Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7CF342E081A311EBA933484FC4F9AE02.roa
File: 7CF342E081A311EBA933484FC4F9AE02.roa (raw, json)
Hash identifier: aq+3L7RS9AlwmN5lwl418st+hPuzAE1SE9VzEk4yjWw=
Subject key identifier: 1D:22:8F:72:98:11:30:6D:C6:D7:BA:AB:FE:25:E6:41:75:82:BC:D3
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6B00
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7CF342E081A311EBA933484FC4F9AE02.roa
Signing time: Wed 10 May 2023 16:17:33 +0000
ROA not before: Wed 10 May 2023 16:17:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134059
IP address blocks: 103.51.216.0/22 maxlen: 24
220.158.136.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 08:32:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27392 (0x6b00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:17:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc39d-89ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f2:ce:ba:01:83:45:3d:b9:1b:e3:ef:08:10:
88:78:24:50:e4:f1:0e:03:6b:39:fe:b7:5c:51:4f:
0c:b4:39:43:62:02:a2:2b:b4:f8:1e:05:94:5c:fc:
b6:d5:15:64:8c:10:d5:48:71:a1:60:09:49:ff:a6:
74:75:07:dc:68:79:cb:f2:fa:12:17:4e:19:4f:4b:
f7:f0:1a:c2:8e:95:07:47:be:1d:6a:b5:8a:c7:76:
dc:4c:e1:f2:16:64:39:0c:ac:e9:f3:38:72:df:18:
52:b0:3e:3e:32:36:ec:2b:67:73:fc:f2:94:2b:30:
fe:70:57:f1:43:05:86:d8:bf:4a:19:97:69:7a:bb:
d4:e3:8b:c2:7b:7c:53:9c:9c:d9:fd:60:5b:bb:d0:
b6:89:58:0c:85:bb:ff:22:b6:5a:fc:22:97:d9:0a:
40:79:f5:15:cc:cd:b6:a0:18:8e:00:fd:84:e6:a2:
ef:59:34:b0:4d:62:3b:81:af:4d:a9:33:4a:c1:15:
0f:11:71:3b:42:06:87:41:a7:9f:0f:3e:10:20:84:
d4:1b:d6:7d:e2:95:03:92:6b:a2:6b:85:7a:ec:3f:
5a:37:38:d1:fb:e7:42:e6:8b:ff:b6:98:5e:37:38:
da:27:ff:80:2e:f9:6d:cc:3b:84:68:7e:c2:79:2a:
f0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:22:8F:72:98:11:30:6D:C6:D7:BA:AB:FE:25:E6:41:75:82:BC:D3
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7CF342E081A311EBA933484FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.51.216.0/22
220.158.136.0/22
Signature Algorithm: sha256WithRSAEncryption
60:0f:49:50:51:ad:83:c1:37:db:d9:7a:64:8b:c7:4a:b8:b6:
e0:73:b6:cf:4a:e0:f6:fb:8c:11:3f:b7:3e:fd:a2:b8:5c:53:
ef:7d:e8:1b:5a:55:62:af:30:f9:b9:a4:8b:6a:1c:83:5a:b3:
e1:37:88:9c:ab:18:06:94:f1:e6:74:d3:fb:6c:61:bb:01:5c:
91:af:f0:3b:70:3e:d3:c7:d4:6a:e5:22:a5:ee:68:80:d1:4d:
3a:8a:dc:6f:a5:52:30:32:ca:bc:52:03:3c:71:02:8f:ca:61:
f8:2f:ea:0e:f8:4e:e0:c5:cb:c5:18:f5:c5:48:ab:57:b6:71:
c7:00:dd:56:63:b8:4b:01:53:c9:3f:a1:01:94:7d:55:40:03:
68:af:22:03:3d:cc:1f:33:58:e4:80:70:0f:45:d9:53:70:d6:
cc:0a:42:61:4a:0a:15:32:87:47:1e:a0:b0:9f:e1:b5:33:62:
c1:18:de:8d:cd:25:6f:5e:a4:da:ec:6d:ff:f4:b4:9f:f8:35:
8c:6d:6d:35:92:31:42:fc:5d:54:08:dd:78:b1:c6:f3:e1:22:
ef:28:8e:96:7c:41:0b:8c:98:d9:ee:f7:58:a2:0b:a0:57:87:
3f:4d:fc:7a:5c:73:1b:b2:4b:58:1e:34:7a:6a:9e:5d:3e:f6:
6d:56:d9:7e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICawAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYxNzMzWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzM5ZC04OWVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsvLOugGDRT25G+PvCBCIeCRQ5PEOA2s5/rdcUU8MtDlDYgKiK7T4HgWUXPy2
1RVkjBDVSHGhYAlJ/6Z0dQfcaHnL8voSF04ZT0v38BrCjpUHR74darWKx3bcTOHy
FmQ5DKzp8zhy3xhSsD4+MjbsK2dz/PKUKzD+cFfxQwWG2L9KGZdpervU44vCe3xT
nJzZ/WBbu9C2iVgMhbv/IrZa/CKX2QpAefUVzM22oBiOAP2E5qLvWTSwTWI7ga9N
qTNKwRUPEXE7QgaHQaefDz4QIITUG9Z94pUDkmuia4V67D9aNzjR++dC5ov/tphe
NzjaJ/+ALvltzDuEaH7CeSrwcwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFB0ij3KY
ETBtxte6q/4l5kF1grzTMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvN0NGMzQyRTA4
MUEzMTFFQkE5MzM0ODRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnM9gDBALcnogwDQYJKoZIhvcNAQELBQADggEBAGAPSVBR
rYPBN9vZemSLx0q4tuBzts9K4Pb7jBE/tz79orhcU+996BtaVWKvMPm5pItqHINa
s+E3iJyrGAaU8eZ00/tsYbsBXJGv8DtwPtPH1GrlIqXuaIDRTTqK3G+lUjAyyrxS
AzxxAo/KYfgv6g74TuDFy8UY9cVIq1e2cccA3VZjuEsBU8k/oQGUfVVAA2ivIgM9
zB8zWOSAcA9F2VNw1swKQmFKChUyh0ceoLCf4bUzYsEY3o3NJW9epNrsbf/0tJ/4
NYxtbTWSMUL8XVQI3XixxvPhIu8ojpZ8QQuMmNnu91iiC6BXhz9N/HpccxuyS1ge
NHpqnl0+9m1W2X4=
-----END CERTIFICATE-----
Generated at Tue Apr 2 11:48:37 2024 by rpki-client on console-ams.rpki-client.org