Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C7E616B8E84011EE963FE327C4F9AE02.roa
File: C7E616B8E84011EE963FE327C4F9AE02.roa (raw, json)
Hash identifier: eFmww960PzC22m/uVkCpHT9cjgQ7Funyi8cg6jVDOkE=
Subject key identifier: D7:BF:BF:97:19:A8:57:6B:5E:2C:37:1F:EA:56:5D:71:E5:2D:DC:AC
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 853C
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C7E616B8E84011EE963FE327C4F9AE02.roa
Signing time: Fri 22 Mar 2024 12:31:05 +0000
ROA not before: Fri 22 Mar 2024 12:31:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132566
IP address blocks: 103.19.128.0/23 maxlen: 24
103.84.68.0/22 maxlen: 24
103.171.114.0/23 maxlen: 24
103.230.226.0/23 maxlen: 24
202.66.176.0/22 maxlen: 24
2406:7340::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Apr 2024 10:04:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34108 (0x853c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 22 12:31:05 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65fd7a09-264a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:13:10:fe:0f:1b:00:17:9d:e1:dc:93:9c:e0:
c7:bb:88:3e:3f:c5:41:a1:5b:85:c0:57:e7:79:71:
05:92:85:b7:fd:b7:b8:29:09:a7:5f:d3:95:0f:20:
f0:b3:a2:b1:8c:4b:71:58:4c:81:56:b5:a8:71:7d:
50:aa:36:8f:fc:a3:ac:3d:8b:9e:c0:41:c8:88:58:
df:05:5d:2c:15:a7:55:23:4c:4d:91:77:32:77:f1:
2d:76:4f:6a:38:01:11:ae:8b:8a:c3:14:ab:07:4b:
da:1e:f9:c5:76:1a:e0:92:db:ef:cf:97:c8:93:10:
c3:5a:fa:61:60:25:a5:67:f6:06:49:32:ef:69:9c:
64:28:68:b1:1a:eb:4b:cf:a7:6a:1f:ef:11:49:a4:
92:5e:bd:77:a8:e6:c1:89:ac:5e:cd:f6:1c:ca:51:
3d:81:6a:21:8c:04:1b:d1:09:68:1b:4e:4a:a5:f4:
a5:c0:d1:88:bf:48:c6:03:10:d7:3c:d8:40:89:19:
2a:ea:7f:05:70:10:0c:51:1d:9c:d8:fd:20:b9:c8:
b9:1c:bd:d0:39:31:02:4c:e0:61:cd:3c:e3:8d:36:
38:30:df:55:cc:2f:3e:f0:e2:ac:fa:75:36:73:6f:
f0:65:9d:d3:f0:a3:b7:cd:ee:86:62:e5:f5:5d:2e:
64:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:BF:BF:97:19:A8:57:6B:5E:2C:37:1F:EA:56:5D:71:E5:2D:DC:AC
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C7E616B8E84011EE963FE327C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.19.128.0/23
103.84.68.0/22
103.171.114.0/23
103.230.226.0/23
202.66.176.0/22
IPv6:
2406:7340::/32
Signature Algorithm: sha256WithRSAEncryption
43:6b:50:d7:0a:7c:70:cb:cf:80:19:f7:43:14:dc:cc:2c:a3:
4c:a3:08:2d:7f:5f:47:0e:03:c7:f3:f1:8b:76:06:18:32:fe:
97:9a:da:37:e2:65:c1:ca:5d:87:eb:84:ac:5c:39:a8:7a:f1:
8d:02:50:85:16:11:76:97:60:bc:2b:ff:d5:7a:16:9b:3a:ad:
41:35:29:e3:9b:ad:da:43:3b:ca:f3:fa:a2:b6:b8:d1:f3:f6:
dc:96:c4:24:0f:65:c4:d3:30:16:35:97:ed:1a:b1:43:f3:85:
86:93:f4:99:d9:8e:97:2d:66:3d:98:8a:c6:8e:cc:8b:91:96:
68:28:23:ee:4e:14:80:2d:38:cd:6d:43:5a:23:35:c1:2b:8b:
d6:4c:0d:ab:d1:19:79:4c:f5:1c:c6:e1:ad:c9:59:8a:6a:98:
c2:c6:68:12:c7:cf:d2:07:8b:1a:9e:dd:18:f6:00:7e:4a:1b:
1b:10:2b:d6:e5:c1:16:5f:5b:4f:09:ae:38:af:b7:0f:22:72:
1f:ae:11:c3:00:c3:71:c8:ed:d7:eb:5c:14:1f:51:17:e5:3d:
27:c0:73:d9:4a:63:b4:19:c7:45:04:cd:be:be:b0:88:08:ca:
26:8e:04:80:57:16:65:b8:b7:2a:e9:c5:f2:d4:6c:71:32:88:
c8:d7:87:40
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgIDAIU8MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDMyMjEyMzEwNVoXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjVmZDdhMDktMjY0YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwTEP4PGwAXneHck5zgx7uIPj/FQaFbhcBX53lxBZKFt/23uCkJp1/TlQ8g
8LOisYxLcVhMgVa1qHF9UKo2j/yjrD2LnsBByIhY3wVdLBWnVSNMTZF3MnfxLXZP
ajgBEa6LisMUqwdL2h75xXYa4JLb78+XyJMQw1r6YWAlpWf2Bkky72mcZChosRrr
S8+nah/vEUmkkl69d6jmwYmsXs32HMpRPYFqIYwEG9EJaBtOSqX0pcDRiL9IxgMQ
1zzYQIkZKup/BXAQDFEdnNj9ILnIuRy90DkxAkzgYc084402ODDfVcwvPvDirPp1
NnNv8GWd0/Cjt83uhmLl9V0uZBECAwEAAaOCArwwggK4MB0GA1UdDgQWBBTXv7+X
GahXa14sNx/qVl1x5S3crDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0M3RTYxNkI4
RTg0MDExRUU5NjNGRTMyN0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEYGCCsGAQUFBwEHAQH/
BDcwNTAkBAIAATAeAwQBZxOAAwQCZ1REAwQBZ6tyAwQBZ+biAwQCykKwMA0EAgAC
MAcDBQAkBnNAMA0GCSqGSIb3DQEBCwUAA4IBAQBDa1DXCnxwy8+AGfdDFNzMLKNM
owgtf19HDgPH8/GLdgYYMv6Xmto34mXByl2H64SsXDmoevGNAlCFFhF2l2C8K//V
ehabOq1BNSnjm63aQzvK8/qitrjR8/bclsQkD2XE0zAWNZftGrFD84WGk/SZ2Y6X
LWY9mIrGjsyLkZZoKCPuThSALTjNbUNaIzXBK4vWTA2r0Rl5TPUcxuGtyVmKapjC
xmgSx8/SB4sant0Y9gB+ShsbECvW5cEWX1tPCa44r7cPInIfrhHDAMNxyO3X61wU
H1EX5T0nwHPZSmO0GcdFBM2+vrCICMomjgSAVxZluLcq6cXy1GxxMojI14dA
-----END CERTIFICATE-----
Generated at Tue Apr 2 14:43:59 2024 by rpki-client on console-ams.rpki-client.org