Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A64F6/E1CF3C5690DB11EEB9CD2A76C4F9AE02/FE37A02CC16E11EEA648BC3CC4F9AE02.roa
File: FE37A02CC16E11EEA648BC3CC4F9AE02.roa (raw, json)
Hash identifier: CT61m5MFLywJtrnXzDwB5O8TCBiU39F8Vh6T54P6dKQ=
Subject key identifier: 26:77:0C:20:88:43:24:E1:B8:BB:35:91:16:7B:55:42:27:ED:35:4A
Certificate issuer: /CN=A91A64F6/serialNumber=8CC3043D4B46C48F126C06E82970EBB48B6463C8
Certificate serial: 2C
Authority key identifier: 8C:C3:04:3D:4B:46:C4:8F:12:6C:06:E8:29:70:EB:B4:8B:64:63:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jMMEPUtGxI8SbAboKXDrtItkY8g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A64F6/E1CF3C5690DB11EEB9CD2A76C4F9AE02/FE37A02CC16E11EEA648BC3CC4F9AE02.roa
Signing time: Fri 02 Feb 2024 02:24:19 +0000
ROA not before: Fri 02 Feb 2024 02:24:19 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 133217
IP address blocks: 103.127.120.0/22 maxlen: 22
103.127.122.0/24 maxlen: 24
103.127.123.0/24 maxlen: 24
2404:1fc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 02 Feb 2024 03:20:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44 (0x2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A64F6/serialNumber=8CC3043D4B46C48F126C06E82970EBB48B6463C8
Validity
Not Before: Feb 2 02:24:19 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65bc5253-3b10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:35:36:9e:28:cd:cf:1b:c5:a4:6b:05:e5:a8:
6e:a6:fe:01:19:2a:36:04:68:84:74:3e:14:9b:73:
08:db:94:03:31:dc:e2:f4:67:15:af:c5:75:71:58:
88:a8:f3:31:af:15:bc:cd:3d:92:21:5b:91:17:5d:
c8:c3:a5:07:97:7d:e2:bc:da:90:2e:32:9c:f8:56:
46:d2:c4:d4:e2:ed:4d:1b:62:ec:22:30:ed:42:d3:
02:30:b0:20:98:5a:1d:b0:6f:06:93:c4:d6:94:71:
e4:ee:a2:a4:fc:8d:44:3c:c4:3b:f3:c4:1a:1c:07:
07:85:03:b3:f6:aa:f5:2c:14:53:6a:5c:b3:b4:20:
b2:dc:20:3e:47:7e:83:cc:dd:46:9b:52:c2:8d:3c:
d7:e1:65:55:5c:a0:6a:2e:ee:cd:24:92:2a:30:78:
ee:0d:64:6e:bd:27:40:c4:b9:df:b3:5b:15:7e:4f:
e2:44:5d:68:fa:7f:de:36:b6:13:71:64:1b:89:87:
94:10:ef:6e:92:33:d3:c4:8f:d7:da:3c:a9:65:4a:
05:fd:ff:61:35:be:dc:8f:cd:cf:49:d9:8f:63:04:
13:9a:04:2d:7c:eb:b6:55:ca:32:4a:94:6a:85:8e:
71:5a:b0:f8:49:01:32:d4:b1:cb:92:a1:0c:fb:65:
6e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:77:0C:20:88:43:24:E1:B8:BB:35:91:16:7B:55:42:27:ED:35:4A
X509v3 Authority Key Identifier:
keyid:8C:C3:04:3D:4B:46:C4:8F:12:6C:06:E8:29:70:EB:B4:8B:64:63:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A64F6/E1CF3C5690DB11EEB9CD2A76C4F9AE02/jMMEPUtGxI8SbAboKXDrtItkY8g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jMMEPUtGxI8SbAboKXDrtItkY8g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A64F6/E1CF3C5690DB11EEB9CD2A76C4F9AE02/FE37A02CC16E11EEA648BC3CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.127.120.0/22
IPv6:
2404:1fc0::/32
Signature Algorithm: sha256WithRSAEncryption
6e:80:59:ff:ca:a6:c0:82:54:20:9b:7d:e8:69:8a:03:5d:ce:
5c:9c:be:52:cd:ff:12:9d:f1:79:f5:c3:6b:7a:e0:52:8e:2c:
d7:86:d4:1c:5a:75:80:37:73:3c:5f:81:3f:c0:1a:97:c4:5e:
99:69:fc:98:f0:c8:39:ba:db:90:5d:d3:82:f6:52:ea:01:33:
0a:31:ac:f2:90:c2:6a:51:77:ed:82:0f:06:c4:c5:e4:cd:33:
c7:70:ad:3a:12:2b:83:2c:12:b2:0b:a4:98:d8:00:8b:de:4d:
73:1b:ce:1b:bf:6c:c9:a6:f5:3e:20:30:f3:f6:8d:45:56:47:
a6:a3:e4:dd:ba:d4:c9:64:66:25:f3:03:23:f2:52:9d:e6:36:
98:b1:7b:56:cc:8c:9b:a5:90:ea:41:c1:cb:1d:48:51:7f:62:
3c:91:01:a5:4a:66:1f:00:8e:7c:54:2b:c0:b9:df:b2:11:bc:
fd:fc:7b:d3:29:d4:eb:2d:00:6d:b2:30:62:c8:f4:e5:9e:49:
fd:9d:9b:0e:f1:9f:9f:0e:3a:91:45:03:8f:ea:b6:af:18:78:
9c:33:2e:e5:6b:2f:7e:1a:03:5e:f1:08:d5:69:95:fb:15:21:
ec:99:f0:e2:59:61:20:cc:84:bf:71:e6:fc:89:94:a0:fb:91:
d0:c8:55:4c
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBLDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
NjRGNjExMC8GA1UEBRMoOENDMzA0M0Q0QjQ2QzQ4RjEyNkMwNkU4Mjk3MEVCQjQ4
QjY0NjNDODAeFw0yNDAyMDIwMjI0MTlaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YmM1MjUzLTNiMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCsNTaeKM3PG8WkawXlqG6m/gEZKjYEaIR0PhSbcwjblAMx3OL0ZxWvxXVxWIio
8zGvFbzNPZIhW5EXXcjDpQeXfeK82pAuMpz4VkbSxNTi7U0bYuwiMO1C0wIwsCCY
Wh2wbwaTxNaUceTuoqT8jUQ8xDvzxBocBweFA7P2qvUsFFNqXLO0ILLcID5HfoPM
3UabUsKNPNfhZVVcoGou7s0kkioweO4NZG69J0DEud+zWxV+T+JEXWj6f942thNx
ZBuJh5QQ726SM9PEj9faPKllSgX9/2E1vtyPzc9J2Y9jBBOaBC1867ZVyjJKlGqF
jnFasPhJATLUscuSoQz7ZW4DAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUJncMIIhD
JOG4uzWRFntVQiftNUowHwYDVR0jBBgwFoAUjMMEPUtGxI8SbAboKXDrtItkY8gw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE2NEY2L0UxQ0YzQzU2OTBE
QjExRUVCOUNEMkE3NkM0RjlBRTAyL2pNTUVQVXRHeEk4U2JBYm9LWERydEl0a1k4
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvak1NRVBVdEd4SThTYkFib0tYRHJ0SXRrWThnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NjRGNi9FMUNGM0M1NjkwREIxMUVFQjlDRDJBNzZDNEY5QUUwMi9GRTM3QTAyQ0Mx
NkUxMUVFQTY0OEJDM0NDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAmd/eDANBAIAAjAHAwUAJAQfwDANBgkqhkiG9w0BAQsFAAOC
AQEAboBZ/8qmwIJUIJt96GmKA13OXJy+Us3/Ep3xefXDa3rgUo4s14bUHFp1gDdz
PF+BP8Aal8RemWn8mPDIObrbkF3TgvZS6gEzCjGs8pDCalF37YIPBsTF5M0zx3Ct
OhIrgywSsgukmNgAi95NcxvOG79syab1PiAw8/aNRVZHpqPk3brUyWRmJfMDI/JS
neY2mLF7VsyMm6WQ6kHByx1IUX9iPJEBpUpmHwCOfFQrwLnfshG8/fx70ynU6y0A
bbIwYsj05Z5J/Z2bDvGfnw46kUUDj+q2rxh4nDMu5WsvfhoDXvEI1WmV+xUh7Jnw
4llhIMyEv3Hm/ImUoPuR0MhVTA==
-----END CERTIFICATE-----
Generated at Fri Feb 2 04:25:12 2024 by rpki-client on console-ams.rpki-client.org