Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/D3D4E1EE0E5A11EFAD8EB63EC4F9AE02.roa
File: D3D4E1EE0E5A11EFAD8EB63EC4F9AE02.roa (raw, json)
Hash identifier: H/ItnOapwpa5axiiebB2F53G2c9kmTLVPe/1YNz+S/U=
Subject key identifier: A2:C3:DA:5D:BF:6B:66:90:9E:77:B5:EA:E3:77:E3:BF:78:16:AF:2E
Certificate issuer: /CN=A91E170B/serialNumber=6D38C5B4CF4BAD3D984871A7321A9D16960BE268
Certificate serial: 3537
Authority key identifier: 6D:38:C5:B4:CF:4B:AD:3D:98:48:71:A7:32:1A:9D:16:96:0B:E2:68
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/D3D4E1EE0E5A11EFAD8EB63EC4F9AE02.roa
Signing time: Fri 10 May 2024 02:28:56 +0000
ROA not before: Fri 10 May 2024 02:28:56 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 45192
IP address blocks: 202.125.96.0/23 maxlen: 23
202.125.96.0/24 maxlen: 24
202.125.97.0/24 maxlen: 24
2001:df0:a::/48 maxlen: 48
2001:df2:ee00::/47 maxlen: 48
2406:6400:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 10 May 2024 04:21:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13623 (0x3537)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E170B/serialNumber=6D38C5B4CF4BAD3D984871A7321A9D16960BE268
Validity
Not Before: May 10 02:28:56 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=663d8668-d793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a0:fa:30:95:53:b3:d7:d8:36:e4:88:74:e2:
35:3c:8e:65:48:0d:a7:64:6e:13:ff:ae:cf:10:86:
dd:02:08:7b:1d:a3:ac:80:c7:c2:c4:2d:3e:cc:e9:
e4:e5:d4:3b:e3:ec:74:b8:89:77:77:19:2d:42:70:
d0:a6:a9:f4:7a:0e:0c:d5:22:a2:f0:53:f4:7b:4c:
d5:bd:cc:90:3c:ec:56:ac:4d:d8:58:7d:55:00:b4:
15:03:3b:f1:0e:4a:22:8e:36:17:ca:a2:08:e0:21:
9d:45:ba:47:b1:6b:d1:c3:e3:34:88:28:3f:1c:f5:
b7:5a:95:31:65:41:b8:30:f9:b1:1e:21:14:b1:f8:
7d:34:da:10:63:33:84:f4:56:4c:3e:53:ab:a4:aa:
41:6a:a8:e9:e8:5d:c7:58:35:2e:9a:1a:f1:f3:31:
b8:0e:62:70:92:df:d0:74:db:be:93:4b:e7:c9:b5:
eb:18:f0:5f:61:41:7b:0e:5e:14:d7:69:3f:82:d3:
2d:0e:a9:e0:90:a4:fe:35:06:63:f0:72:12:93:05:
f6:a5:94:a3:df:14:da:03:d9:da:96:b2:38:21:12:
17:30:b2:c5:83:9f:13:5b:7c:06:5f:c6:a7:11:82:
bc:67:12:01:d8:b2:ad:c1:2d:3a:0c:1b:3b:30:1f:
6f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:C3:DA:5D:BF:6B:66:90:9E:77:B5:EA:E3:77:E3:BF:78:16:AF:2E
X509v3 Authority Key Identifier:
keyid:6D:38:C5:B4:CF:4B:AD:3D:98:48:71:A7:32:1A:9D:16:96:0B:E2:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/D3D4E1EE0E5A11EFAD8EB63EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.125.96.0/23
IPv6:
2001:df0:a::/48
2001:df2:ee00::/47
2406:6400:100::/48
Signature Algorithm: sha256WithRSAEncryption
7e:12:d1:8c:df:e7:b9:e7:0f:96:0e:f6:56:a1:e3:46:3d:c0:
a1:59:60:19:3d:5d:76:c8:b0:7e:dd:c3:ec:e0:08:84:0b:08:
0a:12:d5:18:14:f1:18:02:f1:a3:1f:83:d6:92:31:53:be:17:
cf:a2:42:b8:b9:c4:af:38:60:1c:1f:e5:6d:08:fa:68:10:78:
5c:21:fa:d9:35:c2:55:8c:c6:7b:95:f4:bd:1a:d9:aa:bb:6d:
ed:cc:b3:80:db:24:05:45:03:51:74:5c:04:6f:93:f6:06:cc:
02:d3:69:e8:fe:e1:17:39:b9:5e:b4:92:7b:34:5c:b9:67:c3:
ed:de:a9:fc:2e:ca:aa:35:a2:34:c3:87:04:bf:43:7d:37:44:
35:ec:99:0e:2c:15:58:55:1b:34:bd:b6:d7:06:bc:91:ab:a2:
68:67:84:cc:ab:ad:ab:9f:31:15:54:e1:23:e4:85:0d:53:dd:
fd:9a:0b:dd:db:c5:61:24:3c:33:3c:59:e0:f0:a2:6f:43:27:
7f:49:9f:99:91:0b:69:5a:11:2a:dd:c4:8f:c9:90:91:2e:8b:
1c:4d:e8:24:16:28:f6:f5:4d:48:68:59:5a:ca:c4:f9:c0:da:
e5:0b:39:e8:1f:aa:f5:c4:b1:c7:a6:41:7e:d1:37:f7:34:da:
68:69:fa:2b
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICNTcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTE3MEIxMTAvBgNVBAUTKDZEMzhDNUI0Q0Y0QkFEM0Q5ODQ4NzFBNzMyMUE5RDE2
OTYwQkUyNjgwHhcNMjQwNTEwMDIyODU2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNkODY2OC1kNzkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs6D6MJVTs9fYNuSIdOI1PI5lSA2nZG4T/67PEIbdAgh7HaOsgMfCxC0+zOnk
5dQ74+x0uIl3dxktQnDQpqn0eg4M1SKi8FP0e0zVvcyQPOxWrE3YWH1VALQVAzvx
DkoijjYXyqII4CGdRbpHsWvRw+M0iCg/HPW3WpUxZUG4MPmxHiEUsfh9NNoQYzOE
9FZMPlOrpKpBaqjp6F3HWDUumhrx8zG4DmJwkt/QdNu+k0vnybXrGPBfYUF7Dl4U
12k/gtMtDqngkKT+NQZj8HISkwX2pZSj3xTaA9nalrI4IRIXMLLFg58TW3wGX8an
EYK8ZxIB2LKtwS06DBs7MB9vMwIDAQABo4ICuDCCArQwHQYDVR0OBBYEFKLD2l2/
a2aQnne16uN34794Fq8uMB8GA1UdIwQYMBaAFG04xbTPS609mEhxpzIanRaWC+Jo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMTcwQi85N0FGNkRGMDFE
NkQxMUUyQTEyRDlFQUUwOEIwMkNEMi9iVGpGdE05THJUMllTSEduTWhxZEZwWUw0
bWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JUakZ0TTlMclQyWVNIR25NaHFkRnBZTDRtZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTE3MEIvOTdBRjZERjAxRDZEMTFFMkExMkQ5RUFFMDhCMDJDRDIvRDNENEUxRUUw
RTVBMTFFRkFEOEVCNjNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E
MzAxMAwEAgABMAYDBAHKfWAwIQQCAAIwGwMHACABDfAACgMHASABDfLuAAMHACQG
ZAABADANBgkqhkiG9w0BAQsFAAOCAQEAfhLRjN/nuecPlg72VqHjRj3AoVlgGT1d
dsiwft3D7OAIhAsIChLVGBTxGALxox+D1pIxU74Xz6JCuLnErzhgHB/lbQj6aBB4
XCH62TXCVYzGe5X0vRrZqrtt7cyzgNskBUUDUXRcBG+T9gbMAtNp6P7hFzm5XrSS
ezRcuWfD7d6p/C7KqjWiNMOHBL9DfTdENeyZDiwVWFUbNL221wa8kauiaGeEzKut
q58xFVThI+SFDVPd/ZoL3dvFYSQ8MzxZ4PCib0Mnf0mfmZELaVoRKt3Ej8mQkS6L
HE3oJBYo9vVNSGhZWsrE+cDa5Qs56B+q9cSxx6ZBftE39zTaaGn6Kw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:32 2024 by rpki-client on console-ams.rpki-client.org