Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AD09B/1E2FBED45C6411EEA59A821EC4F9AE02/1FA1A3AE9D7311EE96E7821CC4F9AE02.roa
File: 1FA1A3AE9D7311EE96E7821CC4F9AE02.roa (raw, json)
Hash identifier: g/3lsPtP0rCQttdRyM9iZWgo7wwPQglOhvZUdi86lfo=
Subject key identifier: CC:6B:BA:8D:A9:2B:77:C3:A5:66:2E:36:C7:82:71:48:1B:64:92:B0
Certificate issuer: /CN=A91AD09B/serialNumber=1AF3C89CF147F2FEB51DAAE8957DB99D387263B8
Certificate serial: 38
Authority key identifier: 1A:F3:C8:9C:F1:47:F2:FE:B5:1D:AA:E8:95:7D:B9:9D:38:72:63:B8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GvPInPFH8v61HarolX25nThyY7g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AD09B/1E2FBED45C6411EEA59A821EC4F9AE02/1FA1A3AE9D7311EE96E7821CC4F9AE02.roa
Signing time: Mon 18 Dec 2023 07:00:28 +0000
ROA not before: Mon 18 Dec 2023 07:00:28 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 135341
IP address blocks: 103.7.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jun 2024 02:34:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56 (0x38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AD09B/serialNumber=1AF3C89CF147F2FEB51DAAE8957DB99D387263B8
Validity
Not Before: Dec 18 07:00:28 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=657fee0b-24d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0d:63:d4:8d:d5:77:22:df:0b:a4:56:52:45:
73:88:b3:3a:b9:74:21:73:69:3e:3d:21:03:17:e7:
12:f8:45:21:de:2a:ff:3f:11:61:13:08:00:21:a0:
3d:2d:82:59:54:92:4d:34:f1:d8:f8:78:68:12:4a:
56:94:73:1f:a4:e1:ae:43:44:1d:f5:20:dd:a6:f9:
e5:ff:ae:4b:33:12:4e:cb:d3:ab:3b:76:e7:17:67:
17:ae:18:f2:c7:6c:1c:b1:f3:82:85:ba:bd:ce:70:
ab:ec:21:1f:61:26:07:aa:ca:51:96:54:f7:b3:1c:
82:bf:d2:f4:86:52:d3:6f:ab:16:08:8d:5e:4e:87:
1c:02:a3:c4:b4:75:91:80:91:a9:af:f7:36:51:6a:
34:cf:ad:4f:36:3b:38:a9:b5:eb:f9:07:0c:6f:e5:
73:23:f3:4a:6b:6e:0a:9c:57:04:c5:da:1f:f2:bd:
ce:79:bf:dc:a9:bb:93:0b:f8:e8:c8:62:b4:4b:2b:
e1:62:9e:fb:1c:44:f7:f2:50:06:6a:7d:40:35:68:
bf:81:3d:26:1d:07:a7:c9:3e:42:ed:b1:b9:ac:94:
cc:80:a3:cb:6c:96:04:3d:f1:75:66:70:2a:03:87:
e1:6c:25:93:bb:17:a1:14:7f:a0:b8:9d:7d:a7:d6:
fe:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:6B:BA:8D:A9:2B:77:C3:A5:66:2E:36:C7:82:71:48:1B:64:92:B0
X509v3 Authority Key Identifier:
keyid:1A:F3:C8:9C:F1:47:F2:FE:B5:1D:AA:E8:95:7D:B9:9D:38:72:63:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AD09B/1E2FBED45C6411EEA59A821EC4F9AE02/GvPInPFH8v61HarolX25nThyY7g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GvPInPFH8v61HarolX25nThyY7g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AD09B/1E2FBED45C6411EEA59A821EC4F9AE02/1FA1A3AE9D7311EE96E7821CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.7.120.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:28:f4:44:e9:03:03:a3:33:a6:69:b7:e2:af:03:c9:a2:cd:
a1:f3:b9:f1:2d:1e:8c:8d:49:6f:31:9c:4a:e1:f6:11:bb:69:
d2:5e:78:c2:9f:88:45:9d:2c:51:fd:4e:30:b4:5a:20:d3:91:
41:a8:48:07:45:85:6a:2a:b8:e5:e1:90:7d:a9:56:83:cb:02:
51:40:e2:52:d0:ed:e1:cc:00:83:14:6e:20:dd:c4:85:03:0b:
9e:02:3a:31:a2:7a:0f:bb:84:4d:85:2d:ed:77:ee:30:1a:8d:
07:bc:9f:2d:22:ed:4f:c8:67:4e:fb:58:b2:67:1f:5f:56:b3:
99:54:7f:ef:24:fc:0e:96:e8:74:14:07:41:23:a1:c8:7f:2d:
ca:56:88:d4:ed:14:bf:8f:f3:e5:b4:68:27:e9:74:12:ca:f5:
f8:65:ac:41:bf:c0:88:68:8a:8d:72:b4:9c:0d:f5:a0:66:c7:
0c:85:56:dd:e9:14:29:50:32:cc:6b:42:25:87:1c:98:74:04:
2f:fe:4a:85:b9:7e:68:de:4e:e0:94:ff:19:48:04:e8:51:49:
1c:9c:d7:6f:72:75:21:0c:6c:ee:e7:c1:aa:70:67:c7:a6:6b:
ea:15:d3:16:f8:8e:e5:3e:4e:47:04:c1:51:22:12:d3:f6:66:
b7:43:8d:4d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBODANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
RDA5QjExMC8GA1UEBRMoMUFGM0M4OUNGMTQ3RjJGRUI1MURBQUU4OTU3REI5OUQz
ODcyNjNCODAeFw0yMzEyMTgwNzAwMjhaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1N2ZlZTBiLTI0ZDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3DWPUjdV3It8LpFZSRXOIszq5dCFzaT49IQMX5xL4RSHeKv8/EWETCAAhoD0t
gllUkk008dj4eGgSSlaUcx+k4a5DRB31IN2m+eX/rkszEk7L06s7ducXZxeuGPLH
bByx84KFur3OcKvsIR9hJgeqylGWVPezHIK/0vSGUtNvqxYIjV5OhxwCo8S0dZGA
kamv9zZRajTPrU82Oziptev5Bwxv5XMj80prbgqcVwTF2h/yvc55v9ypu5ML+OjI
YrRLK+FinvscRPfyUAZqfUA1aL+BPSYdB6fJPkLtsbmslMyAo8tslgQ98XVmcCoD
h+FsJZO7F6EUf6C4nX2n1v6DAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUzGu6jakr
d8OlZi42x4JxSBtkkrAwHwYDVR0jBBgwFoAUGvPInPFH8v61HarolX25nThyY7gw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFEMDlCLzFFMkZCRUQ0NUM2
NDExRUVBNTlBODIxRUM0RjlBRTAyL0d2UEluUEZIOHY2MUhhcm9sWDI1blRoeVk3
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvR3ZQSW5QRkg4djYxSGFyb2xYMjVuVGh5WTdnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RDA5Qi8xRTJGQkVENDVDNjQxMUVFQTU5QTgyMUVDNEY5QUUwMi8xRkExQTNBRTlE
NzMxMUVFOTZFNzgyMUNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGcHeDANBgkqhkiG9w0BAQsFAAOCAQEAjyj0ROkDA6Mzpmm3
4q8DyaLNofO58S0ejI1JbzGcSuH2Ebtp0l54wp+IRZ0sUf1OMLRaINORQahIB0WF
aiq45eGQfalWg8sCUUDiUtDt4cwAgxRuIN3EhQMLngI6MaJ6D7uETYUt7XfuMBqN
B7yfLSLtT8hnTvtYsmcfX1azmVR/7yT8DpbodBQHQSOhyH8tylaI1O0Uv4/z5bRo
J+l0Esr1+GWsQb/AiGiKjXK0nA31oGbHDIVW3ekUKVAyzGtCJYccmHQEL/5Khbl+
aN5O4JT/GUgE6FFJHJzXb3J1IQxs7ufBqnBnx6Zr6hXTFviO5T5ORwTBUSIS0/Zm
t0ONTQ==
-----END CERTIFICATE-----
Generated at Tue Jun 11 03:06:46 2024 by rpki-client on console-fra.rpki-client.org