Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/61BF1B50894011EEA9CB2284C4F9AE02.roa
File: 61BF1B50894011EEA9CB2284C4F9AE02.roa (raw, json)
Hash identifier: HdczIV3EUE3mE39xu2CzgvaC2NwebQmrfjVNrPDNlwM=
Subject key identifier: AE:F6:4A:B5:28:4F:46:98:75:5C:58:80:40:63:9B:3A:70:94:A8:93
Certificate issuer: /CN=A91B25F2/serialNumber=B6C87BB58728F76F6F90A09DFD6BAA1AD4E73BCA
Certificate serial: 0B37
Authority key identifier: B6:C8:7B:B5:87:28:F7:6F:6F:90:A0:9D:FD:6B:AA:1A:D4:E7:3B:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/61BF1B50894011EEA9CB2284C4F9AE02.roa
Signing time: Wed 22 Nov 2023 14:06:51 +0000
ROA not before: Wed 22 Nov 2023 14:06:51 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 136765
IP address blocks: 43.230.211.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2871 (0xb37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B25F2/serialNumber=B6C87BB58728F76F6F90A09DFD6BAA1AD4E73BCA
Validity
Not Before: Nov 22 14:06:51 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=655e0afa-3509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:82:9b:eb:5e:50:d7:a8:84:50:f8:6f:34:8c:
6c:42:a6:cf:e4:5b:f6:9f:13:e8:4b:e7:07:96:0f:
54:21:43:6c:4d:5e:d7:c2:a7:3c:2a:55:da:97:0c:
43:80:65:c5:13:de:b2:36:53:09:56:ee:aa:4e:1a:
cc:2f:f2:57:ac:79:0b:9b:6b:eb:97:c2:9f:d9:59:
a8:95:8f:07:55:ec:a2:2e:42:bf:f2:22:bc:d1:f1:
8e:77:50:43:b0:e3:7c:d9:8f:89:dd:04:67:a2:b3:
6d:ca:c3:d4:b3:9b:7f:d0:00:cc:a5:19:a0:ce:cd:
6d:60:d7:6d:cf:e8:69:ce:60:b6:a8:bb:e8:a6:86:
fa:8e:12:db:4b:20:ae:93:08:cb:a5:36:4c:f3:6e:
98:e6:27:cc:67:9b:53:1d:3f:4f:a8:26:94:8c:a1:
db:53:64:b8:6c:c2:24:40:0d:fe:e6:06:71:a9:a6:
53:f3:c9:2a:6c:d0:eb:7e:c7:1b:bb:a1:d9:f0:ba:
ed:f1:6c:dc:3a:b2:81:2c:21:a3:c5:9b:37:40:8d:
60:25:71:ea:f6:7b:bd:4d:d5:fa:01:ce:bd:cc:87:
bf:d7:03:0c:14:6d:1c:44:5c:7a:c9:bd:3a:56:a8:
58:96:ca:82:91:73:75:8a:92:91:07:f7:5f:ea:dc:
43:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:F6:4A:B5:28:4F:46:98:75:5C:58:80:40:63:9B:3A:70:94:A8:93
X509v3 Authority Key Identifier:
keyid:B6:C8:7B:B5:87:28:F7:6F:6F:90:A0:9D:FD:6B:AA:1A:D4:E7:3B:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/61BF1B50894011EEA9CB2284C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.211.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:9c:2e:44:1f:76:a2:ee:0c:ab:0f:0e:7e:58:91:5d:e6:2f:
46:c1:4d:43:39:7f:62:33:e7:72:a2:0b:82:5b:53:c6:81:15:
91:4b:57:2f:e2:17:0d:5b:97:76:22:fd:bd:d2:89:98:f0:ba:
b0:b6:f3:4c:59:aa:e7:cd:39:d3:cd:3f:b0:d1:cc:6d:94:e2:
9e:53:a0:1b:fe:17:be:07:23:2c:03:fc:22:b2:51:3f:e0:7b:
23:7f:1f:5f:40:8a:96:5c:7a:a3:56:4d:bf:c0:7f:09:1c:bb:
d0:fd:1e:56:05:6f:d6:e5:ca:8c:7f:1a:fb:1e:1c:8c:37:e5:
f1:27:3f:ee:4e:19:ee:31:90:28:f5:71:0c:1c:8c:7d:b8:3b:
08:ea:40:bf:70:f0:27:ea:65:aa:14:cf:95:a8:a4:c0:ca:a0:
07:f3:8e:68:53:91:2c:f8:71:24:ba:5b:4b:f7:70:3c:64:fe:
b4:b1:dc:66:ba:0c:5a:70:b4:bd:dd:9e:d0:a9:0f:a1:55:82:
a3:0b:56:19:2e:7c:e6:f5:a4:87:6b:32:51:75:d0:46:a0:62:
b0:b5:32:2a:0e:c6:ab:6c:e6:42:5a:5f:74:8b:6f:19:41:9a:
99:9f:65:e7:37:eb:95:c7:71:d2:32:d4:ab:da:5a:5f:ee:65:
c7:02:ab:9b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCzcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjI1RjIxMTAvBgNVBAUTKEI2Qzg3QkI1ODcyOEY3NkY2RjkwQTA5REZENkJBQTFB
RDRFNzNCQ0EwHhcNMjMxMTIyMTQwNjUxWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVlMGFmYS0zNTA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzIKb615Q16iEUPhvNIxsQqbP5Fv2nxPoS+cHlg9UIUNsTV7Xwqc8KlXalwxD
gGXFE96yNlMJVu6qThrML/JXrHkLm2vrl8Kf2VmolY8HVeyiLkK/8iK80fGOd1BD
sON82Y+J3QRnorNtysPUs5t/0ADMpRmgzs1tYNdtz+hpzmC2qLvopob6jhLbSyCu
kwjLpTZM826Y5ifMZ5tTHT9PqCaUjKHbU2S4bMIkQA3+5gZxqaZT88kqbNDrfscb
u6HZ8Lrt8WzcOrKBLCGjxZs3QI1gJXHq9nu9TdX6Ac69zIe/1wMMFG0cRFx6yb06
VqhYlsqCkXN1ipKRB/df6txDhwIDAQABo4IClTCCApEwHQYDVR0OBBYEFK72SrUo
T0aYdVxYgEBjmzpwlKiTMB8GA1UdIwQYMBaAFLbIe7WHKPdvb5Cgnf1rqhrU5zvK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjVGMi9FRjkwQ0Q0RTAz
QjAxMUVBODVGMDI5MzRDNEY5QUUwMi90c2g3dFljbzkyOXZrS0NkX1d1cUd0VG5P
OG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RzaDd0WWNvOTI5dmtLQ2RfV3VxR3RUbk84by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjI1RjIvRUY5MENENEUwM0IwMTFFQTg1RjAyOTM0QzRGOUFFMDIvNjFCRjFCNTA4
OTQwMTFFRUE5Q0IyMjg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr5tMwDQYJKoZIhvcNAQELBQADggEBAJ2cLkQfdqLuDKsP
Dn5YkV3mL0bBTUM5f2Iz53KiC4JbU8aBFZFLVy/iFw1bl3Yi/b3SiZjwurC280xZ
qufNOdPNP7DRzG2U4p5ToBv+F74HIywD/CKyUT/geyN/H19AipZceqNWTb/Afwkc
u9D9HlYFb9blyox/GvseHIw35fEnP+5OGe4xkCj1cQwcjH24OwjqQL9w8CfqZaoU
z5WopMDKoAfzjmhTkSz4cSS6W0v3cDxk/rSx3Ga6DFpwtL3dntCpD6FVgqMLVhku
fOb1pIdrMlF10EagYrC1MioOxqts5kJaX3SLbxlBmpmfZec365XHcdIy1KvaWl/u
ZccCq5s=
-----END CERTIFICATE-----
Generated at Thu Nov 23 15:12:05 2023 by rpki-client on console-fra.rpki-client.org