Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/DF7003E6E9EC11EDA528C77FC4F9AE02.roa
File: DF7003E6E9EC11EDA528C77FC4F9AE02.roa (raw, json)
Hash identifier: Eb5lUe2suHJn01h09sSSz5zOoeWa6kdcxvW0Z2eP3oY=
Subject key identifier: 4F:33:EE:56:D1:CC:E5:56:0B:82:65:CC:7F:03:C2:6F:DD:C4:94:15
Certificate issuer: /CN=A91BB493/serialNumber=9A3FE54122A5096D3EDD88060ED4D9183CBE1867
Certificate serial: 098D
Authority key identifier: 9A:3F:E5:41:22:A5:09:6D:3E:DD:88:06:0E:D4:D9:18:3C:BE:18:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mj_lQSKlCW0-3YgGDtTZGDy-GGc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/DF7003E6E9EC11EDA528C77FC4F9AE02.roa
Signing time: Tue 26 Mar 2024 21:10:16 +0000
ROA not before: Tue 26 Mar 2024 21:10:16 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 150416
IP address blocks: 203.131.253.160/28 maxlen: 28
Validation: Failed, certificate revoked on Fri 17 May 2024 20:18:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2445 (0x98d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BB493/serialNumber=9A3FE54122A5096D3EDD88060ED4D9183CBE1867
Validity
Not Before: Mar 26 21:10:16 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=660339b8-112d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c9:4a:e2:ee:dc:44:60:84:4d:b2:c1:37:01:
a1:ac:19:00:a8:8c:5f:78:c4:a5:0e:dd:97:44:24:
4a:e6:c8:5d:26:7d:a1:8b:ab:30:bd:4a:f1:7f:8d:
7a:84:93:08:c8:1e:2f:5d:9f:d6:81:cc:f2:ee:e4:
83:61:b8:55:49:ec:5c:fc:9d:c3:56:e8:6e:1b:0b:
34:88:38:11:db:06:a8:c9:25:84:31:b7:78:28:08:
0a:c8:44:10:13:10:31:2e:90:88:f7:c6:f0:cd:3b:
e2:a6:f5:13:25:61:ad:2a:f5:2b:4e:af:42:09:a9:
6b:5e:8a:62:8d:09:7c:5f:e6:b5:71:cd:b3:79:51:
29:d7:14:fe:7d:e5:15:bd:e7:37:ab:a5:5b:ea:90:
86:99:28:b1:fc:4b:30:22:1b:d8:fc:13:72:5d:ca:
51:8b:b8:60:08:7d:94:c5:17:b2:8f:76:a1:dc:61:
89:0a:1a:c3:03:4f:da:f3:17:a4:3a:6b:cc:97:64:
b8:b3:5f:d6:81:1a:4b:d2:7c:f3:5a:67:76:e4:47:
d4:48:24:17:ad:e0:60:3a:ad:4d:bd:4c:36:f8:fa:
cc:d6:96:76:94:72:dd:e7:0b:52:66:37:1e:0d:f9:
dd:f0:f5:a9:97:98:10:0a:f4:0f:cd:80:de:04:3e:
5c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:33:EE:56:D1:CC:E5:56:0B:82:65:CC:7F:03:C2:6F:DD:C4:94:15
X509v3 Authority Key Identifier:
keyid:9A:3F:E5:41:22:A5:09:6D:3E:DD:88:06:0E:D4:D9:18:3C:BE:18:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/mj_lQSKlCW0-3YgGDtTZGDy-GGc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mj_lQSKlCW0-3YgGDtTZGDy-GGc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/DF7003E6E9EC11EDA528C77FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.131.253.160/28
Signature Algorithm: sha256WithRSAEncryption
66:03:f1:2b:56:89:86:a4:02:8e:51:19:f8:dc:88:ce:bf:64:
02:cd:89:65:e4:15:e7:d5:1c:10:d0:f1:3b:c2:8a:a4:b4:c3:
80:0d:0f:c5:df:af:41:03:92:9e:6d:d8:8c:ab:c1:5c:54:7b:
5d:52:14:29:59:0f:66:f2:23:c9:ab:0f:76:5e:d3:c2:68:36:
52:47:f2:ff:c7:ae:ca:c0:55:1b:48:60:c2:b2:d7:de:85:3c:
fb:b8:90:b2:2e:8b:a1:3e:8a:06:a9:48:b1:8b:56:f0:13:60:
e5:69:8f:7e:fe:d4:a6:b4:da:b3:4f:1f:1a:67:c9:8e:03:8c:
f1:a2:75:b2:d4:81:6f:df:3e:82:d5:c1:ca:44:80:6f:53:a3:
9f:ee:95:0a:f8:c3:d2:5c:6c:c9:61:2a:6a:26:61:bd:5b:c8:
b9:16:d0:25:a2:fd:1d:f3:fa:8b:d7:4b:00:38:17:69:1e:8c:
ba:56:39:a5:1f:5a:d8:01:c1:6b:16:8c:6d:75:51:15:15:78:
c5:0c:60:25:7b:05:50:6c:b5:e5:e8:06:08:6d:fe:80:51:d3:
01:62:b1:44:59:98:de:e1:b6:3a:ca:cd:5c:87:c2:c9:5d:be:
ab:bc:86:61:1a:f4:8b:82:b6:cf:71:f9:8c:a3:7c:b9:36:c4:
84:35:1e:dc
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICCY0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkI0OTMxMTAvBgNVBAUTKDlBM0ZFNTQxMjJBNTA5NkQzRUREODgwNjBFRDREOTE4
M0NCRTE4NjcwHhcNMjQwMzI2MjExMDE2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjAzMzliOC0xMTJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmMlK4u7cRGCETbLBNwGhrBkAqIxfeMSlDt2XRCRK5shdJn2hi6swvUrxf416
hJMIyB4vXZ/Wgczy7uSDYbhVSexc/J3DVuhuGws0iDgR2waoySWEMbd4KAgKyEQQ
ExAxLpCI98bwzTvipvUTJWGtKvUrTq9CCalrXopijQl8X+a1cc2zeVEp1xT+feUV
vec3q6Vb6pCGmSix/EswIhvY/BNyXcpRi7hgCH2UxReyj3ah3GGJChrDA0/a8xek
OmvMl2S4s1/WgRpL0nzzWmd25EfUSCQXreBgOq1NvUw2+PrM1pZ2lHLd5wtSZjce
Dfnd8PWpl5gQCvQPzYDeBD5cSQIDAQABo4ICljCCApIwHQYDVR0OBBYEFE8z7lbR
zOVWC4JlzH8Dwm/dxJQVMB8GA1UdIwQYMBaAFJo/5UEipQltPt2IBg7U2Rg8vhhn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjQ5My81RkNBQjY3MjY4
RjMxMUVBODMyRERCMzdDNEY5QUUwMi9tal9sUVNLbENXMC0zWWdHRHRUWkdEeS1H
R2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21qX2xRU0tsQ1cwLTNZZ0dEdFRaR0R5LUdHYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkI0OTMvNUZDQUI2NzI2OEYzMTFFQTgzMkREQjM3QzRGOUFFMDIvREY3MDAzRTZF
OUVDMTFFREE1MjhDNzdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgABMAcDBQTLg/2gMA0GCSqGSIb3DQEBCwUAA4IBAQBmA/ErVomGpAKO
URn43IjOv2QCzYll5BXn1RwQ0PE7woqktMOADQ/F369BA5KebdiMq8FcVHtdUhQp
WQ9m8iPJqw92XtPCaDZSR/L/x67KwFUbSGDCstfehTz7uJCyLouhPooGqUixi1bw
E2DlaY9+/tSmtNqzTx8aZ8mOA4zxonWy1IFv3z6C1cHKRIBvU6Of7pUK+MPSXGzJ
YSpqJmG9W8i5FtAlov0d8/qL10sAOBdpHoy6VjmlH1rYAcFrFoxtdVEVFXjFDGAl
ewVQbLXl6AYIbf6AUdMBYrFEWZje4bY6ys1ch8LJXb6rvIZhGvSLgrbPcfmMo3y5
NsSENR7c
-----END CERTIFICATE-----
Generated at Fri May 17 21:15:30 2024 by rpki-client on console-ams.rpki-client.org