Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C13218C4668311EEB819A94DC4F9AE02.roa
File: C13218C4668311EEB819A94DC4F9AE02.roa (raw, json)
Hash identifier: YzqsUgzh7sfYJfGzBuZA+lYrTAwev3XRTcMKRrSWZJI=
Subject key identifier: 5F:1D:18:A3:2B:50:42:D3:FF:7B:37:E1:24:47:45:CF:42:06:F1:BB
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7BA8
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C13218C4668311EEB819A94DC4F9AE02.roa
Signing time: Wed 11 Oct 2023 11:57:11 +0000
ROA not before: Wed 11 Oct 2023 11:57:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135232
IP address blocks: 103.117.172.0/24 maxlen: 24
103.117.175.0/24 maxlen: 24
103.129.112.0/23 maxlen: 24
103.133.244.0/23 maxlen: 24
103.149.20.0/23 maxlen: 24
103.158.214.0/24 maxlen: 24
103.158.215.0/24 maxlen: 24
103.163.166.0/23 maxlen: 24
103.170.190.0/23 maxlen: 24
103.221.208.0/22 maxlen: 24
2001:df2:f1c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31656 (0x7ba8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Oct 11 11:57:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65268d97-9bdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9a:fb:4f:09:24:02:08:0b:3c:45:95:14:bd:
65:e7:81:74:4b:be:85:19:63:76:9f:6d:f0:7d:1f:
a7:9b:0d:96:0f:f9:35:64:db:f5:99:09:e4:ae:d2:
d0:5c:14:a8:c6:73:bb:71:cc:96:76:c8:92:11:74:
d9:ac:41:6c:c1:b8:b3:6d:ec:d6:6c:1b:74:97:ea:
88:7a:01:57:6c:02:54:7c:a1:80:05:fe:26:93:68:
e2:da:b0:37:26:2d:75:42:7d:86:4c:57:95:fd:52:
9b:9e:fa:8c:f2:c5:28:21:3a:3f:7a:64:99:09:0e:
ee:32:9d:e8:c6:6c:18:a8:ac:f5:a1:e7:06:ac:51:
63:94:bb:88:5e:e7:6b:94:5a:f6:f1:ab:cf:7f:bc:
8d:7a:b4:f2:10:c2:21:d3:38:63:e8:8f:9e:a8:aa:
37:c2:93:f8:31:0f:32:19:ff:6c:26:4e:16:7f:e0:
cd:5a:99:f5:6a:16:0d:a4:d7:85:b0:40:57:28:e5:
5e:75:56:ff:12:83:14:68:a8:57:19:f6:7c:c8:05:
f8:7c:16:5e:0a:f7:26:7a:12:b4:16:23:d6:19:7e:
2a:7a:ab:db:be:95:0f:c3:7c:d7:16:0d:9e:d5:22:
05:89:70:1f:3c:64:fb:2e:90:e7:fe:96:19:04:1d:
21:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:1D:18:A3:2B:50:42:D3:FF:7B:37:E1:24:47:45:CF:42:06:F1:BB
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C13218C4668311EEB819A94DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.117.172.0/24
103.117.175.0/24
103.129.112.0/23
103.133.244.0/23
103.149.20.0/23
103.158.214.0/23
103.163.166.0/23
103.170.190.0/23
103.221.208.0/22
IPv6:
2001:df2:f1c0::/48
Signature Algorithm: sha256WithRSAEncryption
5c:da:33:3d:e8:52:55:f7:14:53:ea:8c:d7:8f:4e:a3:47:30:
43:43:56:80:7b:2d:8d:30:fd:20:7a:47:3c:23:a1:84:8f:1f:
b2:fa:7d:ee:6f:17:70:53:74:c1:9b:f8:0c:05:79:52:01:18:
bc:ba:e4:46:42:a9:b2:ae:ca:1a:43:c0:53:2f:93:bd:ff:df:
5f:f5:d2:e8:46:6e:5e:16:bc:d3:6f:ec:08:6e:fc:bb:82:65:
01:6a:eb:23:d3:e7:6e:b7:62:be:4a:0d:b0:f3:42:ce:1d:4c:
61:dc:8f:51:1c:9e:63:0f:66:cc:84:3d:9f:f1:4f:08:fe:dd:
5c:fc:f7:f7:40:f2:5e:32:8c:cf:e8:03:e7:6c:7d:37:21:10:
e2:4c:98:d2:43:5a:26:67:91:96:7a:2a:ca:57:b5:4d:ef:1e:
4e:1e:72:d9:f3:66:05:04:a3:61:85:55:83:a1:0e:e4:b9:b0:
74:51:44:c4:49:05:2f:f2:07:b9:22:9f:6b:f2:78:f9:91:2b:
6d:62:f5:ba:3d:c5:13:56:c4:dc:c4:71:12:d0:f8:2d:71:f8:
63:b0:9a:31:3c:d8:e7:01:20:c7:f1:05:fd:d0:ed:bf:69:96:
8b:3e:f2:83:ef:11:44:04:fe:b6:71:10:08:82:f4:32:c8:1e:
3e:34:20:ce
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgICe6gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMDExMTE1NzExWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI2OGQ5Ny05YmRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy5r7TwkkAggLPEWVFL1l54F0S76FGWN2n23wfR+nmw2WD/k1ZNv1mQnkrtLQ
XBSoxnO7ccyWdsiSEXTZrEFswbizbezWbBt0l+qIegFXbAJUfKGABf4mk2ji2rA3
Ji11Qn2GTFeV/VKbnvqM8sUoITo/emSZCQ7uMp3oxmwYqKz1oecGrFFjlLuIXudr
lFr28avPf7yNerTyEMIh0zhj6I+eqKo3wpP4MQ8yGf9sJk4Wf+DNWpn1ahYNpNeF
sEBXKOVedVb/EoMUaKhXGfZ8yAX4fBZeCvcmehK0FiPWGX4qeqvbvpUPw3zXFg2e
1SIFiXAfPGT7LpDn/pYZBB0hJQIDAQABo4IC1jCCAtIwHQYDVR0OBBYEFF8dGKMr
UELT/3s34SRHRc9CBvG7MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQzEzMjE4QzQ2
NjgzMTFFRUI4MTlBOTREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYAYIKwYBBQUHAQcBAf8E
UTBPMDwEAgABMDYDBABndawDBABnda8DBAFngXADBAFnhfQDBAFnlRQDBAFnntYD
BAFno6YDBAFnqr4DBAJn3dAwDwQCAAIwCQMHACABDfLxwDANBgkqhkiG9w0BAQsF
AAOCAQEAXNozPehSVfcUU+qM149Oo0cwQ0NWgHstjTD9IHpHPCOhhI8fsvp97m8X
cFN0wZv4DAV5UgEYvLrkRkKpsq7KGkPAUy+Tvf/fX/XS6EZuXha802/sCG78u4Jl
AWrrI9PnbrdivkoNsPNCzh1MYdyPURyeYw9mzIQ9n/FPCP7dXPz390DyXjKMz+gD
52x9NyEQ4kyY0kNaJmeRlnoqyle1Te8eTh5y2fNmBQSjYYVVg6EO5LmwdFFExEkF
L/IHuSKfa/J4+ZErbWL1uj3FE1bE3MRxEtD4LXH4Y7CaMTzY5wEgx/EF/dDtv2mW
iz7yg+8RRAT+tnEQCIL0MsgePjQgzg==
-----END CERTIFICATE-----
Generated at Mon Nov 13 07:14:28 2023 by rpki-client on console-fra.rpki-client.org