Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/E3DEDE3200E111EE9358EB4DC4F9AE02.roa
File: E3DEDE3200E111EE9358EB4DC4F9AE02.roa (raw, json)
Hash identifier: DTQ645ctvPFwZtDkUcJ9LGDtO6b85HKPtBY8+q8UNDY=
Subject key identifier: 0E:42:1E:A3:E5:B7:59:98:E6:68:9A:3B:B7:D3:AB:3E:AF:5B:07:F7
Certificate issuer: /CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Certificate serial: 27
Authority key identifier: 45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/E3DEDE3200E111EE9358EB4DC4F9AE02.roa
Signing time: Sat 03 Jun 2023 08:17:11 +0000
ROA not before: Sat 03 Jun 2023 08:17:11 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 123.108.70.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39 (0x27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Validity
Not Before: Jun 3 08:17:11 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=647af707-2c1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:39:7a:a2:37:61:9c:58:56:61:03:2c:bb:5f:
5a:1d:e7:15:0a:bd:84:a4:c2:d7:15:5f:b9:30:e7:
ac:20:7a:66:62:80:fa:75:9b:ba:49:10:14:6c:9c:
dd:80:97:7b:32:18:d3:5a:d2:d0:6e:51:9c:3e:c4:
ad:29:5a:2c:39:7a:b8:fb:58:f7:2a:ea:75:10:8e:
dc:78:4d:e8:cc:eb:b7:1d:79:52:25:ec:d3:52:c1:
4a:b9:c2:4d:7b:4d:26:ae:44:9d:61:ce:72:17:c6:
18:b7:aa:01:ec:46:e2:91:88:68:d3:77:11:97:87:
f4:59:9f:57:1c:95:e8:b7:54:3c:24:06:fc:54:50:
55:23:9b:64:ec:e4:0e:84:d5:71:5c:6f:d1:d2:74:
8b:71:fb:43:ff:a6:49:22:2a:51:d8:ac:09:9d:a7:
41:d4:b5:af:f5:6d:1e:e4:24:bc:21:35:fc:6c:23:
82:ec:1d:7b:d1:a1:e8:6f:7b:4b:4a:e8:9d:39:1e:
ca:52:f5:b7:2d:3d:5e:97:e3:fa:56:5d:cc:ad:1d:
ea:68:91:ad:00:a1:0f:47:4b:07:0c:9d:fe:85:f9:
36:44:d8:16:d3:d7:61:4a:4b:b2:77:ba:e5:ac:f9:
08:4b:9f:1d:f1:8c:a3:7b:58:39:b3:19:70:d9:55:
06:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:42:1E:A3:E5:B7:59:98:E6:68:9A:3B:B7:D3:AB:3E:AF:5B:07:F7
X509v3 Authority Key Identifier:
keyid:45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/E3DEDE3200E111EE9358EB4DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.108.70.0/24
Signature Algorithm: sha256WithRSAEncryption
65:8a:db:0c:04:5d:dc:b3:1b:7b:81:0f:9b:26:bd:81:eb:33:
b1:d4:14:1b:e6:f2:04:bf:19:d3:8c:62:58:aa:68:c2:65:8d:
f5:68:c0:39:9f:5a:f0:e6:9e:1f:fe:71:5c:c3:3a:c1:42:24:
95:ec:4c:9f:69:3c:84:bf:6e:28:e6:ae:1a:f0:31:6a:60:31:
3b:b5:70:87:8a:fb:86:86:41:5f:05:c1:d3:9e:80:bd:00:fb:
b6:cf:d3:84:38:4f:c5:2a:f6:a5:7c:32:ef:f5:59:ae:21:7d:
60:02:d3:39:06:48:a4:7d:99:91:0e:2f:d9:bf:49:9e:d2:37:
25:90:47:0e:15:74:ba:74:44:d2:4e:ef:32:e7:96:f0:01:89:
0f:eb:10:83:19:d0:51:73:29:32:9a:3a:93:0b:4c:b8:04:af:
f0:2e:f3:0a:1d:38:5c:9e:3f:b0:50:54:c2:6c:52:fc:19:e6:
5c:33:cf:c1:6f:df:ee:74:2e:46:ff:99:ef:af:0e:5b:72:ca:
2c:f4:51:97:6f:4f:86:17:39:c4:42:1b:32:f2:4c:f5:82:ea:
45:72:f9:b2:99:da:6e:ae:3e:a3:ec:72:11:17:8b:1d:ba:83:
60:49:a0:ba:b5:4d:97:73:a4:48:fe:e1:53:bf:09:04:27:f0:
38:b9:00:ac
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBJzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
NjU1MDExMC8GA1UEBRMoNDU2RUVBMDY5MkM2QTRGMjZGNTNEMkQyMzdEMUNCNERD
RDc4MzMwNTAeFw0yMzA2MDMwODE3MTFaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0N2FmNzA3LTJjMWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDPOXqiN2GcWFZhAyy7X1od5xUKvYSkwtcVX7kw56wgemZigPp1m7pJEBRsnN2A
l3syGNNa0tBuUZw+xK0pWiw5erj7WPcq6nUQjtx4TejM67cdeVIl7NNSwUq5wk17
TSauRJ1hznIXxhi3qgHsRuKRiGjTdxGXh/RZn1cclei3VDwkBvxUUFUjm2Ts5A6E
1XFcb9HSdItx+0P/pkkiKlHYrAmdp0HUta/1bR7kJLwhNfxsI4LsHXvRoehve0tK
6J05HspS9bctPV6X4/pWXcytHepoka0AoQ9HSwcMnf6F+TZE2BbT12FKS7J3uuWs
+QhLnx3xjKN7WDmzGXDZVQb7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUDkIeo+W3
WZjmaJo7t9OrPq9bB/cwHwYDVR0jBBgwFoAURW7qBpLGpPJvU9LSN9HLTc14MwUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM2NTUwLzg0MDA5NTRBQ0VD
NDExRUQ4QTgzRkIxMUM0RjlBRTAyL1JXN3FCcExHcFBKdlU5TFNOOUhMVGMxNE13
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUlc3cUJwTEdwUEp2VTlMU045SExUYzE0TXdVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NjU1MC84NDAwOTU0QUNFQzQxMUVEOEE4M0ZCMTFDNEY5QUUwMi9FM0RFREUzMjAw
RTExMUVFOTM1OEVCNERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAHtsRjANBgkqhkiG9w0BAQsFAAOCAQEAZYrbDARd3LMbe4EP
mya9geszsdQUG+byBL8Z04xiWKpowmWN9WjAOZ9a8OaeH/5xXMM6wUIklexMn2k8
hL9uKOauGvAxamAxO7Vwh4r7hoZBXwXB056AvQD7ts/ThDhPxSr2pXwy7/VZriF9
YALTOQZIpH2ZkQ4v2b9JntI3JZBHDhV0unRE0k7vMueW8AGJD+sQgxnQUXMpMpo6
kwtMuASv8C7zCh04XJ4/sFBUwmxS/BnmXDPPwW/f7nQuRv+Z768OW3LKLPRRl29P
hhc5xEIbMvJM9YLqRXL5spnabq4+o+xyEReLHbqDYEmgurVNl3OkSP7hU78JBCfw
OLkArA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:07 2023 by rpki-client on console-fra.rpki-client.org