Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7EF2D30C698311EDAFF8F977C4F9AE02.roa
File: 7EF2D30C698311EDAFF8F977C4F9AE02.roa (raw, json)
Hash identifier: ZZLPXYlFzHKiMfeas2ss8ogfR9iVavepP+23MM67e5U=
Subject key identifier: 53:00:6D:78:A5:ED:A6:C1:0B:4C:33:33:81:67:CE:05:82:81:B4:5D
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6DC5
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7EF2D30C698311EDAFF8F977C4F9AE02.roa
Signing time: Wed 10 May 2023 16:30:58 +0000
ROA not before: Wed 10 May 2023 16:30:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138798
IP address blocks: 103.79.100.0/24 maxlen: 24
103.79.102.0/24 maxlen: 24
103.117.219.0/24 maxlen: 24
103.135.201.0/24 maxlen: 24
103.135.202.0/24 maxlen: 24
103.135.203.0/24 maxlen: 24
103.141.116.0/23 maxlen: 24
103.160.237.0/24 maxlen: 24
103.164.240.0/24 maxlen: 24
103.164.241.0/24 maxlen: 24
103.174.140.0/23 maxlen: 24
103.181.92.0/24 maxlen: 24
2001:df6:5280::/48 maxlen: 48
2407:35c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28101 (0x6dc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:30:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc6c2-e7d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:46:4d:8f:18:84:c9:60:50:b4:8e:a5:24:23:
9e:1f:bd:24:12:bf:fe:a9:8a:33:f9:94:ea:57:5b:
ab:98:83:d9:8d:75:f9:7d:0e:05:7d:2c:3b:ad:e1:
15:4f:5d:bd:95:e2:0f:cb:07:bb:43:91:d9:51:4d:
82:77:56:d0:db:b0:ba:22:c7:b1:9b:d5:0f:d0:44:
ed:b3:d5:9e:50:92:54:19:4f:d3:d9:e1:e5:24:4f:
78:57:a3:01:a0:4b:96:b8:0e:ee:61:df:69:51:ec:
f7:08:78:8e:81:9e:81:fa:8a:e6:df:0c:cc:3e:1c:
72:c3:ea:a2:c1:f0:b7:d6:d8:ff:72:6d:35:f8:51:
39:39:dd:04:be:a5:ea:3a:b6:1d:a3:0d:6e:5a:40:
70:32:33:f1:f4:83:10:6c:18:17:4e:3f:95:3a:56:
18:44:2d:64:b2:09:b1:3b:09:8d:7c:06:06:76:6c:
c5:74:61:d3:72:4a:ed:18:84:b1:f8:d2:72:00:ef:
ca:86:08:dc:b0:ae:8f:14:03:36:0f:5f:d9:90:06:
9f:9a:fb:cf:c1:d4:77:93:22:90:68:19:34:f4:60:
f9:47:46:74:30:38:26:0a:08:d6:d4:68:20:98:dc:
4b:9d:92:77:22:b3:bf:8b:94:dc:74:57:91:d3:49:
66:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:00:6D:78:A5:ED:A6:C1:0B:4C:33:33:81:67:CE:05:82:81:B4:5D
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7EF2D30C698311EDAFF8F977C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.79.100.0/24
103.79.102.0/24
103.117.219.0/24
103.135.201.0-103.135.203.255
103.141.116.0/23
103.160.237.0/24
103.164.240.0/23
103.174.140.0/23
103.181.92.0/24
IPv6:
2001:df6:5280::/48
2407:35c0::/32
Signature Algorithm: sha256WithRSAEncryption
85:bd:e2:7a:ca:92:80:2e:ef:97:54:10:67:bf:1e:96:ef:75:
a4:10:77:fa:9c:3d:84:32:c2:e2:a8:e1:15:3d:fc:94:61:52:
db:c1:37:1e:15:ba:19:3d:8b:27:ab:88:3c:b1:4f:fb:3b:ee:
58:db:08:6c:e7:ad:a2:60:9b:d9:a0:63:53:d7:f2:30:a5:b2:
09:0f:68:4c:7b:65:7e:dd:df:1a:07:f0:50:ba:f6:1a:5a:9f:
6c:83:c4:5e:35:19:72:fb:3a:e2:b8:17:3b:3b:24:23:51:b0:
78:0b:07:cd:99:81:e7:27:6d:5e:67:67:23:47:0f:89:c8:fa:
a0:9d:7e:8c:72:11:e7:ef:5c:53:7b:f3:59:04:c3:46:c4:96:
de:6a:16:7c:17:29:a3:02:e3:e0:d9:b8:9d:dd:36:3b:22:42:
63:4b:32:97:93:97:fe:e7:2e:04:f3:7c:a5:3b:8c:a8:ef:17:
c2:08:63:46:01:32:ae:9a:47:b8:43:a2:14:f9:16:56:3b:9c:
c3:06:bd:93:4a:3f:9e:06:54:57:99:76:50:00:64:3d:97:49:
a5:bc:12:44:19:42:80:ea:fc:63:75:a1:9b:30:a7:78:56:14:
8e:86:07:1e:fe:1e:74:c4:3d:5c:bb:1b:77:2b:9b:62:49:12:
84:54:30:34
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgICbcUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYzMDU4WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzZjMi1lN2Q2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0EZNjxiEyWBQtI6lJCOeH70kEr/+qYoz+ZTqV1urmIPZjXX5fQ4FfSw7reEV
T129leIPywe7Q5HZUU2Cd1bQ27C6Isexm9UP0ETts9WeUJJUGU/T2eHlJE94V6MB
oEuWuA7uYd9pUez3CHiOgZ6B+orm3wzMPhxyw+qiwfC31tj/cm01+FE5Od0EvqXq
OrYdow1uWkBwMjPx9IMQbBgXTj+VOlYYRC1ksgmxOwmNfAYGdmzFdGHTckrtGISx
+NJyAO/KhgjcsK6PFAM2D1/ZkAafmvvPwdR3kyKQaBk09GD5R0Z0MDgmCgjW1Ggg
mNxLnZJ3IrO/i5TcdFeR00lmSQIDAQABo4IC5TCCAuEwHQYDVR0OBBYEFFMAbXil
7abBC0wzM4FnzgWCgbRdMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvN0VGMkQzMEM2
OTgzMTFFREFGRjhGOTc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbwYIKwYBBQUHAQcBAf8E
YDBeMEQEAgABMD4DBABnT2QDBABnT2YDBABnddswDAMEAGeHyQMEAmeHyAMEAWeN
dAMEAGeg7QMEAWek8AMEAWeujAMEAGe1XDAWBAIAAjAQAwcAIAEN9lKAAwUAJAc1
wDANBgkqhkiG9w0BAQsFAAOCAQEAhb3iesqSgC7vl1QQZ78elu91pBB3+pw9hDLC
4qjhFT38lGFS28E3HhW6GT2LJ6uIPLFP+zvuWNsIbOetomCb2aBjU9fyMKWyCQ9o
THtlft3fGgfwULr2GlqfbIPEXjUZcvs64rgXOzskI1GweAsHzZmB5ydtXmdnI0cP
icj6oJ1+jHIR5+9cU3vzWQTDRsSW3moWfBcpowLj4Nm4nd02OyJCY0syl5OX/ucu
BPN8pTuMqO8XwghjRgEyrppHuEOiFPkWVjucwwa9k0o/ngZUV5l2UABkPZdJpbwS
RBlCgOr8Y3WhmzCneFYUjoYHHv4edMQ9XLsbdyubYkkShFQwNA==
-----END CERTIFICATE-----
Generated at Fri Nov 10 07:03:17 2023 by rpki-client on console-ams.rpki-client.org