Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/58FBCA226E7E11EEAC334172C4F9AE02.roa
File: 58FBCA226E7E11EEAC334172C4F9AE02.roa (raw, json)
Hash identifier: qmBgcGcj5cmdi7801mojvMPRZJCSiDKMYRiPG+Lhmbo=
Subject key identifier: 7B:E1:FD:31:85:92:16:5B:90:9F:68:75:99:67:10:78:12:31:2C:F6
Certificate issuer: /CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E
Certificate serial: 05FE
Authority key identifier: 83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/58FBCA226E7E11EEAC334172C4F9AE02.roa
Signing time: Tue 23 Jan 2024 21:13:29 +0000
ROA not before: Tue 23 Jan 2024 21:13:29 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 142045
IP address blocks: 202.94.165.0/24 maxlen: 24
2407:4ac0:1400::/38 maxlen: 40
2407:4ac0:1800::/37 maxlen: 40
2407:4ac0:2000::/35 maxlen: 40
2407:4ac0:2800::/37 maxlen: 40
2407:4ac0:3000::/36 maxlen: 40
2407:4ac0:6000::/35 maxlen: 40
Validation: Failed, certificate revoked on Mon 25 Mar 2024 20:37:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1534 (0x5fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E
Validity
Not Before: Jan 23 21:13:29 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65b02bf9-06ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b4:7a:8d:5e:97:e8:61:41:35:51:25:39:90:
63:ad:e5:65:30:8e:72:6e:fe:9e:a7:8c:4a:8c:8e:
44:9d:45:85:3e:15:75:67:ab:a3:6e:d4:95:22:e0:
32:c8:12:30:9b:ac:c2:cb:9d:db:8d:25:f0:18:92:
66:ea:7c:8a:fd:fa:c4:22:16:57:b3:fc:89:38:fd:
e4:76:5f:90:1a:f6:a7:df:cf:e7:55:aa:04:98:f0:
eb:e0:38:c5:b5:20:67:d9:a7:6e:f8:ad:88:1c:c9:
c5:11:32:b6:d3:70:15:64:d9:4f:1b:a8:74:6c:38:
70:8e:3d:b5:87:2a:c9:e1:e5:ef:d7:6e:a6:55:24:
31:20:8e:d3:30:38:cd:77:d1:64:d5:b0:6a:de:34:
db:d4:71:d9:0d:af:ec:8f:4a:b0:64:b5:59:f1:de:
a1:68:76:93:96:29:f8:8e:3a:be:13:00:a8:ba:c5:
2f:62:ac:a4:fd:6a:82:29:42:12:13:d6:fb:c6:be:
d9:6a:f0:e9:6d:64:fd:5c:bc:35:4f:ce:32:a7:5f:
96:66:eb:62:84:d3:41:ef:58:e1:f7:85:61:07:de:
a9:6d:f4:73:08:46:17:c5:da:04:43:8e:95:de:c6:
8b:62:14:bf:01:71:00:8b:56:f7:18:e2:80:30:fd:
b4:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:E1:FD:31:85:92:16:5B:90:9F:68:75:99:67:10:78:12:31:2C:F6
X509v3 Authority Key Identifier:
keyid:83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/g9lvHepyqZ0jS0RW1vZnXcfmBh4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/58FBCA226E7E11EEAC334172C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.94.165.0/24
IPv6:
2407:4ac0:1400::-2407:4ac0:3fff:ffff:ffff:ffff:ffff:ffff
2407:4ac0:6000::/35
Signature Algorithm: sha256WithRSAEncryption
69:79:4f:c1:78:34:84:ba:6e:11:03:bc:d3:97:d6:a2:0a:b3:
9c:b4:4e:dc:98:eb:61:18:d3:20:e2:eb:e7:56:f4:a7:54:b3:
4d:67:ca:ad:4b:a7:3c:9b:29:cc:ae:69:8f:d0:b3:23:5b:17:
11:05:44:af:21:83:83:50:cc:bf:ba:a9:50:b1:f1:91:bc:db:
b5:46:56:7f:68:2c:17:3a:c3:fe:fd:b8:dc:0a:9d:39:7a:9b:
d6:3b:ac:31:32:c8:22:e5:b0:be:fc:a9:49:7c:a7:4d:3e:b7:
b1:77:83:6b:bc:a1:74:a3:fa:7f:64:d9:52:2b:7b:66:a7:9a:
af:96:6a:cc:1e:dc:03:24:b3:56:4a:d2:b6:09:40:0e:a7:42:
34:23:f9:30:ac:df:62:1f:68:5e:bf:66:5e:8c:b1:e6:9f:6c:
08:59:28:d5:c6:14:d8:be:b1:bd:c9:5a:44:58:7c:41:bd:69:
18:f4:3f:77:b4:8c:2b:95:b4:bb:e7:79:d2:66:16:ad:d5:31:
7b:2a:27:0a:d6:ac:8b:7e:b0:81:a3:e8:85:0c:17:9e:a4:b8:
ed:55:f6:7f:bb:3b:c7:b8:26:41:c2:1c:d6:ab:29:6e:bb:ce:
df:05:ad:eb:d9:19:21:d5:34:48:05:a3:95:75:ef:be:43:fd:
be:e9:0f:9e
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICBf4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU2QjcxMTAvBgNVBAUTKDgzRDk2RjFERUE3MkE5OUQyMzRCNDQ1NkQ2RjY2NzVE
QzdFNjA2MUUwHhcNMjQwMTIzMjExMzI5WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWIwMmJmOS0wNmVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAurR6jV6X6GFBNVElOZBjreVlMI5ybv6ep4xKjI5EnUWFPhV1Z6ujbtSVIuAy
yBIwm6zCy53bjSXwGJJm6nyK/frEIhZXs/yJOP3kdl+QGvan38/nVaoEmPDr4DjF
tSBn2adu+K2IHMnFETK203AVZNlPG6h0bDhwjj21hyrJ4eXv126mVSQxII7TMDjN
d9Fk1bBq3jTb1HHZDa/sj0qwZLVZ8d6haHaTlin4jjq+EwCousUvYqyk/WqCKUIS
E9b7xr7ZavDpbWT9XLw1T84yp1+WZutihNNB71jh94VhB96pbfRzCEYXxdoEQ46V
3saLYhS/AXEAi1b3GOKAMP20wwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFHvh/TGF
khZbkJ9odZlnEHgSMSz2MB8GA1UdIwQYMBaAFIPZbx3qcqmdI0tEVtb2Z13H5gYe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTZCNy85NUVGN0RCQTk2
N0QxMUVCQURENTBEMkNDNEY5QUUwMi9nOWx2SGVweXFaMGpTMFJXMXZablhjZm1C
aDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2c5bHZIZXB5cVowalMwUlcxdlpuWGNmbUJoNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU2QjcvOTVFRjdEQkE5NjdEMTFFQkFERDUwRDJDQzRGOUFFMDIvNThGQkNBMjI2
RTdFMTFFRUFDMzM0MTcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMAwEAgABMAYDBADKXqUwIAQCAAIwGjAQAwYCJAdKwBQDBgYkB0rAAAMGBSQH
SsBgMA0GCSqGSIb3DQEBCwUAA4IBAQBpeU/BeDSEum4RA7zTl9aiCrOctE7cmOth
GNMg4uvnVvSnVLNNZ8qtS6c8mynMrmmP0LMjWxcRBUSvIYODUMy/uqlQsfGRvNu1
RlZ/aCwXOsP+/bjcCp05epvWO6wxMsgi5bC+/KlJfKdNPrexd4NrvKF0o/p/ZNlS
K3tmp5qvlmrMHtwDJLNWStK2CUAOp0I0I/kwrN9iH2hev2ZejLHmn2wIWSjVxhTY
vrG9yVpEWHxBvWkY9D93tIwrlbS753nSZhat1TF7KicK1qyLfrCBo+iFDBeepLjt
VfZ/uzvHuCZBwhzWqyluu87fBa3r2Rkh1TRIBaOVde++Q/2+6Q+e
-----END CERTIFICATE-----
Generated at Mon Mar 25 21:47:53 2024 by rpki-client on console-ams.rpki-client.org