Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EFAFF/D0611F04CC4411ED9A71E10CC4F9AE02/4F9049E6152C11EE85ED4B1DC4F9AE02.roa
File: 4F9049E6152C11EE85ED4B1DC4F9AE02.roa (raw, json)
Hash identifier: fnHiwjQ5MTduogoQiXGyrN22ud92tFEbd9QlWDV57iY=
Subject key identifier: 52:CD:79:A2:76:50:86:0C:2F:A5:03:AC:47:DD:02:D3:10:02:54:7E
Certificate issuer: /CN=A91EFAFF/serialNumber=51D531AEF7A087C18E301E0E6A2C6371B264C3E8
Certificate serial: 3A
Authority key identifier: 51:D5:31:AE:F7:A0:87:C1:8E:30:1E:0E:6A:2C:63:71:B2:64:C3:E8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UdUxrvegh8GOMB4OaixjcbJkw-g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EFAFF/D0611F04CC4411ED9A71E10CC4F9AE02/4F9049E6152C11EE85ED4B1DC4F9AE02.roa
Signing time: Wed 05 Jul 2023 20:33:03 +0000
ROA not before: Wed 05 Jul 2023 20:33:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150683
IP address blocks: 103.121.6.0/24 maxlen: 24
103.121.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Aug 2023 15:54:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58 (0x3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EFAFF/serialNumber=51D531AEF7A087C18E301E0E6A2C6371B264C3E8
Validity
Not Before: Jul 5 20:33:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64a5d37f-6788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:94:fb:79:b1:eb:fc:ac:b2:96:d4:f4:98:24:
bc:3e:35:de:39:d8:25:ef:77:d8:08:1e:53:de:e7:
41:d5:c8:d2:d4:d4:b9:c7:5c:e7:ef:f8:01:8d:0f:
f2:ee:6d:78:3b:ea:2f:5a:96:77:23:bf:04:2e:5b:
c5:25:0f:ae:19:0f:01:fc:a8:e8:7b:cd:e2:b0:c9:
55:4c:51:64:41:b3:48:53:0c:c3:fb:76:3c:06:ce:
41:65:ee:e7:d8:51:7f:61:e2:90:14:a3:20:d4:df:
33:ae:f1:2b:02:b1:72:c4:74:fe:46:f2:fc:53:fb:
51:9d:75:fb:ca:0b:e8:87:ae:8e:81:2a:93:63:7a:
f6:29:56:ed:b1:1e:d0:37:7e:44:5d:b2:87:19:3d:
17:3b:49:e1:b3:12:75:d1:2a:a5:93:d6:b0:19:df:
c1:2f:57:61:6d:df:2e:01:a7:14:8c:46:10:4d:c6:
7b:88:8b:2c:5c:a8:ad:0c:16:34:76:52:e1:cc:21:
14:fd:84:7e:5f:b5:c3:04:f4:88:7f:b2:45:c5:8f:
c9:0d:3c:c2:56:37:67:73:1c:4c:af:fc:bc:a5:35:
bb:ea:28:be:4c:d1:d0:a8:23:60:c3:fd:60:95:3f:
91:68:84:3e:a7:a5:12:29:ae:b5:41:09:8a:e8:10:
81:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:CD:79:A2:76:50:86:0C:2F:A5:03:AC:47:DD:02:D3:10:02:54:7E
X509v3 Authority Key Identifier:
keyid:51:D5:31:AE:F7:A0:87:C1:8E:30:1E:0E:6A:2C:63:71:B2:64:C3:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EFAFF/D0611F04CC4411ED9A71E10CC4F9AE02/UdUxrvegh8GOMB4OaixjcbJkw-g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UdUxrvegh8GOMB4OaixjcbJkw-g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EFAFF/D0611F04CC4411ED9A71E10CC4F9AE02/4F9049E6152C11EE85ED4B1DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.6.0/23
Signature Algorithm: sha256WithRSAEncryption
49:05:53:2b:29:01:3d:a0:d1:04:ac:cc:d7:57:c1:62:69:7b:
39:02:8a:5b:03:ff:c5:a7:d3:b9:8d:28:bf:e1:37:08:6b:0b:
62:ee:20:8f:2f:4c:14:ce:16:1f:2d:4d:d6:31:01:3b:10:48:
3d:02:4e:cb:f7:4d:9e:f4:b8:e6:bb:3c:dc:f0:4e:2f:9d:9d:
c2:e6:72:d0:4c:d1:79:67:52:01:33:d4:81:e5:32:d9:04:7b:
b4:a5:2d:d3:1e:00:13:ba:09:58:ce:14:45:39:59:c1:73:68:
4f:e9:18:2b:3b:20:cd:aa:d9:ee:7b:0d:3f:52:e7:25:69:ff:
07:fb:11:14:b9:aa:7c:7a:12:d6:d2:76:14:a7:c8:98:65:f5:
66:0e:da:8f:39:71:a3:0e:1b:34:17:43:3d:04:a6:7a:9c:87:
11:39:51:ab:17:7a:23:60:9c:40:aa:48:e5:fb:a0:e7:a5:16:
75:18:f9:bc:0d:88:d5:d8:79:ae:fd:5d:74:d3:c4:f7:2b:6a:
87:c9:b4:f5:2e:bd:91:10:1a:45:aa:f7:23:65:68:f4:14:83:
2b:f6:85:d0:17:2a:b5:2d:ef:87:59:e7:61:5c:a0:ee:55:1e:
bd:93:b5:0c:ca:00:fe:bb:7e:6f:87:86:55:d8:77:ec:4c:c8:
9b:35:e7:87
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBOjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RkFGRjExMC8GA1UEBRMoNTFENTMxQUVGN0EwODdDMThFMzAxRTBFNkEyQzYzNzFC
MjY0QzNFODAeFw0yMzA3MDUyMDMzMDNaFw0yNDA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0YTVkMzdmLTY3ODgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDElPt5sev8rLKW1PSYJLw+Nd452CXvd9gIHlPe50HVyNLU1LnHXOfv+AGND/Lu
bXg76i9alncjvwQuW8UlD64ZDwH8qOh7zeKwyVVMUWRBs0hTDMP7djwGzkFl7ufY
UX9h4pAUoyDU3zOu8SsCsXLEdP5G8vxT+1GddfvKC+iHro6BKpNjevYpVu2xHtA3
fkRdsocZPRc7SeGzEnXRKqWT1rAZ38EvV2Ft3y4BpxSMRhBNxnuIiyxcqK0MFjR2
UuHMIRT9hH5ftcME9Ih/skXFj8kNPMJWN2dzHEyv/LylNbvqKL5M0dCoI2DD/WCV
P5FohD6npRIprrVBCYroEIHHAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUUs15onZQ
hgwvpQOsR90C0xACVH4wHwYDVR0jBBgwFoAUUdUxrvegh8GOMB4OaixjcbJkw+gw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVGQUZGL0QwNjExRjA0Q0M0
NDExRUQ5QTcxRTEwQ0M0RjlBRTAyL1VkVXhydmVnaDhHT01CNE9haXhqY2JKa3ct
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVWRVeHJ2ZWdoOEdPTUI0T2FpeGpjYkprdy1nLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RkFGRi9EMDYxMUYwNENDNDQxMUVEOUE3MUUxMENDNEY5QUUwMi80RjkwNDlFNjE1
MkMxMUVFODVFRDRCMURDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWd5BjANBgkqhkiG9w0BAQsFAAOCAQEASQVTKykBPaDRBKzM
11fBYml7OQKKWwP/xafTuY0ov+E3CGsLYu4gjy9MFM4WHy1N1jEBOxBIPQJOy/dN
nvS45rs83PBOL52dwuZy0EzReWdSATPUgeUy2QR7tKUt0x4AE7oJWM4URTlZwXNo
T+kYKzsgzarZ7nsNP1LnJWn/B/sRFLmqfHoS1tJ2FKfImGX1Zg7ajzlxow4bNBdD
PQSmepyHETlRqxd6I2CcQKpI5fug56UWdRj5vA2I1dh5rv1ddNPE9ytqh8m09S69
kRAaRar3I2Vo9BSDK/aF0BcqtS3vh1nnYVyg7lUevZO1DMoA/rt+b4eGVdh37EzI
mzXnhw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org