Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E0C524FA289811EBAF69D425C4F9AE02.roa
File: E0C524FA289811EBAF69D425C4F9AE02.roa (raw, json)
Hash identifier: dmVSxq4qhCreYtZpD7VzBWv3Sn3av7tf8vhKpizddLM=
Subject key identifier: 07:4D:B4:4E:2D:69:08:8F:17:24:8B:68:D3:4E:7A:B4:5C:CF:02:74
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7E88
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E0C524FA289811EBAF69D425C4F9AE02.roa
Signing time: Wed 22 Nov 2023 08:19:27 +0000
ROA not before: Wed 22 Nov 2023 08:19:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135804
IP address blocks: 103.78.236.0/22 maxlen: 24
103.177.254.0/24 maxlen: 24
103.211.80.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32392 (0x7e88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Nov 22 08:19:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=655db98f-2b5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d8:b6:ef:40:19:72:c9:f7:9c:a2:a0:77:f3:
79:b2:90:8a:38:7f:3a:13:b0:2e:26:0a:61:aa:a4:
78:cb:05:2e:6a:71:15:4b:f1:85:80:78:95:39:7f:
5d:3a:d0:df:d5:c1:1a:3b:93:ae:d2:47:79:4d:89:
1e:b4:de:d1:54:7d:bd:d1:69:2f:e4:79:b7:41:0b:
11:f4:03:24:ec:cf:0f:9f:8e:b2:e6:f3:d3:ce:a8:
03:d5:a5:3e:1f:10:31:b4:0b:97:53:e2:8f:58:a0:
fc:b0:f4:23:63:74:0f:e8:7d:f1:45:97:ba:db:6c:
4a:7d:8d:66:4d:26:9d:8b:01:85:ad:ce:a9:d6:9e:
ee:0f:24:93:c0:99:3e:27:8f:25:f2:95:56:0a:31:
c4:11:0b:23:d2:99:28:dd:c1:72:22:74:b9:e3:66:
cb:9f:d4:4c:16:a8:95:4b:d4:d6:20:f3:16:76:64:
09:a1:e0:6f:aa:0a:0e:e9:1a:bf:41:45:23:28:5e:
5e:ef:bb:a5:a5:91:bc:26:c2:5a:11:ac:57:18:b1:
8c:6b:94:f7:03:3f:63:60:c3:7d:8a:4a:0c:c7:62:
1e:88:ee:fe:11:f7:44:1c:b8:4e:4d:53:da:28:fb:
af:d9:0e:5f:36:37:8e:9a:30:ce:b9:c0:93:81:96:
81:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:4D:B4:4E:2D:69:08:8F:17:24:8B:68:D3:4E:7A:B4:5C:CF:02:74
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E0C524FA289811EBAF69D425C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.78.236.0/22
103.177.254.0/24
103.211.80.0/24
Signature Algorithm: sha256WithRSAEncryption
46:85:eb:38:fb:49:f7:3e:30:7b:38:d6:9c:75:94:9c:0d:67:
7d:0f:95:5c:62:8f:14:59:3d:3f:d5:82:63:0f:46:34:01:d4:
96:99:a7:8b:b2:f2:42:03:a7:ed:f2:b8:ba:fd:7f:99:fb:fb:
ff:75:a4:cf:f6:96:e1:b2:2c:b4:17:5e:cf:9d:58:a3:7c:bf:
cb:4d:ff:c1:24:02:b0:02:11:a6:12:74:64:4e:d3:ea:ac:23:
81:89:b3:c2:6c:d3:82:cc:ee:02:89:51:b0:c1:69:62:7d:d3:
98:ab:df:ea:14:05:54:1f:48:b1:66:21:88:b7:c9:7e:63:d8:
33:c5:32:dd:5b:5c:06:b6:44:99:c1:7d:25:b5:f1:b0:95:51:
da:e3:90:3c:06:db:c9:fc:91:7f:e3:32:11:55:e3:22:d7:7f:
21:42:3d:16:71:a8:84:46:41:39:04:5e:37:a3:e0:75:59:00:
c1:4f:93:99:0b:50:2a:d6:0c:34:3a:31:82:90:99:04:4f:a0:
34:6c:c9:3d:64:98:2c:7c:0f:b9:d3:80:64:ea:9e:ab:9f:f3:
94:7a:0b:57:25:cb:ab:23:d1:a5:3f:a3:ba:70:c5:b0:64:42:
86:15:f9:fa:0a:79:6f:8a:fb:3b:70:14:bb:97:3f:2c:7c:98:
8f:29:37:36
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICfogwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMTIyMDgxOTI3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVkYjk4Zi0yYjVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt9i270AZcsn3nKKgd/N5spCKOH86E7AuJgphqqR4ywUuanEVS/GFgHiVOX9d
OtDf1cEaO5Ou0kd5TYketN7RVH290Wkv5Hm3QQsR9AMk7M8Pn46y5vPTzqgD1aU+
HxAxtAuXU+KPWKD8sPQjY3QP6H3xRZe622xKfY1mTSadiwGFrc6p1p7uDySTwJk+
J48l8pVWCjHEEQsj0pko3cFyInS542bLn9RMFqiVS9TWIPMWdmQJoeBvqgoO6Rq/
QUUjKF5e77ulpZG8JsJaEaxXGLGMa5T3Az9jYMN9ikoMx2IeiO7+EfdEHLhOTVPa
KPuv2Q5fNjeOmjDOucCTgZaBnwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFAdNtE4t
aQiPFySLaNNOerRczwJ0MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRTBDNTI0RkEy
ODk4MTFFQkFGNjlENDI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJnTuwDBABnsf4DBABn01AwDQYJKoZIhvcNAQELBQADggEB
AEaF6zj7Sfc+MHs41px1lJwNZ30PlVxijxRZPT/VgmMPRjQB1JaZp4uy8kIDp+3y
uLr9f5n7+/91pM/2luGyLLQXXs+dWKN8v8tN/8EkArACEaYSdGRO0+qsI4GJs8Js
04LM7gKJUbDBaWJ905ir3+oUBVQfSLFmIYi3yX5j2DPFMt1bXAa2RJnBfSW18bCV
UdrjkDwG28n8kX/jMhFV4yLXfyFCPRZxqIRGQTkEXjej4HVZAMFPk5kLUCrWDDQ6
MYKQmQRPoDRsyT1kmCx8D7nTgGTqnquf85R6C1cly6sj0aU/o7pwxbBkQoYV+foK
eW+K+ztwFLuXPyx8mI8pNzY=
-----END CERTIFICATE-----
Generated at Tue Dec 12 12:33:04 2023 by rpki-client on console-fra.rpki-client.org