Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/F6B11C187F9F11EEB27F2334C4F9AE02.roa
File: F6B11C187F9F11EEB27F2334C4F9AE02.roa (raw, json)
Hash identifier: NQLwPtFxhqd3RGz0OCInGwZrVVpWk/xaDHPpomhqTns=
Subject key identifier: 30:85:AA:D0:73:53:54:D5:1E:0F:28:A5:67:41:F5:0A:8D:0C:A0:9B
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 341F
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/F6B11C187F9F11EEB27F2334C4F9AE02.roa
Signing time: Fri 10 Nov 2023 08:05:51 +0000
ROA not before: Fri 10 Nov 2023 08:05:51 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 141212
IP address blocks: 116.90.100.0/24 maxlen: 24
116.90.105.0/24 maxlen: 24
116.90.115.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13343 (0x341f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Nov 10 08:05:51 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=654de45f-479b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2f:2d:39:3f:cb:b7:68:18:c2:70:84:01:98:
6b:cd:24:4b:06:1e:ae:21:32:91:87:d4:42:ac:a9:
e0:fb:5a:7e:30:e5:70:c4:99:76:ca:72:ae:8b:19:
d0:ed:91:bf:63:ba:b7:35:79:b3:58:0f:0e:43:95:
89:a4:a4:36:91:d4:5d:83:cc:14:23:ef:14:22:23:
f5:af:61:c5:d9:a8:a4:5f:7c:5a:c2:13:0c:fe:81:
45:d4:7e:c3:1d:3a:ec:55:dc:a2:34:8e:e5:04:4d:
07:b6:8f:86:f7:c7:95:f1:9a:75:89:21:73:84:f2:
fb:49:bf:38:c2:5a:47:10:1a:f3:7d:6c:7a:e0:ca:
51:40:7f:0a:40:5d:c5:bd:4f:d7:f2:0e:59:94:b3:
14:43:6f:3c:5d:49:cf:58:a2:12:5f:40:7c:47:ed:
54:37:e6:4b:3e:dd:41:b9:f5:7a:74:c1:cd:c7:89:
3c:3f:14:d8:62:02:81:d4:53:8d:58:02:16:32:2d:
32:af:68:f2:4a:29:6c:c7:7d:1b:fb:3c:58:58:a8:
4b:3d:ef:1a:97:41:be:65:25:f5:d6:37:fc:6e:fa:
1e:c5:a7:0d:96:60:e4:a1:b2:71:f3:94:90:78:5d:
07:46:40:97:c7:a6:f6:07:21:98:68:39:a1:32:b3:
1d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:85:AA:D0:73:53:54:D5:1E:0F:28:A5:67:41:F5:0A:8D:0C:A0:9B
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/F6B11C187F9F11EEB27F2334C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.90.100.0/24
116.90.105.0/24
116.90.115.0/24
Signature Algorithm: sha256WithRSAEncryption
59:c7:c8:84:f3:37:7c:c5:79:ad:18:e7:60:76:c1:9e:74:c7:
01:f6:f9:18:08:e7:d5:05:85:3e:7a:2e:87:c5:6b:f1:1f:ee:
8a:7e:0e:c9:56:ac:59:b6:cc:c9:94:4e:17:e2:8e:6b:f8:97:
03:5d:01:f0:c2:9d:d9:1f:6b:20:4e:0f:87:cb:1c:07:fa:c0:
2a:f6:4e:d5:20:08:a2:7b:c0:68:2b:85:df:a2:4f:4c:8b:86:
1e:c4:04:67:c7:83:03:a6:8f:cc:97:e2:28:68:a4:3d:ef:20:
d0:a4:54:53:dc:4e:40:0c:c4:86:c9:7b:62:bf:50:9f:56:9f:
56:b7:97:40:02:3b:f7:ea:a2:db:65:8d:0f:53:41:3c:0c:18:
87:a0:b6:d0:ef:0d:ae:76:ec:65:33:57:78:87:eb:7e:f5:d6:
4e:40:84:5a:0d:96:87:ad:90:ae:2a:b3:70:c5:88:8a:20:9a:
e9:c3:84:3d:79:17:75:46:b6:51:47:dd:21:a8:c0:29:61:84:
9a:c0:78:d4:67:fe:bf:cf:19:52:37:4e:8b:1a:36:94:8d:1f:
4c:48:d2:39:47:a3:63:1b:e4:21:84:ec:23:56:80:9d:b0:d2:
99:fa:68:ea:5a:1b:c7:22:98:f3:ea:5f:09:3f:5e:b4:75:46:
60:86:24:09
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICNB8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjMxMTEwMDgwNTUxWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTRkZTQ1Zi00NzliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsi8tOT/Lt2gYwnCEAZhrzSRLBh6uITKRh9RCrKng+1p+MOVwxJl2ynKuixnQ
7ZG/Y7q3NXmzWA8OQ5WJpKQ2kdRdg8wUI+8UIiP1r2HF2aikX3xawhMM/oFF1H7D
HTrsVdyiNI7lBE0Hto+G98eV8Zp1iSFzhPL7Sb84wlpHEBrzfWx64MpRQH8KQF3F
vU/X8g5ZlLMUQ288XUnPWKISX0B8R+1UN+ZLPt1BufV6dMHNx4k8PxTYYgKB1FON
WAIWMi0yr2jySilsx30b+zxYWKhLPe8al0G+ZSX11jf8bvoexacNlmDkobJx85SQ
eF0HRkCXx6b2ByGYaDmhMrMdPQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFDCFqtBz
U1TVHg8opWdB9QqNDKCbMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvRjZCMTFDMTg3
RjlGMTFFRUIyN0YyMzM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAB0WmQDBAB0WmkDBAB0WnMwDQYJKoZIhvcNAQELBQADggEB
AFnHyITzN3zFea0Y52B2wZ50xwH2+RgI59UFhT56LofFa/Ef7op+DslWrFm2zMmU
Thfijmv4lwNdAfDCndkfayBOD4fLHAf6wCr2TtUgCKJ7wGgrhd+iT0yLhh7EBGfH
gwOmj8yX4ihopD3vINCkVFPcTkAMxIbJe2K/UJ9Wn1a3l0ACO/fqottljQ9TQTwM
GIegttDvDa527GUzV3iH63711k5AhFoNloetkK4qs3DFiIogmunDhD15F3VGtlFH
3SGowClhhJrAeNRn/r/PGVI3TosaNpSNH0xI0jlHo2Mb5CGE7CNWgJ2w0pn6aOpa
G8cimPPqXwk/XrR1RmCGJAk=
-----END CERTIFICATE-----
Generated at Tue Nov 28 08:11:42 2023 by rpki-client on console-ams.rpki-client.org