Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A64F6/E1CF3C5690DB11EEB9CD2A76C4F9AE02/DB3469D890DC11EE955F1315C4F9AE02.roa
File: DB3469D890DC11EE955F1315C4F9AE02.roa (raw, json)
Hash identifier: v9AA07JJHuMe7JZg9smbmMLmNsvoSmNiCuA4wrWrHos=
Subject key identifier: 01:6F:50:A1:21:DA:FF:85:5B:0B:BA:C1:50:05:17:DE:CE:D6:06:9C
Certificate issuer: /CN=A91A64F6/serialNumber=8CC3043D4B46C48F126C06E82970EBB48B6463C8
Certificate serial: 26
Authority key identifier: 8C:C3:04:3D:4B:46:C4:8F:12:6C:06:E8:29:70:EB:B4:8B:64:63:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jMMEPUtGxI8SbAboKXDrtItkY8g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A64F6/E1CF3C5690DB11EEB9CD2A76C4F9AE02/DB3469D890DC11EE955F1315C4F9AE02.roa
Signing time: Wed 31 Jan 2024 08:09:02 +0000
ROA not before: Wed 31 Jan 2024 08:09:02 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 58534
IP address blocks: 103.127.123.0/24 maxlen: 24
2404:1fc0:1104::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 02 Feb 2024 02:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38 (0x26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A64F6/serialNumber=8CC3043D4B46C48F126C06E82970EBB48B6463C8
Validity
Not Before: Jan 31 08:09:02 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65ba001e-b347
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:eb:a9:3f:e1:0a:e8:e3:de:0c:91:2b:05:2f:
c2:4a:1a:d9:f8:77:e0:df:95:cc:8c:d9:fb:82:10:
1d:55:39:39:ad:62:5a:55:ad:61:a3:6a:d9:7f:64:
b7:04:b7:e7:f4:07:05:a1:69:87:25:d9:81:34:ce:
0d:33:f8:29:40:f0:fd:0b:7c:06:4f:97:44:ff:b9:
70:f3:e0:3e:32:bc:61:6d:48:62:d4:c1:d2:c7:d2:
a6:8d:62:21:dc:9a:62:22:16:e2:3c:84:ef:02:d3:
19:32:22:17:11:e3:69:41:56:c7:4c:47:f6:e8:bc:
38:36:0b:42:c5:c2:de:ad:14:b6:5e:be:7b:4a:b1:
07:40:5a:70:31:f0:5d:86:69:38:bf:99:e5:40:5b:
f3:29:bf:94:f5:bb:60:fa:92:d2:a1:dc:68:97:9d:
5f:76:fb:95:29:f4:ee:89:32:63:07:22:06:72:3f:
59:da:9d:f1:22:ad:24:9e:8e:f8:ca:de:ec:d4:25:
7c:6b:eb:ee:90:bc:14:3e:6b:a3:59:0a:02:d1:1f:
5d:70:3b:b1:b1:da:1d:70:71:57:af:c8:17:41:82:
78:e9:e4:b2:69:6e:50:7d:9a:81:b0:c5:f2:04:66:
4f:04:23:10:6a:01:70:78:17:c4:14:9e:91:44:60:
68:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:6F:50:A1:21:DA:FF:85:5B:0B:BA:C1:50:05:17:DE:CE:D6:06:9C
X509v3 Authority Key Identifier:
keyid:8C:C3:04:3D:4B:46:C4:8F:12:6C:06:E8:29:70:EB:B4:8B:64:63:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A64F6/E1CF3C5690DB11EEB9CD2A76C4F9AE02/jMMEPUtGxI8SbAboKXDrtItkY8g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jMMEPUtGxI8SbAboKXDrtItkY8g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A64F6/E1CF3C5690DB11EEB9CD2A76C4F9AE02/DB3469D890DC11EE955F1315C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.127.123.0/24
IPv6:
2404:1fc0:1104::/48
Signature Algorithm: sha256WithRSAEncryption
72:34:12:58:0e:ad:4a:a2:d7:53:95:e1:49:55:74:ad:98:0b:
42:5b:ef:c2:38:81:60:c4:4c:e7:fd:1d:56:e4:1e:b1:c1:91:
95:0b:d4:a8:27:fe:c5:be:2d:a9:86:2d:18:0b:81:0e:e7:74:
87:3c:06:32:94:e1:27:2f:4a:5d:90:0f:46:17:50:96:c5:40:
78:72:92:4c:18:4b:81:e9:5c:ed:1b:6f:61:df:41:0e:db:50:
5d:32:1a:02:2d:d6:05:bd:8c:ac:55:97:6a:88:63:f3:00:eb:
1b:c2:3b:4e:fb:db:2d:81:d4:db:36:b5:14:95:42:6e:04:0a:
4e:1f:b5:07:a8:81:39:7e:25:9d:70:84:12:ec:de:24:9c:9a:
5b:3f:4e:e8:47:e1:db:8c:91:d2:08:c3:f0:5e:19:bb:4b:1e:
c4:53:24:d9:6c:97:ce:00:60:e1:77:31:a7:02:37:81:0d:3b:
b3:44:f1:a8:45:23:60:e1:6a:83:e4:e0:de:db:c9:8d:c5:9a:
18:66:b7:8d:58:15:18:1e:85:8a:6c:91:47:f1:ae:d7:3e:73:
05:c6:48:e6:df:61:ab:a5:cd:bb:41:0c:6d:99:a5:68:82:97:
3a:6a:26:7e:54:10:76:ca:bd:95:17:ab:9b:87:03:9d:a5:d6:
9c:0d:f5:29
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBJjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
NjRGNjExMC8GA1UEBRMoOENDMzA0M0Q0QjQ2QzQ4RjEyNkMwNkU4Mjk3MEVCQjQ4
QjY0NjNDODAeFw0yNDAxMzEwODA5MDJaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YmEwMDFlLWIzNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCc66k/4Qro494MkSsFL8JKGtn4d+DflcyM2fuCEB1VOTmtYlpVrWGjatl/ZLcE
t+f0BwWhaYcl2YE0zg0z+ClA8P0LfAZPl0T/uXDz4D4yvGFtSGLUwdLH0qaNYiHc
mmIiFuI8hO8C0xkyIhcR42lBVsdMR/bovDg2C0LFwt6tFLZevntKsQdAWnAx8F2G
aTi/meVAW/Mpv5T1u2D6ktKh3GiXnV92+5Up9O6JMmMHIgZyP1nanfEirSSejvjK
3uzUJXxr6+6QvBQ+a6NZCgLRH11wO7Gx2h1wcVevyBdBgnjp5LJpblB9moGwxfIE
Zk8EIxBqAXB4F8QUnpFEYGh7AgMBAAGjggKmMIICojAdBgNVHQ4EFgQUAW9QoSHa
/4VbC7rBUAUX3s7WBpwwHwYDVR0jBBgwFoAUjMMEPUtGxI8SbAboKXDrtItkY8gw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE2NEY2L0UxQ0YzQzU2OTBE
QjExRUVCOUNEMkE3NkM0RjlBRTAyL2pNTUVQVXRHeEk4U2JBYm9LWERydEl0a1k4
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvak1NRVBVdEd4SThTYkFib0tYRHJ0SXRrWThnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NjRGNi9FMUNGM0M1NjkwREIxMUVFQjlDRDJBNzZDNEY5QUUwMi9EQjM0NjlEODkw
REMxMUVFOTU1RjEzMTVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAGd/ezAPBAIAAjAJAwcAJAQfwBEEMA0GCSqGSIb3DQEBCwUA
A4IBAQByNBJYDq1KotdTleFJVXStmAtCW+/COIFgxEzn/R1W5B6xwZGVC9SoJ/7F
vi2phi0YC4EO53SHPAYylOEnL0pdkA9GF1CWxUB4cpJMGEuB6VztG29h30EO21Bd
MhoCLdYFvYysVZdqiGPzAOsbwjtO+9stgdTbNrUUlUJuBApOH7UHqIE5fiWdcIQS
7N4knJpbP07oR+HbjJHSCMPwXhm7Sx7EUyTZbJfOAGDhdzGnAjeBDTuzRPGoRSNg
4WqD5ODe28mNxZoYZreNWBUYHoWKbJFH8a7XPnMFxkjm32Grpc27QQxtmaVogpc6
aiZ+VBB2yr2VF6ubhwOdpdacDfUp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org