Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BE056/FB59344EFB1C11EBB5464F64C4F9AE02/067468AC7EEC11EF9C88AC15C4F9AE02.roa
File: 067468AC7EEC11EF9C88AC15C4F9AE02.roa (raw, json)
Hash identifier: cfKJt2l8ZOhwqJpo3agskDRYqUGd3ruJ0467woHrCAE=
Subject key identifier: C6:D1:57:75:CB:3C:85:98:99:34:89:4B:71:36:68:99:A4:1D:FC:9D
Certificate issuer: /CN=A91BE056/serialNumber=8BC01CEA44D3ED88F4153172B792456715C5260B
Certificate serial: 04C6
Authority key identifier: 8B:C0:1C:EA:44:D3:ED:88:F4:15:31:72:B7:92:45:67:15:C5:26:0B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i8Ac6kTT7Yj0FTFyt5JFZxXFJgs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BE056/FB59344EFB1C11EBB5464F64C4F9AE02/067468AC7EEC11EF9C88AC15C4F9AE02.roa
Signing time: Mon 30 Sep 2024 05:24:39 +0000
ROA not before: Mon 30 Sep 2024 05:24:39 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 15169
IP address blocks: 103.171.89.0/24 maxlen: 24
2001:df7:4280::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 30 Sep 2024 13:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1222 (0x4c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BE056/serialNumber=8BC01CEA44D3ED88F4153172B792456715C5260B
Validity
Not Before: Sep 30 05:24:39 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66fa3616-fce7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:74:1f:f0:a4:c7:df:c3:33:c4:7b:fc:e6:4f:
50:d3:21:1c:db:d7:dd:fd:86:c6:2f:f5:9d:61:9e:
19:0b:d1:f9:cc:e3:db:1d:2f:18:c4:ca:e8:01:08:
cf:56:b2:63:47:ab:38:24:9e:08:a6:00:da:67:8f:
a2:60:06:29:58:2a:a6:b4:df:0d:fb:ef:1c:90:85:
00:7a:05:ca:79:74:ce:f8:f7:77:06:ec:52:f1:89:
21:df:f3:1b:51:6d:2c:1a:17:7d:9f:77:c2:77:20:
fb:18:15:cd:43:e2:75:57:8c:7e:ef:a2:4a:f2:aa:
5e:80:58:44:b0:a0:24:72:ec:7e:2b:b8:03:d2:cc:
b5:46:aa:71:87:22:27:ff:49:4e:b1:d6:22:34:89:
d2:dc:5d:c4:62:14:c4:1d:cf:e1:fa:df:7e:b3:51:
c5:60:aa:41:5a:26:39:ce:7e:d3:89:46:6e:86:79:
b7:09:03:65:fa:96:b8:ea:0f:06:a8:32:ed:ce:66:
46:e8:db:71:6e:de:20:9b:9c:24:2b:80:e6:b7:dd:
a3:13:41:da:94:7b:2a:62:df:36:bc:89:ab:22:5c:
85:97:3e:af:8c:58:42:8f:c8:5c:f4:84:a6:13:ee:
6f:f3:13:fd:9a:4b:62:6c:13:f0:6c:3e:92:ea:5f:
a1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:D1:57:75:CB:3C:85:98:99:34:89:4B:71:36:68:99:A4:1D:FC:9D
X509v3 Authority Key Identifier:
keyid:8B:C0:1C:EA:44:D3:ED:88:F4:15:31:72:B7:92:45:67:15:C5:26:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BE056/FB59344EFB1C11EBB5464F64C4F9AE02/i8Ac6kTT7Yj0FTFyt5JFZxXFJgs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i8Ac6kTT7Yj0FTFyt5JFZxXFJgs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BE056/FB59344EFB1C11EBB5464F64C4F9AE02/067468AC7EEC11EF9C88AC15C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.89.0/24
IPv6:
2001:df7:4280::/48
Signature Algorithm: sha256WithRSAEncryption
a2:c5:60:18:59:2e:a3:66:18:7d:87:60:f4:59:8d:8e:0c:e9:
4a:28:be:ba:6f:2d:e6:09:0e:28:15:5e:66:61:3b:59:1a:95:
af:38:d1:ee:ec:79:fd:c2:ea:b6:d7:fe:a8:00:e5:20:ec:8d:
30:37:db:3e:e0:61:47:f7:fa:46:e9:9a:ff:37:b8:f2:ee:ac:
d4:66:e5:2e:df:9f:75:37:a7:ed:75:51:e1:34:40:95:a0:ee:
6d:cf:bf:f4:f2:7f:ad:9f:de:5d:59:44:74:e9:3b:d4:17:20:
3b:01:0a:07:cf:42:a7:a6:41:71:2f:01:f5:58:f6:54:e9:dd:
52:8a:a0:a0:f9:d0:be:73:0a:25:be:0b:9c:bc:9f:6f:79:da:
e5:8c:9d:2d:19:7b:5f:fa:00:d7:96:06:19:f3:3b:6d:84:54:
8e:3a:68:11:e2:00:f1:fc:96:ac:7a:10:6e:f3:14:ac:24:db:
4c:c3:1c:b0:17:23:3f:92:8e:23:f0:21:98:86:73:c4:68:79:
ce:7d:65:9b:09:d2:51:26:96:60:16:a2:d3:58:5b:2f:99:dd:
54:5a:bd:29:f0:04:f3:ac:ac:7d:d7:4d:9f:6c:53:bc:29:af:
66:4f:de:0e:ef:a5:67:73:6e:9e:e7:f5:f2:4f:36:da:2f:65:
31:e7:05:5b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBMYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkUwNTYxMTAvBgNVBAUTKDhCQzAxQ0VBNDREM0VEODhGNDE1MzE3MkI3OTI0NTY3
MTVDNTI2MEIwHhcNMjQwOTMwMDUyNDM5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZhMzYxNi1mY2U3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAonQf8KTH38MzxHv85k9Q0yEc29fd/YbGL/WdYZ4ZC9H5zOPbHS8YxMroAQjP
VrJjR6s4JJ4IpgDaZ4+iYAYpWCqmtN8N++8ckIUAegXKeXTO+Pd3BuxS8Ykh3/Mb
UW0sGhd9n3fCdyD7GBXNQ+J1V4x+76JK8qpegFhEsKAkcux+K7gD0sy1RqpxhyIn
/0lOsdYiNInS3F3EYhTEHc/h+t9+s1HFYKpBWiY5zn7TiUZuhnm3CQNl+pa46g8G
qDLtzmZG6Ntxbt4gm5wkK4Dmt92jE0HalHsqYt82vImrIlyFlz6vjFhCj8hc9ISm
E+5v8xP9mktibBPwbD6S6l+hkwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFMbRV3XL
PIWYmTSJS3E2aJmkHfydMB8GA1UdIwQYMBaAFIvAHOpE0+2I9BUxcreSRWcVxSYL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRTA1Ni9GQjU5MzQ0RUZC
MUMxMUVCQjU0NjRGNjRDNEY5QUUwMi9pOEFjNmtUVDdZajBGVEZ5dDVKRlp4WEZK
Z3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2k4QWM2a1RUN1lqMEZURnl0NUpGWnhYRkpncy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkUwNTYvRkI1OTM0NEVGQjFDMTFFQkI1NDY0RjY0QzRGOUFFMDIvMDY3NDY4QUM3
RUVDMTFFRjlDODhBQzE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnq1kwDwQCAAIwCQMHACABDfdCgDANBgkqhkiG9w0BAQsF
AAOCAQEAosVgGFkuo2YYfYdg9FmNjgzpSii+um8t5gkOKBVeZmE7WRqVrzjR7ux5
/cLqttf+qADlIOyNMDfbPuBhR/f6Ruma/ze48u6s1GblLt+fdTen7XVR4TRAlaDu
bc+/9PJ/rZ/eXVlEdOk71BcgOwEKB89Cp6ZBcS8B9Vj2VOndUoqgoPnQvnMKJb4L
nLyfb3na5YydLRl7X/oA15YGGfM7bYRUjjpoEeIA8fyWrHoQbvMUrCTbTMMcsBcj
P5KOI/AhmIZzxGh5zn1lmwnSUSaWYBai01hbL5ndVFq9KfAE86ysfddNn2xTvCmv
Zk/eDu+lZ3Nunuf18k822i9lMecFWw==
-----END CERTIFICATE-----
Generated at Mon Sep 30 17:34:42 2024 by rpki-client on console-ams.rpki-client.org