Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/A5EADC5C7C8811EEAC761023C4F9AE02.roa
File: A5EADC5C7C8811EEAC761023C4F9AE02.roa (raw, json)
Hash identifier: 9xuOkXTRfq/adjr6CTndslxuChWSNK+tO/Gr20v4U0I=
Subject key identifier: B9:30:B6:8D:18:2D:D1:C6:01:D4:C5:52:65:88:07:3A:6E:C5:04:AF
Certificate issuer: /CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Certificate serial: 344D
Authority key identifier: 58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/A5EADC5C7C8811EEAC761023C4F9AE02.roa
Signing time: Sat 25 Nov 2023 11:22:54 +0000
ROA not before: Sat 25 Nov 2023 11:22:54 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.68.120.0/24 maxlen: 24
117.121.243.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13389 (0x344d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Validity
Not Before: Nov 25 11:22:54 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6561d90e-9dce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9b:0f:d6:d8:9a:b5:a5:41:91:5f:f0:ec:32:
a7:a4:85:70:2e:e3:3b:a4:54:4e:61:49:e5:61:f3:
b6:22:0e:e4:33:37:52:48:7b:ed:3c:f0:21:e4:6f:
c4:5e:bd:d1:29:c0:96:56:37:eb:26:d1:f4:89:36:
f8:70:b8:e0:39:46:33:91:55:b0:7d:6c:d0:8a:6e:
b4:f7:63:73:ab:6f:6c:e5:75:c4:f3:e9:8f:6d:53:
1b:ab:c8:9b:9b:11:57:dc:00:25:cf:b9:1a:8e:3d:
9d:a0:3e:1f:a0:04:01:3e:b9:d2:ec:ef:81:00:7d:
30:82:8c:cb:59:ce:09:6b:60:37:28:f1:47:cd:e7:
18:22:40:4f:f2:24:32:28:2f:8b:af:98:40:a4:e5:
7f:a9:79:7e:91:cb:b8:d3:7e:7d:55:81:96:92:96:
73:ab:78:e9:ab:6e:5a:b6:40:01:22:d0:61:d6:bd:
ef:1e:b1:14:26:14:59:76:2a:8f:01:32:8d:ac:a6:
1c:41:d7:01:2c:00:f4:8b:ec:a2:bf:35:2b:81:01:
35:b8:ba:9c:9c:3e:88:d1:66:5c:97:fe:6f:48:94:
88:00:25:5b:ec:52:c4:ec:4c:40:74:67:0c:9f:a7:
28:09:57:45:c3:b7:9d:4c:7d:49:49:99:d4:c6:59:
e3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:30:B6:8D:18:2D:D1:C6:01:D4:C5:52:65:88:07:3A:6E:C5:04:AF
X509v3 Authority Key Identifier:
keyid:58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/A5EADC5C7C8811EEAC761023C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.68.120.0/24
117.121.243.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:45:18:ef:b4:17:ae:dd:3c:3e:41:a3:39:4c:22:d0:89:61:
42:fe:46:2c:ad:a6:f3:a5:6d:a3:02:dc:5c:90:3f:82:a8:75:
d0:d9:66:51:ca:c1:77:ce:e1:90:1c:15:71:b4:6c:83:a6:0d:
a3:a0:cb:de:c5:16:71:17:86:a2:21:85:af:4d:63:52:ab:9b:
eb:90:4f:f6:91:e5:e2:15:ae:8a:2e:33:7f:a1:97:c7:29:f5:
9e:62:53:b0:64:ec:a2:33:83:ac:e5:75:3d:e9:33:a3:d1:fb:
8a:62:7a:b6:ec:49:e8:f2:c6:60:e6:49:96:7a:08:d5:03:22:
8a:7a:4e:10:04:93:74:c7:43:d0:2f:bd:15:89:53:d3:5f:bb:
4d:47:90:a6:5b:ae:f4:51:03:d2:54:ad:88:af:81:ec:b5:ac:
30:e2:ff:6a:ad:dd:2b:b0:30:c7:d0:77:76:53:a5:a4:de:d4:
d4:2a:b5:77:49:13:19:97:dd:f2:43:10:c8:72:2d:5a:09:ad:
eb:c6:56:86:f6:77:f9:a9:6e:92:a7:26:85:d0:d3:e0:60:bf:
a3:5d:3f:08:ef:90:59:6a:de:e6:44:e5:67:83:b3:da:a6:45:
e8:20:fa:b1:c5:9c:1f:48:27:f4:ec:bb:fe:76:b4:98:c0:eb:
27:f5:1f:48
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNE0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThDOTAxMTAvBgNVBAUTKDU4QTE5NkE3QkYwNkYyRTE2RTkwOUQyNzcxNDFCQTQ0
OTExRjFGNEYwHhcNMjMxMTI1MTEyMjU0WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTYxZDkwZS05ZGNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsJsP1tiataVBkV/w7DKnpIVwLuM7pFROYUnlYfO2Ig7kMzdSSHvtPPAh5G/E
Xr3RKcCWVjfrJtH0iTb4cLjgOUYzkVWwfWzQim6092Nzq29s5XXE8+mPbVMbq8ib
mxFX3AAlz7kajj2doD4foAQBPrnS7O+BAH0wgozLWc4Ja2A3KPFHzecYIkBP8iQy
KC+Lr5hApOV/qXl+kcu40359VYGWkpZzq3jpq25atkABItBh1r3vHrEUJhRZdiqP
ATKNrKYcQdcBLAD0i+yivzUrgQE1uLqcnD6I0WZcl/5vSJSIACVb7FLE7ExAdGcM
n6coCVdFw7edTH1JSZnUxlnj6wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLkwto0Y
LdHGAdTFUmWIBzpuxQSvMB8GA1UdIwQYMBaAFFihlqe/BvLhbpCdJ3FBukSRHx9P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM5MC8yRDFCRUJFNDFE
OTUxMUUyODhFNkIzRkEwOEIwMkNEMi9XS0dXcDc4Rzh1RnVrSjBuY1VHNlJKRWZI
MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dLR1dwNzhHOHVGdWtKMG5jVUc2UkpFZkgwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThDOTAvMkQxQkVCRTQxRDk1MTFFMjg4RTZCM0ZBMDhCMDJDRDIvQTVFQURDNUM3
Qzg4MTFFRUFDNzYxMDIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnRHgDBAB1efMwDQYJKoZIhvcNAQELBQADggEBAKVFGO+0
F67dPD5BozlMItCJYUL+RiytpvOlbaMC3FyQP4KoddDZZlHKwXfO4ZAcFXG0bIOm
DaOgy97FFnEXhqIhha9NY1Krm+uQT/aR5eIVroouM3+hl8cp9Z5iU7Bk7KIzg6zl
dT3pM6PR+4pierbsSejyxmDmSZZ6CNUDIop6ThAEk3THQ9AvvRWJU9Nfu01HkKZb
rvRRA9JUrYivgey1rDDi/2qt3SuwMMfQd3ZTpaTe1NQqtXdJExmX3fJDEMhyLVoJ
revGVob2d/mpbpKnJoXQ0+Bgv6NdPwjvkFlq3uZE5WeDs9qmRegg+rHFnB9IJ/Ts
u/52tJjA6yf1H0g=
-----END CERTIFICATE-----
Generated at Sun Nov 26 20:26:06 2023 by rpki-client on console-fra.rpki-client.org