Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FCAF548AFE9611EC9965A444C4F9AE02.roa
File: FCAF548AFE9611EC9965A444C4F9AE02.roa (raw, json)
Hash identifier: QDoUMftoCG0uxoQ2A2Ax6WvUP/QSCqTmw4BKS0l0cCY=
Subject key identifier: 5C:71:93:26:98:79:96:21:A5:8A:50:86:AE:00:21:62:0D:3A:09:05
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6CFB
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FCAF548AFE9611EC9965A444C4F9AE02.roa
Signing time: Wed 10 May 2023 16:27:07 +0000
ROA not before: Wed 10 May 2023 16:27:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137157
IP address blocks: 103.106.136.0/22 maxlen: 24
103.186.198.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27899 (0x6cfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:27:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc5db-30cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:3f:fa:66:fd:7a:2c:60:23:cb:ee:ae:f1:d5:
ef:5b:3a:c8:a8:89:c0:8d:5b:c4:ab:8c:5c:57:ae:
cd:8c:49:e4:69:ec:68:5f:47:d0:da:98:d9:50:a7:
44:1a:01:52:5d:15:11:14:ab:46:dc:a8:c7:82:62:
6e:d1:7a:fd:54:60:9a:e8:96:be:3a:f0:88:2a:68:
59:85:b2:e1:bd:e6:a5:45:0a:f6:fe:77:3b:fa:14:
96:79:7b:52:65:64:52:bd:a7:f8:02:5f:4d:36:04:
76:a2:72:ff:6c:7c:6b:75:fe:23:c9:44:ba:ba:fc:
25:ea:9a:57:ef:4e:17:ae:75:7f:92:d0:46:3c:22:
b7:2f:cf:fe:90:36:e7:40:a8:20:e0:e3:fa:87:3b:
a6:9c:25:e1:78:fb:7a:18:2b:e7:ed:d7:a0:fc:50:
52:c1:74:6f:c8:86:3f:19:4c:40:27:e8:32:32:0e:
a8:84:bc:29:bd:03:49:52:a7:67:4e:1d:92:91:b4:
e3:17:d9:b7:31:96:90:f8:47:97:dc:f2:e6:b7:bd:
8c:20:f5:67:d2:2c:f4:f0:8e:1c:2a:71:4d:f1:d5:
35:65:92:a7:a1:f3:79:21:98:c5:6d:93:d0:a7:a5:
6d:71:05:92:cd:55:ca:13:ec:b8:be:e5:10:33:a9:
c2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:71:93:26:98:79:96:21:A5:8A:50:86:AE:00:21:62:0D:3A:09:05
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FCAF548AFE9611EC9965A444C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.136.0/22
103.186.198.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:d1:b3:85:33:9c:fb:46:b0:d0:af:c7:8a:3d:ae:5f:85:e2:
4a:f8:ec:79:ca:a4:71:e7:10:35:44:d2:6a:34:72:71:ef:5b:
22:0c:be:a7:77:35:2d:49:3d:e5:ea:63:22:ce:5c:0b:63:76:
c2:d5:26:26:41:1b:a2:5c:99:d0:ba:9c:db:49:fb:01:dc:f7:
29:fb:8f:f5:79:ca:33:0f:41:78:98:73:3e:62:f1:69:b5:9f:
8b:4e:d4:94:83:d8:0c:82:62:2a:19:78:32:ca:68:3e:2c:c4:
c6:31:ca:5d:7d:c8:45:f0:f1:7e:56:a3:02:e1:12:7e:d6:18:
57:a7:d9:f5:46:51:f2:14:97:a2:ee:eb:bd:d3:48:5a:af:6b:
26:d2:ba:46:fa:b9:e7:da:21:c0:34:fd:c7:86:8b:72:15:d8:
50:d6:f3:f4:15:a2:5d:a6:5b:f0:65:5a:32:2e:fd:fa:32:08:
70:f1:04:92:f6:a8:f0:74:6d:6e:82:c4:da:cd:20:ff:ae:bc:
2a:23:73:79:98:28:30:bc:4c:34:f0:aa:a3:02:fb:f1:82:95:
fb:f8:34:c9:41:fd:cd:90:39:19:0d:33:b2:4f:fe:18:31:d2:
eb:b6:3d:5e:33:ce:57:e2:da:8d:8c:ed:9e:c0:42:db:6d:e1:
83:eb:4c:66
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICbPswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYyNzA3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzVkYi0zMGNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6D/6Zv16LGAjy+6u8dXvWzrIqInAjVvEq4xcV67NjEnkaexoX0fQ2pjZUKdE
GgFSXRURFKtG3KjHgmJu0Xr9VGCa6Ja+OvCIKmhZhbLhvealRQr2/nc7+hSWeXtS
ZWRSvaf4Al9NNgR2onL/bHxrdf4jyUS6uvwl6ppX704XrnV/ktBGPCK3L8/+kDbn
QKgg4OP6hzumnCXhePt6GCvn7deg/FBSwXRvyIY/GUxAJ+gyMg6ohLwpvQNJUqdn
Th2SkbTjF9m3MZaQ+EeX3PLmt72MIPVn0iz08I4cKnFN8dU1ZZKnofN5IZjFbZPQ
p6VtcQWSzVXKE+y4vuUQM6nCMQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFFxxkyaY
eZYhpYpQhq4AIWINOgkFMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRkNBRjU0OEFG
RTk2MTFFQzk5NjVBNDQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnaogDBAFnusYwDQYJKoZIhvcNAQELBQADggEBAKHRs4Uz
nPtGsNCvx4o9rl+F4kr47HnKpHHnEDVE0mo0cnHvWyIMvqd3NS1JPeXqYyLOXAtj
dsLVJiZBG6JcmdC6nNtJ+wHc9yn7j/V5yjMPQXiYcz5i8Wm1n4tO1JSD2AyCYioZ
eDLKaD4sxMYxyl19yEXw8X5WowLhEn7WGFen2fVGUfIUl6Lu673TSFqvaybSukb6
uefaIcA0/ceGi3IV2FDW8/QVol2mW/BlWjIu/foyCHDxBJL2qPB0bW6CxNrNIP+u
vCojc3mYKDC8TDTwqqMC+/GClfv4NMlB/c2QORkNM7JP/hgx0uu2PV4zzlfi2o2M
7Z7AQttt4YPrTGY=
-----END CERTIFICATE-----
Generated at Thu Oct 12 11:37:33 2023 by rpki-client on console-ams.rpki-client.org