Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CE826914AD9611EB827EDF7BC4F9AE02.roa
File: CE826914AD9611EB827EDF7BC4F9AE02.roa (raw, json)
Hash identifier: MGMEPamq8Ck+j93sItUyOeBUlMLeBBvZz7P1hKReHfo=
Subject key identifier: 3F:DB:85:7A:53:E8:9B:6D:79:5B:1C:EA:04:A4:5A:FF:42:8D:8A:A4
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 74D1
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CE826914AD9611EB827EDF7BC4F9AE02.roa
Signing time: Mon 03 Jul 2023 10:01:27 +0000
ROA not before: Mon 03 Jul 2023 10:01:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136634
IP address blocks: 103.48.146.0/23 maxlen: 24
103.85.228.0/22 maxlen: 22
103.85.228.0/23 maxlen: 24
103.85.230.0/24 maxlen: 24
103.85.231.0/24 maxlen: 24
103.102.56.0/22 maxlen: 24
103.104.129.0/24 maxlen: 24
103.172.132.0/24 maxlen: 24
103.174.164.0/23 maxlen: 24
103.230.178.0/23 maxlen: 24
103.235.90.0/23 maxlen: 24
2001:df2:4e40::/48 maxlen: 48
2001:df2:52c0::/48 maxlen: 48
2406:24c0::/32 maxlen: 40
2406:24c0::/48 maxlen: 48
2406:24c0:1::/48 maxlen: 48
2406:24c0:2::/48 maxlen: 48
2406:24c0:3::/48 maxlen: 48
2406:24c0:4::/48 maxlen: 48
2406:24c0:5::/48 maxlen: 48
2406:24c0:9::/48 maxlen: 48
2406:24c0:a::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29905 (0x74d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jul 3 10:01:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64a29c77-29dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:46:56:c2:b8:00:a1:b4:32:6b:39:a7:fa:d2:
c7:bc:70:cc:32:24:06:76:71:99:e4:36:17:9d:09:
fb:2e:29:7f:8c:94:f7:53:31:e5:47:43:67:4b:d2:
0f:88:79:94:f9:41:c4:1b:8e:37:c4:75:62:0d:f6:
c4:e4:9e:de:c8:15:76:ab:ca:a2:4a:2c:18:e4:33:
3a:b9:8c:16:dc:35:fe:aa:ee:3c:f6:43:e9:fe:07:
1d:1d:ce:f0:66:ee:d2:0a:3b:a2:0a:f4:44:f6:03:
47:f7:89:6a:4b:3c:4f:73:68:f9:97:f0:91:31:3a:
95:af:0a:cd:7e:10:7c:e1:a7:08:c0:f2:ed:7b:ea:
de:e3:a7:23:aa:2d:f9:bb:fe:1c:eb:57:4f:1b:ea:
ed:e0:3a:9f:66:38:4d:29:1b:6b:37:9d:b8:89:75:
d5:1c:96:bd:e6:d3:68:a2:15:90:aa:0f:2c:e0:1d:
38:b8:d8:63:6f:b4:b2:03:ec:78:ff:fb:d5:60:c2:
0b:1a:16:31:40:20:e9:6e:cf:65:b9:68:51:4a:c3:
5e:11:c9:9e:dd:19:00:e3:d0:65:d0:0e:e6:33:0c:
f7:85:c2:b7:2d:02:cd:d8:fe:7b:bc:4c:64:88:41:
a8:67:a7:c6:a0:0c:f1:1d:61:74:c6:ca:1e:da:1e:
da:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:DB:85:7A:53:E8:9B:6D:79:5B:1C:EA:04:A4:5A:FF:42:8D:8A:A4
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CE826914AD9611EB827EDF7BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.48.146.0/23
103.85.228.0/22
103.102.56.0/22
103.104.129.0/24
103.172.132.0/24
103.174.164.0/23
103.230.178.0/23
103.235.90.0/23
IPv6:
2001:df2:4e40::/48
2001:df2:52c0::/48
2406:24c0::/32
Signature Algorithm: sha256WithRSAEncryption
09:a4:88:71:2d:55:a8:51:70:99:c9:77:eb:36:33:b5:58:55:
87:48:6f:7a:6d:b0:1c:e4:18:f6:6d:24:ba:d4:89:df:18:e6:
68:3d:57:3e:b9:14:7a:94:b7:58:2c:ef:1f:2d:e3:a9:c6:d4:
5b:05:e8:0c:78:da:e0:86:7f:d5:0c:3d:e3:ac:7a:2b:a0:f2:
2e:da:a7:97:7a:31:2a:1f:86:e7:c0:58:d9:44:a9:90:ad:98:
31:5f:d0:1d:10:15:61:39:fa:fb:f9:f4:ab:85:11:e4:ed:d6:
13:19:b1:f7:38:7d:e0:d4:13:41:83:fd:70:cd:fe:03:5d:01:
0d:c4:64:e2:a8:11:1d:03:c0:53:5f:8a:8d:17:31:e3:44:b5:
e3:ba:f6:ba:aa:85:9a:54:f3:ef:ab:ee:83:19:bc:83:a6:5c:
6a:58:66:18:61:0e:09:73:ce:ef:4c:10:cf:42:70:e3:e8:a3:
23:53:ad:87:86:2d:9b:01:35:94:b9:c3:fe:5a:40:8a:bb:36:
1b:58:11:4a:1d:9f:a8:ea:22:4d:33:0c:06:f7:ba:3b:c6:65:
7d:16:61:59:81:b7:58:01:bf:ce:87:80:e0:29:37:7f:25:f3:
3f:9e:48:20:36:1b:a8:64:d4:fe:02:5c:a3:2d:0b:60:d6:59:
7b:94:82:ea
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgICdNEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNzAzMTAwMTI3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGEyOWM3Ny0yOWRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArkZWwrgAobQyazmn+tLHvHDMMiQGdnGZ5DYXnQn7Lil/jJT3UzHlR0NnS9IP
iHmU+UHEG443xHViDfbE5J7eyBV2q8qiSiwY5DM6uYwW3DX+qu489kPp/gcdHc7w
Zu7SCjuiCvRE9gNH94lqSzxPc2j5l/CRMTqVrwrNfhB84acIwPLte+re46cjqi35
u/4c61dPG+rt4DqfZjhNKRtrN524iXXVHJa95tNoohWQqg8s4B04uNhjb7SyA+x4
//vVYMILGhYxQCDpbs9luWhRSsNeEcme3RkA49Bl0A7mMwz3hcK3LQLN2P57vExk
iEGoZ6fGoAzxHWF0xsoe2h7awwIDAQABo4IC4DCCAtwwHQYDVR0OBBYEFD/bhXpT
6JtteVsc6gSkWv9CjYqkMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQ0U4MjY5MTRB
RDk2MTFFQjgyN0VERjdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwagYIKwYBBQUHAQcBAf8E
WzBZMDYEAgABMDADBAFnMJIDBAJnVeQDBAJnZjgDBABnaIEDBABnrIQDBAFnrqQD
BAFn5rIDBAFn61owHwQCAAIwGQMHACABDfJOQAMHACABDfJSwAMFACQGJMAwDQYJ
KoZIhvcNAQELBQADggEBAAmkiHEtVahRcJnJd+s2M7VYVYdIb3ptsBzkGPZtJLrU
id8Y5mg9Vz65FHqUt1gs7x8t46nG1FsF6Ax42uCGf9UMPeOseiug8i7ap5d6MSof
hufAWNlEqZCtmDFf0B0QFWE5+vv59KuFEeTt1hMZsfc4feDUE0GD/XDN/gNdAQ3E
ZOKoER0DwFNfio0XMeNEteO69rqqhZpU8++r7oMZvIOmXGpYZhhhDglzzu9MEM9C
cOPooyNTrYeGLZsBNZS5w/5aQIq7NhtYEUodn6jqIk0zDAb3ujvGZX0WYVmBt1gB
v86HgOApN38l8z+eSCA2G6hk1P4CXKMtC2DWWXuUguo=
-----END CERTIFICATE-----
Generated at Mon Sep 11 12:39:37 2023 by rpki-client on console-ams.rpki-client.org