Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91993A0/A5955E560C4511EF9E7E051DC4F9AE02/9A1A461C0C4B11EFA4D96F6FC4F9AE02.roa
File: 9A1A461C0C4B11EFA4D96F6FC4F9AE02.roa (raw, json)
Hash identifier: 0E9R1OIswhGwbkTs8V2RwNonG5CCYtcKm6NV5dzmd3c=
Subject key identifier: B8:6C:A9:87:27:64:C3:27:2A:6F:CE:AA:78:6E:0F:B0:3D:B9:B6:E0
Certificate issuer: /CN=A91993A0/serialNumber=BCB7CF4430BB98EA04851C340726E588150E139D
Certificate serial: 16
Authority key identifier: BC:B7:CF:44:30:BB:98:EA:04:85:1C:34:07:26:E5:88:15:0E:13:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vLfPRDC7mOoEhRw0BybliBUOE50.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91993A0/A5955E560C4511EF9E7E051DC4F9AE02/9A1A461C0C4B11EFA4D96F6FC4F9AE02.roa
Signing time: Tue 07 May 2024 08:33:16 +0000
ROA not before: Tue 07 May 2024 08:33:16 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 10103
IP address blocks: 118.103.240.0/21 maxlen: 24
202.70.160.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 08:49:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22 (0x16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91993A0/serialNumber=BCB7CF4430BB98EA04851C340726E588150E139D
Validity
Not Before: May 7 08:33:16 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6639e74b-7a3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:58:d5:58:92:71:4b:62:ec:5e:ba:cf:20:b9:
0d:71:ec:ab:7c:ba:23:89:c2:c0:28:13:ee:c4:b3:
72:1d:41:fa:dd:66:6d:fa:37:26:f3:5a:7f:aa:39:
15:24:8b:d5:43:66:65:54:b7:a7:93:40:c4:a7:1b:
cd:8c:7c:d3:4e:33:6c:04:63:ba:7d:cf:f5:27:81:
9e:15:ff:dd:99:69:d3:34:87:a9:e7:5d:dd:2c:6d:
e0:ed:e2:35:be:c3:97:03:28:54:77:c5:65:56:15:
c4:a6:01:83:cf:c7:9b:d5:02:d2:eb:e0:9a:3a:28:
ed:c6:5c:19:e4:38:84:f1:53:d0:f5:39:ba:31:96:
b1:df:5d:fe:a3:6f:6d:1b:f0:10:a5:87:d6:1a:bd:
be:b5:cf:48:5d:ed:94:2f:8b:e3:3e:93:dc:31:f1:
a4:36:7b:7f:5c:ab:ec:df:65:04:7b:5e:86:fa:7e:
e0:bb:09:d2:95:35:40:fa:7a:c9:ef:48:ba:4e:11:
80:20:91:27:88:e8:c2:4b:14:44:16:fe:53:35:10:
63:ef:4f:32:bd:0e:95:83:bc:2c:cb:55:c1:1b:06:
4c:30:39:84:69:aa:06:02:52:3e:b1:16:c9:b2:38:
b6:65:d3:64:17:51:78:5b:d8:ea:c3:cd:04:25:d7:
4b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:6C:A9:87:27:64:C3:27:2A:6F:CE:AA:78:6E:0F:B0:3D:B9:B6:E0
X509v3 Authority Key Identifier:
keyid:BC:B7:CF:44:30:BB:98:EA:04:85:1C:34:07:26:E5:88:15:0E:13:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91993A0/A5955E560C4511EF9E7E051DC4F9AE02/vLfPRDC7mOoEhRw0BybliBUOE50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vLfPRDC7mOoEhRw0BybliBUOE50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91993A0/A5955E560C4511EF9E7E051DC4F9AE02/9A1A461C0C4B11EFA4D96F6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.103.240.0/21
202.70.160.0/20
Signature Algorithm: sha256WithRSAEncryption
43:8e:90:17:e6:f3:d5:94:52:40:65:d0:78:34:98:53:c8:9a:
da:80:e9:7d:4c:57:a7:91:c1:b0:fc:2e:b7:c0:e3:a5:81:9b:
67:56:db:1d:8b:f0:5e:d3:88:ce:05:44:39:c8:09:28:a2:45:
93:fd:49:c6:9f:72:5e:ad:52:a6:d2:12:7f:91:c7:93:02:07:
fa:28:3c:86:37:c0:d7:f6:fb:17:04:86:2b:c9:f8:26:84:d2:
99:f3:cd:88:05:24:d8:82:b9:16:21:3c:55:00:5c:c3:15:d2:
f2:50:4a:93:87:d3:20:01:15:9c:40:14:18:2a:ba:d5:a2:a8:
5a:62:83:72:61:5d:4f:97:59:89:13:96:cf:3f:da:57:df:ab:
48:b4:e1:45:2a:52:03:44:7f:5e:99:7a:96:9b:9a:bb:8d:76:
ae:d0:56:1a:31:e5:18:2a:22:e7:0a:b3:70:02:b5:b8:f6:30:
74:81:88:f6:71:8a:85:43:9c:15:2f:7a:e4:ca:65:72:25:a2:
17:48:ca:bc:af:65:bd:ae:2e:84:04:72:0b:b3:c2:ff:01:1b:
9c:4a:f1:0f:27:46:43:40:0e:02:dc:23:b0:43:79:c5:c6:90:
e9:a7:62:04:c8:ad:4a:81:9e:e4:29:af:87:15:04:6e:c8:79:
cb:14:f8:13
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBFjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
OTNBMDExMC8GA1UEBRMoQkNCN0NGNDQzMEJCOThFQTA0ODUxQzM0MDcyNkU1ODgx
NTBFMTM5RDAeFw0yNDA1MDcwODMzMTZaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MzllNzRiLTdhM2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/WNVYknFLYuxeus8guQ1x7Kt8uiOJwsAoE+7Es3IdQfrdZm36NybzWn+qORUk
i9VDZmVUt6eTQMSnG82MfNNOM2wEY7p9z/UngZ4V/92ZadM0h6nnXd0sbeDt4jW+
w5cDKFR3xWVWFcSmAYPPx5vVAtLr4Jo6KO3GXBnkOITxU9D1OboxlrHfXf6jb20b
8BClh9Yavb61z0hd7ZQvi+M+k9wx8aQ2e39cq+zfZQR7Xob6fuC7CdKVNUD6esnv
SLpOEYAgkSeI6MJLFEQW/lM1EGPvTzK9DpWDvCzLVcEbBkwwOYRpqgYCUj6xFsmy
OLZl02QXUXhb2OrDzQQl10sJAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUuGyphydk
wycqb86qeG4PsD25tuAwHwYDVR0jBBgwFoAUvLfPRDC7mOoEhRw0BybliBUOE50w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk5M0EwL0E1OTU1RTU2MEM0
NTExRUY5RTdFMDUxREM0RjlBRTAyL3ZMZlBSREM3bU9vRWhSdzBCeWJsaUJVT0U1
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdkxmUFJEQzdtT29FaFJ3MEJ5YmxpQlVPRTUwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
OTNBMC9BNTk1NUU1NjBDNDUxMUVGOUU3RTA1MURDNEY5QUUwMi85QTFBNDYxQzBD
NEIxMUVGQTREOTZGNkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEA3Zn8AMEBMpGoDANBgkqhkiG9w0BAQsFAAOCAQEAQ46QF+bz
1ZRSQGXQeDSYU8ia2oDpfUxXp5HBsPwut8DjpYGbZ1bbHYvwXtOIzgVEOcgJKKJF
k/1Jxp9yXq1SptISf5HHkwIH+ig8hjfA1/b7FwSGK8n4JoTSmfPNiAUk2IK5FiE8
VQBcwxXS8lBKk4fTIAEVnEAUGCq61aKoWmKDcmFdT5dZiROWzz/aV9+rSLThRSpS
A0R/Xpl6lpuau412rtBWGjHlGCoi5wqzcAK1uPYwdIGI9nGKhUOcFS965MplciWi
F0jKvK9lva4uhARyC7PC/wEbnErxDydGQ0AOAtwjsEN5xcaQ6adiBMitSoGe5Cmv
hxUEbsh5yxT4Ew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:48 2024 by rpki-client on console-ams.rpki-client.org