Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/BF4B10F8588C11EC89DB6B3FC4F9AE02.roa
File: BF4B10F8588C11EC89DB6B3FC4F9AE02.roa (raw, json)
Hash identifier: L9fZmwaKLHYoWLxvk4fbRfT0bwxKjPO0sBI570qcKwk=
Subject key identifier: 11:27:23:3C:BF:66:00:96:61:45:AC:96:F3:C7:D6:9E:80:4D:D7:32
Certificate issuer: /CN=A91DC5BE/serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646
Certificate serial: 3102
Authority key identifier: AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/BF4B10F8588C11EC89DB6B3FC4F9AE02.roa
Signing time: Fri 10 Dec 2021 01:30:08 +0000
ROA not before: Fri 10 Dec 2021 01:30:08 +0000
ROA not after: Mon 31 Mar 2031 00:00:00 +0000
asID: 9545
IP address blocks: 202.12.29.0/25 maxlen: 25
2001:dd8:f::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 09 Aug 2023 04:23:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12546 (0x3102)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DC5BE/serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646
Validity
Not Before: Dec 10 01:30:08 2021 GMT
Not After : Mar 31 00:00:00 2031 GMT
Subject: CN=61b2ada0-51b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fa:19:f1:7f:70:0a:cc:27:76:a2:75:b2:b7:
7d:72:d2:cc:b0:24:43:dc:48:25:85:00:21:b7:66:
b4:d0:89:ac:79:8b:48:13:df:f4:44:ca:ed:8d:0e:
1f:33:e8:94:b9:32:60:93:e9:b6:ba:d4:d1:f0:2f:
0c:47:4a:c8:87:f6:52:ff:a8:4f:11:b2:0b:76:5b:
c4:ee:81:b2:9e:ad:f7:04:e2:bc:32:44:e4:29:68:
e1:a1:d5:3f:18:4c:e5:84:18:df:48:d7:09:05:6b:
94:31:79:ac:a4:0f:85:f4:14:1e:17:f2:4c:d9:63:
09:d1:62:05:8c:57:d8:ae:b8:4a:d0:60:a1:39:1b:
31:7c:3e:d0:65:e4:e6:c3:f2:41:ae:7e:8a:af:96:
90:c2:ce:be:0e:d8:f2:57:5a:7b:85:55:38:bb:ef:
b4:26:99:12:8b:06:85:da:e2:2b:1f:2c:df:ea:6a:
b3:1f:86:de:cc:c1:cc:b3:17:fc:b6:8b:11:39:79:
07:32:bd:f0:4b:28:a6:75:58:43:d9:c5:8d:54:6e:
5d:b8:2e:4c:0f:d9:72:39:e0:20:d5:d6:c8:b3:e3:
1d:4a:81:fe:e9:cb:fe:43:fc:ff:4f:f2:14:cb:e2:
55:86:ae:98:b4:9c:37:d7:d7:13:7c:e4:fc:55:5c:
0a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:27:23:3C:BF:66:00:96:61:45:AC:96:F3:C7:D6:9E:80:4D:D7:32
X509v3 Authority Key Identifier:
keyid:AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/BF4B10F8588C11EC89DB6B3FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.12.29.0/25
IPv6:
2001:dd8:f::/48
Signature Algorithm: sha256WithRSAEncryption
58:05:1c:d9:60:1c:5b:e9:cb:17:ed:67:71:61:d0:55:2c:fd:
21:a9:a8:91:05:3a:91:b3:90:c1:c3:1f:f4:be:4c:8b:4a:80:
29:c4:9e:b1:ed:f8:3a:4e:67:78:1e:dc:b4:28:2c:96:07:79:
cc:e7:b3:25:d6:88:18:50:8a:fa:65:83:49:64:8e:6b:1e:2d:
bf:fc:d9:b0:1f:db:8f:dc:20:3f:94:49:7b:86:4a:12:16:61:
15:7a:b3:f6:cd:0a:d3:82:5a:25:66:71:9d:96:d3:70:31:2e:
02:04:64:ed:25:67:94:76:87:1e:5f:fe:c7:7d:93:68:f4:6f:
36:40:27:ce:99:35:56:63:69:28:c3:94:0b:f5:dd:4c:66:ee:
3d:64:fa:26:79:76:3f:32:be:13:26:14:20:bf:bb:45:9e:35:
c8:0a:f9:24:c8:6d:82:5b:91:e5:ff:2a:04:8c:de:2e:47:03:
2b:8f:72:b3:63:88:e7:91:25:53:bf:d6:65:dd:ac:1e:62:54:
2c:93:1e:19:8c:9a:9f:33:fa:f3:c4:6a:ff:b8:a9:6b:6c:b0:
a3:5e:bc:79:13:7f:6b:0f:b1:f7:b9:9c:4c:c7:b7:99:18:f8:
cf:2e:54:cc:a4:f0:c8:b0:9f:13:1a:0b:61:98:2d:bd:89:8f:
68:9d:ae:fd
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICMQIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REM1QkUxMTAvBgNVBAUTKEFEQThBRUQzMkIxNUI4N0U2MTEyNTJEMjlEMUUxRDVC
REU1ODE2NDYwHhcNMjExMjEwMDEzMDA4WhcNMzEwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWIyYWRhMC01MWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArvoZ8X9wCswndqJ1srd9ctLMsCRD3EglhQAht2a00ImseYtIE9/0RMrtjQ4f
M+iUuTJgk+m2utTR8C8MR0rIh/ZS/6hPEbILdlvE7oGynq33BOK8MkTkKWjhodU/
GEzlhBjfSNcJBWuUMXmspA+F9BQeF/JM2WMJ0WIFjFfYrrhK0GChORsxfD7QZeTm
w/JBrn6Kr5aQws6+DtjyV1p7hVU4u++0JpkSiwaF2uIrHyzf6mqzH4bezMHMsxf8
tosROXkHMr3wSyimdVhD2cWNVG5duC5MD9lyOeAg1dbIs+MdSoH+6cv+Q/z/T/IU
y+JVhq6YtJw319cTfOT8VVwKKwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFBEnIzy/
ZgCWYUWslvPH1p6ATdcyMB8GA1UdIwQYMBaAFK2ortMrFbh+YRJS0p0eHVveWBZG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzVCRS9ENDAxNjE5QTFE
NjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVINWhFbExTblI0ZFc5NVlG
a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JhaXUweXNWdUg1aEVsTFNuUjRkVzk1WUZrWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REM1QkUvRDQwMTYxOUExRDY5MTFFMkFGQjY0RUE3MDhCMDJDRDIvQkY0QjEwRjg1
ODhDMTFFQzg5REI2QjNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMA0EAgABMAcDBQfKDB0AMA8EAgACMAkDBwAgAQ3YAA8wDQYJKoZIhvcNAQEL
BQADggEBAFgFHNlgHFvpyxftZ3Fh0FUs/SGpqJEFOpGzkMHDH/S+TItKgCnEnrHt
+DpOZ3ge3LQoLJYHecznsyXWiBhQivplg0lkjmseLb/82bAf24/cID+USXuGShIW
YRV6s/bNCtOCWiVmcZ2W03AxLgIEZO0lZ5R2hx5f/sd9k2j0bzZAJ86ZNVZjaSjD
lAv13Uxm7j1k+iZ5dj8yvhMmFCC/u0WeNcgK+STIbYJbkeX/KgSM3i5HAyuPcrNj
iOeRJVO/1mXdrB5iVCyTHhmMmp8z+vPEav+4qWtssKNevHkTf2sPsfe5nEzHt5kY
+M8uVMyk8MiwnxMaC2GYLb2Jj2idrv0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:43 2024 by rpki-client on console-fra.rpki-client.org