Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91809AD/656DD26AA76811E89333C725C4F9AE02/1F5E4B9A9C6911EF9631FB46C4F9AE02.roa
File: 1F5E4B9A9C6911EF9631FB46C4F9AE02.roa (raw, json)
Hash identifier: jK/lQYd3DmDuXpK3ZNSfEclKNOjNL2bnFHWAJ/rnCoI=
Subject key identifier: 43:7A:D5:50:F4:DC:FC:0F:83:44:26:22:38:BF:6E:CD:2D:75:B1:66
Certificate issuer: /CN=A91809AD/serialNumber=6D7C226A7DCB85F2F49216B7EBB00D5F03A605C3
Certificate serial: 130A
Authority key identifier: 6D:7C:22:6A:7D:CB:85:F2:F4:92:16:B7:EB:B0:0D:5F:03:A6:05:C3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bXwian3LhfL0kha367ANXwOmBcM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91809AD/656DD26AA76811E89333C725C4F9AE02/1F5E4B9A9C6911EF9631FB46C4F9AE02.roa
Signing time: Wed 06 Nov 2024 18:01:18 +0000
ROA not before: Wed 06 Nov 2024 18:01:18 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 138039
IP address blocks: 103.120.116.0/24 maxlen: 24
103.120.118.0/24 maxlen: 24
103.120.119.0/24 maxlen: 24
2407:1840::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 18 Nov 2024 05:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4874 (0x130a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91809AD/serialNumber=6D7C226A7DCB85F2F49216B7EBB00D5F03A605C3
Validity
Not Before: Nov 6 18:01:18 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=672baeee-55e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:26:45:d5:1a:65:72:2b:77:7e:4f:19:0c:66:
cc:0d:b4:a0:54:51:6a:41:d0:e2:d0:b9:52:69:8c:
e3:4e:5d:51:7a:4b:e9:f8:77:ba:6c:92:8e:6e:1a:
fe:da:b8:df:c1:c2:d6:1c:81:49:31:d6:ec:6e:64:
69:9e:a2:58:87:b5:1a:28:16:26:7d:61:46:e0:17:
3d:01:8f:d5:65:6b:52:eb:8b:99:7d:e5:74:f7:a5:
e7:48:b1:d5:72:1b:e7:44:5a:c0:0c:ed:26:bd:d2:
59:8d:57:85:df:2f:30:e8:d8:4d:02:d3:9e:8a:2f:
ec:2e:1a:df:75:ec:29:ba:67:28:0f:38:90:08:63:
0c:27:34:19:5f:59:20:0b:e6:02:fe:28:c4:0e:60:
05:c1:fc:1b:f2:fd:35:de:fd:6d:22:f3:47:6c:ab:
b0:1c:ce:e3:8f:8d:ae:6b:07:80:3a:18:86:2b:bc:
8f:d1:1c:82:18:cc:fc:35:f1:fe:c9:0f:cd:aa:4b:
80:eb:a2:ee:99:ef:4f:e9:22:9a:f4:34:a5:c6:6e:
89:1a:9e:75:76:cf:69:4e:ff:3c:11:08:85:a2:3b:
4f:80:c9:28:10:92:ad:81:53:3d:57:52:2e:ba:2c:
fc:29:3b:f9:d2:68:af:11:c8:5d:4d:20:ec:0a:2c:
8c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:7A:D5:50:F4:DC:FC:0F:83:44:26:22:38:BF:6E:CD:2D:75:B1:66
X509v3 Authority Key Identifier:
keyid:6D:7C:22:6A:7D:CB:85:F2:F4:92:16:B7:EB:B0:0D:5F:03:A6:05:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91809AD/656DD26AA76811E89333C725C4F9AE02/bXwian3LhfL0kha367ANXwOmBcM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bXwian3LhfL0kha367ANXwOmBcM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91809AD/656DD26AA76811E89333C725C4F9AE02/1F5E4B9A9C6911EF9631FB46C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.120.116.0/24
103.120.118.0/23
IPv6:
2407:1840::/32
Signature Algorithm: sha256WithRSAEncryption
a4:fb:a5:c0:82:19:d2:90:d0:66:4d:03:b0:a6:92:96:ee:37:
ff:e5:a1:7c:6b:7b:f5:f7:40:fa:94:02:a1:14:82:73:af:24:
49:01:3f:e7:e9:78:0d:7c:f6:7d:70:05:14:e9:28:e1:6e:26:
46:96:c8:79:65:fc:4a:e2:a4:81:fe:95:42:ed:18:fe:29:8b:
04:31:09:03:28:37:03:90:63:47:61:b9:2f:1d:43:09:cc:ff:
03:e5:9e:ba:1e:32:0b:88:93:bd:d0:39:c3:ba:e2:d4:d8:54:
3d:55:d8:1b:b7:c9:88:05:a0:97:9d:1f:c7:76:38:e1:8d:9a:
3d:1b:22:bd:88:fe:8e:03:37:93:02:65:3c:80:1e:59:8c:82:
e1:ec:f6:1d:ca:b2:6c:a6:33:5e:57:0f:de:18:bf:93:1e:c1:
16:54:c2:b7:d6:2e:24:57:d9:d3:03:f5:61:bd:27:54:5b:4f:
07:22:ca:f9:65:ea:2e:d3:a9:c8:3c:d8:34:30:9d:8e:1a:7f:
75:1c:ee:70:81:80:79:f0:9e:df:a8:09:0f:8c:56:1b:67:04:
de:db:7d:5d:aa:4c:75:73:33:7b:d3:f6:a5:b1:c4:0a:0e:d7:
cc:2f:4b:7f:8c:e2:5b:2f:d2:90:23:2a:d9:61:f7:33:e7:5a:
8a:cf:e6:ac
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICEwowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODA5QUQxMTAvBgNVBAUTKDZEN0MyMjZBN0RDQjg1RjJGNDkyMTZCN0VCQjAwRDVG
MDNBNjA1QzMwHhcNMjQxMTA2MTgwMTE4WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJiYWVlZS01NWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsCZF1Rplcit3fk8ZDGbMDbSgVFFqQdDi0LlSaYzjTl1Rekvp+He6bJKObhr+
2rjfwcLWHIFJMdbsbmRpnqJYh7UaKBYmfWFG4Bc9AY/VZWtS64uZfeV096XnSLHV
chvnRFrADO0mvdJZjVeF3y8w6NhNAtOeii/sLhrfdewpumcoDziQCGMMJzQZX1kg
C+YC/ijEDmAFwfwb8v013v1tIvNHbKuwHM7jj42uaweAOhiGK7yP0RyCGMz8NfH+
yQ/NqkuA66Lume9P6SKa9DSlxm6JGp51ds9pTv88EQiFojtPgMkoEJKtgVM9V1Iu
uiz8KTv50mivEchdTSDsCiyMPQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEN61VD0
3PwPg0QmIji/bs0tdbFmMB8GA1UdIwQYMBaAFG18Imp9y4Xy9JIWt+uwDV8DpgXD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDlBRC82NTZERDI2QUE3
NjgxMUU4OTMzM0M3MjVDNEY5QUUwMi9iWHdpYW4zTGhmTDBraGEzNjdBTlh3T21C
Y00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JYd2lhbjNMaGZMMGtoYTM2N0FOWHdPbUJjTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODA5QUQvNjU2REQyNkFBNzY4MTFFODkzMzNDNzI1QzRGOUFFMDIvMUY1RTRCOUE5
QzY5MTFFRjk2MzFGQjQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBABneHQDBAFneHYwDQQCAAIwBwMFACQHGEAwDQYJKoZIhvcN
AQELBQADggEBAKT7pcCCGdKQ0GZNA7CmkpbuN//loXxre/X3QPqUAqEUgnOvJEkB
P+fpeA189n1wBRTpKOFuJkaWyHll/EripIH+lULtGP4piwQxCQMoNwOQY0dhuS8d
QwnM/wPlnroeMguIk73QOcO64tTYVD1V2Bu3yYgFoJedH8d2OOGNmj0bIr2I/o4D
N5MCZTyAHlmMguHs9h3KsmymM15XD94Yv5MewRZUwrfWLiRX2dMD9WG9J1RbTwci
yvll6i7Tqcg82DQwnY4af3Uc7nCBgHnwnt+oCQ+MVhtnBN7bfV2qTHVzM3vT9qWx
xAoO18wvS3+M4lsv0pAjKtlh9zPnWorP5qw=
-----END CERTIFICATE-----
Generated at Mon Nov 18 08:29:21 2024 by rpki-client on console-fra.rpki-client.org