Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FC86B8FA249111EE8D5AE751C4F9AE02.roa
File: FC86B8FA249111EE8D5AE751C4F9AE02.roa (raw, json)
Hash identifier: 3NozaZWQdligtsaY0gno9g+EeNePaLlcf/0OWsilYx8=
Subject key identifier: 46:EB:63:C0:A4:CD:BB:09:ED:98:E9:08:CE:80:AB:A6:A2:CE:6D:2F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 759F
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FC86B8FA249111EE8D5AE751C4F9AE02.roa
Signing time: Mon 17 Jul 2023 11:06:32 +0000
ROA not before: Mon 17 Jul 2023 11:06:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137166
IP address blocks: 103.87.164.0/22 maxlen: 22
103.87.164.0/24 maxlen: 24
103.87.165.0/24 maxlen: 24
103.87.166.0/24 maxlen: 24
103.87.167.0/24 maxlen: 24
103.105.10.0/23 maxlen: 24
103.120.238.0/24 maxlen: 24
103.120.252.0/24 maxlen: 24
103.120.255.0/24 maxlen: 24
103.135.61.0/24 maxlen: 24
103.135.62.0/24 maxlen: 24
103.135.63.0/24 maxlen: 24
103.158.138.0/23 maxlen: 24
103.172.94.0/23 maxlen: 24
103.198.96.0/22 maxlen: 22
103.198.96.0/24 maxlen: 24
103.198.97.0/24 maxlen: 24
103.198.98.0/24 maxlen: 24
103.198.99.0/24 maxlen: 24
103.251.48.0/22 maxlen: 24
150.242.204.0/22 maxlen: 24
2001:df7:6a80::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30111 (0x759f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jul 17 11:06:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64b520b8-8fd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ca:80:56:8d:b4:be:2a:87:51:c5:0a:7f:e0:
4a:aa:a8:68:27:2d:f3:be:e2:58:a0:f5:e9:29:62:
82:ed:6b:2a:72:f8:93:b4:0c:71:91:22:43:6c:27:
79:9a:c4:b7:6f:ee:f3:27:0a:c6:7b:3b:23:32:dd:
be:c9:b7:8a:7c:42:3e:a9:d5:22:77:db:39:78:c5:
5f:6c:4b:57:cf:a7:39:b0:33:44:35:de:7d:d1:fb:
04:c1:d6:76:60:0d:78:0e:f0:27:15:6b:18:08:fc:
b3:56:4a:15:b1:7d:c6:bf:a4:42:06:ff:ad:e8:1d:
11:90:29:48:19:18:ca:96:84:28:45:60:47:b3:be:
16:de:16:bc:f5:9a:38:d5:63:47:d6:a2:2f:68:76:
77:50:6c:ad:da:ad:f7:a8:e5:67:38:bc:47:4a:0e:
a4:5a:74:9b:d7:d4:fa:00:08:33:74:d6:ef:e1:b8:
69:78:93:26:53:06:fe:17:a7:c4:57:94:8c:f0:00:
11:6d:25:eb:f9:1c:e7:ba:0d:6f:df:f7:ab:7b:91:
da:41:85:97:31:c7:55:62:05:5b:15:ac:5e:33:27:
29:ff:da:48:b5:97:0e:6f:5c:8f:7e:52:49:5a:2a:
c9:79:9e:fa:59:27:64:6f:29:c4:a0:b6:db:65:d0:
01:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:EB:63:C0:A4:CD:BB:09:ED:98:E9:08:CE:80:AB:A6:A2:CE:6D:2F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FC86B8FA249111EE8D5AE751C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.87.164.0/22
103.105.10.0/23
103.120.238.0/24
103.120.252.0/24
103.120.255.0/24
103.135.61.0-103.135.63.255
103.158.138.0/23
103.172.94.0/23
103.198.96.0/22
103.251.48.0/22
150.242.204.0/22
IPv6:
2001:df7:6a80::/48
Signature Algorithm: sha256WithRSAEncryption
15:73:c2:b9:b6:72:94:91:5a:fd:0a:8c:66:f8:02:54:35:5b:
f7:e5:a7:e0:16:ab:cc:c8:45:3e:12:c4:af:06:4c:d3:c7:70:
b5:0e:15:e4:f1:d2:f2:4b:3d:cf:85:2a:86:7c:85:56:6d:e1:
a9:b0:f1:b6:22:c5:c5:89:89:96:01:ee:db:df:4f:a7:39:d5:
c6:f1:79:b2:45:d0:2d:b3:c3:02:1e:24:60:60:4e:06:96:36:
0f:c9:4c:e0:b3:8e:5b:ec:59:46:c4:36:aa:4d:ff:3b:be:70:
91:a7:a2:cd:74:21:7c:7e:17:d2:33:b5:e0:b9:b3:65:c4:f7:
15:1a:84:12:bf:23:f5:77:12:1d:7a:71:56:1a:00:d7:3c:a2:
dc:85:11:47:94:93:ec:87:0a:7b:e1:23:bf:4a:d1:c3:5e:a3:
0c:7d:c9:95:9f:a9:e8:88:68:73:85:4b:94:70:c9:d0:5f:86:
98:e6:ab:30:db:aa:a2:4c:22:61:e4:8e:e6:ae:4a:ac:8f:e7:
51:4d:0c:75:1e:8b:59:71:7f:37:a4:9a:15:62:ae:0f:4e:b0:
72:ee:11:3e:bb:28:7e:4e:a0:4f:98:03:8c:a3:d9:6b:c1:ec:
e0:7f:99:bc:5f:4d:8c:89:f6:3a:90:16:ea:12:8d:68:ec:8e:
fc:3e:f6:65
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgICdZ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNzE3MTEwNjMyWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGI1MjBiOC04ZmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn8qAVo20viqHUcUKf+BKqqhoJy3zvuJYoPXpKWKC7WsqcviTtAxxkSJDbCd5
msS3b+7zJwrGezsjMt2+ybeKfEI+qdUid9s5eMVfbEtXz6c5sDNENd590fsEwdZ2
YA14DvAnFWsYCPyzVkoVsX3Gv6RCBv+t6B0RkClIGRjKloQoRWBHs74W3ha89Zo4
1WNH1qIvaHZ3UGyt2q33qOVnOLxHSg6kWnSb19T6AAgzdNbv4bhpeJMmUwb+F6fE
V5SM8AARbSXr+Rznug1v3/ere5HaQYWXMcdVYgVbFaxeMycp/9pItZcOb1yPflJJ
WirJeZ76WSdkbynEoLbbZdABBwIDAQABo4IC6jCCAuYwHQYDVR0OBBYEFEbrY8Ck
zbsJ7ZjpCM6Aq6aizm0vMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRkM4NkI4RkEy
NDkxMTFFRThENUFFNzUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdAYIKwYBBQUHAQcBAf8E
ZTBjMFAEAgABMEoDBAJnV6QDBAFnaQoDBABneO4DBABnePwDBABneP8wDAMEAGeH
PQMEBmeHAAMEAWeeigMEAWesXgMEAmfGYAMEAmf7MAMEApbyzDAPBAIAAjAJAwcA
IAEN92qAMA0GCSqGSIb3DQEBCwUAA4IBAQAVc8K5tnKUkVr9Coxm+AJUNVv35afg
FqvMyEU+EsSvBkzTx3C1DhXk8dLySz3PhSqGfIVWbeGpsPG2IsXFiYmWAe7b30+n
OdXG8XmyRdAts8MCHiRgYE4GljYPyUzgs45b7FlGxDaqTf87vnCRp6LNdCF8fhfS
M7XgubNlxPcVGoQSvyP1dxIdenFWGgDXPKLchRFHlJPshwp74SO/StHDXqMMfcmV
n6noiGhzhUuUcMnQX4aY5qsw26qiTCJh5I7mrkqsj+dRTQx1HotZcX83pJoVYq4P
TrBy7hE+uyh+TqBPmAOMo9lrwezgf5m8X02MifY6kBbqEo1o7I78PvZl
-----END CERTIFICATE-----
Generated at Tue Oct 3 11:39:01 2023 by rpki-client on console-ams.rpki-client.org