Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C27D9210483711EC8AA7367DC4F9AE02.roa
File: C27D9210483711EC8AA7367DC4F9AE02.roa (raw, json)
Hash identifier: oDEGlQ4RxNbF4PVeXdNIY54p5R65TPZ9MYGdFbGLcjI=
Subject key identifier: B2:DF:65:35:24:D6:72:0B:28:A7:43:17:AE:45:0D:B0:51:50:0C:7E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7EE9
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C27D9210483711EC8AA7367DC4F9AE02.roa
Signing time: Tue 28 Nov 2023 10:00:21 +0000
ROA not before: Tue 28 Nov 2023 10:00:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134375
IP address blocks: 103.164.24.0/23 maxlen: 24
103.176.140.0/23 maxlen: 24
103.179.8.0/23 maxlen: 24
203.145.42.0/23 maxlen: 24
203.145.56.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 11:48:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32489 (0x7ee9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Nov 28 10:00:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6565ba34-e6b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:80:39:d7:a3:76:ec:f4:6e:b9:da:a3:75:95:
6b:cc:72:a9:23:5f:66:92:18:29:7d:6f:1d:66:26:
5d:d5:17:65:d8:57:20:56:f5:da:1a:b8:8e:b9:21:
b9:48:06:cb:02:95:7a:f5:47:ec:e3:29:9c:1f:5d:
38:fe:c3:a3:18:7a:31:d7:d7:12:11:b8:0c:ea:62:
85:2a:a8:c0:db:f8:33:80:cb:01:e9:c1:f2:d7:04:
f4:20:0e:dc:18:0e:b0:2e:ce:0f:15:14:10:0e:ab:
78:2d:ed:bd:bc:7a:b9:4d:8c:1b:3c:73:7a:04:f3:
5b:df:a4:21:96:b3:29:5d:37:f4:06:f8:f1:20:0d:
3c:b6:ff:4f:0a:b8:dc:1d:25:ad:ec:49:76:ee:14:
43:34:f9:49:7e:81:98:04:5c:44:bc:5b:1d:28:00:
c7:02:de:c4:3e:6f:ea:d5:a0:cf:9d:c0:bc:86:34:
e9:b3:1a:71:72:9c:01:9d:2a:0f:d3:ec:bd:f8:c2:
5f:03:99:25:59:45:e7:d4:dc:93:43:a6:43:7d:03:
b0:76:62:c6:40:4b:08:5e:71:41:9e:94:d7:9f:f3:
a8:24:b1:85:ea:95:2e:22:31:78:98:3f:b4:8c:5b:
fb:3d:2e:b9:6c:f5:37:88:8b:d3:a4:12:38:b7:7d:
90:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DF:65:35:24:D6:72:0B:28:A7:43:17:AE:45:0D:B0:51:50:0C:7E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C27D9210483711EC8AA7367DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.164.24.0/23
103.176.140.0/23
103.179.8.0/23
203.145.42.0/23
203.145.56.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:21:c0:b6:1e:d0:56:99:57:42:d8:2e:95:54:b3:0a:e2:47:
31:5e:30:de:c0:b3:0d:96:b7:1e:63:03:69:cf:ae:bc:12:33:
0a:3a:52:52:67:a0:4b:9b:65:2a:3d:1c:df:e2:ef:1a:e5:ae:
3a:b2:9f:b6:43:37:e5:fa:6c:0f:fe:7b:a6:80:44:f9:e7:6f:
ab:64:24:52:d6:47:ff:8f:bc:0f:27:e4:26:df:c6:10:b7:c4:
0c:3b:6c:3a:7e:8a:7f:c7:ad:8e:fc:0e:20:6d:62:9c:c9:4b:
39:9c:39:10:5c:8e:3f:32:2c:20:23:a2:b3:b4:3e:3b:18:22:
db:6d:27:cb:92:2c:d8:2c:4a:34:ef:44:09:bb:da:f7:38:bf:
28:a5:f8:87:88:f3:fe:f3:e0:a3:74:8d:92:ad:9e:46:30:fe:
4a:7e:92:15:0c:6b:58:8f:34:f8:07:10:2f:7e:cd:41:1a:ea:
b5:4d:3c:22:9e:83:2c:3b:35:c3:e8:fc:d2:36:b5:56:20:97:
ab:40:5e:e8:89:1f:f0:4e:93:24:f0:11:d4:0b:74:39:38:95:
b6:96:89:d7:d6:c7:79:be:aa:5a:51:e9:39:60:c2:c9:0e:94:
c4:15:16:c7:66:f0:f9:e5:e1:6c:ac:0e:32:43:12:95:e9:10:
cc:02:8d:2e
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICfukwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMTI4MTAwMDIxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTY1YmEzNC1lNmIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuYA516N27PRuudqjdZVrzHKpI19mkhgpfW8dZiZd1Rdl2FcgVvXaGriOuSG5
SAbLApV69Ufs4ymcH104/sOjGHox19cSEbgM6mKFKqjA2/gzgMsB6cHy1wT0IA7c
GA6wLs4PFRQQDqt4Le29vHq5TYwbPHN6BPNb36QhlrMpXTf0BvjxIA08tv9PCrjc
HSWt7El27hRDNPlJfoGYBFxEvFsdKADHAt7EPm/q1aDPncC8hjTpsxpxcpwBnSoP
0+y9+MJfA5klWUXn1NyTQ6ZDfQOwdmLGQEsIXnFBnpTXn/OoJLGF6pUuIjF4mD+0
jFv7PS65bPU3iIvTpBI4t32Q1wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFLLfZTUk
1nILKKdDF65FDbBRUAx+MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQzI3RDkyMTA0
ODM3MTFFQzhBQTczNjdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAFnpBgDBAFnsIwDBAFnswgDBAHLkSoDBAHLkTgwDQYJKoZI
hvcNAQELBQADggEBAKIhwLYe0FaZV0LYLpVUswriRzFeMN7Asw2Wtx5jA2nPrrwS
Mwo6UlJnoEubZSo9HN/i7xrlrjqyn7ZDN+X6bA/+e6aARPnnb6tkJFLWR/+PvA8n
5CbfxhC3xAw7bDp+in/HrY78DiBtYpzJSzmcORBcjj8yLCAjorO0PjsYItttJ8uS
LNgsSjTvRAm72vc4vyil+IeI8/7z4KN0jZKtnkYw/kp+khUMa1iPNPgHEC9+zUEa
6rVNPCKegyw7NcPo/NI2tVYgl6tAXuiJH/BOkyTwEdQLdDk4lbaWidfWx3m+qlpR
6TlgwskOlMQVFsdm8Pnl4WysDjJDEpXpEMwCjS4=
-----END CERTIFICATE-----
Generated at Tue Jan 23 14:58:06 2024 by rpki-client on console-ams.rpki-client.org