Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B790C4B0FF3211EB8308653BC4F9AE02.roa
File: B790C4B0FF3211EB8308653BC4F9AE02.roa (raw, json)
Hash identifier: 9gEcjQrZXbQp0b2d0UWfspZnR7jKnGa+TmYHYmZIbRA=
Subject key identifier: 8C:C0:B5:E7:43:74:A8:36:F8:4B:8C:91:4A:69:62:46:10:80:D0:AB
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 77AE
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B790C4B0FF3211EB8308653BC4F9AE02.roa
Signing time: Wed 16 Aug 2023 08:42:39 +0000
ROA not before: Wed 16 Aug 2023 08:42:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138276
IP address blocks: 103.132.0.0/22 maxlen: 24
103.161.198.0/23 maxlen: 24
2407:740::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 15 Mar 2024 06:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30638 (0x77ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 16 08:42:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64dc8bfe-6871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e5:9c:b1:39:96:02:62:50:d1:96:75:43:4f:
ea:60:c6:07:ac:63:4e:a7:9d:5d:3f:06:5f:cb:9d:
3b:b9:97:46:91:5d:9a:e0:3f:42:4c:ef:e4:36:d0:
5d:12:1a:85:db:5e:58:01:11:84:6a:72:7e:43:66:
a4:a3:b9:3e:a3:64:ec:05:82:97:b4:34:c6:9c:d4:
84:25:0d:40:18:af:1e:a1:6a:a5:cc:ba:51:5f:0a:
bd:a8:ec:81:4f:d5:a2:89:35:3f:ea:bb:4d:db:a2:
74:8e:59:47:43:58:21:9c:eb:1a:26:44:96:62:95:
f0:0f:10:37:21:5c:1e:88:9d:77:e5:14:fb:cc:55:
ba:ae:91:5d:fd:ec:81:61:cf:31:c7:c8:75:f6:60:
6a:8c:8c:d0:e0:d9:a4:e3:25:66:28:fd:a5:56:75:
f0:c9:97:25:4b:da:91:20:1a:68:7e:9a:d2:c9:90:
4a:38:88:f7:a9:9a:0f:88:a1:6c:61:ec:37:0f:02:
ed:bd:2d:38:51:9f:e6:79:45:f4:cc:37:47:e5:6d:
7b:a1:a3:0a:bc:77:06:ec:be:52:92:a3:02:17:4c:
44:78:55:42:8e:33:78:1f:4d:5d:67:d1:37:e1:f8:
38:e0:40:e6:dd:04:a8:4c:30:b9:c4:fe:e3:4e:9d:
2e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:C0:B5:E7:43:74:A8:36:F8:4B:8C:91:4A:69:62:46:10:80:D0:AB
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B790C4B0FF3211EB8308653BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.132.0.0/22
103.161.198.0/23
IPv6:
2407:740::/32
Signature Algorithm: sha256WithRSAEncryption
7a:01:11:65:6b:97:10:c5:82:ac:fd:73:d2:49:76:a6:6f:06:
4f:6f:26:e1:ee:79:b5:dc:52:95:f0:18:ed:45:29:dd:88:0c:
58:ca:bc:d8:df:27:7e:9f:ac:7a:3c:22:e8:b1:6f:fb:8a:7f:
f1:26:c5:3f:70:e3:c6:4e:a3:ea:26:ff:5d:0b:f0:ff:86:36:
12:9a:a6:7b:b6:8c:c1:b5:60:89:2a:c8:ee:e3:95:f3:a4:a2:
fd:f0:c2:bf:b4:ae:08:95:56:1d:3a:32:6f:a1:1f:dc:bb:2c:
98:a9:db:40:92:e9:18:ff:be:f6:20:94:37:52:65:62:1e:00:
ab:19:21:3a:15:6b:03:40:8d:70:bc:96:df:64:a2:82:a4:25:
cb:06:69:08:5e:1a:d9:34:27:3d:e3:b3:94:90:45:ac:84:e3:
7c:44:8f:1e:6d:ee:03:54:99:7c:7f:2f:82:bf:87:a4:12:83:
4d:ae:98:de:60:3d:c9:e5:96:96:28:2e:9c:ae:01:19:c4:1d:
87:26:c6:80:dc:ad:bd:51:93:72:fb:27:9f:5f:2f:58:0b:cb:
e3:02:05:c4:20:f0:9a:f7:4c:48:00:1b:d2:55:57:a6:d4:87:
95:07:8f:b7:92:3f:7b:c6:5c:b7:67:92:71:e5:12:4c:f8:c2:
51:db:8f:76
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICd64wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwODE2MDg0MjM5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRjOGJmZS02ODcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsOWcsTmWAmJQ0ZZ1Q0/qYMYHrGNOp51dPwZfy507uZdGkV2a4D9CTO/kNtBd
EhqF215YARGEanJ+Q2ako7k+o2TsBYKXtDTGnNSEJQ1AGK8eoWqlzLpRXwq9qOyB
T9WiiTU/6rtN26J0jllHQ1ghnOsaJkSWYpXwDxA3IVweiJ135RT7zFW6rpFd/eyB
Yc8xx8h19mBqjIzQ4Nmk4yVmKP2lVnXwyZclS9qRIBpofprSyZBKOIj3qZoPiKFs
Yew3DwLtvS04UZ/meUX0zDdH5W17oaMKvHcG7L5SkqMCF0xEeFVCjjN4H01dZ9E3
4fg44EDm3QSoTDC5xP7jTp0uTQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFIzAtedD
dKg2+EuMkUppYkYQgNCrMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQjc5MEM0QjBG
RjMyMTFFQjgzMDg2NTNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnhAADBAFnocYwDQQCAAIwBwMFACQHB0AwDQYJKoZIhvcN
AQELBQADggEBAHoBEWVrlxDFgqz9c9JJdqZvBk9vJuHuebXcUpXwGO1FKd2IDFjK
vNjfJ36frHo8Iuixb/uKf/EmxT9w48ZOo+om/10L8P+GNhKapnu2jMG1YIkqyO7j
lfOkov3wwr+0rgiVVh06Mm+hH9y7LJip20CS6Rj/vvYglDdSZWIeAKsZIToVawNA
jXC8lt9kooKkJcsGaQheGtk0Jz3js5SQRayE43xEjx5t7gNUmXx/L4K/h6QSg02u
mN5gPcnllpYoLpyuARnEHYcmxoDcrb1Rk3L7J59fL1gLy+MCBcQg8Jr3TEgAG9JV
V6bUh5UHj7eSP3vGXLdnknHlEkz4wlHbj3Y=
-----END CERTIFICATE-----
Generated at Fri Mar 15 10:42:50 2024 by rpki-client on console-fra.rpki-client.org