Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/B461D4B41BDD11ED915B8F31C4F9AE02.roa
File: B461D4B41BDD11ED915B8F31C4F9AE02.roa (raw, json)
Hash identifier: Tqe8EHbvqoMYsYv4sKT+v3cH8XuFbELM1/bSo7rOmco=
Subject key identifier: F8:B8:78:32:D4:44:91:9C:60:7B:DA:07:59:3F:01:ED:F9:D6:22:EE
Certificate issuer: /CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E
Certificate serial: 055E
Authority key identifier: 83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/B461D4B41BDD11ED915B8F31C4F9AE02.roa
Signing time: Sat 27 May 2023 02:09:31 +0000
ROA not before: Sat 27 May 2023 02:09:31 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 142045
IP address blocks: 202.94.165.0/24 maxlen: 24
2407:4ac0:1400::/38 maxlen: 40
2407:4ac0:1800::/37 maxlen: 40
2407:4ac0:2000::/35 maxlen: 40
2407:4ac0:2800::/37 maxlen: 40
2407:4ac0:3000::/36 maxlen: 40
2407:4ac0:6000::/35 maxlen: 40
Validation: Failed, certificate revoked on Thu 19 Oct 2023 12:52:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1374 (0x55e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E
Validity
Not Before: May 27 02:09:31 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6471665a-754e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6f:1d:69:22:cb:03:1f:e7:73:d9:55:ab:e5:
6d:53:8c:d4:97:27:ba:d2:ae:79:d6:b5:82:5a:3e:
17:30:01:3a:a7:8c:74:6a:81:3d:f1:eb:3e:52:ac:
ae:01:eb:a0:b5:3c:dc:3d:3b:02:26:95:da:ff:b9:
68:14:08:8a:fc:aa:bd:01:b0:f6:06:91:40:75:b4:
e9:5a:ac:ab:7a:33:db:ac:da:43:18:2a:23:c7:fa:
b4:f0:6c:68:1a:15:3e:68:f8:b0:e0:3b:03:be:ca:
fe:23:e0:f1:4f:e6:6c:7c:3c:99:b2:31:2c:3b:e4:
4f:77:93:a6:b5:0b:6e:c8:80:cc:fe:83:8f:ae:82:
bf:24:66:42:10:2a:22:2e:41:56:52:8e:44:77:f3:
4f:fb:04:8e:28:b5:53:0a:ce:91:6d:9b:30:2f:40:
6f:af:61:98:5b:d2:73:49:14:41:6f:58:c4:83:48:
32:5e:66:b6:ae:12:a5:7e:2d:90:79:eb:4a:12:5a:
94:68:de:1f:aa:c9:31:42:64:86:25:3a:ba:2b:df:
e8:6e:1c:1e:fc:f9:cf:8f:52:e0:ed:47:83:6f:42:
b2:3a:04:6a:d0:8e:43:ff:82:ab:30:a7:c2:fc:51:
55:ba:37:ed:8f:fe:89:6c:fe:c3:9c:e0:a2:f1:51:
9a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:B8:78:32:D4:44:91:9C:60:7B:DA:07:59:3F:01:ED:F9:D6:22:EE
X509v3 Authority Key Identifier:
keyid:83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/g9lvHepyqZ0jS0RW1vZnXcfmBh4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/B461D4B41BDD11ED915B8F31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.94.165.0/24
IPv6:
2407:4ac0:1400::-2407:4ac0:3fff:ffff:ffff:ffff:ffff:ffff
2407:4ac0:6000::/35
Signature Algorithm: sha256WithRSAEncryption
93:47:40:48:18:02:5a:d3:87:6d:03:71:b0:f4:06:b2:8d:1e:
89:02:f6:f0:5c:04:ff:14:91:92:8d:11:fa:67:ea:d0:57:3b:
e6:c7:c3:53:69:ed:06:e2:2a:e1:79:30:a7:e7:60:ad:bc:1f:
32:fa:ad:21:9a:41:a9:31:b6:84:5e:16:23:75:b4:cd:b5:f2:
cb:1d:27:7d:ab:03:36:c2:61:c1:2a:8f:5c:e0:3a:a7:28:d1:
a5:6b:5b:38:08:79:bd:91:bb:29:77:c0:cb:9a:fa:e1:22:22:
f6:5e:a8:7d:29:8c:50:d1:6f:48:db:dc:24:8c:3e:72:b5:c8:
98:8b:2f:f2:3d:62:93:5a:5a:21:01:85:d3:ea:c4:c5:c5:6c:
77:e4:40:e6:90:d4:dc:7f:6e:be:be:ec:b0:16:c3:9e:7c:28:
0a:10:f5:7b:47:32:50:da:33:eb:d9:27:d4:40:bd:93:4a:d6:
ca:82:03:57:82:8f:41:71:a0:a0:1b:40:2b:d6:5c:57:bf:d6:
6c:ef:1b:20:6a:36:1a:7b:99:b1:65:04:b6:93:d4:95:38:6e:
27:f5:b9:d6:cf:df:a5:7c:11:b2:4e:86:8c:84:4e:4f:71:09:
95:f6:9a:27:f3:4a:51:76:41:4a:6b:2a:5e:0d:d0:c2:2a:37:
fb:ae:ca:3f
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICBV4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU2QjcxMTAvBgNVBAUTKDgzRDk2RjFERUE3MkE5OUQyMzRCNDQ1NkQ2RjY2NzVE
QzdFNjA2MUUwHhcNMjMwNTI3MDIwOTMxWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDcxNjY1YS03NTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsm8daSLLAx/nc9lVq+VtU4zUlye60q551rWCWj4XMAE6p4x0aoE98es+Uqyu
AeugtTzcPTsCJpXa/7loFAiK/Kq9AbD2BpFAdbTpWqyrejPbrNpDGCojx/q08Gxo
GhU+aPiw4DsDvsr+I+DxT+ZsfDyZsjEsO+RPd5OmtQtuyIDM/oOProK/JGZCECoi
LkFWUo5Ed/NP+wSOKLVTCs6RbZswL0Bvr2GYW9JzSRRBb1jEg0gyXma2rhKlfi2Q
eetKElqUaN4fqskxQmSGJTq6K9/obhwe/PnPj1Lg7UeDb0KyOgRq0I5D/4KrMKfC
/FFVujftj/6JbP7DnOCi8VGagQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFPi4eDLU
RJGcYHvaB1k/Ae351iLuMB8GA1UdIwQYMBaAFIPZbx3qcqmdI0tEVtb2Z13H5gYe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTZCNy85NUVGN0RCQTk2
N0QxMUVCQURENTBEMkNDNEY5QUUwMi9nOWx2SGVweXFaMGpTMFJXMXZablhjZm1C
aDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2c5bHZIZXB5cVowalMwUlcxdlpuWGNmbUJoNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU2QjcvOTVFRjdEQkE5NjdEMTFFQkFERDUwRDJDQzRGOUFFMDIvQjQ2MUQ0QjQx
QkREMTFFRDkxNUI4RjMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMAwEAgABMAYDBADKXqUwIAQCAAIwGjAQAwYCJAdKwBQDBgYkB0rAAAMGBSQH
SsBgMA0GCSqGSIb3DQEBCwUAA4IBAQCTR0BIGAJa04dtA3Gw9AayjR6JAvbwXAT/
FJGSjRH6Z+rQVzvmx8NTae0G4irheTCn52CtvB8y+q0hmkGpMbaEXhYjdbTNtfLL
HSd9qwM2wmHBKo9c4DqnKNGla1s4CHm9kbspd8DLmvrhIiL2Xqh9KYxQ0W9I29wk
jD5ytciYiy/yPWKTWlohAYXT6sTFxWx35EDmkNTcf26+vuywFsOefCgKEPV7RzJQ
2jPr2SfUQL2TStbKggNXgo9BcaCgG0Ar1lxXv9Zs7xsgajYae5mxZQS2k9SVOG4n
9bnWz9+lfBGyToaMhE5PcQmV9pon80pRdkFKaypeDdDCKjf7rso/
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org