Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F653923E583D11EE8C73A61AC4F9AE02.roa
File: F653923E583D11EE8C73A61AC4F9AE02.roa (raw, json)
Hash identifier: yjrEWi+ontihCdhxU70iGv+4jfROzqw8KAX8ljmn/ww=
Subject key identifier: 92:59:3D:43:C3:29:8A:ED:69:1C:9A:91:3C:22:BA:AE:38:EA:18:3C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7A7E
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F653923E583D11EE8C73A61AC4F9AE02.roa
Signing time: Thu 21 Sep 2023 05:16:05 +0000
ROA not before: Thu 21 Sep 2023 05:16:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135208
IP address blocks: 103.88.57.0/24 maxlen: 24
103.119.199.0/24 maxlen: 24
103.131.60.0/24 maxlen: 24
103.148.170.0/23 maxlen: 24
103.163.15.0/24 maxlen: 24
103.168.72.0/23 maxlen: 24
103.170.70.0/23 maxlen: 24
103.204.94.0/23 maxlen: 24
103.205.244.0/23 maxlen: 24
103.206.48.0/23 maxlen: 24
2400:a620::/32 maxlen: 32
2400:a620::/48 maxlen: 48
2400:a620:1::/48 maxlen: 48
2400:a620:2::/48 maxlen: 48
2400:a620:3::/48 maxlen: 48
2400:a620:4::/48 maxlen: 48
2400:a620:5::/48 maxlen: 48
2400:a620:6::/48 maxlen: 48
2400:a620:7::/48 maxlen: 48
2400:a620:8::/48 maxlen: 48
2400:a620:9::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31358 (0x7a7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Sep 21 05:16:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=650bd194-df01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b1:3d:26:f9:2c:03:76:35:6f:9c:41:c4:10:
62:b1:d4:d5:52:fe:68:e2:7c:f7:59:11:8a:8a:0f:
75:e9:20:2d:5a:8b:51:c4:95:9c:32:a5:d3:05:24:
71:28:d1:78:9b:63:ac:ce:54:26:e4:14:a3:af:8f:
44:0d:5c:63:fa:c3:dc:94:55:a0:9a:9d:6a:ec:15:
61:4c:bd:4b:d1:76:33:08:d6:bb:0b:1a:7e:98:80:
54:e5:2f:86:1e:32:fb:d3:2f:08:6c:13:66:9c:29:
1c:8b:29:32:08:7e:b7:de:fe:23:d4:2d:82:e0:d4:
bd:88:b5:d3:78:87:3b:67:d8:39:cf:7d:2a:78:2e:
6a:a2:85:73:43:f0:98:97:5e:f6:54:1e:49:0e:65:
c3:76:03:da:03:0e:5c:96:e7:41:c7:e1:9d:70:c9:
2a:2f:47:22:98:dd:73:69:0f:46:60:18:0a:24:8c:
70:bc:7c:ab:88:bb:2f:51:7b:4f:b9:56:15:c2:c8:
8b:58:1c:5c:0e:ba:cc:bc:cd:c7:da:bf:a1:f3:66:
8b:28:05:12:2b:64:af:86:cd:3c:96:6f:32:d0:4a:
b6:88:12:cc:a9:9b:b6:e4:05:59:14:74:56:28:25:
29:b4:2d:d4:e3:eb:c2:a2:0d:aa:0d:04:4d:30:0c:
2a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:59:3D:43:C3:29:8A:ED:69:1C:9A:91:3C:22:BA:AE:38:EA:18:3C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F653923E583D11EE8C73A61AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.57.0/24
103.119.199.0/24
103.131.60.0/24
103.148.170.0/23
103.163.15.0/24
103.168.72.0/23
103.170.70.0/23
103.204.94.0/23
103.205.244.0/23
103.206.48.0/23
IPv6:
2400:a620::/32
Signature Algorithm: sha256WithRSAEncryption
51:fb:ce:9b:4f:8a:c7:67:43:20:21:d3:6e:b2:25:45:b5:4c:
4a:a5:ae:3b:52:93:29:96:5a:21:d0:d5:67:dc:23:e2:32:45:
16:7e:ac:40:db:27:28:24:4c:6f:27:97:24:d6:5d:22:34:91:
c5:1d:e6:86:22:5b:9e:2c:6b:45:71:b5:72:f9:12:a8:83:7f:
b4:8b:bd:44:96:c9:85:d0:ce:37:ff:13:9e:d0:59:be:f2:1e:
17:12:0c:2c:fb:42:20:65:ab:6d:3e:64:8b:de:4d:b8:eb:a0:
74:5d:7f:57:ac:ce:08:b4:4f:13:68:ec:96:df:3e:d1:b2:2f:
01:f4:f9:03:b4:68:f2:1c:1c:a4:fe:01:dd:27:18:41:37:ac:
e0:77:4e:7e:2f:e2:d0:7f:d6:98:cc:e5:c6:12:75:1b:2f:e8:
e8:45:d4:3e:09:b9:ed:d9:0c:2c:03:bc:6a:21:70:68:d6:79:
aa:5c:bf:33:4f:0e:62:cf:05:f8:ee:22:4a:81:70:52:8f:d2:
99:d0:8c:76:11:c3:88:b1:a9:f5:ad:a3:dc:bd:92:60:a8:d3:
a4:e8:1a:f7:00:30:91:59:d8:70:9a:32:89:51:f6:fa:f7:7b:
5e:f1:25:4f:a5:f8:6f:7a:ad:76:35:52:0e:76:ae:8a:ec:29:
62:1e:40:c0
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICen4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwOTIxMDUxNjA1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTBiZDE5NC1kZjAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAubE9JvksA3Y1b5xBxBBisdTVUv5o4nz3WRGKig916SAtWotRxJWcMqXTBSRx
KNF4m2OszlQm5BSjr49EDVxj+sPclFWgmp1q7BVhTL1L0XYzCNa7Cxp+mIBU5S+G
HjL70y8IbBNmnCkciykyCH633v4j1C2C4NS9iLXTeIc7Z9g5z30qeC5qooVzQ/CY
l172VB5JDmXDdgPaAw5cludBx+GdcMkqL0cimN1zaQ9GYBgKJIxwvHyriLsvUXtP
uVYVwsiLWBxcDrrMvM3H2r+h82aLKAUSK2Svhs08lm8y0Eq2iBLMqZu25AVZFHRW
KCUptC3U4+vCog2qDQRNMAwqYwIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFJJZPUPD
KYrtaRyakTwiuq446hg8MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRjY1MzkyM0U1
ODNEMTFFRThDNzNBNjFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMEIEAgABMDwDBABnWDkDBABnd8cDBABngzwDBAFnlKoDBABnow8DBAFnqEgD
BAFnqkYDBAFnzF4DBAFnzfQDBAFnzjAwDQQCAAIwBwMFACQApiAwDQYJKoZIhvcN
AQELBQADggEBAFH7zptPisdnQyAh026yJUW1TEqlrjtSkymWWiHQ1WfcI+IyRRZ+
rEDbJygkTG8nlyTWXSI0kcUd5oYiW54sa0VxtXL5EqiDf7SLvUSWyYXQzjf/E57Q
Wb7yHhcSDCz7QiBlq20+ZIveTbjroHRdf1eszgi0TxNo7JbfPtGyLwH0+QO0aPIc
HKT+Ad0nGEE3rOB3Tn4v4tB/1pjM5cYSdRsv6OhF1D4Jue3ZDCwDvGohcGjWeapc
vzNPDmLPBfjuIkqBcFKP0pnQjHYRw4ixqfWto9y9kmCo06ToGvcAMJFZ2HCaMolR
9vr3e17xJU+l+G96rXY1Ug52rorsKWIeQMA=
-----END CERTIFICATE-----
Generated at Mon Oct 16 11:56:01 2023 by rpki-client on console-fra.rpki-client.org