Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/ED90D73A46B611EEBADD0963C4F9AE02.roa
File: ED90D73A46B611EEBADD0963C4F9AE02.roa (raw, json)
Hash identifier: 0Fu3kf0i0GO3ad56w9JO8IU1Ao4AfUlkyH5rph0W2Po=
Subject key identifier: B6:E3:7D:A1:EF:54:DA:89:7A:6E:85:DB:B0:5F:32:A3:2B:D2:08:11
Certificate issuer: /CN=A91E170B/serialNumber=6D38C5B4CF4BAD3D984871A7321A9D16960BE268
Certificate serial: 358E
Authority key identifier: 6D:38:C5:B4:CF:4B:AD:3D:98:48:71:A7:32:1A:9D:16:96:0B:E2:68
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/ED90D73A46B611EEBADD0963C4F9AE02.roa
Signing time: Wed 02 Oct 2024 08:08:18 +0000
ROA not before: Wed 02 Oct 2024 08:08:18 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 4608
IP address blocks: 202.125.96.0/24 maxlen: 24
203.30.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 09:31:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13710 (0x358e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E170B/serialNumber=6D38C5B4CF4BAD3D984871A7321A9D16960BE268
Validity
Not Before: Oct 2 08:08:18 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66fcff71-2729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8c:d8:66:67:cc:8e:10:82:e7:35:78:1a:93:
cd:71:d5:73:11:b7:d0:0b:ed:35:78:78:ed:c7:41:
e9:00:27:57:77:a8:64:17:3f:1f:eb:b2:60:0e:b3:
dd:0e:25:d8:0b:ed:ca:21:0a:7a:1a:22:02:b4:05:
da:6a:3d:b2:da:18:11:46:88:f0:ab:ec:75:6d:a9:
7e:9b:ac:85:f2:09:64:6c:89:a6:e2:ef:e1:72:eb:
e3:05:3a:01:97:5d:98:17:52:01:7f:18:22:6f:52:
ee:3c:b1:4b:19:dd:cc:f0:39:d1:2f:43:fc:80:4d:
ad:8f:3b:46:3f:85:91:34:00:59:96:af:ea:61:5b:
74:4b:1f:a6:8b:95:01:ab:14:7a:ab:16:c5:6f:7b:
21:e7:91:e7:03:3e:df:f6:08:64:10:21:af:07:74:
fa:96:d5:97:e8:7a:1a:c2:70:ac:0e:9a:15:00:6f:
1a:24:81:cf:92:58:c5:55:96:fb:c6:87:99:7d:86:
93:16:2f:67:9c:4f:65:5b:73:b2:4b:d0:09:e6:eb:
4f:18:bb:7a:34:88:24:8c:ed:9a:c8:b9:2d:11:64:
5b:90:aa:a1:92:74:70:d6:37:61:71:05:b1:21:1d:
e1:e4:5e:51:d8:4a:37:20:73:42:16:6e:aa:f0:7f:
2d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:E3:7D:A1:EF:54:DA:89:7A:6E:85:DB:B0:5F:32:A3:2B:D2:08:11
X509v3 Authority Key Identifier:
keyid:6D:38:C5:B4:CF:4B:AD:3D:98:48:71:A7:32:1A:9D:16:96:0B:E2:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/ED90D73A46B611EEBADD0963C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.125.96.0/24
203.30.127.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:c3:89:8f:47:90:ca:a1:07:27:c3:bb:64:6a:76:a8:0e:69:
19:f0:ad:a9:e2:19:31:59:33:1c:94:a7:81:7e:45:ef:85:93:
6c:bd:ca:e5:e7:a4:5e:9f:aa:c8:d2:ce:74:01:65:b0:36:6f:
5b:32:1e:d9:3c:2e:a8:e1:0b:7e:e1:63:68:d0:d2:d7:32:99:
5c:3c:96:45:ee:77:aa:f5:30:a3:bc:9e:8c:70:d7:e9:df:b1:
53:9e:b0:87:81:0d:99:20:41:22:4c:3a:59:d6:01:01:8d:71:
96:bc:25:92:74:ab:96:af:b4:ba:e3:e0:32:09:e4:05:5a:b8:
87:c5:ab:df:c0:3c:2b:56:97:3b:d5:b1:83:f5:f3:88:bc:b0:
64:63:3b:79:e8:00:89:9f:aa:57:fd:f0:09:e8:30:db:3a:f3:
2d:87:91:9b:f2:a6:94:22:53:c9:08:e4:49:a4:10:67:c2:04:
56:aa:4a:a8:6d:49:47:cf:2d:2f:76:cc:3c:d6:4d:3e:85:7e:
38:a9:92:46:e0:0d:43:db:88:eb:df:24:5d:2f:aa:38:54:de:
cd:da:77:b3:85:5e:ab:e6:cc:98:c9:48:00:55:4d:b5:aa:b8:
9d:1f:47:f3:6e:48:a5:75:9f:22:6b:44:1b:34:d9:20:a7:59:
6b:e5:26:3b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNY4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTE3MEIxMTAvBgNVBAUTKDZEMzhDNUI0Q0Y0QkFEM0Q5ODQ4NzFBNzMyMUE5RDE2
OTYwQkUyNjgwHhcNMjQxMDAyMDgwODE4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZjZmY3MS0yNzI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApYzYZmfMjhCC5zV4GpPNcdVzEbfQC+01eHjtx0HpACdXd6hkFz8f67JgDrPd
DiXYC+3KIQp6GiICtAXaaj2y2hgRRojwq+x1bal+m6yF8glkbImm4u/hcuvjBToB
l12YF1IBfxgib1LuPLFLGd3M8DnRL0P8gE2tjztGP4WRNABZlq/qYVt0Sx+mi5UB
qxR6qxbFb3sh55HnAz7f9ghkECGvB3T6ltWX6HoawnCsDpoVAG8aJIHPkljFVZb7
xoeZfYaTFi9nnE9lW3OyS9AJ5utPGLt6NIgkjO2ayLktEWRbkKqhknRw1jdhcQWx
IR3h5F5R2Eo3IHNCFm6q8H8towIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLbjfaHv
VNqJem6F27BfMqMr0ggRMB8GA1UdIwQYMBaAFG04xbTPS609mEhxpzIanRaWC+Jo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMTcwQi85N0FGNkRGMDFE
NkQxMUUyQTEyRDlFQUUwOEIwMkNEMi9iVGpGdE05THJUMllTSEduTWhxZEZwWUw0
bWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JUakZ0TTlMclQyWVNIR25NaHFkRnBZTDRtZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTE3MEIvOTdBRjZERjAxRDZEMTFFMkExMkQ5RUFFMDhCMDJDRDIvRUQ5MEQ3M0E0
NkI2MTFFRUJBREQwOTYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADKfWADBADLHn8wDQYJKoZIhvcNAQELBQADggEBAE3DiY9H
kMqhByfDu2RqdqgOaRnwraniGTFZMxyUp4F+Re+Fk2y9yuXnpF6fqsjSznQBZbA2
b1syHtk8LqjhC37hY2jQ0tcymVw8lkXud6r1MKO8noxw1+nfsVOesIeBDZkgQSJM
OlnWAQGNcZa8JZJ0q5avtLrj4DIJ5AVauIfFq9/APCtWlzvVsYP184i8sGRjO3no
AImfqlf98AnoMNs68y2HkZvyppQiU8kI5EmkEGfCBFaqSqhtSUfPLS92zDzWTT6F
fjipkkbgDUPbiOvfJF0vqjhU3s3ad7OFXqvmzJjJSABVTbWquJ0fR/NuSKV1nyJr
RBs02SCnWWvlJjs=
-----END CERTIFICATE-----
Generated at Wed Oct 2 14:01:01 2024 by rpki-client on console-ams.rpki-client.org