Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919D772/C625FF2E6A6311E9B9DAFC6DC4F9AE02/2ABB679CE82211EB831E3176C4F9AE02.roa
File: 2ABB679CE82211EB831E3176C4F9AE02.roa (raw, json)
Hash identifier: xj9wU9x2jLBH5R95iqdf2zM/ZPW6IHiXDg63Wh/1GAU=
Subject key identifier: 7E:B1:AB:15:ED:0D:55:06:5E:12:80:71:F4:20:02:C9:CF:72:68:4E
Certificate issuer: /CN=A919D772/serialNumber=21E7499E2180BD212FAAA0D1521D165677D8BDEE
Certificate serial: 0E01
Authority key identifier: 21:E7:49:9E:21:80:BD:21:2F:AA:A0:D1:52:1D:16:56:77:D8:BD:EE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IedJniGAvSEvqqDRUh0WVnfYve4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919D772/C625FF2E6A6311E9B9DAFC6DC4F9AE02/2ABB679CE82211EB831E3176C4F9AE02.roa
Signing time: Sun 04 Jun 2023 18:59:03 +0000
ROA not before: Sun 04 Jun 2023 18:59:03 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 137707
IP address blocks: 103.114.40.0/22 maxlen: 22
103.114.40.0/23 maxlen: 23
103.114.40.0/24 maxlen: 24
103.114.41.0/24 maxlen: 24
103.114.42.0/23 maxlen: 23
103.114.42.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
202.37.74.0/24 maxlen: 24
2402:ca40::/32 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3585 (0xe01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919D772/serialNumber=21E7499E2180BD212FAAA0D1521D165677D8BDEE
Validity
Not Before: Jun 4 18:59:03 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=647cdef7-4e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:76:ad:63:33:c1:56:fc:72:ae:e4:09:6e:be:
e4:64:68:48:ea:d4:15:b1:ab:f8:57:d8:b8:5d:ee:
da:5d:d5:d6:15:40:b4:9a:db:10:56:54:b8:5d:01:
56:1f:47:84:4d:4e:fe:74:64:1c:e7:e6:66:f3:9c:
f2:62:72:05:4f:94:6f:f7:95:b3:69:3b:56:7e:82:
77:ac:78:02:d4:8d:7b:24:17:95:8f:7d:2a:9b:7a:
b2:ef:18:cd:44:90:95:5b:31:ed:4c:ab:20:57:37:
58:fa:a3:05:72:94:73:34:cd:9e:95:94:c6:29:75:
2d:8d:1c:22:bf:11:8d:0e:a5:bc:18:3f:88:aa:32:
07:c1:f7:48:02:15:24:54:f1:2c:b2:14:b3:17:c8:
4d:de:db:a8:5a:27:0f:cd:3a:6d:a0:20:ac:47:5e:
bc:eb:a5:0e:59:9f:4d:68:76:7c:ac:9d:6b:f0:34:
33:73:b9:7d:d6:32:da:d6:b4:ee:f2:56:a1:e1:94:
76:43:34:bd:00:88:4d:c0:00:43:82:5e:c5:f7:9d:
57:d3:e0:18:cc:b6:a9:08:72:d8:6f:49:e1:b6:9f:
bb:eb:d0:de:6e:ed:dc:fc:ff:ef:ae:22:40:cd:7f:
0c:43:92:1b:55:1e:cc:d7:f8:90:ae:4b:95:f7:3d:
be:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:B1:AB:15:ED:0D:55:06:5E:12:80:71:F4:20:02:C9:CF:72:68:4E
X509v3 Authority Key Identifier:
keyid:21:E7:49:9E:21:80:BD:21:2F:AA:A0:D1:52:1D:16:56:77:D8:BD:EE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919D772/C625FF2E6A6311E9B9DAFC6DC4F9AE02/IedJniGAvSEvqqDRUh0WVnfYve4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IedJniGAvSEvqqDRUh0WVnfYve4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D772/C625FF2E6A6311E9B9DAFC6DC4F9AE02/2ABB679CE82211EB831E3176C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.114.40.0/22
202.37.74.0/24
IPv6:
2402:ca40::/32
Signature Algorithm: sha256WithRSAEncryption
99:96:93:4c:ac:1b:39:c5:3f:64:31:5f:79:92:3a:b9:22:9b:
bc:4a:d0:75:ba:88:3e:86:b5:98:15:d2:37:1c:8b:4c:eb:f6:
ac:3b:5c:14:10:66:5b:d8:65:fa:8f:0c:50:88:27:db:04:b1:
00:6d:b8:7a:a2:bf:26:73:fd:2b:cd:90:9d:56:3d:fa:83:d0:
ab:e7:a2:15:96:28:c9:1e:53:19:41:75:bb:06:f3:a3:b1:82:
2f:68:26:9c:1e:3a:91:3e:d7:ee:42:24:47:1b:22:13:80:f7:
6f:e6:f6:44:af:9f:43:b9:a4:a3:f5:bc:cd:90:18:a3:71:4b:
1a:fb:82:74:52:b6:19:ed:d8:fa:c7:06:dc:a0:fa:3a:5a:8e:
55:99:ae:73:e8:c1:33:da:2b:7f:6b:34:7f:75:e4:2e:0e:2d:
12:0b:05:62:aa:5b:ed:7e:6b:1a:5b:d2:29:af:63:08:56:94:
7f:c4:06:38:40:45:31:b1:12:d0:db:81:84:27:ef:95:8d:c3:
91:b2:8a:09:15:08:57:37:8c:af:a0:61:29:3e:e5:5d:a5:4c:
35:41:08:5b:d2:02:23:26:c8:0c:4c:35:e7:53:b1:60:34:c5:
fb:ef:4c:f3:5c:ee:27:2f:52:b8:b8:2a:8e:85:e5:bb:1c:53:
bf:5b:7a:bf
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDgEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUQ3NzIxMTAvBgNVBAUTKDIxRTc0OTlFMjE4MEJEMjEyRkFBQTBEMTUyMUQxNjU2
NzdEOEJERUUwHhcNMjMwNjA0MTg1OTAzWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdjZGVmNy00ZTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArXatYzPBVvxyruQJbr7kZGhI6tQVsav4V9i4Xe7aXdXWFUC0mtsQVlS4XQFW
H0eETU7+dGQc5+Zm85zyYnIFT5Rv95WzaTtWfoJ3rHgC1I17JBeVj30qm3qy7xjN
RJCVWzHtTKsgVzdY+qMFcpRzNM2elZTGKXUtjRwivxGNDqW8GD+IqjIHwfdIAhUk
VPEsshSzF8hN3tuoWicPzTptoCCsR16866UOWZ9NaHZ8rJ1r8DQzc7l91jLa1rTu
8lah4ZR2QzS9AIhNwABDgl7F951X0+AYzLapCHLYb0nhtp+769Debu3c/P/vriJA
zX8MQ5IbVR7M1/iQrkuV9z2+FwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFH6xqxXt
DVUGXhKAcfQgAsnPcmhOMB8GA1UdIwQYMBaAFCHnSZ4hgL0hL6qg0VIdFlZ32L3u
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RDc3Mi9DNjI1RkYyRTZB
NjMxMUU5QjlEQUZDNkRDNEY5QUUwMi9JZWRKbmlHQXZTRXZxcURSVWgwV1ZuZll2
ZTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0llZEpuaUdBdlNFdnFxRFJVaDBXVm5mWXZlNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUQ3NzIvQzYyNUZGMkU2QTYzMTFFOUI5REFGQzZEQzRGOUFFMDIvMkFCQjY3OUNF
ODIyMTFFQjgzMUUzMTc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJncigDBADKJUowDQQCAAIwBwMFACQCykAwDQYJKoZIhvcN
AQELBQADggEBAJmWk0ysGznFP2QxX3mSOrkim7xK0HW6iD6GtZgV0jcci0zr9qw7
XBQQZlvYZfqPDFCIJ9sEsQBtuHqivyZz/SvNkJ1WPfqD0KvnohWWKMkeUxlBdbsG
86Oxgi9oJpweOpE+1+5CJEcbIhOA92/m9kSvn0O5pKP1vM2QGKNxSxr7gnRSthnt
2PrHBtyg+jpajlWZrnPowTPaK39rNH915C4OLRILBWKqW+1+axpb0imvYwhWlH/E
BjhARTGxEtDbgYQn75WNw5GyigkVCFc3jK+gYSk+5V2lTDVBCFvSAiMmyAxMNedT
sWA0xfvvTPNc7icvUri4Ko6F5bscU79ber8=
-----END CERTIFICATE-----
Generated at Sun Nov 19 18:44:16 2023 by rpki-client on console-fra.rpki-client.org