Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91909D7/4A428294E2B111E9BCEA4F53C4F9AE02/6F2D0C68E2B211E9B2944855C4F9AE02.roa
File: 6F2D0C68E2B211E9B2944855C4F9AE02.roa (raw, json)
Hash identifier: xQBNm5bw0wFw+DNb7rdiIXJoxV8+ROcmNpkZt2EtI30=
Subject key identifier: 66:27:BC:8C:8A:87:65:12:03:6E:D6:FC:1A:00:BF:7A:B2:6E:E7:C4
Certificate issuer: /CN=A91909D7/serialNumber=F27B115BF50980BB9D84FC5CDD2C3B5AED8DEA5C
Certificate serial: 0B89
Authority key identifier: F2:7B:11:5B:F5:09:80:BB:9D:84:FC:5C:DD:2C:3B:5A:ED:8D:EA:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8nsRW_UJgLudhPxc3Sw7Wu2N6lw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91909D7/4A428294E2B111E9BCEA4F53C4F9AE02/6F2D0C68E2B211E9B2944855C4F9AE02.roa
Signing time: Wed 31 May 2023 20:10:10 +0000
ROA not before: Wed 31 May 2023 20:10:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138417
IP address blocks: 103.113.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 06:31:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2953 (0xb89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91909D7/serialNumber=F27B115BF50980BB9D84FC5CDD2C3B5AED8DEA5C
Validity
Not Before: May 31 20:10:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6477a9a2-5916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:c0:ea:c4:bc:3b:53:e2:9a:55:d0:ac:69:fc:
e6:87:63:f7:a3:d7:6d:39:37:4e:e2:a4:68:fa:57:
e2:69:21:9e:71:84:09:03:20:9c:ed:d8:f5:8d:28:
31:63:7f:d8:88:f8:ef:d3:f1:24:6c:84:e7:58:25:
e1:d9:b0:a1:b0:46:72:ed:10:91:6c:d8:e3:74:22:
c1:8e:b3:2b:49:0d:f6:75:11:c5:45:a3:57:4b:c9:
eb:80:28:58:d9:b9:b0:97:af:1f:be:ed:4d:39:1e:
30:64:4b:12:2c:52:af:4a:ed:bc:4b:bf:f0:85:e8:
e0:dd:8c:e0:3d:f7:df:ed:6f:7c:0f:48:8e:b0:33:
39:ac:d2:6e:b1:05:1a:bf:0c:b5:52:a7:45:d0:4c:
b3:b8:b9:16:fa:2b:cf:9c:e6:a4:a4:4a:2d:62:0a:
87:cd:43:8c:00:89:10:90:f8:1c:80:6a:0d:cf:a5:
b7:94:62:e7:c7:15:13:21:86:18:77:95:a6:8c:19:
40:43:4a:e7:83:df:eb:8c:e5:32:0b:2e:92:ef:5c:
fa:a5:07:b5:f7:27:59:c3:87:41:b3:12:bd:87:6b:
d5:12:47:cb:84:8f:40:a0:0d:45:fe:47:bd:61:ea:
ab:94:bc:c8:bc:69:ae:45:e3:3a:66:0c:41:9c:91:
1c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:27:BC:8C:8A:87:65:12:03:6E:D6:FC:1A:00:BF:7A:B2:6E:E7:C4
X509v3 Authority Key Identifier:
keyid:F2:7B:11:5B:F5:09:80:BB:9D:84:FC:5C:DD:2C:3B:5A:ED:8D:EA:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91909D7/4A428294E2B111E9BCEA4F53C4F9AE02/8nsRW_UJgLudhPxc3Sw7Wu2N6lw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8nsRW_UJgLudhPxc3Sw7Wu2N6lw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91909D7/4A428294E2B111E9BCEA4F53C4F9AE02/6F2D0C68E2B211E9B2944855C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.113.109.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:5f:d1:c2:78:8b:25:f8:3b:5c:b6:16:a3:4f:ef:9d:4f:17:
5a:43:84:16:69:d3:18:8a:a8:ff:05:48:98:58:2f:d0:bd:7a:
95:78:cf:b8:a6:e3:ed:c0:43:e0:41:4f:f7:d6:e9:90:5b:c4:
f1:8f:f6:d1:9d:2a:90:b6:84:e7:a1:2d:31:15:da:f3:0d:9f:
73:ce:bd:9d:aa:db:db:d1:3a:5f:a9:77:ac:69:ae:99:b8:e1:
62:8a:20:97:8a:68:89:33:d8:dc:6e:17:8b:fa:2f:00:78:3a:
5b:b6:64:8f:a8:13:30:76:73:9a:66:c5:2d:3a:71:b0:58:71:
c1:39:00:5e:8f:f3:fa:8e:9a:00:19:90:c0:cc:7e:54:0f:9a:
98:8e:71:f8:c8:62:c6:e3:4e:ea:c7:d9:4f:bf:5e:6e:28:b5:
de:8c:f1:80:4a:bf:04:5e:32:1f:42:bf:37:ad:e3:69:a0:d1:
2d:79:57:ec:0c:f6:81:8b:e7:c1:b7:40:ea:5f:9b:dc:8d:b1:
92:0e:1d:01:e1:c0:39:14:76:e3:01:ad:1b:f0:0d:07:37:91:
8a:90:bb:6e:9a:13:30:69:78:76:0c:76:a6:04:46:53:72:f4:
23:25:66:b8:b1:8c:89:ad:72:94:67:37:d8:71:b5:02:73:5a:
e4:00:68:2d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC4kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTA5RDcxMTAvBgNVBAUTKEYyN0IxMTVCRjUwOTgwQkI5RDg0RkM1Q0REMkMzQjVB
RUQ4REVBNUMwHhcNMjMwNTMxMjAxMDEwWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc3YTlhMi01OTE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA68DqxLw7U+KaVdCsafzmh2P3o9dtOTdO4qRo+lfiaSGecYQJAyCc7dj1jSgx
Y3/YiPjv0/EkbITnWCXh2bChsEZy7RCRbNjjdCLBjrMrSQ32dRHFRaNXS8nrgChY
2bmwl68fvu1NOR4wZEsSLFKvSu28S7/whejg3YzgPfff7W98D0iOsDM5rNJusQUa
vwy1UqdF0EyzuLkW+ivPnOakpEotYgqHzUOMAIkQkPgcgGoNz6W3lGLnxxUTIYYY
d5WmjBlAQ0rng9/rjOUyCy6S71z6pQe19ydZw4dBsxK9h2vVEkfLhI9AoA1F/ke9
YeqrlLzIvGmuReM6ZgxBnJEczwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGYnvIyK
h2USA27W/BoAv3qybufEMB8GA1UdIwQYMBaAFPJ7EVv1CYC7nYT8XN0sO1rtjepc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MDlENy80QTQyODI5NEUy
QjExMUU5QkNFQTRGNTNDNEY5QUUwMi84bnNSV19VSmdMdWRoUHhjM1N3N1d1Mk42
bHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhuc1JXX1VKZ0x1ZGhQeGMzU3c3V3UyTjZsdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTA5RDcvNEE0MjgyOTRFMkIxMTFFOUJDRUE0RjUzQzRGOUFFMDIvNkYyRDBDNjhF
MkIyMTFFOUIyOTQ0ODU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABncW0wDQYJKoZIhvcNAQELBQADggEBAMJf0cJ4iyX4O1y2
FqNP751PF1pDhBZp0xiKqP8FSJhYL9C9epV4z7im4+3AQ+BBT/fW6ZBbxPGP9tGd
KpC2hOehLTEV2vMNn3POvZ2q29vROl+pd6xprpm44WKKIJeKaIkz2NxuF4v6LwB4
Olu2ZI+oEzB2c5pmxS06cbBYccE5AF6P8/qOmgAZkMDMflQPmpiOcfjIYsbjTurH
2U+/Xm4otd6M8YBKvwReMh9Cvzet42mg0S15V+wM9oGL58G3QOpfm9yNsZIOHQHh
wDkUduMBrRvwDQc3kYqQu26aEzBpeHYMdqYERlNy9CMlZrixjImtcpRnN9hxtQJz
WuQAaC0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org