Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A22884F81B8611ECA0443284C4F9AE02.roa
File: A22884F81B8611ECA0443284C4F9AE02.roa (raw, json)
Hash identifier: NH99Dc64RWQFRn2vGrlJ04CMGyYr+1RXlgK9o7K7aNs=
Subject key identifier: B5:C7:FB:63:9C:6E:4E:00:FA:CB:14:EE:D4:29:D5:0D:C9:DC:80:D0
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6D57
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A22884F81B8611ECA0443284C4F9AE02.roa
Signing time: Wed 10 May 2023 16:28:50 +0000
ROA not before: Wed 10 May 2023 16:28:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138235
IP address blocks: 103.134.96.0/24 maxlen: 24
103.134.97.0/24 maxlen: 24
103.134.98.0/24 maxlen: 24
103.134.99.0/24 maxlen: 24
103.171.190.0/23 maxlen: 24
2407:5140::/48 maxlen: 48
2407:5140:1::/48 maxlen: 48
2407:5140:2::/48 maxlen: 48
2407:5140:3::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27991 (0x6d57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:28:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc642-d392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a1:5f:45:63:2c:ad:94:26:cf:8e:3d:cc:97:
77:0f:ca:04:29:3a:9e:a7:7a:4c:a8:cf:d4:25:31:
ea:40:9d:17:0d:b1:65:a5:b5:e6:90:cb:e1:bf:56:
9c:53:fe:1f:8d:8f:eb:88:6f:6d:7e:f7:17:5e:0d:
0c:a4:13:01:df:10:8e:00:03:0b:b3:4d:d8:4b:da:
f3:8d:f7:ab:f8:ba:ac:89:59:a8:c7:8a:e1:8c:11:
7e:70:bf:e0:e9:de:ef:e9:9b:73:1d:28:3a:2a:00:
76:d0:91:54:a5:31:24:38:ba:b5:dd:e7:44:be:0a:
fb:d3:d5:2e:71:a3:71:86:3b:79:1d:9a:af:d2:e9:
d2:77:4f:98:f1:3a:4d:ba:53:be:e5:d5:e4:a3:81:
cf:c5:f6:f6:03:af:23:ad:8d:66:10:4b:03:eb:56:
41:61:23:32:f5:51:bb:74:40:95:00:17:38:9c:d8:
b4:fb:49:04:fd:29:7c:18:69:b2:1a:94:b5:95:9c:
65:5b:ce:59:d0:44:fc:2b:76:fb:0d:9d:55:db:a1:
f4:b1:8a:fa:a9:1d:1c:f8:11:c3:bf:d4:a2:e3:10:
0e:e3:3b:f4:16:b5:e6:4c:e4:ab:10:f6:4a:dd:5b:
57:ef:82:3b:2d:db:ca:fc:77:73:47:32:a7:c1:0e:
fa:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:C7:FB:63:9C:6E:4E:00:FA:CB:14:EE:D4:29:D5:0D:C9:DC:80:D0
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A22884F81B8611ECA0443284C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.96.0/22
103.171.190.0/23
IPv6:
2407:5140::/46
Signature Algorithm: sha256WithRSAEncryption
43:8d:00:28:78:68:6d:fa:d5:7d:f9:e3:c5:c4:3f:8d:65:41:
db:86:e1:fc:87:6c:25:55:06:68:cf:2d:f6:55:6a:c1:44:89:
cf:6d:55:ba:c5:cc:6c:4d:ec:22:45:dd:60:b0:66:1d:75:1b:
a0:22:e1:5a:87:aa:8f:d4:19:06:6b:1b:69:f3:16:d1:80:92:
29:0f:fe:47:af:1e:31:1e:e7:f8:56:d5:56:47:68:56:57:a6:
60:19:82:ca:85:f2:e9:f2:38:69:19:89:4b:10:59:f9:27:aa:
79:25:ed:35:d9:89:7d:9f:be:9a:e9:34:93:cc:8b:83:10:ef:
b5:2e:67:8f:da:6a:40:13:86:08:07:69:19:f9:fc:9a:d4:54:
4a:2e:ad:5b:82:6f:3d:72:06:41:e3:0e:70:ad:4f:16:5d:b3:
c7:a4:4c:ab:52:c4:cb:b1:74:06:36:b5:97:fa:20:29:50:b9:
b7:2d:6e:76:21:3e:42:1b:24:39:8d:d3:c7:bd:d6:52:9b:8d:
63:32:34:79:50:db:8e:7c:bd:e4:d7:12:23:ad:80:77:56:18:
a3:32:08:0d:77:fb:9f:d7:7b:af:2d:43:89:a8:20:d4:d0:26:
10:9a:e8:aa:54:2d:de:21:6d:03:8a:14:50:25:dd:27:84:cb:
63:ee:7b:c3
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICbVcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYyODUwWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzY0Mi1kMzkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA06FfRWMsrZQmz449zJd3D8oEKTqep3pMqM/UJTHqQJ0XDbFlpbXmkMvhv1ac
U/4fjY/riG9tfvcXXg0MpBMB3xCOAAMLs03YS9rzjfer+LqsiVmox4rhjBF+cL/g
6d7v6ZtzHSg6KgB20JFUpTEkOLq13edEvgr709UucaNxhjt5HZqv0unSd0+Y8TpN
ulO+5dXko4HPxfb2A68jrY1mEEsD61ZBYSMy9VG7dECVABc4nNi0+0kE/Sl8GGmy
GpS1lZxlW85Z0ET8K3b7DZ1V26H0sYr6qR0c+BHDv9Si4xAO4zv0FrXmTOSrEPZK
3VtX74I7LdvK/HdzRzKnwQ76swIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFLXH+2Oc
bk4A+ssU7tQp1Q3J3IDQMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQTIyODg0Rjgx
Qjg2MTFFQ0EwNDQzMjg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAJnhmADBAFnq74wDwQCAAIwCQMHAiQHUUAAADANBgkqhkiG
9w0BAQsFAAOCAQEAQ40AKHhobfrVffnjxcQ/jWVB24bh/IdsJVUGaM8t9lVqwUSJ
z21VusXMbE3sIkXdYLBmHXUboCLhWoeqj9QZBmsbafMW0YCSKQ/+R68eMR7n+FbV
VkdoVlemYBmCyoXy6fI4aRmJSxBZ+SeqeSXtNdmJfZ++muk0k8yLgxDvtS5nj9pq
QBOGCAdpGfn8mtRUSi6tW4JvPXIGQeMOcK1PFl2zx6RMq1LEy7F0Bja1l/ogKVC5
ty1udiE+QhskOY3Tx73WUpuNYzI0eVDbjny95NcSI62Ad1YYozIIDXf7n9d7ry1D
iagg1NAmEJroqlQt3iFtA4oUUCXdJ4TLY+57ww==
-----END CERTIFICATE-----
Generated at Wed Oct 11 06:06:49 2023 by rpki-client on console-fra.rpki-client.org