Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6628E582FDA11EBA9C18F6DC4F9AE02.roa
File: F6628E582FDA11EBA9C18F6DC4F9AE02.roa (raw, json)
Hash identifier: ucu3aWl8xyGSj0HqrtwVoQZIiZi0y467V+NzvlaOCc8=
Subject key identifier: C1:2A:47:3F:89:50:6B:8A:AF:50:35:36:2F:29:B2:A3:12:6C:D3:0E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8527
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6628E582FDA11EBA9C18F6DC4F9AE02.roa
Signing time: Fri 22 Mar 2024 08:12:33 +0000
ROA not before: Fri 22 Mar 2024 08:12:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 141262
IP address blocks: 103.49.48.0/24 maxlen: 24
103.159.46.0/23 maxlen: 24
2001:df1:5840::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 26 Mar 2024 07:54:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34087 (0x8527)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 22 08:12:33 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65fd3d71-3b4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0f:01:40:7a:10:71:5f:83:ac:23:fd:41:b0:
41:d5:10:8e:b0:42:2c:de:cb:44:8e:1e:98:1b:a0:
49:e0:f4:9c:4f:f7:1a:76:05:22:a2:7a:25:50:78:
e1:ab:6c:af:e5:df:79:d8:0c:72:20:43:73:e6:45:
89:ac:44:7c:cd:6e:ad:18:45:45:86:51:6e:6b:82:
6f:c3:f0:0d:e7:86:6c:ff:0e:cf:2b:fa:86:18:62:
01:78:41:bc:5f:59:47:7e:be:48:2d:c7:54:08:b9:
9d:4c:c2:d8:78:7c:dd:b0:9b:2c:a4:4a:30:65:43:
b8:b2:2f:c0:06:ab:7b:60:ed:90:5d:df:fd:2b:ec:
b8:45:0d:cb:ba:11:89:2d:3a:2a:84:36:05:b2:49:
dd:5a:9d:8e:31:c7:e6:77:7f:58:0a:c1:02:af:2a:
e3:86:f5:cf:47:67:71:b5:cd:e4:ee:76:fc:0d:71:
92:79:c0:af:a9:28:ed:46:a9:1d:0d:ae:66:c8:56:
ef:b0:25:f6:a5:b2:cb:84:86:b1:44:ac:bc:61:25:
40:3a:ee:ba:32:d8:53:9e:4c:c0:f2:5a:00:dc:d1:
60:34:c9:ec:9f:02:1a:35:db:33:51:02:34:58:d5:
a6:f1:ea:b0:f9:93:41:e2:1c:f2:1e:44:bc:d3:b8:
b7:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:2A:47:3F:89:50:6B:8A:AF:50:35:36:2F:29:B2:A3:12:6C:D3:0E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6628E582FDA11EBA9C18F6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.49.48.0/24
103.159.46.0/23
IPv6:
2001:df1:5840::/48
Signature Algorithm: sha256WithRSAEncryption
3b:e0:d8:23:2a:80:ca:be:e4:67:05:e1:a1:57:63:03:78:61:
c0:63:f4:d7:89:59:a2:29:b1:33:f5:cd:6a:4f:2e:f8:90:23:
75:0e:74:d9:eb:f6:ef:fe:e4:e4:65:81:3b:7f:86:e6:04:a1:
29:b6:98:5a:fb:eb:3c:5e:fc:e5:f1:6b:3d:96:6b:f6:06:0b:
39:26:24:16:23:8a:f7:70:3c:a3:d2:1e:af:7a:16:f2:94:7d:
d3:17:57:28:84:1c:67:cc:cf:a7:06:ee:2f:8b:0c:33:83:40:
aa:10:a3:3e:5d:89:15:5c:f9:9f:dc:16:5e:dd:6b:b6:b0:60:
fb:8e:16:70:9c:64:15:a2:16:14:55:af:4c:dc:40:6e:67:37:
83:19:53:69:f2:71:a0:63:a7:fe:6e:7e:56:82:c0:7a:1f:fc:
f4:97:1f:1c:c1:45:27:45:5f:bb:02:29:3e:25:e6:33:16:25:
01:fd:5b:92:f2:05:a1:a1:7f:57:94:ef:ac:e7:c3:7e:1c:7b:
b6:6a:bb:6e:07:3f:87:d6:ab:9c:5f:6a:a1:b1:28:1b:ce:34:
76:78:09:f7:d6:62:19:db:b9:9d:6e:1c:a5:e5:8d:77:8c:7a:
2c:7f:f0:96:be:8c:87:b6:ec:45:a8:5b:6b:64:69:e0:10:a6:
21:97:29:22
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAIUnMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDMyMjA4MTIzM1oXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjVmZDNkNzEtM2I0YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcPAUB6EHFfg6wj/UGwQdUQjrBCLN7LRI4emBugSeD0nE/3GnYFIqJ6JVB4
4atsr+XfedgMciBDc+ZFiaxEfM1urRhFRYZRbmuCb8PwDeeGbP8Ozyv6hhhiAXhB
vF9ZR36+SC3HVAi5nUzC2Hh83bCbLKRKMGVDuLIvwAare2DtkF3f/SvsuEUNy7oR
iS06KoQ2BbJJ3VqdjjHH5nd/WArBAq8q44b1z0dncbXN5O52/A1xknnAr6ko7Uap
HQ2uZshW77Al9qWyy4SGsUSsvGElQDruujLYU55MwPJaANzRYDTJ7J8CGjXbM1EC
NFjVpvHqsPmTQeIc8h5EvNO4t68CAwEAAaOCAqwwggKoMB0GA1UdDgQWBBTBKkc/
iVBriq9QNTYvKbKjEmzTDjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Y2NjI4RTU4
MkZEQTExRUJBOUMxOEY2REM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDYGCCsGAQUFBwEHAQH/
BCcwJTASBAIAATAMAwQAZzEwAwQBZ58uMA8EAgACMAkDBwAgAQ3xWEAwDQYJKoZI
hvcNAQELBQADggEBADvg2CMqgMq+5GcF4aFXYwN4YcBj9NeJWaIpsTP1zWpPLviQ
I3UOdNnr9u/+5ORlgTt/huYEoSm2mFr76zxe/OXxaz2Wa/YGCzkmJBYjivdwPKPS
Hq96FvKUfdMXVyiEHGfMz6cG7i+LDDODQKoQoz5diRVc+Z/cFl7da7awYPuOFnCc
ZBWiFhRVr0zcQG5nN4MZU2nycaBjp/5uflaCwHof/PSXHxzBRSdFX7sCKT4l5jMW
JQH9W5LyBaGhf1eU76znw34ce7Zqu24HP4fWq5xfaqGxKBvONHZ4CffWYhnbuZ1u
HKXljXeMeix/8Ja+jIe27EWoW2tkaeAQpiGXKSI=
-----END CERTIFICATE-----
Generated at Tue Mar 26 12:08:39 2024 by rpki-client on console-fra.rpki-client.org