Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C9842980B27011EDA50D1A19C4F9AE02.roa
File: C9842980B27011EDA50D1A19C4F9AE02.roa (raw, json)
Hash identifier: sAH77nAENMGb4ovCtRsX8FZTp9JSXI5JYbq9e0dHe7E=
Subject key identifier: FF:41:5C:88:19:45:11:7D:C7:89:DE:D0:C1:6D:B5:CE:C4:AC:6D:C4
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6BD4
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C9842980B27011EDA50D1A19C4F9AE02.roa
Signing time: Wed 10 May 2023 16:21:35 +0000
ROA not before: Wed 10 May 2023 16:21:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135706
IP address blocks: 103.72.8.0/22 maxlen: 24
103.203.252.0/24 maxlen: 24
103.203.253.0/24 maxlen: 24
103.203.254.0/24 maxlen: 24
202.133.72.0/24 maxlen: 24
202.133.73.0/24 maxlen: 24
2001:df2:8500::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27604 (0x6bd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:21:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc48e-e477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:2b:79:54:46:dc:72:03:a1:05:64:e6:fa:67:
02:4f:9c:a3:3d:66:09:4f:16:4f:ee:1c:c3:d4:64:
9c:ac:a4:83:84:76:0f:ba:2c:19:e9:ae:05:40:14:
ab:bf:0a:af:10:3b:19:12:36:cf:5d:2f:0f:4d:91:
a9:db:d0:35:48:01:50:c9:11:26:4d:1b:1a:3d:f4:
28:7d:b3:aa:4b:43:57:47:06:e3:43:0c:1e:22:54:
cd:46:c1:9a:de:4b:14:32:6f:9f:a6:44:dd:9f:77:
31:70:91:1d:17:4d:08:b6:5c:44:fe:6c:36:b6:e9:
16:2e:bd:57:62:9d:f7:73:5b:fb:9e:af:c4:a1:68:
a5:71:23:0f:41:45:57:34:18:93:b5:7c:13:40:0c:
cc:cc:69:eb:a1:fa:1b:e0:aa:03:6b:8c:fd:fe:42:
a4:17:05:c3:24:9a:fe:6a:40:b9:a0:8e:c7:d4:34:
29:9a:6b:ab:ad:42:a7:51:c8:69:d8:f4:66:46:8c:
bb:07:c3:4c:c6:bb:fd:0c:8a:dc:4a:6d:b5:8a:5f:
66:d5:40:75:04:ca:4e:bf:68:d8:39:88:ed:1c:fb:
a8:57:45:74:da:4f:4a:28:86:c6:c3:ea:17:a4:c4:
05:85:a3:c4:57:3a:8b:08:9b:32:be:54:91:9e:cd:
74:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:41:5C:88:19:45:11:7D:C7:89:DE:D0:C1:6D:B5:CE:C4:AC:6D:C4
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C9842980B27011EDA50D1A19C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.8.0/22
103.203.252.0-103.203.254.255
202.133.72.0/23
IPv6:
2001:df2:8500::/48
Signature Algorithm: sha256WithRSAEncryption
72:71:3a:dd:a7:dc:13:1a:8d:c7:c6:60:de:e3:e8:38:42:62:
83:a9:52:2c:5e:65:88:cb:19:a6:96:86:43:b1:3b:98:cc:62:
d5:2b:b9:4e:b0:8c:59:70:03:53:ee:a7:11:91:c9:99:a0:92:
8e:64:35:ea:38:21:92:59:80:f3:04:c0:d1:18:6b:51:4e:e1:
66:74:61:fe:95:e8:38:4e:e7:49:c6:29:e1:4e:5b:b9:b1:5b:
c3:11:dc:6e:89:90:b2:6c:16:25:e2:4d:55:6e:75:6e:c3:18:
8a:b6:f4:ff:dc:3e:b6:f7:87:4c:82:66:f1:96:91:3b:25:8e:
5f:f3:a0:7e:7c:54:08:4f:d8:5b:70:8e:73:68:db:45:d0:67:
8d:35:34:47:76:a5:82:be:fe:b6:7c:22:92:ee:03:55:18:fd:
62:c2:99:b0:65:5d:4a:a2:a7:9d:23:5d:9d:0e:65:7a:24:84:
57:1a:a5:3c:ed:3d:5a:98:a4:7d:38:4a:19:c2:2b:b3:0e:4c:
71:60:13:f0:14:79:7b:4d:88:5b:f3:5b:99:79:38:a2:fe:18:
60:8c:11:55:15:a6:b4:ff:8b:0f:7c:f1:78:ea:ea:ad:11:26:
d2:dc:19:ba:56:c0:f0:fd:dd:99:2c:dd:44:9e:36:ae:a9:fc:
60:c3:6f:e4
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgICa9QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYyMTM0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzQ4ZS1lNDc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6it5VEbccgOhBWTm+mcCT5yjPWYJTxZP7hzD1GScrKSDhHYPuiwZ6a4FQBSr
vwqvEDsZEjbPXS8PTZGp29A1SAFQyREmTRsaPfQofbOqS0NXRwbjQwweIlTNRsGa
3ksUMm+fpkTdn3cxcJEdF00ItlxE/mw2tukWLr1XYp33c1v7nq/EoWilcSMPQUVX
NBiTtXwTQAzMzGnrofob4KoDa4z9/kKkFwXDJJr+akC5oI7H1DQpmmurrUKnUchp
2PRmRoy7B8NMxrv9DIrcSm21il9m1UB1BMpOv2jYOYjtHPuoV0V02k9KKIbGw+oX
pMQFhaPEVzqLCJsyvlSRns10KQIDAQABo4ICujCCArYwHQYDVR0OBBYEFP9BXIgZ
RRF9x4ne0MFttc7ErG3EMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQzk4NDI5ODBC
MjcwMTFFREE1MEQxQTE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E
NTAzMCAEAgABMBoDBAJnSAgwDAMEAmfL/AMEAGfL/gMEAcqFSDAPBAIAAjAJAwcA
IAEN8oUAMA0GCSqGSIb3DQEBCwUAA4IBAQBycTrdp9wTGo3HxmDe4+g4QmKDqVIs
XmWIyxmmloZDsTuYzGLVK7lOsIxZcANT7qcRkcmZoJKOZDXqOCGSWYDzBMDRGGtR
TuFmdGH+leg4TudJxinhTlu5sVvDEdxuiZCybBYl4k1VbnVuwxiKtvT/3D6294dM
gmbxlpE7JY5f86B+fFQIT9hbcI5zaNtF0GeNNTRHdqWCvv62fCKS7gNVGP1iwpmw
ZV1KoqedI12dDmV6JIRXGqU87T1amKR9OEoZwiuzDkxxYBPwFHl7TYhb81uZeTii
/hhgjBFVFaa0/4sPfPF46uqtESbS3Bm6VsDw/d2ZLN1Enjauqfxgw2/k
-----END CERTIFICATE-----
Generated at Mon Oct 16 07:57:56 2023 by rpki-client on console-fra.rpki-client.org