Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7DF1E632227211EB821F4E09C4F9AE02.roa
File: 7DF1E632227211EB821F4E09C4F9AE02.roa (raw, json)
Hash identifier: SQAfWXD8sHr2y5qdBklGJalGl6J7VSlOgoZOmLClkws=
Subject key identifier: F7:16:57:E6:79:67:C0:3A:92:A7:F9:98:48:C2:E9:CF:08:57:34:4A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 721A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7DF1E632227211EB821F4E09C4F9AE02.roa
Signing time: Mon 15 May 2023 10:12:08 +0000
ROA not before: Mon 15 May 2023 10:12:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135258
IP address blocks: 103.70.40.0/22 maxlen: 24
2001:df2:47c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29210 (0x721a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 15 10:12:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64620577-9410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a1:10:11:91:25:15:07:2a:20:06:40:37:77:
3f:0c:e8:50:07:17:e1:e8:76:46:63:96:31:f8:84:
71:c1:e7:c4:1b:c1:89:2d:28:fc:11:d9:40:3c:ee:
73:66:8e:a2:13:e2:36:34:e8:f8:76:24:c5:39:be:
60:4d:b2:76:1c:04:78:44:46:ef:4e:30:a7:4b:2f:
28:29:78:6f:db:86:18:bd:c6:40:ed:36:0e:15:eb:
d3:20:37:59:62:4a:94:17:85:28:a0:b6:77:3c:14:
5b:b1:fb:c8:46:81:8f:a3:1c:50:d4:06:c7:0f:9e:
ba:c5:47:9a:ba:16:4b:7c:a0:1b:15:06:c3:8e:d9:
50:93:c3:82:ad:50:c9:68:2a:5d:be:34:45:76:32:
ba:53:76:5e:5d:1a:f1:8e:0e:c9:e1:eb:e2:92:66:
a4:16:5b:a2:98:7d:84:7d:c4:6d:cf:24:db:88:dc:
62:10:53:c7:c4:34:16:aa:cf:c8:df:ac:a7:ad:e2:
f3:a3:27:bd:1e:75:97:a2:21:c6:43:0d:21:f9:51:
7a:65:c4:04:cc:57:74:c4:6e:05:34:44:23:36:ba:
1a:30:f8:76:98:79:e0:5b:11:8e:f3:2a:d3:b2:93:
23:8c:6d:a3:15:0e:c8:7e:c5:24:c6:4f:5c:ad:76:
0e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:16:57:E6:79:67:C0:3A:92:A7:F9:98:48:C2:E9:CF:08:57:34:4A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7DF1E632227211EB821F4E09C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.70.40.0/22
IPv6:
2001:df2:47c0::/48
Signature Algorithm: sha256WithRSAEncryption
50:70:e5:c2:5f:04:6e:fa:9e:4d:05:0a:20:42:a8:b9:1b:a8:
8a:06:21:22:f6:6d:8a:88:af:f4:3e:3d:bb:fb:58:97:b2:f0:
98:2e:d2:6c:68:a2:aa:4f:07:4a:46:f4:a1:d2:29:e5:b2:9e:
35:30:98:70:98:20:da:51:18:59:0a:9d:0b:1c:60:9c:a0:64:
3a:76:13:29:3c:00:af:59:cd:e4:48:16:5d:b2:62:61:5d:93:
c7:4f:c5:85:ca:6e:5c:77:86:c8:a5:07:c8:b1:d3:63:2e:34:
3a:1f:19:8c:05:63:9e:11:7f:24:16:3b:58:3c:c2:32:83:e8:
9a:24:cd:36:8b:90:e8:ed:e1:63:7e:6e:fa:8f:f9:ab:51:67:
13:75:5e:07:ac:9d:e9:4b:f8:55:fc:f1:19:58:36:27:0f:bb:
23:4d:9f:8d:0d:9a:27:00:38:99:46:00:21:89:2c:9a:40:9f:
72:df:c8:7a:d7:23:58:ac:fb:e7:3c:e1:cc:b4:58:6a:fc:b9:
96:84:6b:65:8e:8d:88:98:f7:c2:ea:b1:45:58:c4:83:07:24:
3c:b1:ee:13:aa:45:dd:3e:5a:5f:01:96:63:2e:9d:cf:6c:07:
56:c4:46:fc:95:a9:10:b1:96:1d:42:74:38:05:c0:ed:4b:59:
1a:7b:d3:86
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICchowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTE1MTAxMjA4WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDYyMDU3Ny05NDEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy6EQEZElFQcqIAZAN3c/DOhQBxfh6HZGY5Yx+IRxwefEG8GJLSj8EdlAPO5z
Zo6iE+I2NOj4diTFOb5gTbJ2HAR4REbvTjCnSy8oKXhv24YYvcZA7TYOFevTIDdZ
YkqUF4UooLZ3PBRbsfvIRoGPoxxQ1AbHD566xUeauhZLfKAbFQbDjtlQk8OCrVDJ
aCpdvjRFdjK6U3ZeXRrxjg7J4evikmakFluimH2EfcRtzyTbiNxiEFPHxDQWqs/I
36ynreLzoye9HnWXoiHGQw0h+VF6ZcQEzFd0xG4FNEQjNroaMPh2mHngWxGO8yrT
spMjjG2jFQ7IfsUkxk9crXYOTwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFPcWV+Z5
Z8A6kqf5mEjC6c8IVzRKMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvN0RGMUU2MzIy
MjcyMTFFQjgyMUY0RTA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAJnRigwDwQCAAIwCQMHACABDfJHwDANBgkqhkiG9w0BAQsF
AAOCAQEAUHDlwl8EbvqeTQUKIEKouRuoigYhIvZtioiv9D49u/tYl7LwmC7SbGii
qk8HSkb0odIp5bKeNTCYcJgg2lEYWQqdCxxgnKBkOnYTKTwAr1nN5EgWXbJiYV2T
x0/FhcpuXHeGyKUHyLHTYy40Oh8ZjAVjnhF/JBY7WDzCMoPomiTNNouQ6O3hY35u
+o/5q1FnE3VeB6yd6Uv4VfzxGVg2Jw+7I02fjQ2aJwA4mUYAIYksmkCfct/Ietcj
WKz75zzhzLRYavy5loRrZY6NiJj3wuqxRVjEgwckPLHuE6pF3T5aXwGWYy6dz2wH
VsRG/JWpELGWHUJ0OAXA7UtZGnvThg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:56 2023 by rpki-client on console-fra.rpki-client.org