Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6E86C9E2FDA11EBA9C18F6DC4F9AE02.roa
File: F6E86C9E2FDA11EBA9C18F6DC4F9AE02.roa (raw, json)
Hash identifier: YLhPzaNmKyRDfPzzKyrgCV5UtXXsOmib4/sfjGaZOao=
Subject key identifier: E7:B3:B8:17:DF:55:DD:55:51:A1:CF:37:F8:CE:CE:42:EB:35:7F:28
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6E99
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6E86C9E2FDA11EBA9C18F6DC4F9AE02.roa
Signing time: Wed 10 May 2023 16:34:48 +0000
ROA not before: Wed 10 May 2023 16:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 141324
IP address blocks: 103.50.22.0/23 maxlen: 24
103.157.186.0/23 maxlen: 24
103.167.122.0/24 maxlen: 24
103.167.123.0/24 maxlen: 24
103.171.201.0/24 maxlen: 24
103.173.24.0/23 maxlen: 24
103.175.102.0/23 maxlen: 24
103.180.220.0/23 maxlen: 24
2001:df5:2980::/48 maxlen: 48
2407:6a40::/32 maxlen: 32
2407:dec0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28313 (0x6e99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc7a7-5a25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:47:de:a7:70:e1:42:9b:de:d1:05:3e:5d:bf:
f9:bb:2a:fe:b7:63:e7:cf:15:cc:bb:94:99:61:57:
dc:9d:e0:fc:2c:16:b0:a4:1a:0e:94:65:3a:c1:c7:
51:86:d9:4a:2b:aa:0e:79:53:4e:24:b0:0f:0e:9b:
2b:6f:9c:49:06:3e:2c:8a:b4:0a:5b:9a:1d:ba:35:
9a:76:0a:0f:73:3e:af:d7:f6:52:1b:60:bf:f8:18:
7a:75:3f:5b:11:ea:d1:96:4e:cd:8e:b0:72:4f:11:
79:2f:d9:a3:f9:9b:d8:94:29:26:f5:10:a7:44:c2:
09:20:41:09:27:ad:cb:c5:24:f5:14:ed:5e:ed:40:
b4:e4:0f:87:9a:6c:b3:3e:f3:ef:49:e7:28:b6:94:
41:eb:34:dc:1b:2f:74:04:7a:eb:0e:db:3a:bc:68:
f5:44:13:c0:ff:da:91:ef:d3:ad:c2:a7:65:6c:9b:
97:5f:21:23:72:9b:bc:fe:e8:16:67:f9:2f:8a:ab:
d7:c0:43:fd:0e:8e:64:a4:d1:1f:0d:a1:ed:6f:5b:
c9:49:5f:1a:0e:1e:ec:13:f6:90:f8:04:a3:70:e0:
3d:3f:83:61:5d:a9:f4:80:b5:9f:79:22:4f:6e:c8:
0d:67:6d:f2:95:d5:fb:39:73:bf:5d:26:96:15:5c:
d1:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:B3:B8:17:DF:55:DD:55:51:A1:CF:37:F8:CE:CE:42:EB:35:7F:28
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6E86C9E2FDA11EBA9C18F6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.50.22.0/23
103.157.186.0/23
103.167.122.0/23
103.171.201.0/24
103.173.24.0/23
103.175.102.0/23
103.180.220.0/23
IPv6:
2001:df5:2980::/48
2407:6a40::/32
2407:dec0::/32
Signature Algorithm: sha256WithRSAEncryption
95:55:e8:50:44:3b:60:69:78:4e:2f:37:a7:e2:4f:bd:f3:7a:
8f:49:d0:93:a0:43:14:76:a8:6c:f6:9c:6b:a2:53:6c:1d:1c:
64:92:73:92:20:fe:46:31:94:40:b6:22:1b:b7:3d:d1:25:0b:
46:63:ed:69:cb:a6:e2:8f:bc:4c:84:67:ef:67:ad:02:4b:63:
83:02:13:cf:54:d1:e0:98:63:7f:35:16:74:60:3d:df:ce:2a:
cc:a4:fc:b9:32:5e:9e:71:17:08:a3:a5:83:5a:8b:2e:08:0e:
73:06:00:71:82:71:f1:9c:24:e3:dd:14:b8:59:c0:74:c7:f6:
41:4f:29:a7:38:7d:f8:98:03:c0:86:7c:59:af:89:b6:ae:dc:
52:67:25:cc:72:cc:e4:9c:ce:41:03:ed:cd:7d:28:7c:7a:dc:
24:f8:5c:d4:ad:ec:20:4e:d2:71:ae:05:7b:ac:11:dd:1c:f1:
43:23:0b:4a:a9:20:42:97:7a:62:76:45:10:2f:0e:a6:aa:c9:
5f:55:73:96:76:b1:da:63:cd:d1:84:b8:90:f0:e9:af:94:6e:
a2:2f:44:94:6a:82:5f:92:ee:d9:d6:a9:e2:02:b0:55:b8:f6:
69:a6:16:6d:b7:cb:c8:21:37:2a:20:c2:c4:ab:ef:dd:04:37:
4d:61:da:ec
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgICbpkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYzNDQ4WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzdhNy01YTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtkfep3DhQpve0QU+Xb/5uyr+t2PnzxXMu5SZYVfcneD8LBawpBoOlGU6wcdR
htlKK6oOeVNOJLAPDpsrb5xJBj4sirQKW5odujWadgoPcz6v1/ZSG2C/+Bh6dT9b
EerRlk7NjrByTxF5L9mj+ZvYlCkm9RCnRMIJIEEJJ63LxST1FO1e7UC05A+Hmmyz
PvPvSecotpRB6zTcGy90BHrrDts6vGj1RBPA/9qR79OtwqdlbJuXXyEjcpu8/ugW
Z/kviqvXwEP9Do5kpNEfDaHtb1vJSV8aDh7sE/aQ+ASjcOA9P4NhXan0gLWfeSJP
bsgNZ23yldX7OXO/XSaWFVzRiQIDAQABo4IC2DCCAtQwHQYDVR0OBBYEFOezuBff
Vd1VUaHPN/jOzkLrNX8oMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRjZFODZDOUUy
RkRBMTFFQkE5QzE4RjZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYgYIKwYBBQUHAQcBAf8E
UzBRMDAEAgABMCoDBAFnMhYDBAFnnboDBAFnp3oDBABnq8kDBAFnrRgDBAFnr2YD
BAFntNwwHQQCAAIwFwMHACABDfUpgAMFACQHakADBQAkB97AMA0GCSqGSIb3DQEB
CwUAA4IBAQCVVehQRDtgaXhOLzen4k+983qPSdCToEMUdqhs9pxrolNsHRxkknOS
IP5GMZRAtiIbtz3RJQtGY+1py6bij7xMhGfvZ60CS2ODAhPPVNHgmGN/NRZ0YD3f
zirMpPy5Ml6ecRcIo6WDWosuCA5zBgBxgnHxnCTj3RS4WcB0x/ZBTymnOH34mAPA
hnxZr4m2rtxSZyXMcszknM5BA+3NfSh8etwk+FzUrewgTtJxrgV7rBHdHPFDIwtK
qSBCl3pidkUQLw6mqslfVXOWdrHaY83RhLiQ8OmvlG6iL0SUaoJfku7Z1qniArBV
uPZpphZtt8vIITcqIMLEq+/dBDdNYdrs
-----END CERTIFICATE-----
Generated at Wed Aug 16 08:39:55 2023 by rpki-client on console-fra.rpki-client.org