Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91993A0/A5955E560C4511EF9E7E051DC4F9AE02/F0A7F7C40C4911EFB07D3737C4F9AE02.roa
File: F0A7F7C40C4911EFB07D3737C4F9AE02.roa (raw, json)
Hash identifier: xn8+oL/7phZ4S+nA3XxARiEekZnwHv0ftbMK8uTs16o=
Subject key identifier: 8D:F3:2C:6B:FA:55:56:81:FC:C9:DF:85:9F:DC:C0:AC:EE:2B:83:7E
Certificate issuer: /CN=A91993A0/serialNumber=BCB7CF4430BB98EA04851C340726E588150E139D
Certificate serial: 14
Authority key identifier: BC:B7:CF:44:30:BB:98:EA:04:85:1C:34:07:26:E5:88:15:0E:13:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vLfPRDC7mOoEhRw0BybliBUOE50.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91993A0/A5955E560C4511EF9E7E051DC4F9AE02/F0A7F7C40C4911EFB07D3737C4F9AE02.roa
Signing time: Tue 07 May 2024 08:33:03 +0000
ROA not before: Tue 07 May 2024 08:33:03 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 4635
IP address blocks: 118.103.240.0/21 maxlen: 24
202.70.160.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 08:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20 (0x14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91993A0/serialNumber=BCB7CF4430BB98EA04851C340726E588150E139D
Validity
Not Before: May 7 08:33:03 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6639e73e-cfa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:be:be:f4:51:bf:78:42:0d:51:6e:05:c0:60:
9d:46:a6:5a:9c:8a:c4:9a:3b:57:75:24:0a:84:92:
2f:1c:fd:1a:1a:01:c7:3b:76:4e:73:f3:6f:30:af:
60:05:d2:94:c6:f6:45:c2:7f:6f:c6:1a:27:c7:34:
33:80:38:1d:da:44:e8:99:13:e7:6f:d8:3b:76:db:
21:26:b8:23:20:3a:5d:90:98:a5:20:ab:0e:13:c7:
c6:ee:c4:29:8f:a8:36:7a:c2:01:e0:aa:4b:a4:28:
b9:fc:2f:78:95:1e:cf:18:a1:0b:4b:aa:fe:d0:df:
82:1c:c6:e2:d7:9d:94:0b:5b:94:ee:7c:b5:fb:0b:
84:75:ff:58:21:e0:84:2f:e9:9c:af:77:54:6d:dd:
2c:82:89:e5:8c:0a:1b:59:c9:2e:4e:92:19:bb:dc:
65:c5:6d:cb:e3:21:f8:41:3a:07:a9:56:2c:e3:8f:
2f:8c:5a:bb:55:b8:30:ee:43:19:b9:b9:36:df:60:
78:b9:b3:42:4d:8f:d3:e8:70:85:47:0d:73:b7:ba:
d8:3e:20:9d:86:08:37:bf:ed:51:b1:9e:41:01:57:
ab:7f:06:83:13:6b:1a:d7:54:cf:8b:91:cf:a1:dd:
60:d3:0b:88:da:bc:88:c3:9e:1c:f1:f7:f4:e2:d2:
99:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F3:2C:6B:FA:55:56:81:FC:C9:DF:85:9F:DC:C0:AC:EE:2B:83:7E
X509v3 Authority Key Identifier:
keyid:BC:B7:CF:44:30:BB:98:EA:04:85:1C:34:07:26:E5:88:15:0E:13:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91993A0/A5955E560C4511EF9E7E051DC4F9AE02/vLfPRDC7mOoEhRw0BybliBUOE50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vLfPRDC7mOoEhRw0BybliBUOE50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91993A0/A5955E560C4511EF9E7E051DC4F9AE02/F0A7F7C40C4911EFB07D3737C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.103.240.0/21
202.70.160.0/20
Signature Algorithm: sha256WithRSAEncryption
35:39:fb:14:8c:62:c5:e7:39:dc:4d:ef:f6:aa:43:40:e5:26:
31:51:27:35:cf:4c:0f:30:91:17:e4:fc:a3:67:ae:ba:97:49:
f6:88:61:9c:96:27:bc:06:c7:09:06:57:de:6f:ae:cb:55:f4:
5b:25:63:38:29:c3:20:34:ff:78:d8:dd:3e:02:20:90:3e:7b:
55:ce:e1:32:6d:5b:ad:51:2c:4b:d8:92:3c:3a:27:e6:d1:95:
68:d8:4c:54:a6:ec:57:15:8e:75:09:f0:67:fe:73:07:a7:d1:
4e:3e:c3:66:3f:36:b6:97:09:01:35:a6:9b:14:f5:34:48:0b:
6e:49:0e:08:57:1f:73:01:a8:f4:2f:00:c3:88:0c:49:12:d7:
2b:6e:ea:80:c9:ee:70:72:93:94:5b:34:8e:d9:e6:61:c2:98:
72:b2:db:e8:63:80:26:4e:5d:90:0a:aa:b4:ed:8c:34:2a:78:
cd:db:e8:58:fd:6c:c1:6e:18:06:35:98:cf:75:c4:00:f5:54:
06:be:3c:b1:c7:fb:f7:06:78:76:e3:2f:80:30:3e:6e:30:15:
bd:4f:36:8f:e8:a6:1c:dd:20:67:96:bd:0d:ae:a5:17:ca:1e:
1e:af:cc:21:5f:c9:69:8b:d1:a2:ca:ba:49:c5:96:fb:f6:cd:
e1:69:47:d0
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
OTNBMDExMC8GA1UEBRMoQkNCN0NGNDQzMEJCOThFQTA0ODUxQzM0MDcyNkU1ODgx
NTBFMTM5RDAeFw0yNDA1MDcwODMzMDNaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MzllNzNlLWNmYTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCXvr70Ub94Qg1RbgXAYJ1GplqcisSaO1d1JAqEki8c/RoaAcc7dk5z828wr2AF
0pTG9kXCf2/GGifHNDOAOB3aROiZE+dv2Dt22yEmuCMgOl2QmKUgqw4Tx8buxCmP
qDZ6wgHgqkukKLn8L3iVHs8YoQtLqv7Q34IcxuLXnZQLW5TufLX7C4R1/1gh4IQv
6Zyvd1Rt3SyCieWMChtZyS5Okhm73GXFbcvjIfhBOgepVizjjy+MWrtVuDDuQxm5
uTbfYHi5s0JNj9PocIVHDXO3utg+IJ2GCDe/7VGxnkEBV6t/BoMTaxrXVM+Lkc+h
3WDTC4javIjDnhzx9/Ti0plfAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUjfMsa/pV
VoH8yd+Fn9zArO4rg34wHwYDVR0jBBgwFoAUvLfPRDC7mOoEhRw0BybliBUOE50w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk5M0EwL0E1OTU1RTU2MEM0
NTExRUY5RTdFMDUxREM0RjlBRTAyL3ZMZlBSREM3bU9vRWhSdzBCeWJsaUJVT0U1
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdkxmUFJEQzdtT29FaFJ3MEJ5YmxpQlVPRTUwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
OTNBMC9BNTk1NUU1NjBDNDUxMUVGOUU3RTA1MURDNEY5QUUwMi9GMEE3RjdDNDBD
NDkxMUVGQjA3RDM3MzdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEA3Zn8AMEBMpGoDANBgkqhkiG9w0BAQsFAAOCAQEANTn7FIxi
xec53E3v9qpDQOUmMVEnNc9MDzCRF+T8o2euupdJ9ohhnJYnvAbHCQZX3m+uy1X0
WyVjOCnDIDT/eNjdPgIgkD57Vc7hMm1brVEsS9iSPDon5tGVaNhMVKbsVxWOdQnw
Z/5zB6fRTj7DZj82tpcJATWmmxT1NEgLbkkOCFcfcwGo9C8Aw4gMSRLXK27qgMnu
cHKTlFs0jtnmYcKYcrLb6GOAJk5dkAqqtO2MNCp4zdvoWP1swW4YBjWYz3XEAPVU
Br48scf79wZ4duMvgDA+bjAVvU82j+imHN0gZ5a9Da6lF8oeHq/MIV/JaYvRosq6
ScWW+/bN4WlH0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:48 2024 by rpki-client on console-ams.rpki-client.org