Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/DBB7EA06F1E611EC96058113C4F9AE02.roa
File: DBB7EA06F1E611EC96058113C4F9AE02.roa (raw, json)
Hash identifier: M+iTAE/Kt9WcrBBohPmz3kYmEOrXGZZZzph3AAgTosE=
Subject key identifier: 9B:C9:3F:3C:44:27:2E:DA:A4:A3:D3:4A:31:B1:C7:0D:33:19:7C:96
Certificate issuer: /CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Certificate serial: 3423
Authority key identifier: 58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/DBB7EA06F1E611EC96058113C4F9AE02.roa
Signing time: Mon 02 Oct 2023 15:11:00 +0000
ROA not before: Mon 02 Oct 2023 15:11:00 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 49901
IP address blocks: 117.121.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 22:34:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13347 (0x3423)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Validity
Not Before: Oct 2 15:11:00 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=651add84-d84c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:88:38:ff:59:c3:ea:70:9a:f6:db:1b:1c:cf:
c9:54:09:6d:e1:fa:4f:6f:6d:04:99:32:44:35:60:
54:f8:e2:c4:11:40:37:ee:10:07:17:b5:14:b8:b0:
e7:64:9f:fb:a0:bb:7a:6b:88:00:9b:2e:2e:f4:94:
0f:5c:9b:b5:12:37:77:d5:3f:44:0e:d5:f0:81:a1:
20:ba:d1:bf:9a:c4:ad:92:07:d5:c1:23:2d:c3:59:
09:7a:3e:0b:5c:72:d5:be:a2:a7:2e:2a:fc:fe:5e:
6f:88:e1:bd:92:3e:72:66:79:e3:cf:53:b7:5a:85:
78:2e:f4:89:2c:24:11:e8:e7:17:e0:f4:70:42:72:
b8:eb:4b:85:b4:09:52:19:30:2b:9c:17:97:6e:0e:
5f:fd:85:ec:d9:66:a2:eb:3c:20:cf:c8:48:31:32:
46:1b:0f:66:dc:5f:2c:59:ef:39:5e:6a:08:2d:d2:
38:2f:e2:e7:34:8d:02:8d:3d:46:a6:bc:c6:67:de:
a6:5a:53:99:5e:65:c7:15:80:80:d6:e7:e5:17:35:
57:51:12:c7:b1:3d:c0:26:ca:d5:74:92:8f:2a:5d:
19:3c:cf:64:d4:39:7e:1f:4d:b0:c9:87:62:1d:66:
6f:3e:ac:eb:4a:5d:72:00:ad:d7:13:23:2b:12:bd:
b4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:C9:3F:3C:44:27:2E:DA:A4:A3:D3:4A:31:B1:C7:0D:33:19:7C:96
X509v3 Authority Key Identifier:
keyid:58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/DBB7EA06F1E611EC96058113C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
117.121.245.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:8f:5a:7b:12:79:38:c4:d4:89:1a:72:f0:35:8a:87:fa:39:
b8:75:6f:bc:b7:63:31:27:a1:6f:1a:a1:b6:50:74:1d:95:dd:
8c:a5:f2:0b:61:f6:02:32:9f:52:a0:c5:49:6a:43:a6:04:14:
07:1b:ee:fe:96:cf:d3:74:17:e7:a4:00:d2:d2:41:8c:d0:3b:
ce:22:b3:34:dc:f8:b1:7c:b8:b5:30:65:6e:b3:c1:41:81:51:
6c:81:9c:02:5e:f3:ef:1f:52:a5:3b:1c:dd:5c:c5:a8:b6:e1:
86:de:2f:c3:44:a7:31:56:71:cf:ee:7d:62:4a:ce:53:df:5b:
02:7d:76:f1:b6:05:d0:e8:70:2a:31:29:71:6b:9b:fd:86:1a:
e3:98:0e:19:d2:d2:c2:f9:8f:ce:92:90:56:ae:31:9c:1d:70:
f4:a2:2f:be:85:9e:5f:7b:95:58:25:6a:a8:45:67:57:85:f7:
9b:44:cd:74:9e:f9:ac:8f:0a:e6:a0:53:ca:0a:5f:23:74:89:
25:50:14:19:77:7d:e8:69:48:29:58:e0:dc:01:51:1b:f0:81:
af:40:28:c6:a3:7c:fb:76:0d:cd:f7:c1:f9:3b:ca:84:e8:7e:
68:a8:82:02:8e:b2:db:9d:27:27:87:26:89:9e:5c:89:02:80:
bd:44:0f:c4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNCMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThDOTAxMTAvBgNVBAUTKDU4QTE5NkE3QkYwNkYyRTE2RTkwOUQyNzcxNDFCQTQ0
OTExRjFGNEYwHhcNMjMxMDAyMTUxMTAwWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFhZGQ4NC1kODRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo4g4/1nD6nCa9tsbHM/JVAlt4fpPb20EmTJENWBU+OLEEUA37hAHF7UUuLDn
ZJ/7oLt6a4gAmy4u9JQPXJu1Ejd31T9EDtXwgaEgutG/msStkgfVwSMtw1kJej4L
XHLVvqKnLir8/l5viOG9kj5yZnnjz1O3WoV4LvSJLCQR6OcX4PRwQnK460uFtAlS
GTArnBeXbg5f/YXs2Wai6zwgz8hIMTJGGw9m3F8sWe85XmoILdI4L+LnNI0CjT1G
przGZ96mWlOZXmXHFYCA1uflFzVXURLHsT3AJsrVdJKPKl0ZPM9k1Dl+H02wyYdi
HWZvPqzrSl1yAK3XEyMrEr20ywIDAQABo4IClTCCApEwHQYDVR0OBBYEFJvJPzxE
Jy7apKPTSjGxxw0zGXyWMB8GA1UdIwQYMBaAFFihlqe/BvLhbpCdJ3FBukSRHx9P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM5MC8yRDFCRUJFNDFE
OTUxMUUyODhFNkIzRkEwOEIwMkNEMi9XS0dXcDc4Rzh1RnVrSjBuY1VHNlJKRWZI
MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dLR1dwNzhHOHVGdWtKMG5jVUc2UkpFZkgwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThDOTAvMkQxQkVCRTQxRDk1MTFFMjg4RTZCM0ZBMDhCMDJDRDIvREJCN0VBMDZG
MUU2MTFFQzk2MDU4MTEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB1efUwDQYJKoZIhvcNAQELBQADggEBAJ6PWnsSeTjE1Ika
cvA1iof6Obh1b7y3YzEnoW8aobZQdB2V3Yyl8gth9gIyn1KgxUlqQ6YEFAcb7v6W
z9N0F+ekANLSQYzQO84iszTc+LF8uLUwZW6zwUGBUWyBnAJe8+8fUqU7HN1cxai2
4YbeL8NEpzFWcc/ufWJKzlPfWwJ9dvG2BdDocCoxKXFrm/2GGuOYDhnS0sL5j86S
kFauMZwdcPSiL76Fnl97lVglaqhFZ1eF95tEzXSe+ayPCuagU8oKXyN0iSVQFBl3
fehpSClY4NwBURvwga9AKMajfPt2Dc33wfk7yoTofmioggKOstudJyeHJomeXIkC
gL1ED8Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org