Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E8D3BF72BCF911EA83F88D29C4F9AE02.roa
File: E8D3BF72BCF911EA83F88D29C4F9AE02.roa (raw, json)
Hash identifier: NCFGmyQvFOR+m+axj8s2Zzq839DizWovhFKCqte+Jpw=
Subject key identifier: C3:7F:61:58:FA:9F:E7:F6:41:45:3C:E4:7B:68:44:DE:57:F1:A7:53
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6D35
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E8D3BF72BCF911EA83F88D29C4F9AE02.roa
Signing time: Wed 10 May 2023 16:28:12 +0000
ROA not before: Wed 10 May 2023 16:28:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137650
IP address blocks: 45.114.70.0/24 maxlen: 24
103.114.246.0/23 maxlen: 24
103.117.232.0/22 maxlen: 24
103.134.250.0/23 maxlen: 24
103.157.126.0/23 maxlen: 24
103.172.230.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27957 (0x6d35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:28:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc61b-1aae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fb:bd:b0:df:de:7c:30:6d:14:8f:8a:da:c0:
9d:3c:1e:61:b0:f6:48:68:ef:7c:97:98:3b:8e:09:
cc:5a:d4:4e:47:ca:8a:80:c7:54:a0:4c:f8:29:55:
1f:74:bc:4c:ed:83:34:1a:71:99:4b:1c:60:1d:d2:
75:5c:dc:bd:a0:f6:01:a4:6f:42:57:7c:9e:31:df:
c4:9b:64:78:7e:96:65:90:d6:f1:ac:e4:5b:35:b9:
24:2c:f5:45:81:28:84:f0:ff:b1:c1:72:57:52:21:
c9:01:88:40:07:f1:31:c9:34:f3:5a:67:59:c8:1e:
73:e8:54:c6:08:fb:bc:ec:11:e1:3e:02:62:66:f7:
02:df:d1:a5:b4:2c:df:01:5d:50:e1:60:3f:51:5e:
65:47:0a:0e:47:f8:fb:c7:f2:0d:1c:04:aa:9c:c5:
cc:14:d6:07:d7:6e:35:78:63:f5:ce:62:37:a2:af:
35:c8:ab:d0:37:56:ab:02:7e:dd:4e:56:8c:61:a2:
a9:1a:a5:8d:f3:c9:7f:f8:9f:cc:e6:31:ab:48:88:
e0:02:45:5a:aa:27:64:38:e5:0c:7a:e6:39:4b:ac:
1c:03:48:69:23:ff:dd:00:ef:f1:d2:b7:44:a5:87:
97:52:25:04:53:f1:a3:0e:6d:41:f7:63:c2:fb:18:
bc:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:7F:61:58:FA:9F:E7:F6:41:45:3C:E4:7B:68:44:DE:57:F1:A7:53
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E8D3BF72BCF911EA83F88D29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.114.70.0/24
103.114.246.0/23
103.117.232.0/22
103.134.250.0/23
103.157.126.0/23
103.172.230.0/23
Signature Algorithm: sha256WithRSAEncryption
55:89:47:d2:a4:ab:3a:68:b0:03:2f:05:29:cd:4f:58:a4:e3:
f2:96:3d:97:6f:bb:3a:be:86:64:53:7e:62:cd:9d:8c:d7:d6:
03:b8:b8:0e:dc:73:b6:f7:5c:d7:af:2c:28:74:a4:75:c8:1f:
89:8e:40:65:71:31:89:84:aa:15:1b:00:b9:1c:51:07:8b:39:
ca:b8:9a:14:92:02:3a:bc:ec:3c:0f:a8:fb:5b:be:33:60:b2:
e3:23:15:fd:b0:35:24:6d:53:9b:30:e0:68:31:74:40:a6:e3:
54:d5:ca:a4:fc:18:42:1f:0d:40:25:ac:2f:ab:cd:da:02:95:
d1:b6:59:42:91:eb:dd:dc:ff:55:23:fc:e0:9d:3b:cd:1a:ab:
96:6a:40:e1:e1:34:1b:40:a5:81:4f:f6:fa:c6:db:de:73:26:
c2:03:0b:6f:0e:43:a9:8c:a3:27:fc:c0:27:da:10:c3:96:91:
c3:5e:0c:b7:54:19:0d:c1:d9:c3:c6:47:cd:87:ff:d3:f1:72:
5e:7a:1b:ac:0b:dc:50:6d:da:3a:fd:81:06:0c:48:e7:c3:6b:
5a:e1:7d:77:84:f2:2c:3c:cf:fd:4b:15:fe:04:8a:4d:b0:a0:
e8:7d:62:80:c8:ee:a2:44:0a:28:15:dc:c4:a1:d0:13:e7:be:
f7:14:75:34
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICbTUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYyODExWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzYxYi0xYWFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvPu9sN/efDBtFI+K2sCdPB5hsPZIaO98l5g7jgnMWtROR8qKgMdUoEz4KVUf
dLxM7YM0GnGZSxxgHdJ1XNy9oPYBpG9CV3yeMd/Em2R4fpZlkNbxrORbNbkkLPVF
gSiE8P+xwXJXUiHJAYhAB/ExyTTzWmdZyB5z6FTGCPu87BHhPgJiZvcC39GltCzf
AV1Q4WA/UV5lRwoOR/j7x/INHASqnMXMFNYH1241eGP1zmI3oq81yKvQN1arAn7d
TlaMYaKpGqWN88l/+J/M5jGrSIjgAkVaqidkOOUMeuY5S6wcA0hpI//dAO/x0rdE
pYeXUiUEU/GjDm1B92PC+xi8CQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFMN/YVj6
n+f2QUU85HtoRN5X8adTMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRThEM0JGNzJC
Q0Y5MTFFQTgzRjg4RDI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAAtckYDBAFncvYDBAJndegDBAFnhvoDBAFnnX4DBAFnrOYw
DQYJKoZIhvcNAQELBQADggEBAFWJR9KkqzposAMvBSnNT1ik4/KWPZdvuzq+hmRT
fmLNnYzX1gO4uA7cc7b3XNevLCh0pHXIH4mOQGVxMYmEqhUbALkcUQeLOcq4mhSS
Ajq87DwPqPtbvjNgsuMjFf2wNSRtU5sw4GgxdECm41TVyqT8GEIfDUAlrC+rzdoC
ldG2WUKR693c/1Uj/OCdO80aq5ZqQOHhNBtApYFP9vrG295zJsIDC28OQ6mMoyf8
wCfaEMOWkcNeDLdUGQ3B2cPGR82H/9Pxcl56G6wL3FBt2jr9gQYMSOfDa1rhfXeE
8iw8z/1LFf4Eik2woOh9YoDI7qJECigV3MSh0BPnvvcUdTQ=
-----END CERTIFICATE-----
Generated at Thu Aug 10 13:24:46 2023 by rpki-client on console-fra.rpki-client.org