Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/F2777CE4BFE811EE9A63E82CC4F9AE02.roa
File: F2777CE4BFE811EE9A63E82CC4F9AE02.roa (raw, json)
Hash identifier: u9RDJ8R9IoBKlRKatp/61S8gAVHIv6qQikr4/lTHg+A=
Subject key identifier: 8A:07:D1:16:65:60:DF:34:FF:91:F6:9B:8F:2F:03:E8:EE:5F:5D:F9
Certificate issuer: /CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Certificate serial: 349C
Authority key identifier: 58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/F2777CE4BFE811EE9A63E82CC4F9AE02.roa
Signing time: Sun 31 Mar 2024 12:28:11 +0000
ROA not before: Sun 31 Mar 2024 12:28:11 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.68.120.0/24 maxlen: 24
117.121.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 04:23:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13468 (0x349c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Validity
Not Before: Mar 31 12:28:11 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=660956db-8b9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4a:4a:41:4b:a6:cd:7b:c0:6f:c9:c4:87:e9:
69:da:25:43:c9:e5:7d:87:d7:e6:c7:2d:f2:27:f5:
13:c3:e8:02:d4:b5:b5:96:cb:49:f9:a2:e3:b0:d2:
69:74:52:4f:af:6f:ae:c8:3d:d1:0f:0a:4c:bb:54:
37:46:78:96:75:ff:f9:ae:07:6d:3a:0e:2d:49:e6:
ee:6f:b9:1a:16:6e:95:2c:4a:cb:b5:05:6a:0a:e9:
04:2b:27:19:6d:17:6a:c6:d7:b8:7c:be:9f:53:d8:
12:da:b1:4f:5c:eb:0e:3f:1e:b6:c4:c2:58:60:f9:
8b:c5:14:c1:38:f4:c4:a5:f0:53:65:84:10:4a:94:
fb:c5:d6:af:0c:6f:15:e7:6f:56:73:29:2e:4a:2b:
26:ff:40:95:7f:d9:0b:70:98:8a:49:05:4d:fc:1c:
31:35:62:2b:54:f9:88:16:ce:ca:dd:0c:1d:45:df:
60:1c:56:85:49:61:d4:c1:30:46:93:36:96:1d:cf:
1b:ce:34:49:27:3c:6d:74:27:58:13:80:ee:10:b0:
0b:96:bc:b7:d1:90:54:af:cd:78:0c:62:d6:e2:a3:
1b:c8:96:56:78:66:cc:8d:f1:98:90:1d:67:b4:45:
7f:59:37:a5:8a:bd:8c:91:62:75:05:c4:17:21:f1:
7d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:07:D1:16:65:60:DF:34:FF:91:F6:9B:8F:2F:03:E8:EE:5F:5D:F9
X509v3 Authority Key Identifier:
keyid:58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/F2777CE4BFE811EE9A63E82CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.68.120.0/24
117.121.245.0/24
Signature Algorithm: sha256WithRSAEncryption
40:df:f2:e8:66:ae:95:4e:e5:14:c9:be:52:80:31:97:35:71:
02:40:0c:3f:1c:cd:52:a6:86:15:bf:48:77:a3:14:70:e7:07:
ba:15:43:46:32:8f:0b:f7:26:42:9b:15:6e:8c:39:22:d0:f0:
c0:14:df:14:ae:69:80:bb:7f:ca:c6:1c:6a:e9:f7:87:98:4c:
2a:6e:56:84:be:fd:84:53:91:94:c6:d5:6f:af:cd:35:50:61:
9a:f2:1d:13:57:ce:85:bd:d7:ba:1c:61:08:4c:16:26:2f:b2:
d2:97:c0:d8:a7:38:f3:1d:3e:59:44:67:1a:7f:a0:be:db:fa:
66:e9:83:be:6e:37:90:c4:2f:1b:88:55:4d:e0:ee:9f:96:25:
2b:cb:fd:ab:a8:aa:2d:4b:03:0a:c7:75:50:e6:e6:17:01:cf:
05:6f:e1:43:e2:8d:52:5b:04:f5:f8:9b:f7:43:2f:21:4d:f6:
65:e5:d4:ef:6c:cc:00:ef:c7:a8:09:db:63:29:f4:20:18:92:
9e:10:81:ac:8e:7d:0a:0b:7f:73:83:63:cc:8d:f2:3a:0b:df:
03:7d:f3:e3:f0:95:26:e7:3a:30:35:53:a9:1e:25:32:76:8f:
42:6b:ee:a6:ed:47:fe:b8:da:b0:d5:27:e2:be:f1:86:74:db:
5d:db:5d:19
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThDOTAxMTAvBgNVBAUTKDU4QTE5NkE3QkYwNkYyRTE2RTkwOUQyNzcxNDFCQTQ0
OTExRjFGNEYwHhcNMjQwMzMxMTIyODExWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjA5NTZkYi04YjlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm0pKQUumzXvAb8nEh+lp2iVDyeV9h9fmxy3yJ/UTw+gC1LW1lstJ+aLjsNJp
dFJPr2+uyD3RDwpMu1Q3RniWdf/5rgdtOg4tSebub7kaFm6VLErLtQVqCukEKycZ
bRdqxte4fL6fU9gS2rFPXOsOPx62xMJYYPmLxRTBOPTEpfBTZYQQSpT7xdavDG8V
529WcykuSism/0CVf9kLcJiKSQVN/BwxNWIrVPmIFs7K3QwdRd9gHFaFSWHUwTBG
kzaWHc8bzjRJJzxtdCdYE4DuELALlry30ZBUr814DGLW4qMbyJZWeGbMjfGYkB1n
tEV/WTelir2MkWJ1BcQXIfF9nQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIoH0RZl
YN80/5H2m48vA+juX135MB8GA1UdIwQYMBaAFFihlqe/BvLhbpCdJ3FBukSRHx9P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM5MC8yRDFCRUJFNDFE
OTUxMUUyODhFNkIzRkEwOEIwMkNEMi9XS0dXcDc4Rzh1RnVrSjBuY1VHNlJKRWZI
MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dLR1dwNzhHOHVGdWtKMG5jVUc2UkpFZkgwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThDOTAvMkQxQkVCRTQxRDk1MTFFMjg4RTZCM0ZBMDhCMDJDRDIvRjI3NzdDRTRC
RkU4MTFFRTlBNjNFODJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnRHgDBAB1efUwDQYJKoZIhvcNAQELBQADggEBAEDf8uhm
rpVO5RTJvlKAMZc1cQJADD8czVKmhhW/SHejFHDnB7oVQ0Yyjwv3JkKbFW6MOSLQ
8MAU3xSuaYC7f8rGHGrp94eYTCpuVoS+/YRTkZTG1W+vzTVQYZryHRNXzoW917oc
YQhMFiYvstKXwNinOPMdPllEZxp/oL7b+mbpg75uN5DELxuIVU3g7p+WJSvL/auo
qi1LAwrHdVDm5hcBzwVv4UPijVJbBPX4m/dDLyFN9mXl1O9szADvx6gJ22Mp9CAY
kp4QgayOfQoLf3ODY8yN8joL3wN98+PwlSbnOjA1U6keJTJ2j0Jr7qbtR/642rDV
J+K+8YZ0213bXRk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:46 2024 by rpki-client on console-fra.rpki-client.org