Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EFAFF/D0611F04CC4411ED9A71E10CC4F9AE02/525B22D6B7F711EEB4B7F57FC4F9AE02.roa
File: 525B22D6B7F711EEB4B7F57FC4F9AE02.roa (raw, json)
Hash identifier: lB/X+ckFpYIbH2I8A9ity61ChyhDThxBpZ8rtOBQzuc=
Subject key identifier: BF:7B:B4:E5:42:DF:C1:89:FB:03:D7:04:2E:EA:D3:1F:C6:8F:30:61
Certificate issuer: /CN=A91EFAFF/serialNumber=51D531AEF7A087C18E301E0E6A2C6371B264C3E8
Certificate serial: F4
Authority key identifier: 51:D5:31:AE:F7:A0:87:C1:8E:30:1E:0E:6A:2C:63:71:B2:64:C3:E8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UdUxrvegh8GOMB4OaixjcbJkw-g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EFAFF/D0611F04CC4411ED9A71E10CC4F9AE02/525B22D6B7F711EEB4B7F57FC4F9AE02.roa
Signing time: Wed 01 May 2024 06:39:49 +0000
ROA not before: Wed 01 May 2024 06:39:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151048
IP address blocks: 103.121.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 20:45:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 244 (0xf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EFAFF/serialNumber=51D531AEF7A087C18E301E0E6A2C6371B264C3E8
Validity
Not Before: May 1 06:39:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6631e3b5-6cd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:26:5f:39:07:33:cf:23:2d:f7:41:f9:26:6c:
cb:7d:0c:4b:bd:03:f1:3f:e1:18:5f:c8:91:aa:22:
39:14:2e:0f:31:47:94:75:ac:03:b8:e8:76:1a:01:
fe:12:3a:77:4b:71:e3:5c:d8:6f:5a:99:a6:e6:81:
95:0b:9b:28:44:4f:14:77:4a:13:62:85:16:c8:de:
93:45:11:f5:28:62:28:66:31:dc:01:7a:34:9d:bc:
25:95:84:9b:29:36:6a:a4:31:48:c4:02:30:b3:cf:
cf:32:79:72:7d:64:7a:7f:68:53:45:d2:2a:de:65:
84:c1:e9:30:25:af:bf:82:27:fb:cd:a0:cc:01:b5:
0b:a3:35:7f:c4:a6:92:31:a1:f5:97:e3:85:dd:7f:
63:b4:51:0c:91:70:25:b0:39:e1:13:db:5f:be:fe:
ea:38:32:91:f2:8c:aa:36:e8:80:d2:bd:a9:6b:1f:
5c:be:44:1f:5c:87:6a:3c:78:ec:fb:df:ce:5b:70:
a4:5c:24:d7:78:43:50:45:2b:8c:ee:9d:75:8e:25:
e3:ac:8a:97:fa:55:81:74:cb:29:66:e0:b0:81:63:
53:28:b7:cf:9f:0d:35:be:3b:ab:39:63:b7:fc:08:
a0:ca:4b:3f:94:74:4f:2e:85:8e:ae:59:96:45:e2:
a8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:7B:B4:E5:42:DF:C1:89:FB:03:D7:04:2E:EA:D3:1F:C6:8F:30:61
X509v3 Authority Key Identifier:
keyid:51:D5:31:AE:F7:A0:87:C1:8E:30:1E:0E:6A:2C:63:71:B2:64:C3:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EFAFF/D0611F04CC4411ED9A71E10CC4F9AE02/UdUxrvegh8GOMB4OaixjcbJkw-g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UdUxrvegh8GOMB4OaixjcbJkw-g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EFAFF/D0611F04CC4411ED9A71E10CC4F9AE02/525B22D6B7F711EEB4B7F57FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.6.0/24
Signature Algorithm: sha256WithRSAEncryption
02:2e:15:72:c9:e1:08:99:3f:ad:39:a5:8d:7b:25:7c:de:1d:
64:42:a4:ec:54:cc:c9:99:8a:56:e1:e4:d0:0d:35:c6:5f:b1:
87:4d:4b:a7:5d:6a:38:29:59:4a:0f:81:1f:ba:62:0f:5c:bb:
d3:ea:11:0e:55:16:7a:4d:86:65:24:fa:24:9a:df:bd:7f:0c:
d8:54:c4:c1:41:73:0c:af:37:af:95:53:39:69:64:fd:b6:dd:
9a:8b:5a:26:12:dc:09:5a:56:eb:df:6a:9a:d1:d3:ef:b1:ef:
21:85:88:20:01:b4:0d:79:86:0f:9d:cf:d9:2b:cd:3f:d8:d3:
4b:aa:8a:eb:d3:39:f5:95:21:6f:c5:0e:90:35:ed:6c:98:7d:
16:07:ad:27:1c:09:33:d1:05:ce:11:e9:32:96:9b:4a:ff:6c:
5f:c1:35:ed:e7:bb:12:23:da:b4:61:88:7e:7a:ad:a5:95:96:
a8:40:f6:08:4a:9a:6d:9c:d1:d2:73:8b:33:a7:cf:7f:7b:7f:
e9:45:d9:51:b5:f0:88:4b:0f:65:e2:d6:31:14:b9:b0:13:ea:
9e:94:71:31:51:26:79:53:da:92:05:b0:90:5e:f3:df:fd:37:
aa:5f:7f:4f:04:a3:cb:36:f5:a1:a5:00:59:29:71:93:26:b9:
ee:07:a5:3a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAPQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUZBRkYxMTAvBgNVBAUTKDUxRDUzMUFFRjdBMDg3QzE4RTMwMUUwRTZBMkM2Mzcx
QjI2NEMzRTgwHhcNMjQwNTAxMDYzOTQ5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMxZTNiNS02Y2Q0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnSZfOQczzyMt90H5JmzLfQxLvQPxP+EYX8iRqiI5FC4PMUeUdawDuOh2GgH+
Ejp3S3HjXNhvWpmm5oGVC5soRE8Ud0oTYoUWyN6TRRH1KGIoZjHcAXo0nbwllYSb
KTZqpDFIxAIws8/PMnlyfWR6f2hTRdIq3mWEwekwJa+/gif7zaDMAbULozV/xKaS
MaH1l+OF3X9jtFEMkXAlsDnhE9tfvv7qODKR8oyqNuiA0r2pax9cvkQfXIdqPHjs
+9/OW3CkXCTXeENQRSuM7p11jiXjrIqX+lWBdMspZuCwgWNTKLfPnw01vjurOWO3
/Aigyks/lHRPLoWOrlmWReKooQIDAQABo4IClTCCApEwHQYDVR0OBBYEFL97tOVC
38GJ+wPXBC7q0x/GjzBhMB8GA1UdIwQYMBaAFFHVMa73oIfBjjAeDmosY3GyZMPo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRkFGRi9EMDYxMUYwNEND
NDQxMUVEOUE3MUUxMENDNEY5QUUwMi9VZFV4cnZlZ2g4R09NQjRPYWl4amNiSmt3
LWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VkVXhydmVnaDhHT01CNE9haXhqY2JKa3ctZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUZBRkYvRDA2MTFGMDRDQzQ0MTFFRDlBNzFFMTBDQzRGOUFFMDIvNTI1QjIyRDZC
N0Y3MTFFRUI0QjdGNTdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABneQYwDQYJKoZIhvcNAQELBQADggEBAAIuFXLJ4QiZP605
pY17JXzeHWRCpOxUzMmZilbh5NANNcZfsYdNS6ddajgpWUoPgR+6Yg9cu9PqEQ5V
FnpNhmUk+iSa371/DNhUxMFBcwyvN6+VUzlpZP223ZqLWiYS3AlaVuvfaprR0++x
7yGFiCABtA15hg+dz9krzT/Y00uqiuvTOfWVIW/FDpA17WyYfRYHrSccCTPRBc4R
6TKWm0r/bF/BNe3nuxIj2rRhiH56raWVlqhA9ghKmm2c0dJzizOnz397f+lF2VG1
8IhLD2Xi1jEUubAT6p6UcTFRJnlT2pIFsJBe89/9N6pff08Eo8s29aGlAFkpcZMm
ue4HpTo=
-----END CERTIFICATE-----
Generated at Mon Sep 30 23:03:38 2024 by rpki-client on console-ams.rpki-client.org