1:f3:29:e7:50:19:78:01:95:ed:83:0a:2a:2a:
bc:ee:38:12:ca:93:0d:e2:d3:47:65:d5:49:e1:55:
0c:85:6e:41:d0:e3:4c:68:b2:11:19:cb:27:6c:9c:
2e:42:d4:0c:7e:fb:64:95:e5:2a:58:50:bc:c1:16:
63:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:B1:59:64:64:E1:68:C2:8F:DC:B8:88:3A:BF:A2:E6:BA:6C:53:75
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/753EF5689DE411EC882B4982C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.132.0/22
43.250.208.0/22
103.78.168.0/23
103.81.250.0/23
103.166.95.0/24
103.169.76.0/23
103.171.43.0/24
103.182.198.0/23
103.232.8.0/22
103.235.120.0/22
Signature Algorithm: sha256WithRSAEncryption
51:2e:dd:d8:52:9d:d4:02:fc:04:79:5d:6c:fb:cc:55:4f:c4:
53:02:58:06:c4:a8:a7:9b:03:36:d5:9c:e5:46:d5:5c:ec:3c:
e0:fa:fc:bd:2b:7d:d1:02:1d:51:1c:87:10:b2:2a:a1:eb:ab:
39:f1:35:c8:8b:48:bc:6e:90:6a:fa:8b:db:23:d7:3e:e6:83:
6f:4f:00:34:ce:c4:85:03:74:bf:f9:12:8b:59:2d:6d:52:d7:
0b:40:ec:bb:2a:22:06:e3:f6:a6:20:a2:fa:44:13:98:ca:a2:
ef:70:3b:b2:32:0f:ca:ab:d6:70:8f:98:fc:f8:8d:53:6a:4e:
ad:c9:48:68:c9:f8:37:13:7e:7f:c6:7e:0a:99:44:45:c6:7d:
d0:8b:11:fd:65:dd:53:5f:54:3f:27:05:5c:fc:02:cd:01:3e:
39:98:bb:85:4c:16:d3:bf:e9:82:f2:da:57:74:04:ef:82:09:
a8:f9:88:5b:05:ea:4b:70:19:63:cc:0d:ef:23:c7:41:98:32:
32:ab:d1:92:8e:7c:76:37:fd:5f:87:a4:3b:4d:81:e3:a2:a6:
9c:bc:47:b9:2b:bd:c2:ad:ab:6b:68:55:05:19:d9:46:b9:e7:
5d:c6:64:5d:6f:60:93:0c:ee:5f:2e:a6:17:0b:9f:3d:b1:52:
0b:7c:69:dc
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICaoMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYxNTA5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzMwZC00NzhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxWkDYrLhNZoaZpYiC7Wyb+3E3fyFSIX4zL3ZGRZbdlstBZlfvs5F5kU5qK+J
Jy8UIvdNNCOXj9LY4DGMyZKEDuedv+wZn3tABgdDx5ygRAvJlQ15R2B0Mp1UjZ5D
fn0a4Us9gfprJHWoe2PzrzrvXyGsDID7RSisY137/wMvltXrX1xsCBu2KrU7rZS2
OrP12om8oLPwX2MzlvVHAS8w/vEj9yTH9DiG6t1TocQJUR9AfPIV/b6nXL6/lZQc
EeEdU7/l4fMp51AZeAGV7YMKKiq87jgSypMN4tNHZdVJ4VUMhW5B0ONMaLIRGcsn
bJwuQtQMfvtkleUqWFC8wRZjXQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFESxWWRk
4WjCj9y4iDq/oua6bFN1MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNzUzRUY1Njg5
REU0MTFFQzg4MkI0OTgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E
RjBEMEIEAgABMDwDBAIr+oQDBAIr+tADBAFnTqgDBAFnUfoDBABnpl8DBAFnqUwD
BABnqysDBAFntsYDBAJn6AgDBAJn63gwDQYJKoZIhvcNAQELBQADggEBAFEu3dhS
ndQC/AR5XWz7zFVPxFMCWAbEqKebAzbVnOVG1VzsPOD6/L0rfdECHVEchxCyKqHr
qznxNciLSLxukGr6i9sj1z7mg29PADTOxIUDdL/5EotZLW1S1wtA7LsqIgbj9qYg
ovpEE5jKou9wO7IyD8qr1nCPmPz4jVNqTq3JSGjJ+DcTfn/GfgqZREXGfdCLEf1l
3VNfVD8nBVz8As0BPjmYu4VMFtO/6YLy2ld0BO+CCaj5iFsF6ktwGWPMDe8jx0GY
MjKr0ZKOfHY3/V+HpDtNgeOippy8R7krvcKtq2toVQUZ2Ua5513GZF1vYJMM7l8u
phcLnz2xUgt8adw=
-----END CERTIFICATE-----
Generated at Tue Aug 1 05:49:12 2023 by rpki-client on console-fra.rpki-client.org