Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/890751E8C19B11EAA18AC01FC4F9AE02.roa
File: 890751E8C19B11EAA18AC01FC4F9AE02.roa (raw, json)
Hash identifier: JRulwo7OzW8s0RYtlzVvK62En0eFTLzXRZ90Uay1ipU=
Subject key identifier: 74:B2:89:50:68:4B:14:83:68:84:36:B0:93:8D:8A:12:C9:3E:DB:24
Certificate issuer: /CN=A91CE978/serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE
Certificate serial: 335F
Authority key identifier: 6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/890751E8C19B11EAA18AC01FC4F9AE02.roa
Signing time: Wed 12 Apr 2023 15:10:44 +0000
ROA not before: Wed 12 Apr 2023 15:10:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38477
IP address blocks: 103.11.124.0/22 maxlen: 24
116.90.128.0/20 maxlen: 24
120.136.62.0/24 maxlen: 24
122.102.108.0/23 maxlen: 23
202.6.116.0/23 maxlen: 23
2401:f000::/32 maxlen: 32
2401:f000::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Apr 2024 21:14:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13151 (0x335f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CE978/serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE
Validity
Not Before: Apr 12 15:10:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6436c9f4-01b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f5:d3:97:b4:16:f2:20:da:86:a1:10:1e:9c:
3d:ff:32:ae:99:2a:6d:05:f2:e5:20:dd:30:22:84:
7b:af:64:fa:06:51:9c:0e:83:c6:6e:ef:b1:b2:11:
83:f5:6f:93:18:7b:10:2b:0a:ca:f1:4e:b2:67:f7:
b9:f4:1b:96:76:3d:2c:31:c1:c3:ce:57:91:3a:85:
08:a9:00:27:88:23:7a:f0:62:c1:f9:09:55:ce:2a:
49:1e:97:ef:bf:6a:a5:f3:ec:d6:b3:39:5d:36:e5:
dc:39:2a:56:6f:18:24:48:aa:b3:80:6f:80:05:93:
9c:c9:0e:e5:c8:8e:0e:79:0c:a8:b4:6d:7c:02:68:
c5:de:26:0f:82:61:47:97:18:57:2c:92:5d:d9:7e:
c2:f3:b8:1d:72:33:d9:0e:e2:87:d6:00:1f:69:81:
71:76:a9:02:77:31:99:89:53:86:db:3c:38:3f:ce:
d5:2b:87:50:08:f7:ec:56:1e:a2:5f:04:da:76:69:
24:3d:9f:9c:af:c9:4c:b9:a4:4f:64:c8:1e:f7:67:
ab:34:44:df:68:bf:d0:b2:05:7c:7a:c6:fa:bc:5b:
6d:47:33:cc:2d:25:e9:53:1b:06:95:e1:16:4b:31:
0e:90:1d:04:a1:f8:54:7d:5e:dc:6b:a9:0c:d4:7c:
03:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B2:89:50:68:4B:14:83:68:84:36:B0:93:8D:8A:12:C9:3E:DB:24
X509v3 Authority Key Identifier:
keyid:6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/890751E8C19B11EAA18AC01FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.124.0/22
116.90.128.0/20
120.136.62.0/24
122.102.108.0/23
202.6.116.0/23
IPv6:
2401:f000::/32
Signature Algorithm: sha256WithRSAEncryption
99:83:fc:16:5d:83:55:5f:29:ec:e0:e6:7a:bd:a8:be:56:6c:
4b:2b:6f:7d:99:02:98:43:ec:6c:d3:83:8c:00:a8:e5:ad:bd:
3b:7c:44:5c:ba:b7:30:5f:b3:68:d5:1d:df:ce:35:7c:17:0e:
38:13:63:3f:b7:1a:03:48:e0:70:1b:06:66:00:58:50:50:01:
bf:5b:da:85:a1:5b:83:21:a2:e1:8f:c8:e6:c3:03:5a:c4:9d:
3c:8f:0d:13:83:41:bf:bc:af:08:93:4f:fe:9a:7f:07:89:ac:
4a:5f:83:09:b8:79:db:73:6d:64:b2:9e:bc:af:15:e2:72:cd:
6b:d2:82:a5:13:eb:ee:f8:e6:cb:86:1e:83:da:d3:b4:d5:de:
a5:b3:6b:59:c8:13:a2:2b:5c:42:9a:aa:3d:e0:4a:e5:82:58:
d2:fb:af:50:fc:75:1f:cb:41:bc:76:3d:04:8e:b8:12:15:14:
23:28:5e:28:1b:65:d4:41:eb:35:6a:f9:96:be:e7:a4:70:a5:
70:78:e9:49:97:89:38:2f:9e:41:e1:34:00:4e:28:5d:4b:1f:
41:71:fe:f6:6b:bd:02:8f:4f:44:10:f4:cc:af:6f:e0:55:79:
20:2e:30:42:cb:8b:6e:6b:5b:f8:c8:b5:e5:e7:6a:73:3a:1e:
cf:d3:85:ac
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICM18wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0U5NzgxMTAvBgNVBAUTKDZBMUU0RjcyODQ3RUIzNjk5NTIyQzkzRDI2NzczRjBE
RjgzOTZFQkUwHhcNMjMwNDEyMTUxMDQ0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM2YzlmNC0wMWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx/XTl7QW8iDahqEQHpw9/zKumSptBfLlIN0wIoR7r2T6BlGcDoPGbu+xshGD
9W+TGHsQKwrK8U6yZ/e59BuWdj0sMcHDzleROoUIqQAniCN68GLB+QlVzipJHpfv
v2ql8+zWszldNuXcOSpWbxgkSKqzgG+ABZOcyQ7lyI4OeQyotG18AmjF3iYPgmFH
lxhXLJJd2X7C87gdcjPZDuKH1gAfaYFxdqkCdzGZiVOG2zw4P87VK4dQCPfsVh6i
XwTadmkkPZ+cr8lMuaRPZMge92erNETfaL/QsgV8esb6vFttRzPMLSXpUxsGleEW
SzEOkB0EofhUfV7ca6kM1HwD9wIDAQABo4ICvDCCArgwHQYDVR0OBBYEFHSyiVBo
SxSDaIQ2sJONihLJPtskMB8GA1UdIwQYMBaAFGoeT3KEfrNplSLJPSZ3Pw34OW6+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTk3OC8zMjIzRjM1RTFE
OTgxMUUyOEE4QzJFODIwOEIwMkNEMi9haDVQY29SLXMybVZJc2s5Sm5jX0RmZzVi
cjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FoNVBjb1ItczJtVklzazlKbmNfRGZnNWJyNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0U5NzgvMzIyM0YzNUUxRDk4MTFFMjhBOEMyRTgyMDhCMDJDRDIvODkwNzUxRThD
MTlCMTFFQUExOEFDMDFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAJnC3wDBAR0WoADBAB4iD4DBAF6ZmwDBAHKBnQwDQQCAAIw
BwMFACQB8AAwDQYJKoZIhvcNAQELBQADggEBAJmD/BZdg1VfKezg5nq9qL5WbEsr
b32ZAphD7GzTg4wAqOWtvTt8RFy6tzBfs2jVHd/ONXwXDjgTYz+3GgNI4HAbBmYA
WFBQAb9b2oWhW4MhouGPyObDA1rEnTyPDRODQb+8rwiTT/6afweJrEpfgwm4edtz
bWSynryvFeJyzWvSgqUT6+745suGHoPa07TV3qWza1nIE6IrXEKaqj3gSuWCWNL7
r1D8dR/LQbx2PQSOuBIVFCMoXigbZdRB6zVq+Za+56RwpXB46UmXiTgvnkHhNABO
KF1LH0Fx/vZrvQKPT0QQ9Myvb+BVeSAuMELLi25rW/jIteXnanM6Hs/Thaw=
-----END CERTIFICATE-----
Generated at Mon Apr 1 21:57:14 2024 by rpki-client on console-ams.rpki-client.org