Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E7F4F9FEBDD011EA9702FC12C4F9AE02.roa
File: E7F4F9FEBDD011EA9702FC12C4F9AE02.roa (raw, json)
Hash identifier: N8kEvIi8efZCxWsRjvEkO8plLj/Ia4H+6Tfe9b+ewZA=
Subject key identifier: 9D:1D:57:11:4C:4B:5F:03:F5:A6:04:24:C2:51:C4:E8:33:5A:82:4C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6E08
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E7F4F9FEBDD011EA9702FC12C4F9AE02.roa
Signing time: Wed 10 May 2023 16:32:12 +0000
ROA not before: Wed 10 May 2023 16:32:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 139567
IP address blocks: 45.127.136.0/22 maxlen: 24
45.248.28.0/22 maxlen: 24
103.49.224.0/22 maxlen: 24
103.55.165.0/24 maxlen: 24
103.55.166.0/23 maxlen: 24
103.79.97.0/24 maxlen: 24
103.147.216.0/23 maxlen: 24
103.187.134.0/23 maxlen: 24
103.206.118.0/23 maxlen: 24
103.216.176.0/22 maxlen: 24
2405:c140::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28168 (0x6e08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:32:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc70c-dcc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4e:46:1e:b4:31:32:c7:85:9a:9a:50:09:eb:
e8:3f:a1:93:34:9b:5f:ae:c5:54:dd:27:c0:16:5a:
18:f4:bd:a2:b1:58:67:42:2b:a4:79:4e:35:ff:62:
b4:ad:78:be:f0:6d:cc:fb:1d:e2:50:40:bd:c1:95:
c3:7e:9a:9c:f4:09:df:83:3a:48:f0:2c:b8:12:87:
24:76:8a:50:e5:1e:4f:87:a7:05:a0:df:cc:24:5f:
ce:f8:34:ac:a8:66:d2:e3:99:19:73:c8:22:bf:49:
b1:75:bd:23:44:b0:9a:54:5f:03:dc:75:79:58:6d:
43:86:4c:30:c4:07:4a:86:0e:80:db:4f:38:5e:9e:
54:36:55:a1:a3:9a:d0:1b:e6:44:78:29:69:7d:0a:
fa:06:f8:3c:88:27:ef:0e:ca:2f:db:56:ed:34:c9:
ad:8d:f3:59:eb:c0:1f:27:93:80:ff:ef:49:9d:97:
fc:2c:ca:78:1f:c6:1b:e0:06:0c:87:67:0d:d1:0c:
75:46:5a:e9:9e:c8:3e:81:2f:c2:99:2b:5f:6e:cb:
ec:9b:24:e3:9b:21:ef:de:70:35:1c:18:0e:95:60:
66:2f:eb:28:6c:22:b1:b3:2d:08:0f:bd:65:2e:2c:
24:ff:90:1d:ac:91:a0:ef:1e:78:d3:eb:d9:f2:ca:
97:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:1D:57:11:4C:4B:5F:03:F5:A6:04:24:C2:51:C4:E8:33:5A:82:4C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E7F4F9FEBDD011EA9702FC12C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.127.136.0/22
45.248.28.0/22
103.49.224.0/22
103.55.165.0-103.55.167.255
103.79.97.0/24
103.147.216.0/23
103.187.134.0/23
103.206.118.0/23
103.216.176.0/22
IPv6:
2405:c140::/32
Signature Algorithm: sha256WithRSAEncryption
b3:52:de:0d:66:ad:c5:66:74:0c:7c:26:ea:58:39:8c:17:b2:
bf:14:f5:98:3b:25:48:0d:8a:73:ba:68:4b:bd:e4:e1:d0:e0:
3a:ab:04:ae:c2:7b:1a:a0:d7:b5:67:c0:13:c9:a3:4f:75:f2:
da:81:6c:b5:47:52:47:4f:10:03:47:5f:c5:3c:70:71:18:a0:
18:d6:a2:f1:43:34:a9:de:02:4c:b0:2b:79:c5:b3:0d:c5:bf:
7c:04:0b:34:31:bf:73:86:4b:de:e9:bd:49:6e:72:42:79:d8:
d6:65:55:37:48:31:cb:ce:93:28:b2:36:96:8f:30:9b:5c:9c:
4e:04:33:f7:3d:28:22:f1:a3:b8:4a:de:c6:e8:bc:cd:08:ff:
81:75:9d:e8:42:0a:15:21:8c:4b:fd:17:be:d7:a8:4a:a0:d3:
1a:62:6b:99:42:b6:12:37:42:6d:f6:79:d9:19:2f:4a:24:98:
a7:57:dc:18:0c:81:73:24:ba:61:13:2a:a6:88:c6:e4:07:ce:
a0:fb:4e:5e:00:10:84:9b:c4:0f:df:a4:5f:89:fc:a3:64:6b:
22:08:ee:8b:75:07:3f:b0:2e:0e:1c:d4:55:a5:5b:6b:43:3e:
ee:69:69:cd:9d:18:89:56:56:e8:9b:00:04:fa:bf:68:23:ef:
97:1c:de:f9
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgICbggwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYzMjEyWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzcwYy1kY2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1U5GHrQxMseFmppQCevoP6GTNJtfrsVU3SfAFloY9L2isVhnQiukeU41/2K0
rXi+8G3M+x3iUEC9wZXDfpqc9AnfgzpI8Cy4EockdopQ5R5Ph6cFoN/MJF/O+DSs
qGbS45kZc8giv0mxdb0jRLCaVF8D3HV5WG1DhkwwxAdKhg6A2084Xp5UNlWho5rQ
G+ZEeClpfQr6Bvg8iCfvDsov21btNMmtjfNZ68AfJ5OA/+9JnZf8LMp4H8Yb4AYM
h2cN0Qx1Rlrpnsg+gS/CmStfbsvsmyTjmyHv3nA1HBgOlWBmL+sobCKxsy0ID71l
Liwk/5AdrJGg7x540+vZ8sqXgwIDAQABo4IC3DCCAtgwHQYDVR0OBBYEFJ0dVxFM
S18D9aYEJMJRxOgzWoJMMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRTdGNEY5RkVC
REQwMTFFQTk3MDJGQzEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZgYIKwYBBQUHAQcBAf8E
VzBVMEQEAgABMD4DBAItf4gDBAIt+BwDBAJnMeAwDAMEAGc3pQMEA2c3oAMEAGdP
YQMEAWeT2AMEAWe7hgMEAWfOdgMEAmfYsDANBAIAAjAHAwUAJAXBQDANBgkqhkiG
9w0BAQsFAAOCAQEAs1LeDWatxWZ0DHwm6lg5jBeyvxT1mDslSA2Kc7poS73k4dDg
OqsErsJ7GqDXtWfAE8mjT3Xy2oFstUdSR08QA0dfxTxwcRigGNai8UM0qd4CTLAr
ecWzDcW/fAQLNDG/c4ZL3um9SW5yQnnY1mVVN0gxy86TKLI2lo8wm1ycTgQz9z0o
IvGjuErexui8zQj/gXWd6EIKFSGMS/0XvteoSqDTGmJrmUK2EjdCbfZ52RkvSiSY
p1fcGAyBcyS6YRMqpojG5AfOoPtOXgAQhJvED9+kX4n8o2RrIgjui3UHP7AuDhzU
VaVba0M+7mlpzZ0YiVZW6JsABPq/aCPvlxze+Q==
-----END CERTIFICATE-----
Generated at Tue Oct 17 09:43:50 2023 by rpki-client on console-ams.rpki-client.org