Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/933C2D1E7D8E11EB9688AE31C4F9AE02.roa
File: 933C2D1E7D8E11EB9688AE31C4F9AE02.roa (raw, json)
Hash identifier: 9GErO/J3+Nt+VR9ohAscnMdUVJmSMaFcZPcyTR3e3Sc=
Subject key identifier: F4:9C:F5:F2:3F:3C:59:2D:35:B1:A1:3C:AE:14:D2:65:F5:4C:14:53
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6C7E
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/933C2D1E7D8E11EB9688AE31C4F9AE02.roa
Signing time: Wed 10 May 2023 16:24:48 +0000
ROA not before: Wed 10 May 2023 16:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136373
IP address blocks: 103.57.66.0/23 maxlen: 24
103.69.88.0/22 maxlen: 24
103.122.200.0/23 maxlen: 24
103.133.248.0/22 maxlen: 24
103.143.39.0/24 maxlen: 24
103.163.68.0/23 maxlen: 24
103.164.176.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27774 (0x6c7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc54f-7f5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b9:50:40:28:b4:d3:39:78:b1:7c:81:51:88:
a0:27:98:a7:d2:5d:8a:75:7b:56:47:ac:fd:c7:4e:
13:33:70:93:11:94:21:4a:56:dc:07:ce:00:98:8b:
9e:9d:61:1c:45:20:f1:a3:62:8f:31:bc:80:64:99:
02:81:4c:1e:b5:48:40:a9:2b:f2:b5:c9:c8:4d:6b:
8e:f1:17:82:75:0c:dd:62:ee:25:3f:43:dc:30:c5:
53:ca:ab:76:84:f3:21:15:41:d0:0c:90:2e:6d:a1:
52:e4:78:02:75:dc:a6:c7:d5:54:04:ad:56:67:09:
d1:68:4f:5c:57:e2:de:d3:23:8c:88:a4:45:2b:93:
86:84:9e:ed:a1:e0:c1:62:3b:4a:b9:68:06:9b:df:
c9:df:61:52:db:23:fb:eb:ca:f2:f0:b5:71:c0:83:
68:17:41:f0:6b:01:45:eb:c1:b4:1d:e6:61:8c:a0:
c8:53:df:77:44:10:fb:8b:0b:1f:83:79:13:4e:78:
c1:19:09:dd:48:7a:b5:4a:ac:34:71:5f:de:bc:ee:
ff:4e:45:75:cc:dc:e9:8b:53:2b:99:36:bb:05:56:
03:67:04:aa:7b:44:2e:b4:49:9e:62:16:8c:a4:32:
d5:47:81:58:9e:df:0b:f1:7b:55:94:d7:d0:18:1e:
40:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:9C:F5:F2:3F:3C:59:2D:35:B1:A1:3C:AE:14:D2:65:F5:4C:14:53
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/933C2D1E7D8E11EB9688AE31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.57.66.0/23
103.69.88.0/22
103.122.200.0/23
103.133.248.0/22
103.143.39.0/24
103.163.68.0/23
103.164.176.0/23
Signature Algorithm: sha256WithRSAEncryption
81:2b:a5:42:a4:d9:89:6b:4e:42:86:2c:8a:9d:d9:d0:fa:28:
a0:c6:9b:62:db:c8:48:d3:95:92:24:49:d4:ba:0b:be:24:9e:
f4:99:f5:fe:a3:22:48:7e:8e:1f:9d:73:c5:fc:39:a3:a6:88:
de:fa:14:78:f0:c7:8f:af:76:12:21:42:73:04:5f:9a:85:eb:
ca:d1:f8:4f:23:66:77:66:fe:b1:84:7e:a2:c1:81:84:55:bc:
f4:75:89:5b:26:02:0a:20:bd:54:39:13:d2:8f:ec:7d:b3:35:
80:73:e0:1f:46:23:51:72:de:5c:04:75:b4:ec:9d:9b:10:3c:
87:c6:48:95:02:0a:e5:7a:66:ca:8b:f1:ab:b9:04:4c:5f:54:
c3:6d:40:8f:b7:e7:4b:1c:69:9d:5b:81:5e:65:9b:49:a3:b7:
80:92:ac:a4:0c:83:af:18:88:6f:7c:fa:fd:41:54:1a:b9:b2:
41:96:ff:c3:50:2b:d7:c8:36:b8:61:47:ea:63:60:f0:39:eb:
e0:01:f7:03:b9:b1:20:76:53:5c:10:67:f4:e6:5f:7f:d8:40:
65:c8:4f:95:bb:1a:32:53:07:dc:c8:5c:c8:66:eb:a8:8d:4d:
9b:0b:b8:71:ae:ed:12:10:a2:fe:d6:fc:04:02:02:00:10:c6:
60:76:93:45
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICbH4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYyNDQ4WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzU0Zi03ZjVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyLlQQCi00zl4sXyBUYigJ5in0l2KdXtWR6z9x04TM3CTEZQhSlbcB84AmIue
nWEcRSDxo2KPMbyAZJkCgUwetUhAqSvytcnITWuO8ReCdQzdYu4lP0PcMMVTyqt2
hPMhFUHQDJAubaFS5HgCddymx9VUBK1WZwnRaE9cV+Le0yOMiKRFK5OGhJ7toeDB
YjtKuWgGm9/J32FS2yP768ry8LVxwINoF0HwawFF68G0HeZhjKDIU993RBD7iwsf
g3kTTnjBGQndSHq1Sqw0cV/evO7/TkV1zNzpi1MrmTa7BVYDZwSqe0QutEmeYhaM
pDLVR4FYnt8L8XtVlNfQGB5A2QIDAQABo4ICuTCCArUwHQYDVR0OBBYEFPSc9fI/
PFktNbGhPK4U0mX1TBRTMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvOTMzQzJEMUU3
RDhFMTFFQjk2ODhBRTMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCoDBAFnOUIDBAJnRVgDBAFnesgDBAJnhfgDBABnjycDBAFno0QD
BAFnpLAwDQYJKoZIhvcNAQELBQADggEBAIErpUKk2YlrTkKGLIqd2dD6KKDGm2Lb
yEjTlZIkSdS6C74knvSZ9f6jIkh+jh+dc8X8OaOmiN76FHjwx4+vdhIhQnMEX5qF
68rR+E8jZndm/rGEfqLBgYRVvPR1iVsmAgogvVQ5E9KP7H2zNYBz4B9GI1Fy3lwE
dbTsnZsQPIfGSJUCCuV6ZsqL8au5BExfVMNtQI+350scaZ1bgV5lm0mjt4CSrKQM
g68YiG98+v1BVBq5skGW/8NQK9fINrhhR+pjYPA56+AB9wO5sSB2U1wQZ/TmX3/Y
QGXIT5W7GjJTB9zIXMhm66iNTZsLuHGu7RIQov7W/AQCAgAQxmB2k0U=
-----END CERTIFICATE-----
Generated at Thu Jul 27 09:49:51 2023 by rpki-client on console-fra.rpki-client.org