Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AABB1/8874E9E81D9811E29788A98208B02CD2/691679388C7811EBB7E88620C4F9AE02.roa
File: 691679388C7811EBB7E88620C4F9AE02.roa (raw, json)
Hash identifier: HZ6yhg6MFRQWA2I3+SWzlr3JaDgWFn6D2s24L/3xOeE=
Subject key identifier: 80:4C:88:F2:EF:6A:28:8B:80:BD:F3:09:39:BD:59:8D:15:C3:7C:7D
Certificate issuer: /CN=A91AABB1/serialNumber=EB7FE9892DF000255FCF3AC0B2B4D12AEA6FF806
Certificate serial: 3402
Authority key identifier: EB:7F:E9:89:2D:F0:00:25:5F:CF:3A:C0:B2:B4:D1:2A:EA:6F:F8:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/63_piS3wACVfzzrAsrTRKupv-AY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AABB1/8874E9E81D9811E29788A98208B02CD2/691679388C7811EBB7E88620C4F9AE02.roa
Signing time: Thu 08 Jun 2023 15:20:55 +0000
ROA not before: Thu 08 Jun 2023 15:20:55 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 56121
IP address blocks: 114.130.104.0/22 maxlen: 22
114.130.104.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jan 2024 01:26:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13314 (0x3402)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AABB1/serialNumber=EB7FE9892DF000255FCF3AC0B2B4D12AEA6FF806
Validity
Not Before: Jun 8 15:20:55 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6481f1d7-7b5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:68:fe:d8:7b:46:5e:90:6d:2a:e7:02:af:86:
2a:5c:b2:6d:ba:23:1f:53:86:26:ba:43:29:31:2b:
8d:94:54:e6:30:30:64:ac:76:78:79:de:7a:b8:93:
72:84:9d:97:cc:40:25:12:5d:f7:38:60:bc:f4:d8:
d3:41:7d:12:e9:a3:c5:44:2d:73:6d:d9:62:2a:31:
1e:c2:bd:88:0b:c2:b8:ee:0f:5a:1b:33:b1:17:83:
d8:ba:3a:4e:93:b4:6d:80:60:0e:47:a1:ea:5b:55:
f0:cb:9b:41:c6:df:b7:2c:c1:d7:70:96:2c:6e:18:
37:54:97:75:ea:a0:2c:42:f8:8d:8e:60:60:4a:5a:
d0:aa:c1:98:dd:f8:21:c3:44:d6:5b:4d:92:ba:4e:
c2:b4:bd:00:06:f9:f1:ee:58:5d:30:48:dc:8f:ca:
69:d4:30:fc:82:35:db:fc:ef:36:3c:58:1e:a8:3f:
c6:b4:4c:72:0a:fb:f8:e1:26:3a:28:2d:b1:85:14:
8f:fd:50:d1:6d:cd:5c:4c:45:b0:5c:b4:8e:51:ef:
17:5f:05:c0:59:e0:08:19:de:05:84:29:62:c8:ed:
f9:22:cc:ad:6a:e3:33:73:7f:0e:10:9d:70:ea:51:
c9:55:7d:14:42:53:58:b0:3d:b4:2f:f7:47:42:c8:
3b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:4C:88:F2:EF:6A:28:8B:80:BD:F3:09:39:BD:59:8D:15:C3:7C:7D
X509v3 Authority Key Identifier:
keyid:EB:7F:E9:89:2D:F0:00:25:5F:CF:3A:C0:B2:B4:D1:2A:EA:6F:F8:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AABB1/8874E9E81D9811E29788A98208B02CD2/63_piS3wACVfzzrAsrTRKupv-AY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/63_piS3wACVfzzrAsrTRKupv-AY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AABB1/8874E9E81D9811E29788A98208B02CD2/691679388C7811EBB7E88620C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
114.130.104.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:4b:a7:e5:db:fc:3a:27:f7:bf:67:c5:c3:d8:6e:34:cc:80:
72:11:55:e7:c6:3f:81:d4:47:fd:ad:be:6c:90:e7:a2:c9:98:
0c:0f:a9:d4:4d:80:5b:37:47:96:66:4b:55:62:c7:6c:88:18:
78:91:2e:83:55:ef:91:89:e5:d4:74:49:ef:fb:2b:0d:09:68:
c8:14:c1:aa:44:2c:6f:ae:15:0e:07:0b:13:3a:15:4f:a4:82:
c5:21:30:75:4a:ac:06:0e:dd:93:a9:e1:8f:b2:35:57:4f:57:
b9:09:c2:97:30:6a:ba:bb:ab:ca:6e:ac:7d:ab:03:f0:98:3d:
76:cc:2e:3d:b0:6c:3d:33:a0:b1:76:07:5f:54:05:f9:17:d9:
26:41:28:ea:d2:2a:ef:0f:d3:e1:e9:3e:96:cd:4b:10:1f:28:
3b:25:a1:64:87:bd:63:69:f7:5a:80:36:8d:73:e3:49:5f:0f:
db:5b:51:a3:5a:0d:73:57:5c:bc:db:e5:f4:7b:e3:8d:8d:55:
d1:69:76:e7:74:d4:c4:da:8e:81:6d:72:a1:09:ae:29:e4:84:
62:a2:5b:f0:c6:dd:cf:fc:65:17:4e:16:f2:f5:26:5c:22:c7:
15:96:d2:a6:c7:aa:13:b1:26:c0:62:e1:96:1b:03:ef:1a:f5:
b0:82:a1:c3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNAIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUFCQjExMTAvBgNVBAUTKEVCN0ZFOTg5MkRGMDAwMjU1RkNGM0FDMEIyQjREMTJB
RUE2RkY4MDYwHhcNMjMwNjA4MTUyMDU1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxZjFkNy03YjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvmj+2HtGXpBtKucCr4YqXLJtuiMfU4YmukMpMSuNlFTmMDBkrHZ4ed56uJNy
hJ2XzEAlEl33OGC89NjTQX0S6aPFRC1zbdliKjEewr2IC8K47g9aGzOxF4PYujpO
k7RtgGAOR6HqW1Xwy5tBxt+3LMHXcJYsbhg3VJd16qAsQviNjmBgSlrQqsGY3fgh
w0TWW02Suk7CtL0ABvnx7lhdMEjcj8pp1DD8gjXb/O82PFgeqD/GtExyCvv44SY6
KC2xhRSP/VDRbc1cTEWwXLSOUe8XXwXAWeAIGd4FhCliyO35IsytauMzc38OEJ1w
6lHJVX0UQlNYsD20L/dHQsg7QQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIBMiPLv
aiiLgL3zCTm9WY0Vw3x9MB8GA1UdIwQYMBaAFOt/6Ykt8AAlX886wLK00Srqb/gG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUJCMS84ODc0RTlFODFE
OTgxMUUyOTc4OEE5ODIwOEIwMkNEMi82M19waVMzd0FDVmZ6enJBc3JUUkt1cHYt
QVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzYzX3BpUzN3QUNWZnp6ckFzclRSS3Vwdi1BWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUFCQjEvODg3NEU5RTgxRDk4MTFFMjk3ODhBOTgyMDhCMDJDRDIvNjkxNjc5Mzg4
Qzc4MTFFQkI3RTg4NjIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJygmgwDQYJKoZIhvcNAQELBQADggEBAGpLp+Xb/Don979n
xcPYbjTMgHIRVefGP4HUR/2tvmyQ56LJmAwPqdRNgFs3R5ZmS1Vix2yIGHiRLoNV
75GJ5dR0Se/7Kw0JaMgUwapELG+uFQ4HCxM6FU+kgsUhMHVKrAYO3ZOp4Y+yNVdP
V7kJwpcwarq7q8purH2rA/CYPXbMLj2wbD0zoLF2B19UBfkX2SZBKOrSKu8P0+Hp
PpbNSxAfKDsloWSHvWNp91qANo1z40lfD9tbUaNaDXNXXLzb5fR7442NVdFpdud0
1MTajoFtcqEJrinkhGKiW/DG3c/8ZRdOFvL1JlwixxWW0qbHqhOxJsBi4ZYbA+8a
9bCCocM=
-----END CERTIFICATE-----
Generated at Fri Jan 19 03:29:53 2024 by rpki-client on console-fra.rpki-client.org