Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/6FCC097CAACB11EE9D3B933DC4F9AE02.roa
File: 6FCC097CAACB11EE9D3B933DC4F9AE02.roa (raw, json)
Hash identifier: kZCSIdkPZTDm5CKZ0r/bz7yTJet4U/y0ssK7+CBsP0o=
Subject key identifier: E3:D8:C8:F7:D9:8B:98:A7:E2:24:3B:D8:18:E9:CE:95:14:37:71:ED
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 346B
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/6FCC097CAACB11EE9D3B933DC4F9AE02.roa
Signing time: Thu 04 Jan 2024 14:50:30 +0000
ROA not before: Thu 04 Jan 2024 14:50:30 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 134663
IP address blocks: 121.46.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 07:57:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13419 (0x346b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Jan 4 14:50:30 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6596c5b6-2edd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:98:fe:5d:b5:94:49:a9:e5:9d:44:52:fa:36:
7d:a0:6b:90:1b:a2:16:5a:59:ad:0c:3c:f0:9c:b5:
c8:4b:c7:0d:6b:d1:57:e7:8c:8a:d5:a3:2f:58:06:
86:ce:48:4e:f5:0c:e6:73:41:64:bf:d2:9b:9f:47:
fa:62:17:74:c7:3c:47:d3:98:24:45:99:49:38:fb:
2f:4c:02:21:8d:c9:8a:b9:54:91:ee:55:48:69:7f:
50:fb:7a:87:f5:b9:7b:63:21:90:2d:f6:db:d5:63:
37:8e:a4:31:4c:12:0b:55:68:0a:41:f2:04:a4:8a:
fa:47:12:c8:cb:70:14:6b:83:c1:4f:9d:63:68:42:
4b:66:dc:54:83:04:b1:ed:88:96:02:63:68:7b:8a:
29:53:1a:f2:94:f2:e9:df:be:8e:87:0f:0b:6d:20:
b9:fb:62:30:26:13:b0:59:5b:cc:7d:d4:21:ee:64:
2e:6d:fb:f9:01:43:87:4f:a4:e3:6e:99:c5:66:a7:
02:32:42:fb:cb:13:bd:cb:25:d8:94:79:d3:49:76:
b3:a0:ad:fe:f8:51:e9:dc:ca:56:b2:13:35:97:6d:
51:61:e1:bc:c1:bb:f4:5a:37:9e:c8:e6:a8:1d:f4:
13:b3:b1:90:f6:8e:34:a9:50:ec:4e:8e:9e:ee:f2:
95:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:D8:C8:F7:D9:8B:98:A7:E2:24:3B:D8:18:E9:CE:95:14:37:71:ED
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/6FCC097CAACB11EE9D3B933DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.46.67.0/24
Signature Algorithm: sha256WithRSAEncryption
39:6d:6f:45:fa:12:10:de:c3:ab:b6:9f:24:12:a4:57:ae:0d:
ce:69:87:01:55:18:c8:bd:e8:83:df:77:57:36:5b:f7:23:33:
9e:c9:78:34:c5:19:e8:de:77:41:a1:b5:f1:8d:cd:f0:ba:28:
13:1a:9c:e2:43:d4:4a:3e:d1:14:42:11:e8:5a:41:e3:ab:34:
2e:53:97:0b:5c:af:f8:ed:c4:a7:50:e1:86:b9:26:1b:2b:19:
5e:0a:ad:aa:62:e0:ce:34:4b:93:0c:a0:32:37:16:f2:54:e6:
4a:c2:54:fe:5f:6e:e7:ad:90:3d:f7:b4:b8:f6:3b:c0:f5:7e:
1e:d2:27:91:42:5e:b1:58:af:5c:2f:74:49:93:53:9e:ae:3c:
6c:82:66:56:9d:0a:e6:c6:3a:13:31:3d:75:9b:b3:4e:ba:a8:
70:fa:33:67:fd:85:a5:98:39:eb:34:c2:f4:66:63:65:64:cf:
d2:ac:51:d5:b3:5d:8c:33:46:c1:fc:2d:34:b9:cd:43:ef:b9:
83:1c:f3:de:9e:de:35:7b:74:5c:26:cf:91:33:48:d3:9a:ea:
5e:15:75:71:a8:41:12:d0:39:4a:15:0b:47:3d:18:ea:68:60:
3c:73:d8:1e:e0:e2:04:7c:9b:b1:f0:50:82:70:63:f9:bd:ef:
8b:7f:e2:14
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNGswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjQwMTA0MTQ1MDMwWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk2YzViNi0yZWRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqJj+XbWUSanlnURS+jZ9oGuQG6IWWlmtDDzwnLXIS8cNa9FX54yK1aMvWAaG
zkhO9Qzmc0Fkv9Kbn0f6Yhd0xzxH05gkRZlJOPsvTAIhjcmKuVSR7lVIaX9Q+3qH
9bl7YyGQLfbb1WM3jqQxTBILVWgKQfIEpIr6RxLIy3AUa4PBT51jaEJLZtxUgwSx
7YiWAmNoe4opUxrylPLp376Ohw8LbSC5+2IwJhOwWVvMfdQh7mQubfv5AUOHT6Tj
bpnFZqcCMkL7yxO9yyXYlHnTSXazoK3++FHp3MpWshM1l21RYeG8wbv0WjeeyOao
HfQTs7GQ9o40qVDsTo6e7vKVNwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOPYyPfZ
i5in4iQ72BjpzpUUN3HtMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvNkZDQzA5N0NB
QUNCMTFFRTlEM0I5MzNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB5LkMwDQYJKoZIhvcNAQELBQADggEBADltb0X6EhDew6u2
nyQSpFeuDc5phwFVGMi96IPfd1c2W/cjM57JeDTFGejed0GhtfGNzfC6KBManOJD
1Eo+0RRCEehaQeOrNC5Tlwtcr/jtxKdQ4Ya5JhsrGV4Krapi4M40S5MMoDI3FvJU
5krCVP5fbuetkD33tLj2O8D1fh7SJ5FCXrFYr1wvdEmTU56uPGyCZladCubGOhMx
PXWbs066qHD6M2f9haWYOes0wvRmY2Vkz9KsUdWzXYwzRsH8LTS5zUPvuYMc896e
3jV7dFwmz5EzSNOa6l4VdXGoQRLQOUoVC0c9GOpoYDxz2B7g4gR8m7HwUIJwY/m9
74t/4hQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org