Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/DB0AB772374611EEB3C13E13C4F9AE02.roa
File: DB0AB772374611EEB3C13E13C4F9AE02.roa (raw, json)
Hash identifier: MSKDxWH4BQq0jsq3IQ5VpkyimPqTm/ka7euGaddUfEY=
Subject key identifier: 33:C6:3D:19:B3:BC:BF:E9:28:65:09:D5:8F:BB:E6:9D:AF:77:45:45
Certificate issuer: /CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Certificate serial: 5F
Authority key identifier: 45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/DB0AB772374611EEB3C13E13C4F9AE02.roa
Signing time: Thu 10 Aug 2023 06:26:36 +0000
ROA not before: Thu 10 Aug 2023 06:26:36 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 151487
IP address blocks: 123.108.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 12:51:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95 (0x5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Validity
Not Before: Aug 10 06:26:36 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64d4831b-5d4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e0:58:b0:b9:94:18:db:80:89:2a:9a:b7:e2:
1a:b1:65:0f:96:fd:96:75:bf:80:7f:ac:04:16:8d:
20:43:d0:37:c6:e5:ed:a5:44:1a:8a:18:15:c4:fa:
05:22:7d:4b:3e:3d:75:1c:2b:de:cd:2b:31:4e:b8:
74:a5:a7:3b:62:75:27:72:76:50:50:cf:26:f9:a0:
5f:e3:cf:fd:f2:fd:90:36:de:fb:c2:f1:22:ef:7d:
8b:05:9f:f3:a1:85:dc:22:ca:71:4c:4e:07:94:36:
6f:fc:3b:c4:16:ec:c3:00:6b:fa:bb:a3:73:1a:cc:
63:09:df:37:f9:54:97:2e:89:aa:99:e4:ba:31:2a:
05:0a:dd:7f:1e:72:7b:cf:01:ad:99:11:50:e2:47:
05:c4:7d:ca:18:3c:30:76:b3:d3:8a:f8:d9:d3:2a:
de:f2:39:4b:d8:73:2e:0a:c7:09:8f:3c:ce:dd:95:
70:e0:4a:a7:fa:12:c1:91:52:4e:38:7e:b4:ff:63:
54:d3:1a:19:8a:d1:8a:53:5d:7d:74:26:f4:b9:51:
8a:e8:31:22:3d:6c:5f:b0:61:78:55:38:b7:76:9d:
90:ac:d6:ae:f1:77:32:70:95:96:b6:ca:3b:ee:90:
7b:59:ba:05:3a:eb:b6:0c:5f:32:30:fb:90:11:a6:
d0:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:C6:3D:19:B3:BC:BF:E9:28:65:09:D5:8F:BB:E6:9D:AF:77:45:45
X509v3 Authority Key Identifier:
keyid:45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/DB0AB772374611EEB3C13E13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.108.70.0/24
Signature Algorithm: sha256WithRSAEncryption
17:34:32:95:4f:1d:10:49:a3:2a:1d:fa:72:28:9d:36:40:0d:
bd:68:e1:7a:86:c1:7f:30:a5:d1:c0:ba:13:bd:3c:d4:b6:86:
fa:d1:25:de:bc:67:5a:aa:f5:88:60:89:39:e3:15:60:85:00:
53:5e:30:99:79:19:a4:4d:29:0f:02:31:ff:48:b3:fa:6f:1e:
99:f9:eb:72:e7:43:9c:25:ae:da:9f:d2:c1:ed:5a:c6:11:d7:
6e:12:96:43:c8:47:88:89:80:4e:57:6c:2b:e1:23:97:72:00:
30:4a:93:4f:18:c1:dd:32:59:12:15:bf:66:3a:17:6f:a8:15:
8d:d6:23:35:33:e7:a6:06:2d:fb:be:3c:7d:9b:8c:c2:2f:ec:
cc:5b:cc:67:ea:c6:b4:08:db:7d:17:23:eb:50:8d:fe:a7:59:
cf:07:a0:e7:85:06:2f:51:a7:57:db:cb:68:48:ad:4d:dd:7e:
4f:82:47:dd:b3:91:dd:9c:94:53:ab:dd:ae:37:51:82:56:8c:
41:7c:19:81:0c:db:e6:60:fc:28:8a:b7:4d:b9:a9:97:dc:d7:
a1:00:1b:f9:46:e2:bb:68:f4:03:2f:c1:80:82:29:29:3b:0a:
83:b2:00:16:09:5b:17:68:c5:95:f9:cf:28:44:9e:19:50:65:
da:11:71:8e
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBXzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
NjU1MDExMC8GA1UEBRMoNDU2RUVBMDY5MkM2QTRGMjZGNTNEMkQyMzdEMUNCNERD
RDc4MzMwNTAeFw0yMzA4MTAwNjI2MzZaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZDQ4MzFiLTVkNGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCt4FiwuZQY24CJKpq34hqxZQ+W/ZZ1v4B/rAQWjSBD0DfG5e2lRBqKGBXE+gUi
fUs+PXUcK97NKzFOuHSlpztidSdydlBQzyb5oF/jz/3y/ZA23vvC8SLvfYsFn/Oh
hdwiynFMTgeUNm/8O8QW7MMAa/q7o3MazGMJ3zf5VJcuiaqZ5LoxKgUK3X8ecnvP
Aa2ZEVDiRwXEfcoYPDB2s9OK+NnTKt7yOUvYcy4KxwmPPM7dlXDgSqf6EsGRUk44
frT/Y1TTGhmK0YpTXX10JvS5UYroMSI9bF+wYXhVOLd2nZCs1q7xdzJwlZa2yjvu
kHtZugU667YMXzIw+5ARptDRAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUM8Y9GbO8
v+koZQnVj7vmna93RUUwHwYDVR0jBBgwFoAURW7qBpLGpPJvU9LSN9HLTc14MwUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM2NTUwLzg0MDA5NTRBQ0VD
NDExRUQ4QTgzRkIxMUM0RjlBRTAyL1JXN3FCcExHcFBKdlU5TFNOOUhMVGMxNE13
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUlc3cUJwTEdwUEp2VTlMU045SExUYzE0TXdVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NjU1MC84NDAwOTU0QUNFQzQxMUVEOEE4M0ZCMTFDNEY5QUUwMi9EQjBBQjc3MjM3
NDYxMUVFQjNDMTNFMTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAHtsRjANBgkqhkiG9w0BAQsFAAOCAQEAFzQylU8dEEmjKh36
ciidNkANvWjheobBfzCl0cC6E7081LaG+tEl3rxnWqr1iGCJOeMVYIUAU14wmXkZ
pE0pDwIx/0iz+m8emfnrcudDnCWu2p/Swe1axhHXbhKWQ8hHiImATldsK+Ejl3IA
MEqTTxjB3TJZEhW/ZjoXb6gVjdYjNTPnpgYt+748fZuMwi/szFvMZ+rGtAjbfRcj
61CN/qdZzweg54UGL1GnV9vLaEitTd1+T4JH3bOR3ZyUU6vdrjdRglaMQXwZgQzb
5mD8KIq3Tbmpl9zXoQAb+Ubiu2j0Ay/BgIIpKTsKg7IAFglbF2jFlfnPKESeGVBl
2hFxjg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org