Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FCEBE58E790411ECA8B4FC17C4F9AE02.roa
File: FCEBE58E790411ECA8B4FC17C4F9AE02.roa (raw, json)
Hash identifier: pVSOAjWge5MU7tLw67yTS4xRyUMO/8v+unvDVmZVXZk=
Subject key identifier: BF:CA:60:CF:2C:7C:DF:72:CF:3B:AE:41:D6:68:82:6C:F9:9C:7C:D8
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7731
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FCEBE58E790411ECA8B4FC17C4F9AE02.roa
Signing time: Wed 09 Aug 2023 08:35:22 +0000
ROA not before: Wed 09 Aug 2023 08:35:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132933
IP address blocks: 45.64.188.0/22 maxlen: 24
45.64.212.0/22 maxlen: 24
45.120.120.0/22 maxlen: 24
103.26.48.0/22 maxlen: 24
103.60.176.0/22 maxlen: 24
103.77.124.0/22 maxlen: 24
103.139.116.0/23 maxlen: 24
103.148.122.0/23 maxlen: 24
103.167.240.0/23 maxlen: 24
103.252.108.0/22 maxlen: 24
2001:df2:72c0::/48 maxlen: 48
2402:7780::/32 maxlen: 48
2402:c4c0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30513 (0x7731)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 9 08:35:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64d34fca-18f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f4:5a:b6:1b:9e:b3:16:1b:3f:2d:8d:55:0e:
ed:8d:ad:b5:ad:79:30:5c:7b:17:97:eb:66:fd:f3:
10:92:91:be:61:8d:7b:3c:c0:7a:da:da:9a:44:79:
a6:26:fa:7d:22:a2:5c:f1:41:51:38:e8:fa:88:5d:
e7:47:36:5c:47:a3:b3:33:3d:11:c8:ac:03:a3:71:
11:d5:fe:cd:e3:48:62:d2:a7:dc:66:e2:23:9c:15:
80:5a:21:ee:ed:c7:67:26:3b:ec:ad:c7:39:82:bb:
be:3e:57:ba:f7:92:7f:a0:3e:71:b2:bd:7d:8b:09:
fc:25:df:15:ad:9c:f8:26:4e:65:51:55:e2:0b:54:
d3:3f:77:60:6d:e7:40:aa:9f:d1:1e:e7:35:2d:19:
a5:30:f0:5a:9d:7f:c9:47:dd:e6:99:b8:bd:9f:ef:
e8:5c:77:2a:37:ae:d9:86:1e:c0:de:47:50:ba:14:
36:ff:b0:5a:50:3f:dc:63:a8:4c:12:0f:29:15:0d:
79:6a:38:80:d5:ff:05:df:2a:27:eb:5e:38:75:70:
3f:2e:d0:64:07:0d:0a:15:c3:98:75:ba:b4:9f:39:
b8:21:2e:56:28:bf:db:f1:2b:88:77:c4:a5:a3:91:
5c:35:70:e8:bc:a8:bb:89:2c:af:1c:f1:2c:ca:0b:
2e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:CA:60:CF:2C:7C:DF:72:CF:3B:AE:41:D6:68:82:6C:F9:9C:7C:D8
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FCEBE58E790411ECA8B4FC17C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.188.0/22
45.64.212.0/22
45.120.120.0/22
103.26.48.0/22
103.60.176.0/22
103.77.124.0/22
103.139.116.0/23
103.148.122.0/23
103.167.240.0/23
103.252.108.0/22
IPv6:
2001:df2:72c0::/48
2402:7780::/32
2402:c4c0::/32
Signature Algorithm: sha256WithRSAEncryption
b1:a2:16:0b:29:d6:4c:44:e2:05:44:14:dd:ca:8c:8c:ab:83:
3a:0b:fc:b9:e3:4a:fd:e2:df:9f:10:a4:62:73:03:45:83:f1:
f0:f7:6a:00:e9:33:4d:98:53:ac:0b:19:2f:51:c4:f8:1d:0f:
9d:88:6b:1b:6b:51:b0:d9:d5:a1:c3:35:ad:4e:88:7b:bb:87:
05:c3:2b:dc:e5:9b:7e:38:02:0f:29:4c:f3:c2:6c:e1:31:38:
42:99:1f:15:c4:9c:c1:ba:c5:bc:81:3c:36:64:b1:35:3b:a5:
d4:83:10:02:cd:e2:a6:d0:5d:de:02:cc:b5:5e:c9:7a:8d:07:
e7:e7:0c:83:3e:9d:36:c1:b2:04:f0:1c:33:d9:18:f2:37:05:
82:45:91:97:fc:8d:63:3e:e8:ab:51:8e:0c:24:44:c6:80:f0:
5d:f6:a4:86:83:e7:9a:1c:68:84:48:dd:84:73:6d:fa:cd:fc:
02:f8:e7:e9:f4:a9:ac:9d:29:aa:b3:5c:60:5d:7a:a7:e0:cb:
4a:eb:b6:08:dc:b4:57:26:56:7c:01:70:bf:f5:9d:88:e2:44:
21:20:5f:5c:8b:60:18:f1:9f:3e:3d:a0:ea:74:59:f4:13:a3:
51:62:d5:5a:cb:5a:07:75:89:13:40:59:a5:1f:5f:ea:5e:2b:
2f:8e:86:2d
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgICdzEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwODA5MDgzNTIyWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQzNGZjYS0xOGYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzPRathuesxYbPy2NVQ7tja21rXkwXHsXl+tm/fMQkpG+YY17PMB62tqaRHmm
Jvp9IqJc8UFROOj6iF3nRzZcR6OzMz0RyKwDo3ER1f7N40hi0qfcZuIjnBWAWiHu
7cdnJjvsrcc5gru+Ple695J/oD5xsr19iwn8Jd8VrZz4Jk5lUVXiC1TTP3dgbedA
qp/RHuc1LRmlMPBanX/JR93mmbi9n+/oXHcqN67Zhh7A3kdQuhQ2/7BaUD/cY6hM
Eg8pFQ15ajiA1f8F3yon6144dXA/LtBkBw0KFcOYdbq0nzm4IS5WKL/b8SuId8Sl
o5FcNXDovKi7iSyvHPEsygsu9QIDAQABo4IC6jCCAuYwHQYDVR0OBBYEFL/KYM8s
fN9yzzuuQdZogmz5nHzYMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRkNFQkU1OEU3
OTA0MTFFQ0E4QjRGQzE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdAYIKwYBBQUHAQcBAf8E
ZTBjMEIEAgABMDwDBAItQLwDBAItQNQDBAIteHgDBAJnGjADBAJnPLADBAJnTXwD
BAFni3QDBAFnlHoDBAFnp/ADBAJn/GwwHQQCAAIwFwMHACABDfJywAMFACQCd4AD
BQAkAsTAMA0GCSqGSIb3DQEBCwUAA4IBAQCxohYLKdZMROIFRBTdyoyMq4M6C/y5
40r94t+fEKRicwNFg/Hw92oA6TNNmFOsCxkvUcT4HQ+diGsba1Gw2dWhwzWtToh7
u4cFwyvc5Zt+OAIPKUzzwmzhMThCmR8VxJzBusW8gTw2ZLE1O6XUgxACzeKm0F3e
Asy1Xsl6jQfn5wyDPp02wbIE8Bwz2RjyNwWCRZGX/I1jPuirUY4MJETGgPBd9qSG
g+eaHGiESN2Ec236zfwC+Ofp9KmsnSmqs1xgXXqn4MtK67YI3LRXJlZ8AXC/9Z2I
4kQhIF9ci2AY8Z8+PaDqdFn0E6NRYtVay1oHdYkTQFmlH1/qXisvjoYt
-----END CERTIFICATE-----
Generated at Thu Aug 24 06:46:26 2023 by rpki-client on console-ams.rpki-client.org