Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB193/93D4E490F63111EE9ACBE221C4F9AE02/BF0AEB12F63311EE863CC844C4F9AE02.roa
File: BF0AEB12F63311EE863CC844C4F9AE02.roa (raw, json)
Hash identifier: G/J3iORvNE81RBoxtrIbg1rhldWObuX031NoD7+NMa4=
Subject key identifier: FA:4C:3E:D9:51:E7:A4:EE:48:61:EC:C3:1E:5D:82:DC:94:B7:6D:7E
Certificate issuer: /CN=A91AB193/serialNumber=7B1AE27D3CF51499C5056E7DA873665E4E415179
Certificate serial: 04
Authority key identifier: 7B:1A:E2:7D:3C:F5:14:99:C5:05:6E:7D:A8:73:66:5E:4E:41:51:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/exrifTz1FJnFBW59qHNmXk5BUXk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB193/93D4E490F63111EE9ACBE221C4F9AE02/BF0AEB12F63311EE863CC844C4F9AE02.roa
Signing time: Tue 09 Apr 2024 05:43:07 +0000
ROA not before: Tue 09 Apr 2024 05:43:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 140991
IP address blocks: 203.223.88.0/23 maxlen: 24
2001:df3:a3c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Jul 2024 10:19:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB193/serialNumber=7B1AE27D3CF51499C5056E7DA873665E4E415179
Validity
Not Before: Apr 9 05:43:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6614d56b-3425
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fb:e4:04:d8:a3:c0:df:7b:4d:12:d5:22:2d:
ad:29:9a:17:c9:fc:3b:00:40:85:a2:1e:63:1e:2e:
31:df:4d:91:c9:15:43:8a:c9:49:cb:f3:3f:f8:2e:
44:60:0a:ff:9f:10:54:16:77:81:72:fa:fb:d1:e1:
24:0f:48:1b:06:8c:25:6f:77:0d:ee:bc:ea:ea:9a:
b2:03:4a:32:fd:65:aa:2c:8a:a3:67:eb:80:7c:1a:
03:f2:1b:f7:7f:f1:7f:3d:6c:c8:9b:e9:2f:68:11:
a4:ba:d7:ad:15:b7:3a:47:0b:d7:d0:1e:56:93:2c:
50:7c:d7:5e:00:1d:f5:8e:95:ab:10:9c:45:ee:be:
e4:fc:cc:8d:fd:d8:0c:0a:88:a9:0b:3c:5e:fc:22:
af:91:b2:65:25:a1:08:68:9b:f2:d9:d8:79:27:4c:
71:9d:80:b1:bf:95:d3:e2:b5:12:52:72:9b:95:5c:
fc:f2:18:c4:4f:ca:b0:22:f4:ac:eb:5b:80:e3:fd:
7e:34:a3:56:ac:45:8e:d3:dc:d8:c3:b3:0b:c9:c3:
9e:e5:db:32:fc:38:10:79:e1:3e:14:44:a7:67:71:
d0:7b:eb:c5:a6:70:e3:1b:34:f3:e6:5e:42:a1:11:
58:ce:6a:d2:e9:ad:00:87:f0:84:14:67:1c:87:c6:
8f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:4C:3E:D9:51:E7:A4:EE:48:61:EC:C3:1E:5D:82:DC:94:B7:6D:7E
X509v3 Authority Key Identifier:
keyid:7B:1A:E2:7D:3C:F5:14:99:C5:05:6E:7D:A8:73:66:5E:4E:41:51:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB193/93D4E490F63111EE9ACBE221C4F9AE02/exrifTz1FJnFBW59qHNmXk5BUXk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/exrifTz1FJnFBW59qHNmXk5BUXk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB193/93D4E490F63111EE9ACBE221C4F9AE02/BF0AEB12F63311EE863CC844C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.223.88.0/23
IPv6:
2001:df3:a3c0::/48
Signature Algorithm: sha256WithRSAEncryption
32:de:47:7d:7a:1e:8d:27:4f:7a:0d:ec:c9:0c:73:f4:d8:50:
ef:8c:b8:40:66:e5:71:1c:0d:dc:a9:a3:c1:eb:d9:2e:c5:6d:
eb:e5:36:75:fc:70:53:f3:ea:42:45:fa:15:20:d3:78:64:63:
7f:47:db:49:2d:c4:61:bc:be:6e:1d:b5:23:12:10:8f:9b:27:
cb:62:c3:e6:2d:4c:ea:3a:a5:ee:66:1b:e3:45:41:32:2a:bf:
bb:2c:27:c7:9d:55:93:50:e3:ff:0b:e5:6f:5f:89:06:7d:cf:
46:d8:11:2f:c4:bb:45:cb:d8:31:49:af:83:19:9f:26:e0:a6:
81:45:0e:be:3b:51:99:8f:4a:a4:c1:5f:80:f7:75:d5:e1:f4:
91:ad:bc:1b:0f:48:96:be:a0:1d:8c:0b:a3:e5:69:67:91:6e:
04:b0:a6:0d:4c:b7:80:d8:a7:ed:7f:9e:90:b7:89:e5:06:87:
12:fa:5a:5a:d0:2d:f8:8b:39:1c:a2:83:28:97:11:f1:48:f1:
77:ce:92:65:6a:bc:d2:52:cd:08:cf:08:7d:80:9a:26:49:a6:
31:5a:2d:17:4a:82:41:67:54:23:b4:0b:49:b1:dc:df:67:ad:
ed:62:a8:9b:ff:df:96:41:ec:9d:3d:8a:56:37:8a:37:a4:d2:
3b:83:ed:0f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
QjE5MzExMC8GA1UEBRMoN0IxQUUyN0QzQ0Y1MTQ5OUM1MDU2RTdEQTg3MzY2NUU0
RTQxNTE3OTAeFw0yNDA0MDkwNTQzMDdaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MTRkNTZiLTM0MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCe++QE2KPA33tNEtUiLa0pmhfJ/DsAQIWiHmMeLjHfTZHJFUOKyUnL8z/4LkRg
Cv+fEFQWd4Fy+vvR4SQPSBsGjCVvdw3uvOrqmrIDSjL9ZaosiqNn64B8GgPyG/d/
8X89bMib6S9oEaS6160VtzpHC9fQHlaTLFB8114AHfWOlasQnEXuvuT8zI392AwK
iKkLPF78Iq+RsmUloQhom/LZ2HknTHGdgLG/ldPitRJScpuVXPzyGMRPyrAi9Kzr
W4Dj/X40o1asRY7T3NjDswvJw57l2zL8OBB54T4URKdncdB768WmcOMbNPPmXkKh
EVjOatLprQCH8IQUZxyHxo+nAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU+kw+2VHn
pO5IYezDHl2C3JS3bX4wHwYDVR0jBBgwFoAUexrifTz1FJnFBW59qHNmXk5BUXkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFCMTkzLzkzRDRFNDkwRjYz
MTExRUU5QUNCRTIyMUM0RjlBRTAyL2V4cmlmVHoxRkpuRkJXNTlxSE5tWGs1QlVY
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZXhyaWZUejFGSm5GQlc1OXFITm1YazVCVVhrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
QjE5My85M0Q0RTQ5MEY2MzExMUVFOUFDQkUyMjFDNEY5QUUwMi9CRjBBRUIxMkY2
MzMxMUVFODYzQ0M4NDRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAcvfWDAPBAIAAjAJAwcAIAEN86PAMA0GCSqGSIb3DQEBCwUA
A4IBAQAy3kd9eh6NJ096DezJDHP02FDvjLhAZuVxHA3cqaPB69kuxW3r5TZ1/HBT
8+pCRfoVINN4ZGN/R9tJLcRhvL5uHbUjEhCPmyfLYsPmLUzqOqXuZhvjRUEyKr+7
LCfHnVWTUOP/C+VvX4kGfc9G2BEvxLtFy9gxSa+DGZ8m4KaBRQ6+O1GZj0qkwV+A
93XV4fSRrbwbD0iWvqAdjAuj5WlnkW4EsKYNTLeA2Kftf56Qt4nlBocS+lpa0C34
izkcooMolxHxSPF3zpJlarzSUs0Izwh9gJomSaYxWi0XSoJBZ1QjtAtJsdzfZ63t
Yqib/9+WQeydPYpWN4o3pNI7g+0P
-----END CERTIFICATE-----
Generated at Wed Jul 3 12:43:03 2024 by rpki-client on console-ams.rpki-client.org