Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/452A390E4EFB11EEBE6DAA4DC4F9AE02.roa
File: 452A390E4EFB11EEBE6DAA4DC4F9AE02.roa (raw, json)
Hash identifier: CBja2BO5x/EyiTgrzzVmrN+TFKKFgixwy1YhE7LupfY=
Subject key identifier: 89:57:CA:CD:BF:FB:76:B6:E2:27:37:01:FD:2C:E7:85:F0:76:7C:C1
Certificate issuer: /CN=A91FE749/serialNumber=F00E7E4C8053CFFA068EB73E958892DD8BE61A8C
Certificate serial: 27C7
Authority key identifier: F0:0E:7E:4C:80:53:CF:FA:06:8E:B7:3E:95:88:92:DD:8B:E6:1A:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8A5-TIBTz_oGjrc-lYiS3YvmGow.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/452A390E4EFB11EEBE6DAA4DC4F9AE02.roa
Signing time: Sat 09 Sep 2023 10:26:00 +0000
ROA not before: Sat 09 Sep 2023 10:26:00 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 9678
IP address blocks: 122.254.64.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10183 (0x27c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FE749/serialNumber=F00E7E4C8053CFFA068EB73E958892DD8BE61A8C
Validity
Not Before: Sep 9 10:26:00 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64fc4838-fc9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6d:77:e1:24:ef:a9:13:51:c5:59:71:4e:94:
f3:1f:71:63:3e:11:3e:ec:04:41:12:09:9b:28:fe:
14:0e:49:3e:54:0b:f4:26:07:b3:32:f9:79:0e:5b:
4b:39:ec:7f:b9:38:b6:fc:b2:46:c6:3c:7c:ee:f9:
e6:f6:81:a5:8a:79:5a:90:53:de:af:f9:63:05:f4:
b2:62:f1:93:c2:eb:72:90:5b:1f:5c:c0:a7:eb:bc:
a8:40:f6:87:f2:3a:60:ea:80:8b:48:b7:db:1a:78:
a2:96:23:71:f3:86:64:32:c2:96:b9:fd:82:84:1d:
80:22:5e:fc:e5:22:9b:0b:30:dd:60:81:98:6f:61:
47:a7:bf:c7:f2:7f:46:d8:22:94:85:39:2f:82:1e:
49:01:fd:47:34:94:d7:ed:1f:58:58:ad:aa:c5:0b:
44:84:2d:c4:18:0b:57:05:4b:9c:c5:15:9c:d5:c6:
bc:75:6f:c3:ff:1d:ee:a5:f7:20:07:88:29:dd:73:
61:f9:91:00:1d:29:81:42:ed:15:0e:6d:d0:08:6f:
67:b4:21:ac:91:1f:5d:27:50:aa:30:9f:18:0d:2d:
f9:58:44:e5:b1:d5:88:68:e0:a2:96:98:8c:ab:6d:
80:5b:47:86:88:31:26:cd:1d:38:99:4c:de:c8:3e:
c1:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:57:CA:CD:BF:FB:76:B6:E2:27:37:01:FD:2C:E7:85:F0:76:7C:C1
X509v3 Authority Key Identifier:
keyid:F0:0E:7E:4C:80:53:CF:FA:06:8E:B7:3E:95:88:92:DD:8B:E6:1A:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/8A5-TIBTz_oGjrc-lYiS3YvmGow.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8A5-TIBTz_oGjrc-lYiS3YvmGow.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE749/BD6441909FA411E4B8DFDD37C4F9AE02/452A390E4EFB11EEBE6DAA4DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.254.64.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:a5:c2:61:aa:2b:3e:a4:be:61:5c:b5:61:6a:22:0a:b2:8a:
4c:17:df:1c:20:f2:fe:7d:08:c1:25:e1:10:63:e8:10:4e:cb:
9b:ae:b7:70:0f:6e:f0:d7:c4:22:13:68:7e:92:a7:9b:51:4f:
9c:8f:25:a4:c7:87:d9:e3:98:db:08:de:b7:a2:0a:77:25:c9:
cc:e6:34:44:1b:7d:b0:8a:aa:82:14:36:af:29:4b:0d:dd:8e:
db:bd:20:15:47:7f:78:aa:57:ca:14:ba:0d:1e:d1:a7:48:11:
65:f3:7b:ad:ce:5e:10:73:f4:e0:8d:8b:9e:e6:2b:49:e5:67:
1b:31:50:30:19:22:57:32:d3:ef:44:e9:a0:fe:53:b0:79:c8:
c1:27:7e:be:76:b5:e5:8d:32:d2:22:a2:0c:a0:3f:82:9b:05:
34:1b:93:a0:b1:d3:16:93:0d:14:43:04:c0:0b:2a:f4:26:57:
72:ae:c1:4b:73:ff:bc:a4:e4:15:95:8b:6a:71:92:20:eb:de:
3a:60:bd:85:2b:c8:ee:ec:e8:c2:da:b1:1e:b9:90:82:a8:72:
c7:78:7d:85:78:f7:45:6f:2c:09:0b:e3:20:b7:8e:d1:77:d6:
29:a4:ba:33:0d:7d:b3:dc:73:f5:8e:f1:f5:33:f6:5f:52:06:
cf:a7:0d:c5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJ8cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkU3NDkxMTAvBgNVBAUTKEYwMEU3RTRDODA1M0NGRkEwNjhFQjczRTk1ODg5MkRE
OEJFNjFBOEMwHhcNMjMwOTA5MTAyNjAwWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGZjNDgzOC1mYzlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApW134STvqRNRxVlxTpTzH3FjPhE+7ARBEgmbKP4UDkk+VAv0JgezMvl5DltL
Oex/uTi2/LJGxjx87vnm9oGlinlakFPer/ljBfSyYvGTwutykFsfXMCn67yoQPaH
8jpg6oCLSLfbGniiliNx84ZkMsKWuf2ChB2AIl785SKbCzDdYIGYb2FHp7/H8n9G
2CKUhTkvgh5JAf1HNJTX7R9YWK2qxQtEhC3EGAtXBUucxRWc1ca8dW/D/x3upfcg
B4gp3XNh+ZEAHSmBQu0VDm3QCG9ntCGskR9dJ1CqMJ8YDS35WETlsdWIaOCilpiM
q22AW0eGiDEmzR04mUzeyD7BfQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIlXys2/
+3a24ic3Af0s54XwdnzBMB8GA1UdIwQYMBaAFPAOfkyAU8/6Bo63PpWIkt2L5hqM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTc0OS9CRDY0NDE5MDlG
QTQxMUU0QjhERkREMzdDNEY5QUUwMi84QTUtVElCVHpfb0dqcmMtbFlpUzNZdm1H
b3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhBNS1USUJUel9vR2pyYy1sWWlTM1l2bUdvdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkU3NDkvQkQ2NDQxOTA5RkE0MTFFNEI4REZERDM3QzRGOUFFMDIvNDUyQTM5MEU0
RUZCMTFFRUJFNkRBQTREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB6/kAwDQYJKoZIhvcNAQELBQADggEBAFylwmGqKz6kvmFc
tWFqIgqyikwX3xwg8v59CMEl4RBj6BBOy5uut3APbvDXxCITaH6Sp5tRT5yPJaTH
h9njmNsI3reiCnclyczmNEQbfbCKqoIUNq8pSw3djtu9IBVHf3iqV8oUug0e0adI
EWXze63OXhBz9OCNi57mK0nlZxsxUDAZIlcy0+9E6aD+U7B5yMEnfr52teWNMtIi
ogygP4KbBTQbk6Cx0xaTDRRDBMALKvQmV3KuwUtz/7yk5BWVi2pxkiDr3jpgvYUr
yO7s6MLasR65kIKocsd4fYV490VvLAkL4yC3jtF31imkujMNfbPcc/WO8fUz9l9S
Bs+nDcU=
-----END CERTIFICATE-----
Generated at Sat Sep 9 12:37:32 2023 by rpki-client on console-fra.rpki-client.org