Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/3FA0266A562511EFAB3D8A10C4F9AE02.roa
File: 3FA0266A562511EFAB3D8A10C4F9AE02.roa (raw, json)
Hash identifier: c2pPOxAe4RmpyJyMZOgmwQnLLFZlgJddB5HyhSqvvDs=
Subject key identifier: 2A:27:23:5D:9D:01:F7:D8:B2:97:1E:6B:B3:60:FA:E6:DF:90:0F:C6
Certificate issuer: /CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Certificate serial: 34F0
Authority key identifier: 58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/3FA0266A562511EFAB3D8A10C4F9AE02.roa
Signing time: Fri 09 Aug 2024 07:59:05 +0000
ROA not before: Fri 09 Aug 2024 07:59:05 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 152565
IP address blocks: 117.121.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Aug 2024 11:21:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13552 (0x34f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Validity
Not Before: Aug 9 07:59:05 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=66b5cc49-721f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:4b:7c:84:40:65:82:23:84:58:c2:a0:eb:a8:
a7:31:a2:03:b7:cb:2d:aa:67:3b:79:e2:6f:d2:78:
87:50:80:e7:06:e3:e4:ab:a9:46:1c:7f:cb:f0:9e:
1e:68:ff:9b:70:40:50:c8:e8:20:d4:14:10:39:aa:
c2:be:4a:a9:10:85:ee:04:5d:39:e8:2b:27:2c:ae:
31:64:b9:4a:a2:e8:94:61:a5:05:cc:dd:61:23:8d:
db:5c:13:79:f0:f7:ec:72:b2:5e:71:2d:09:ba:93:
77:fd:e7:c8:1d:f6:ee:d0:b9:75:bc:59:21:32:0b:
9e:b6:61:8c:e2:91:5a:26:3f:04:1f:ba:13:ee:15:
99:5e:21:d6:23:64:6e:7a:3e:af:bc:eb:b5:25:67:
b2:b9:2f:09:36:f9:4f:71:ae:c4:04:98:ae:25:af:
64:4a:5a:dc:72:49:e6:47:ba:d6:58:d2:63:65:66:
07:f9:00:41:6a:81:a9:00:c6:93:63:9a:e5:ad:1f:
31:db:12:d4:d2:d1:40:85:74:ce:22:4c:d9:ce:3b:
e4:e5:cf:c5:3d:cc:c9:ec:ba:00:3c:86:98:ce:68:
cc:4a:48:32:69:29:75:95:c0:e5:d2:51:ae:36:8d:
ab:cc:70:a9:4e:19:88:fb:13:d5:ad:1a:9c:cb:58:
42:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:27:23:5D:9D:01:F7:D8:B2:97:1E:6B:B3:60:FA:E6:DF:90:0F:C6
X509v3 Authority Key Identifier:
keyid:58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/3FA0266A562511EFAB3D8A10C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
117.121.245.0/24
Signature Algorithm: sha256WithRSAEncryption
39:1e:94:1b:5a:93:19:67:6e:46:17:c2:29:7a:96:cd:1b:7f:
ab:c6:9c:13:8b:a9:65:1f:32:03:df:31:57:7c:55:14:63:38:
ac:3a:16:bd:3f:be:f8:01:bf:00:ab:c0:8b:d9:cc:7f:84:4f:
22:7c:e2:fe:96:ff:58:15:58:35:86:eb:cc:3d:55:eb:ed:53:
15:97:d0:47:b1:93:96:17:d8:07:67:e2:e6:05:78:69:1e:34:
43:24:41:87:6c:e9:6d:9d:bb:b9:6a:a2:ac:49:9a:c0:52:47:
ff:3b:3f:c4:79:00:63:68:f6:4f:81:ec:25:a3:c1:7b:a9:f1:
a5:9c:7b:85:9f:36:68:eb:de:c6:cc:c9:80:23:df:56:cd:53:
0e:8d:c0:27:f3:94:6c:7d:f7:5b:8a:7f:d0:8d:27:ce:c4:28:
fc:e4:81:9b:02:12:57:65:69:b7:08:03:4e:61:80:cb:0f:20:
11:0f:e6:c1:53:c2:50:6d:e2:61:fa:7d:38:43:22:95:de:8a:
2f:0f:b1:37:9f:18:37:94:62:96:24:d9:bc:0e:f3:0f:4f:15:
42:bd:19:ea:b3:97:4a:b0:5e:f7:d8:f7:db:79:e2:18:f3:6b:
69:7d:69:a4:6b:32:a1:21:90:f8:09:e8:68:c6:98:69:b5:17:
89:d1:de:b3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNPAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThDOTAxMTAvBgNVBAUTKDU4QTE5NkE3QkYwNkYyRTE2RTkwOUQyNzcxNDFCQTQ0
OTExRjFGNEYwHhcNMjQwODA5MDc1OTA1WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmI1Y2M0OS03MjFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4kt8hEBlgiOEWMKg66inMaIDt8stqmc7eeJv0niHUIDnBuPkq6lGHH/L8J4e
aP+bcEBQyOgg1BQQOarCvkqpEIXuBF056CsnLK4xZLlKouiUYaUFzN1hI43bXBN5
8PfscrJecS0JupN3/efIHfbu0Ll1vFkhMguetmGM4pFaJj8EH7oT7hWZXiHWI2Ru
ej6vvOu1JWeyuS8JNvlPca7EBJiuJa9kSlrccknmR7rWWNJjZWYH+QBBaoGpAMaT
Y5rlrR8x2xLU0tFAhXTOIkzZzjvk5c/FPczJ7LoAPIaYzmjMSkgyaSl1lcDl0lGu
No2rzHCpThmI+xPVrRqcy1hCPwIDAQABo4IClTCCApEwHQYDVR0OBBYEFConI12d
AffYspcea7Ng+ubfkA/GMB8GA1UdIwQYMBaAFFihlqe/BvLhbpCdJ3FBukSRHx9P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM5MC8yRDFCRUJFNDFE
OTUxMUUyODhFNkIzRkEwOEIwMkNEMi9XS0dXcDc4Rzh1RnVrSjBuY1VHNlJKRWZI
MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dLR1dwNzhHOHVGdWtKMG5jVUc2UkpFZkgwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThDOTAvMkQxQkVCRTQxRDk1MTFFMjg4RTZCM0ZBMDhCMDJDRDIvM0ZBMDI2NkE1
NjI1MTFFRkFCM0Q4QTEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB1efUwDQYJKoZIhvcNAQELBQADggEBADkelBtakxlnbkYX
wil6ls0bf6vGnBOLqWUfMgPfMVd8VRRjOKw6Fr0/vvgBvwCrwIvZzH+ETyJ84v6W
/1gVWDWG68w9VevtUxWX0Eexk5YX2Adn4uYFeGkeNEMkQYds6W2du7lqoqxJmsBS
R/87P8R5AGNo9k+B7CWjwXup8aWce4WfNmjr3sbMyYAj31bNUw6NwCfzlGx991uK
f9CNJ87EKPzkgZsCEldlabcIA05hgMsPIBEP5sFTwlBt4mH6fThDIpXeii8PsTef
GDeUYpYk2bwO8w9PFUK9Geqzl0qwXvfY99t54hjza2l9aaRrMqEhkPgJ6GjGmGm1
F4nR3rM=
-----END CERTIFICATE-----
Generated at Wed Aug 14 15:15:12 2024 by rpki-client on console-ams.rpki-client.org