Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EFAFF/D0611F04CC4411ED9A71E10CC4F9AE02/F805F68E6D1511EE85F44E4DC4F9AE02.roa
File: F805F68E6D1511EE85F44E4DC4F9AE02.roa (raw, json)
Hash identifier: UtnGKZPqqWYa2RDxy5/L7Xlbu3w5FkW0YOPHBpLqyVw=
Subject key identifier: D1:03:81:E6:1C:A9:1C:F1:76:89:50:D0:6B:18:8D:0C:A7:18:30:D7
Certificate issuer: /CN=A91EFAFF/serialNumber=51D531AEF7A087C18E301E0E6A2C6371B264C3E8
Certificate serial: 7E
Authority key identifier: 51:D5:31:AE:F7:A0:87:C1:8E:30:1E:0E:6A:2C:63:71:B2:64:C3:E8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UdUxrvegh8GOMB4OaixjcbJkw-g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EFAFF/D0611F04CC4411ED9A71E10CC4F9AE02/F805F68E6D1511EE85F44E4DC4F9AE02.roa
Signing time: Tue 17 Oct 2023 17:52:42 +0000
ROA not before: Tue 17 Oct 2023 17:52:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150683
IP address blocks: 103.121.6.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126 (0x7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EFAFF/serialNumber=51D531AEF7A087C18E301E0E6A2C6371B264C3E8
Validity
Not Before: Oct 17 17:52:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=652ec9ea-7b13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:22:04:ec:91:f9:20:7b:bb:4b:66:ea:ff:cb:
32:f8:c7:a6:96:42:36:0e:2c:2d:57:91:75:a6:5f:
cd:69:65:5e:d9:f9:39:ed:39:6b:bf:10:aa:38:2a:
64:69:47:75:20:94:3c:89:c9:56:3e:ae:b8:80:13:
ec:d4:87:01:89:5b:7b:02:07:e6:b1:9b:d3:ad:22:
98:20:32:a7:53:6a:7a:eb:20:e4:3c:08:b2:72:e1:
11:38:60:8b:6f:c2:bd:d6:3f:42:2b:d1:ad:ad:c5:
c5:af:74:19:aa:f3:bf:f7:4e:0c:5e:eb:20:2b:02:
50:a7:20:81:77:6c:33:a5:ff:2d:15:35:e1:8e:b3:
2a:a4:6c:00:1c:07:fb:12:e5:6e:32:a7:77:b1:6d:
de:50:8f:03:34:9f:a6:dc:f8:77:f6:b5:74:b9:4b:
51:cc:db:29:e9:c4:41:4f:bc:b9:3e:a0:fd:5a:43:
d2:c1:58:f5:7b:96:0a:b0:d8:cb:4b:54:d6:a6:97:
43:c7:09:72:2a:8b:64:d6:e3:67:08:ba:f2:03:0e:
b4:90:d4:3b:fa:e6:28:75:1c:fc:9a:df:6d:f0:c1:
dc:5e:ea:cb:0f:4b:99:78:0c:33:6f:36:f9:8d:95:
94:a1:da:45:d8:b7:dc:7b:17:ef:83:59:2c:18:c1:
ad:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:03:81:E6:1C:A9:1C:F1:76:89:50:D0:6B:18:8D:0C:A7:18:30:D7
X509v3 Authority Key Identifier:
keyid:51:D5:31:AE:F7:A0:87:C1:8E:30:1E:0E:6A:2C:63:71:B2:64:C3:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EFAFF/D0611F04CC4411ED9A71E10CC4F9AE02/UdUxrvegh8GOMB4OaixjcbJkw-g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UdUxrvegh8GOMB4OaixjcbJkw-g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EFAFF/D0611F04CC4411ED9A71E10CC4F9AE02/F805F68E6D1511EE85F44E4DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.6.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:e5:00:8f:45:ec:c5:bf:c1:8f:02:0e:71:5f:2b:2a:dd:c8:
7d:82:da:36:c5:f0:f7:c6:74:29:14:a1:e2:ac:e0:6b:82:a6:
36:e0:d3:72:5d:1f:ce:b1:2c:bb:5b:30:44:52:7c:f4:b7:6a:
d7:8f:67:d2:6b:76:1d:12:2f:73:c9:8a:46:3f:1b:08:86:d0:
fa:67:52:9a:a0:82:4e:24:d3:60:c8:cb:a9:ea:86:b0:06:e6:
df:c2:e4:ab:fc:75:e2:ad:b8:df:32:86:51:66:d9:37:75:d1:
79:e2:02:ed:a9:b1:59:e8:f1:0b:82:8c:9b:c1:51:58:53:3a:
75:de:44:f2:2d:57:aa:20:a4:64:58:0c:ff:2f:71:9e:e1:05:
22:db:8d:6e:c0:f9:f8:39:b0:22:57:fb:27:94:8c:54:b9:0a:
cd:dd:6d:5b:16:ec:c5:7e:7a:7f:89:bb:bb:b5:a7:5b:1e:5c:
00:84:e4:c5:af:c8:fa:59:d3:65:31:c2:f6:ef:9a:66:97:46:
76:eb:2d:86:27:45:b1:9a:77:e1:7b:75:02:0b:cd:56:3f:80:
5d:84:02:7f:ce:e9:87:d6:96:b3:14:54:b9:df:12:18:60:37:
ea:37:ca:30:ab:38:81:80:f7:29:64:34:ce:9e:48:7e:8e:d5:
30:6d:78:38
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBfjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RkFGRjExMC8GA1UEBRMoNTFENTMxQUVGN0EwODdDMThFMzAxRTBFNkEyQzYzNzFC
MjY0QzNFODAeFw0yMzEwMTcxNzUyNDJaFw0yNDA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MmVjOWVhLTdiMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2IgTskfkge7tLZur/yzL4x6aWQjYOLC1XkXWmX81pZV7Z+TntOWu/EKo4KmRp
R3UglDyJyVY+rriAE+zUhwGJW3sCB+axm9OtIpggMqdTanrrIOQ8CLJy4RE4YItv
wr3WP0Ir0a2txcWvdBmq87/3Tgxe6yArAlCnIIF3bDOl/y0VNeGOsyqkbAAcB/sS
5W4yp3exbd5QjwM0n6bc+Hf2tXS5S1HM2ynpxEFPvLk+oP1aQ9LBWPV7lgqw2MtL
VNaml0PHCXIqi2TW42cIuvIDDrSQ1Dv65ih1HPya323wwdxe6ssPS5l4DDNvNvmN
lZSh2kXYt9x7F++DWSwYwa1DAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU0QOB5hyp
HPF2iVDQaxiNDKcYMNcwHwYDVR0jBBgwFoAUUdUxrvegh8GOMB4OaixjcbJkw+gw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVGQUZGL0QwNjExRjA0Q0M0
NDExRUQ5QTcxRTEwQ0M0RjlBRTAyL1VkVXhydmVnaDhHT01CNE9haXhqY2JKa3ct
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVWRVeHJ2ZWdoOEdPTUI0T2FpeGpjYkprdy1nLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RkFGRi9EMDYxMUYwNENDNDQxMUVEOUE3MUUxMENDNEY5QUUwMi9GODA1RjY4RTZE
MTUxMUVFODVGNDRFNERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGd5BjANBgkqhkiG9w0BAQsFAAOCAQEADuUAj0Xsxb/BjwIO
cV8rKt3IfYLaNsXw98Z0KRSh4qzga4KmNuDTcl0fzrEsu1swRFJ89Ldq149n0mt2
HRIvc8mKRj8bCIbQ+mdSmqCCTiTTYMjLqeqGsAbm38Lkq/x14q243zKGUWbZN3XR
eeIC7amxWejxC4KMm8FRWFM6dd5E8i1XqiCkZFgM/y9xnuEFItuNbsD5+DmwIlf7
J5SMVLkKzd1tWxbsxX56f4m7u7WnWx5cAITkxa/I+lnTZTHC9u+aZpdGdusthidF
sZp34Xt1AgvNVj+AXYQCf87ph9aWsxRUud8SGGA36jfKMKs4gYD3KWQ0zp5Ifo7V
MG14OA==
-----END CERTIFICATE-----
Generated at Fri Nov 3 17:56:51 2023 by rpki-client on console-ams.rpki-client.org