Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/3AF77E383F4C11EE8D7E5753C4F9AE02.roa
File: 3AF77E383F4C11EE8D7E5753C4F9AE02.roa (raw, json)
Hash identifier: PHJoxyZNQzSejVGT+T8cikI27IdWF0CJsGdfMIQT3NE=
Subject key identifier: FA:0D:7E:9D:47:77:5C:E9:86:3E:C5:E7:61:F9:F9:F4:C5:E0:F2:8D
Certificate issuer: /CN=A91FE749/serialNumber=F00E7E4C8053CFFA068EB73E958892DD8BE61A8C
Certificate serial: 27A6
Authority key identifier: F0:0E:7E:4C:80:53:CF:FA:06:8E:B7:3E:95:88:92:DD:8B:E6:1A:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8A5-TIBTz_oGjrc-lYiS3YvmGow.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/3AF77E383F4C11EE8D7E5753C4F9AE02.roa
Signing time: Sun 20 Aug 2023 11:25:14 +0000
ROA not before: Sun 20 Aug 2023 11:25:14 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 36231
IP address blocks: 122.254.64.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10150 (0x27a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FE749/serialNumber=F00E7E4C8053CFFA068EB73E958892DD8BE61A8C
Validity
Not Before: Aug 20 11:25:14 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64e1f819-3448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:15:00:5c:a9:e6:56:de:8c:e3:50:54:4d:21:
33:6c:08:17:33:ef:13:03:4f:d0:15:1f:fa:02:a0:
70:35:f7:fb:7f:1d:fa:24:ed:1a:fe:bc:5c:81:cf:
33:1e:78:ba:5a:8f:3b:55:94:79:c2:66:b6:02:be:
46:f6:c1:7c:b3:f4:26:6b:54:38:90:0d:0e:ae:1c:
c6:a9:60:0a:3f:df:58:c0:e8:06:60:03:ac:af:ba:
af:a9:87:a5:a4:f9:ed:1f:a2:5a:e1:95:4c:3a:4d:
ac:66:5a:b3:61:19:8b:83:8d:b3:cb:27:3e:92:f0:
94:e8:11:2b:d7:16:cf:b1:41:57:e8:36:8e:aa:68:
e2:54:4a:d0:09:dc:a8:ff:b9:53:14:71:bb:c2:c6:
37:d7:c4:24:fb:40:e1:82:6f:a9:12:be:af:82:b8:
66:ed:14:a8:f9:d0:85:25:2f:89:6d:c6:7b:50:32:
2c:01:97:3d:b0:18:5d:f6:b2:36:99:9f:9b:14:f3:
f2:5b:bd:21:6d:64:3c:b0:fd:cd:55:97:fe:aa:4e:
58:b2:0b:74:8d:fe:82:58:72:f6:76:cf:07:2e:04:
f0:fe:05:a8:f0:0c:0d:83:0d:b5:68:d9:5a:58:db:
43:46:36:7f:8d:df:f6:9f:a7:94:9b:c8:60:98:05:
a1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0D:7E:9D:47:77:5C:E9:86:3E:C5:E7:61:F9:F9:F4:C5:E0:F2:8D
X509v3 Authority Key Identifier:
keyid:F0:0E:7E:4C:80:53:CF:FA:06:8E:B7:3E:95:88:92:DD:8B:E6:1A:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/8A5-TIBTz_oGjrc-lYiS3YvmGow.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8A5-TIBTz_oGjrc-lYiS3YvmGow.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/3AF77E383F4C11EE8D7E5753C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.254.64.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:54:a9:f1:7d:58:36:0a:0b:a3:95:3f:e8:70:f7:bb:1d:63:
e4:84:b7:e4:de:23:01:ee:56:73:02:ce:96:ad:f8:15:91:b1:
b2:87:90:6c:4a:ed:c7:12:47:31:95:b1:94:be:d9:b9:d6:bb:
ae:0b:18:03:98:f9:7a:a9:f4:51:79:1a:2b:bc:64:b4:41:b6:
89:5a:e1:42:8d:1d:42:93:33:97:60:4a:c6:9a:f1:53:80:71:
a0:c7:e3:04:b9:19:31:85:ac:86:ec:41:5d:1d:c5:00:c1:66:
31:f1:db:d2:af:e8:49:4b:12:e6:5e:46:31:d3:b6:26:88:16:
d5:48:f8:c8:90:d1:c7:ba:ec:6c:0f:af:36:76:72:d9:4f:a5:
66:d0:1d:9a:24:c1:e2:f9:32:ff:1a:1c:d9:c6:64:04:48:c5:
f8:a8:ec:c9:c3:d2:88:83:8b:97:dd:4c:ea:5a:fb:14:ea:de:
79:1f:6a:82:41:74:a3:ce:9f:97:28:bc:7d:90:58:7a:dc:ea:
ec:6c:38:55:29:63:e1:01:76:61:e6:5a:bd:45:70:4b:85:fe:
ae:ec:dd:0f:03:5a:04:22:bf:6c:4b:74:01:f8:8a:fe:15:35:
a2:ba:14:8a:10:c8:66:7d:96:a2:e6:6e:fd:5d:5a:88:87:6d:
b9:81:c0:82
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJ6YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkU3NDkxMTAvBgNVBAUTKEYwMEU3RTRDODA1M0NGRkEwNjhFQjczRTk1ODg5MkRE
OEJFNjFBOEMwHhcNMjMwODIwMTEyNTE0WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGUxZjgxOS0zNDQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAshUAXKnmVt6M41BUTSEzbAgXM+8TA0/QFR/6AqBwNff7fx36JO0a/rxcgc8z
Hni6Wo87VZR5wma2Ar5G9sF8s/Qma1Q4kA0OrhzGqWAKP99YwOgGYAOsr7qvqYel
pPntH6Ja4ZVMOk2sZlqzYRmLg42zyyc+kvCU6BEr1xbPsUFX6DaOqmjiVErQCdyo
/7lTFHG7wsY318Qk+0Dhgm+pEr6vgrhm7RSo+dCFJS+JbcZ7UDIsAZc9sBhd9rI2
mZ+bFPPyW70hbWQ8sP3NVZf+qk5Ysgt0jf6CWHL2ds8HLgTw/gWo8AwNgw21aNla
WNtDRjZ/jd/2n6eUm8hgmAWhKQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPoNfp1H
d1zphj7F52H5+fTF4PKNMB8GA1UdIwQYMBaAFPAOfkyAU8/6Bo63PpWIkt2L5hqM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTc0OS9CRDY0NDE5MDlG
QTQxMUU0QjhERkREMzdDNEY5QUUwMi84QTUtVElCVHpfb0dqcmMtbFlpUzNZdm1H
b3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhBNS1USUJUel9vR2pyYy1sWWlTM1l2bUdvdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkU3NDkvQkQ2NDQxOTA5RkE0MTFFNEI4REZERDM3QzRGOUFFMDIvM0FGNzdFMzgz
RjRDMTFFRThEN0U1NzUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB6/kAwDQYJKoZIhvcNAQELBQADggEBAE1UqfF9WDYKC6OV
P+hw97sdY+SEt+TeIwHuVnMCzpat+BWRsbKHkGxK7ccSRzGVsZS+2bnWu64LGAOY
+Xqp9FF5Giu8ZLRBtola4UKNHUKTM5dgSsaa8VOAcaDH4wS5GTGFrIbsQV0dxQDB
ZjHx29Kv6ElLEuZeRjHTtiaIFtVI+MiQ0ce67GwPrzZ2ctlPpWbQHZokweL5Mv8a
HNnGZARIxfio7MnD0oiDi5fdTOpa+xTq3nkfaoJBdKPOn5covH2QWHrc6uxsOFUp
Y+EBdmHmWr1FcEuF/q7s3Q8DWgQiv2xLdAH4iv4VNaK6FIoQyGZ9lqLmbv1dWoiH
bbmBwII=
-----END CERTIFICATE-----
Generated at Mon Oct 2 08:34:04 2023 by rpki-client on console-ams.rpki-client.org