Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/4071CB0C562511EFAB3D8A10C4F9AE02.roa
File: 4071CB0C562511EFAB3D8A10C4F9AE02.roa (raw, json)
Hash identifier: qPS7KNjfAsSgSX5sMhXZxB9XvS++xOc80B7EqyXmeHM=
Subject key identifier: 6C:14:BF:77:B6:06:17:93:C2:C3:8D:58:6D:FC:0E:CF:F6:D1:58:22
Certificate issuer: /CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Certificate serial: 34F1
Authority key identifier: 58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/4071CB0C562511EFAB3D8A10C4F9AE02.roa
Signing time: Fri 09 Aug 2024 07:59:07 +0000
ROA not before: Fri 09 Aug 2024 07:59:07 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.68.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Aug 2024 00:15:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13553 (0x34f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Validity
Not Before: Aug 9 07:59:07 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=66b5cc4a-bc07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:62:60:f5:72:ff:85:8f:7d:9b:04:8a:b2:3d:
d6:8a:c3:b8:5e:7b:c0:34:a7:56:b3:c6:39:f2:d4:
01:c1:b6:13:cd:cc:df:22:9a:da:7d:05:e0:9d:64:
db:ad:fb:1a:00:7f:36:87:2c:93:16:42:47:71:52:
b5:d9:58:05:9f:ee:bd:e1:6f:77:67:c1:9d:0e:37:
68:e9:4e:9b:5e:98:9f:ce:ca:f4:d6:89:10:c4:d9:
17:83:58:87:ff:c5:9b:0e:8e:19:97:eb:15:7a:4d:
e9:38:5f:02:3c:80:ea:2b:30:24:93:60:a3:7a:ca:
b0:77:5c:d6:ce:16:a9:51:d1:8f:f5:06:cb:bb:3f:
bc:a2:ec:e0:3f:44:55:4b:11:db:f6:92:f7:08:f4:
c9:03:b4:8e:c9:48:81:05:d4:2d:18:b3:dd:67:d7:
c6:9e:8f:c3:23:5e:04:46:83:91:96:37:81:92:72:
6e:36:1c:08:ae:1e:13:c1:e0:34:01:a6:22:b8:48:
8e:7e:21:bd:ef:ae:ea:58:aa:8d:66:38:93:1a:98:
8e:78:72:ea:71:07:74:e8:ef:3c:ec:03:3c:85:3b:
ca:e1:8f:43:36:2a:0e:33:51:a4:d8:b4:cc:67:7e:
52:bf:3d:10:bc:02:e7:3c:60:63:79:43:bb:95:4d:
af:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:14:BF:77:B6:06:17:93:C2:C3:8D:58:6D:FC:0E:CF:F6:D1:58:22
X509v3 Authority Key Identifier:
keyid:58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/4071CB0C562511EFAB3D8A10C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.68.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:01:35:8b:28:10:29:53:9a:79:6c:7a:78:72:6a:a4:fd:c4:
c6:68:d6:97:77:3d:15:e7:bf:60:78:fd:04:81:c2:5c:77:5d:
81:b0:c0:a3:25:ec:cb:f5:19:57:83:5d:87:39:01:ff:78:e9:
fe:fe:51:1a:45:02:54:95:2c:11:53:c7:50:a4:f6:f0:17:9d:
50:e9:9a:fb:dd:d2:f5:a2:d7:de:64:19:5e:fd:84:42:9e:34:
50:15:bb:23:4f:3a:bc:4a:d3:c7:3d:31:48:65:51:7d:dd:80:
85:85:ce:45:5c:73:f8:00:e1:52:4c:1b:76:ad:d9:04:23:d0:
35:67:7f:f6:38:12:9a:eb:2b:f7:b3:25:25:50:61:f8:fd:9b:
89:f3:b0:a2:12:7b:05:75:62:fe:e5:1c:80:33:d3:92:a2:d1:
1c:e9:53:0a:7b:3c:7a:84:1a:9d:fb:9e:89:c3:51:bf:a5:8f:
f4:f4:77:48:d4:ec:78:59:53:05:46:48:1e:4f:33:04:7f:fe:
b9:33:21:10:82:9d:c7:68:ab:0f:51:05:20:59:80:ed:7a:4a:
92:aa:31:2f:7b:90:47:c4:72:5d:a3:35:e9:57:09:77:bc:17:
e1:e5:3f:92:99:27:74:b6:17:c3:e7:62:df:98:1b:07:65:e4:
89:3d:35:bc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNPEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThDOTAxMTAvBgNVBAUTKDU4QTE5NkE3QkYwNkYyRTE2RTkwOUQyNzcxNDFCQTQ0
OTExRjFGNEYwHhcNMjQwODA5MDc1OTA3WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmI1Y2M0YS1iYzA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA32Jg9XL/hY99mwSKsj3WisO4XnvANKdWs8Y58tQBwbYTzczfIprafQXgnWTb
rfsaAH82hyyTFkJHcVK12VgFn+694W93Z8GdDjdo6U6bXpifzsr01okQxNkXg1iH
/8WbDo4Zl+sVek3pOF8CPIDqKzAkk2Cjesqwd1zWzhapUdGP9QbLuz+8ouzgP0RV
SxHb9pL3CPTJA7SOyUiBBdQtGLPdZ9fGno/DI14ERoORljeBknJuNhwIrh4TweA0
AaYiuEiOfiG9767qWKqNZjiTGpiOeHLqcQd06O887AM8hTvK4Y9DNioOM1Gk2LTM
Z35Svz0QvALnPGBjeUO7lU2vXwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGwUv3e2
BheTwsONWG38Ds/20VgiMB8GA1UdIwQYMBaAFFihlqe/BvLhbpCdJ3FBukSRHx9P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM5MC8yRDFCRUJFNDFE
OTUxMUUyODhFNkIzRkEwOEIwMkNEMi9XS0dXcDc4Rzh1RnVrSjBuY1VHNlJKRWZI
MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dLR1dwNzhHOHVGdWtKMG5jVUc2UkpFZkgwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThDOTAvMkQxQkVCRTQxRDk1MTFFMjg4RTZCM0ZBMDhCMDJDRDIvNDA3MUNCMEM1
NjI1MTFFRkFCM0Q4QTEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnRHgwDQYJKoZIhvcNAQELBQADggEBADwBNYsoEClTmnls
enhyaqT9xMZo1pd3PRXnv2B4/QSBwlx3XYGwwKMl7Mv1GVeDXYc5Af946f7+URpF
AlSVLBFTx1Ck9vAXnVDpmvvd0vWi195kGV79hEKeNFAVuyNPOrxK08c9MUhlUX3d
gIWFzkVcc/gA4VJMG3at2QQj0DVnf/Y4EprrK/ezJSVQYfj9m4nzsKISewV1Yv7l
HIAz05Ki0RzpUwp7PHqEGp37nonDUb+lj/T0d0jU7HhZUwVGSB5PMwR//rkzIRCC
ncdoqw9RBSBZgO16SpKqMS97kEfEcl2jNelXCXe8F+HlP5KZJ3S2F8PnYt+YGwdl
5Ik9Nbw=
-----END CERTIFICATE-----
Generated at Wed Aug 14 04:26:01 2024 by rpki-client on console-fra.rpki-client.org