Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9EDD51E43F7D11EE939FA863C4F9AE02.roa
File: 9EDD51E43F7D11EE939FA863C4F9AE02.roa (raw, json)
Hash identifier: /iChz0QHxEQ41dsHih/kbq938KYT0BGh875fzhLXR3E=
Subject key identifier: A9:FE:EA:DE:F6:50:29:3A:6E:A2:2F:8A:1C:21:C4:71:00:72:8E:5A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7812
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9EDD51E43F7D11EE939FA863C4F9AE02.roa
Signing time: Sun 20 Aug 2023 17:18:46 +0000
ROA not before: Sun 20 Aug 2023 17:18:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138311
IP address blocks: 43.252.24.0/22 maxlen: 24
103.96.40.0/24 maxlen: 24
103.96.41.0/24 maxlen: 24
103.96.42.0/24 maxlen: 24
103.132.244.0/23 maxlen: 24
103.133.158.0/23 maxlen: 24
103.157.122.0/23 maxlen: 24
103.163.90.0/24 maxlen: 24
103.163.91.0/24 maxlen: 24
103.169.240.0/23 maxlen: 24
103.171.132.0/24 maxlen: 24
103.171.133.0/24 maxlen: 24
103.175.170.0/23 maxlen: 24
103.176.186.0/24 maxlen: 24
103.176.187.0/24 maxlen: 24
103.195.82.0/23 maxlen: 24
103.196.184.0/23 maxlen: 24
103.207.11.0/24 maxlen: 24
103.212.152.0/23 maxlen: 24
103.212.154.0/23 maxlen: 24
210.16.92.0/24 maxlen: 24
210.16.93.0/24 maxlen: 24
2405:3440::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30738 (0x7812)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 20 17:18:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64e24af6-a2d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:30:a3:01:6d:a6:01:a1:5c:14:a1:19:71:ec:
2c:c0:ea:d7:c0:32:39:41:5a:0d:c1:c7:0c:87:e3:
3d:80:1e:05:69:dc:af:ac:50:11:e5:03:99:b6:03:
c9:87:6b:e0:c6:f9:28:62:36:f3:48:e8:09:de:90:
04:7b:3d:47:e2:23:41:5a:8a:e9:b2:7d:d4:ba:de:
5e:1c:55:65:bd:59:e8:fa:64:e1:cc:e7:75:a3:76:
60:8c:1f:0c:13:a5:48:64:a5:7f:b9:16:fc:87:9e:
b8:9f:b4:60:bf:82:a4:c1:b0:d7:97:bb:39:8a:8f:
69:38:7b:87:d7:41:e0:21:d0:bf:e9:ed:93:40:c4:
fe:4f:fe:50:d9:e6:99:57:0f:ef:8e:2f:b5:99:d6:
6a:b6:76:06:35:b2:7c:aa:15:3e:d7:9c:97:31:5c:
05:4d:26:39:a9:78:31:b6:7b:ed:08:02:e2:70:66:
08:c9:dd:94:9a:94:c2:03:57:53:ac:1b:b2:ad:9f:
82:37:65:6f:d6:a5:51:0f:60:1d:a5:24:82:82:cc:
75:df:a6:59:38:0b:cf:e0:a0:4b:04:97:a5:51:3b:
0d:42:a6:a9:35:4d:3b:2b:f6:79:aa:55:5d:30:9a:
3a:dc:b1:0c:61:2f:06:a1:ba:27:14:38:4c:e5:7c:
65:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:FE:EA:DE:F6:50:29:3A:6E:A2:2F:8A:1C:21:C4:71:00:72:8E:5A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9EDD51E43F7D11EE939FA863C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.24.0/22
103.96.40.0-103.96.42.255
103.132.244.0/23
103.133.158.0/23
103.157.122.0/23
103.163.90.0/23
103.169.240.0/23
103.171.132.0/23
103.175.170.0/23
103.176.186.0/23
103.195.82.0/23
103.196.184.0/23
103.207.11.0/24
103.212.152.0/22
210.16.92.0/23
IPv6:
2405:3440::/32
Signature Algorithm: sha256WithRSAEncryption
20:5f:c7:f9:91:58:e3:0d:1d:92:18:d4:e1:89:0f:3c:be:41:
b9:2c:0e:a9:3b:0f:cf:0e:e5:51:3a:fd:cd:c4:eb:a4:ed:e5:
b4:88:47:fe:2c:fa:90:c8:ed:b7:b3:22:3a:01:bd:f3:ef:32:
10:1d:75:a5:80:db:2c:4a:7a:e0:01:b5:43:6d:ee:74:70:65:
f8:04:ba:e6:3d:9a:b2:e8:70:ff:ab:23:40:25:8a:ee:39:51:
73:d0:bc:2b:a3:b9:1c:6b:a0:0f:e8:56:72:2e:31:95:b8:df:
b5:22:d5:96:76:fd:eb:0e:73:d2:26:6c:1d:44:f2:0c:29:66:
1e:bf:66:7e:fa:24:2f:5d:c0:e8:ca:10:44:f6:24:9b:e7:3e:
36:c5:95:af:71:2f:7e:8e:1c:3b:5c:cc:9e:97:f3:06:26:53:
77:9c:3e:8e:62:2d:fa:ae:84:08:bc:5d:91:b5:dd:fb:31:13:
41:54:e5:c7:54:36:05:44:1f:c4:8e:c7:0d:db:d8:eb:3a:84:
da:7f:34:36:65:ee:3e:b3:a2:6a:93:9d:1a:7b:11:77:2a:43:
36:84:14:ff:d6:6e:cd:55:5e:94:af:61:d4:10:cb:c3:2d:cd:
26:2f:04:99:e8:67:eb:8f:65:c5:3a:b6:9f:9e:63:65:db:51:
e8:2e:61:60
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgICeBIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwODIwMTcxODQ2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGUyNGFmNi1hMmQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtzCjAW2mAaFcFKEZcewswOrXwDI5QVoNwccMh+M9gB4FadyvrFAR5QOZtgPJ
h2vgxvkoYjbzSOgJ3pAEez1H4iNBWorpsn3Uut5eHFVlvVno+mThzOd1o3ZgjB8M
E6VIZKV/uRb8h564n7Rgv4KkwbDXl7s5io9pOHuH10HgIdC/6e2TQMT+T/5Q2eaZ
Vw/vji+1mdZqtnYGNbJ8qhU+15yXMVwFTSY5qXgxtnvtCALicGYIyd2UmpTCA1dT
rBuyrZ+CN2Vv1qVRD2AdpSSCgsx136ZZOAvP4KBLBJelUTsNQqapNU07K/Z5qlVd
MJo63LEMYS8GobonFDhM5XxlbwIDAQABo4IDATCCAv0wHQYDVR0OBBYEFKn+6t72
UCk6bqIvihwhxHEAco5aMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvOUVERDUxRTQz
RjdEMTFFRTkzOUZBODYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYoGCCsGAQUFBwEHAQH/
BHsweTBoBAIAATBiAwQCK/wYMAwDBANnYCgDBABnYCoDBAFnhPQDBAFnhZ4DBAFn
nXoDBAFno1oDBAFnqfADBAFnq4QDBAFnr6oDBAFnsLoDBAFnw1IDBAFnxLgDBABn
zwsDBAJn1JgDBAHSEFwwDQQCAAIwBwMFACQFNEAwDQYJKoZIhvcNAQELBQADggEB
ACBfx/mRWOMNHZIY1OGJDzy+QbksDqk7D88O5VE6/c3E66Tt5bSIR/4s+pDI7bez
IjoBvfPvMhAddaWA2yxKeuABtUNt7nRwZfgEuuY9mrLocP+rI0Aliu45UXPQvCuj
uRxroA/oVnIuMZW437Ui1ZZ2/esOc9ImbB1E8gwpZh6/Zn76JC9dwOjKEET2JJvn
PjbFla9xL36OHDtczJ6X8wYmU3ecPo5iLfquhAi8XZG13fsxE0FU5cdUNgVEH8SO
xw3b2Os6hNp/NDZl7j6zomqTnRp7EXcqQzaEFP/Wbs1VXpSvYdQQy8MtzSYvBJno
Z+uPZcU6tp+eY2XbUeguYWA=
-----END CERTIFICATE-----
Generated at Mon Aug 28 12:53:27 2023 by rpki-client on console-ams.rpki-client.org