Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CBB1B/2AD13986A64F11ED9802CA76C4F9AE02/A6B17CD4A65211EDB3A5967CC4F9AE02.roa
File: A6B17CD4A65211EDB3A5967CC4F9AE02.roa (raw, json)
Hash identifier: SjE3fbmXjk1hwbM1egYGueM5eYP2iJd8H1xFpRTATLc=
Subject key identifier: 3A:16:70:CE:33:0E:EF:98:DE:B1:FE:E4:D6:3F:BF:36:97:5A:7F:AB
Certificate issuer: /CN=A91CBB1B/serialNumber=F69BB6F77607399FD342B124CAF8DE8DE47F730F
Certificate serial: 03
Authority key identifier: F6:9B:B6:F7:76:07:39:9F:D3:42:B1:24:CA:F8:DE:8D:E4:7F:73:0F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9pu293YHOZ_TQrEkyvjejeR_cw8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CBB1B/2AD13986A64F11ED9802CA76C4F9AE02/A6B17CD4A65211EDB3A5967CC4F9AE02.roa
Signing time: Mon 06 Feb 2023 19:15:43 +0000
ROA not before: Mon 06 Feb 2023 19:15:43 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 23674
IP address blocks: 103.72.138.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CBB1B/serialNumber=F69BB6F77607399FD342B124CAF8DE8DE47F730F
Validity
Not Before: Feb 6 19:15:43 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63e151df-ccb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:81:9b:4c:8f:f6:58:29:ae:f1:d0:ce:3f:05:
ec:8c:12:24:b4:8f:ca:85:c3:63:9e:7f:31:c8:e2:
8f:3c:06:c0:28:7d:92:be:e8:f4:e9:d6:3b:68:79:
74:64:de:2d:91:48:f6:c1:00:48:49:8c:95:bf:71:
bf:b0:36:f0:e4:c4:10:c5:00:11:64:75:9e:b8:97:
e0:91:26:cb:45:39:b9:9d:7a:79:7e:ca:ac:7e:9c:
0a:e0:ac:82:5a:a7:2b:35:68:ad:ca:e2:30:4d:d4:
5c:c4:6d:80:2c:7a:f5:9a:59:57:d9:d9:36:f6:df:
a9:47:cd:73:ee:63:44:67:71:51:e2:68:f9:6b:91:
04:bf:9c:28:a1:82:e6:23:d7:a4:76:eb:e7:31:cd:
25:14:d7:fb:f4:93:21:0c:b2:80:ba:f0:50:53:4d:
c6:23:25:47:6e:9f:f5:6d:59:85:21:d6:21:9c:0b:
44:90:2c:de:23:28:0d:94:89:17:94:2c:49:ec:51:
bb:ef:32:a5:71:9e:3b:54:ba:2e:b8:6c:bc:59:16:
e2:8f:af:49:82:96:39:67:a9:5d:54:d4:f8:11:28:
73:59:7f:81:7e:a8:89:cf:3c:5d:11:42:e4:2b:c9:
7f:19:83:b3:a8:86:b7:be:04:d9:31:a8:de:42:da:
f5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:16:70:CE:33:0E:EF:98:DE:B1:FE:E4:D6:3F:BF:36:97:5A:7F:AB
X509v3 Authority Key Identifier:
keyid:F6:9B:B6:F7:76:07:39:9F:D3:42:B1:24:CA:F8:DE:8D:E4:7F:73:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CBB1B/2AD13986A64F11ED9802CA76C4F9AE02/9pu293YHOZ_TQrEkyvjejeR_cw8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9pu293YHOZ_TQrEkyvjejeR_cw8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CBB1B/2AD13986A64F11ED9802CA76C4F9AE02/A6B17CD4A65211EDB3A5967CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.138.0/24
Signature Algorithm: sha256WithRSAEncryption
27:22:68:c7:7c:2f:8c:b9:98:5b:5e:07:7a:e7:67:af:66:0a:
b6:80:02:23:fc:47:b7:2e:72:e1:cc:a5:de:08:4e:c3:33:58:
3e:c4:06:f0:1f:14:c9:5a:92:25:a6:9b:09:d1:0c:81:b9:51:
9e:07:26:42:8a:ae:bf:06:82:64:32:7c:84:7a:db:57:5d:72:
df:e6:f6:36:be:f9:c5:ab:e6:bf:d4:bd:6c:86:e6:ae:af:96:
64:2c:96:ce:d5:5c:01:fd:03:7d:6c:c3:41:30:19:a3:db:03:
25:d8:25:d3:c7:d4:0d:6e:37:37:7b:1e:95:2f:a9:38:c7:12:
08:0f:d1:82:5e:65:59:35:f3:0a:82:b0:db:69:34:a4:db:9c:
85:ec:ef:6e:f6:cc:f5:ed:35:9b:9a:84:8c:0a:cb:63:78:e2:
a3:f6:fe:be:dd:2d:35:7f:f7:b0:4c:91:ab:b2:f7:38:1c:fa:
51:94:4f:9a:3d:b0:9e:21:50:19:26:80:39:3f:ca:15:f6:50:
05:4e:fa:3d:5f:06:f0:66:8d:10:a9:7d:48:f6:ae:51:7b:89:
5f:dc:ca:22:bb:22:7d:83:b4:b7:df:2d:4a:92:31:9d:b6:4e:
ea:74:f9:37:05:15:6b:95:da:86:4f:92:e7:44:5e:75:61:ac:
32:8a:b3:b2
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
QkIxQjExMC8GA1UEBRMoRjY5QkI2Rjc3NjA3Mzk5RkQzNDJCMTI0Q0FGOERFOERF
NDdGNzMwRjAeFw0yMzAyMDYxOTE1NDNaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZTE1MWRmLWNjYjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDbgZtMj/ZYKa7x0M4/BeyMEiS0j8qFw2OefzHI4o88BsAofZK+6PTp1jtoeXRk
3i2RSPbBAEhJjJW/cb+wNvDkxBDFABFkdZ64l+CRJstFObmdenl+yqx+nArgrIJa
pys1aK3K4jBN1FzEbYAsevWaWVfZ2Tb236lHzXPuY0RncVHiaPlrkQS/nCihguYj
16R26+cxzSUU1/v0kyEMsoC68FBTTcYjJUdun/VtWYUh1iGcC0SQLN4jKA2UiReU
LEnsUbvvMqVxnjtUui64bLxZFuKPr0mCljlnqV1U1PgRKHNZf4F+qInPPF0RQuQr
yX8Zg7Oohre+BNkxqN5C2vW/AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUOhZwzjMO
75jesf7k1j+/Npdaf6swHwYDVR0jBBgwFoAU9pu293YHOZ/TQrEkyvjejeR/cw8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCQjFCLzJBRDEzOTg2QTY0
RjExRUQ5ODAyQ0E3NkM0RjlBRTAyLzlwdTI5M1lIT1pfVFFyRWt5dmplamVSX2N3
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOXB1MjkzWUhPWl9UUXJFa3l2amVqZVJfY3c4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
QkIxQi8yQUQxMzk4NkE2NEYxMUVEOTgwMkNBNzZDNEY5QUUwMi9BNkIxN0NENEE2
NTIxMUVEQjNBNTk2N0NDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdIijANBgkqhkiG9w0BAQsFAAOCAQEAJyJox3wvjLmYW14H
eudnr2YKtoACI/xHty5y4cyl3ghOwzNYPsQG8B8UyVqSJaabCdEMgblRngcmQoqu
vwaCZDJ8hHrbV11y3+b2Nr75xavmv9S9bIbmrq+WZCyWztVcAf0DfWzDQTAZo9sD
Jdgl08fUDW43N3selS+pOMcSCA/Rgl5lWTXzCoKw22k0pNuchezvbvbM9e01m5qE
jArLY3jio/b+vt0tNX/3sEyRq7L3OBz6UZRPmj2wniFQGSaAOT/KFfZQBU76PV8G
8GaNEKl9SPauUXuJX9zKIrsifYO0t98tSpIxnbZO6nT5NwUVa5Xahk+S50RedWGs
Moqzsg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:08 2023 by rpki-client on console-fra.rpki-client.org