Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/B6B9C32EE2B611EEA02CB509C4F9AE02.roa
File: B6B9C32EE2B611EEA02CB509C4F9AE02.roa (raw, json)
Hash identifier: Tb69Ry2El2tfGjygt265zh4+XfwXugYSEnkTwjgtZgU=
Subject key identifier: 19:F7:9C:0A:6B:36:16:BB:B7:11:F3:C8:C3:D5:17:7F:19:BF:A0:68
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 34BA
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/B6B9C32EE2B611EEA02CB509C4F9AE02.roa
Signing time: Fri 15 Mar 2024 10:28:08 +0000
ROA not before: Fri 15 Mar 2024 10:28:08 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 151636
IP address blocks: 116.90.116.0/23 maxlen: 23
121.46.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 09:41:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13498 (0x34ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Mar 15 10:28:08 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65f422b7-e797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6f:78:fd:c1:58:e0:6a:8a:ac:3e:5f:71:4e:
c1:96:ce:45:12:97:7f:1a:f9:0d:f1:51:b9:d3:38:
58:99:97:77:9b:5e:28:31:ae:a1:3c:9c:65:4a:2d:
28:c3:7e:3a:cd:28:3a:73:56:99:f6:f5:58:9a:4f:
9c:7e:4e:a1:cd:22:b0:4e:ae:99:2c:5b:92:ca:e7:
a8:7d:5b:bd:96:7e:30:a0:40:f6:9f:d5:ea:b6:15:
a2:bb:cf:3c:97:17:b7:a0:4b:df:76:c0:bc:47:5f:
8c:ff:b5:bb:9f:c0:89:44:41:9c:5b:42:2a:e4:8d:
24:52:a7:82:3c:8a:c3:40:b5:0d:9c:e1:79:48:c4:
9a:27:60:53:cb:92:e7:59:36:c6:a1:81:db:bb:89:
1b:63:94:41:16:f8:8f:b9:c4:44:9f:90:44:41:8e:
16:ce:85:87:05:fa:be:89:f5:5b:96:f6:7b:ab:d8:
47:3f:c6:87:11:16:4a:d8:7d:eb:0b:18:fd:3b:bf:
84:5f:1f:71:c9:53:88:89:f6:68:e5:fe:2c:54:86:
2c:19:8f:2e:ef:34:41:80:71:98:25:26:04:0b:67:
ad:68:f5:c2:36:ce:73:d8:94:9a:9a:3b:3f:17:06:
c7:e0:4c:2f:b8:a3:65:92:09:15:3a:4d:a3:13:fc:
64:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:F7:9C:0A:6B:36:16:BB:B7:11:F3:C8:C3:D5:17:7F:19:BF:A0:68
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/B6B9C32EE2B611EEA02CB509C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.90.116.0/23
121.46.66.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:9c:6a:23:ba:89:ea:62:3c:06:20:56:2b:3b:61:f8:a2:a3:
32:71:80:4c:c6:a6:aa:81:75:90:b1:d9:68:23:89:73:24:97:
d8:10:b8:bd:d7:14:14:6f:52:d0:c5:f5:e6:da:73:2f:d7:7b:
80:36:be:59:78:0f:40:74:46:d3:4d:4a:d7:f1:3a:e5:4b:77:
51:52:e9:68:57:cc:3b:2a:06:f7:74:ce:82:7a:2a:a6:c7:0b:
f6:ec:21:03:14:f4:c2:9b:5c:fd:56:cc:2e:ae:9d:b9:d3:c3:
3d:c7:1c:b2:55:c0:84:dd:ae:41:ea:f7:cf:2e:20:15:2f:01:
ce:ac:45:a2:fe:03:b5:c2:d1:a5:47:b6:10:67:49:21:2f:e9:
d1:d1:b3:ac:62:d7:2b:73:77:4e:d3:c9:87:9f:52:aa:3e:e5:
fc:3a:a9:5d:4d:f7:10:17:6e:3c:25:6c:78:47:ff:9a:78:c6:
b3:9d:ca:0c:3c:02:8b:d4:8f:f7:02:ca:8d:06:59:fe:1d:a0:
d5:e7:97:3c:23:e5:ee:cf:94:74:98:d9:15:0b:fa:9a:0b:bf:
90:67:c4:d3:ae:aa:97:6a:0b:87:20:d9:85:7f:cd:9b:b5:ed:
e8:7b:6b:d5:98:b1:27:35:d2:da:32:9a:c2:9c:eb:6a:84:3c:
58:d7:03:b5
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNLowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjQwMzE1MTAyODA4WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWY0MjJiNy1lNzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuW94/cFY4GqKrD5fcU7Bls5FEpd/GvkN8VG50zhYmZd3m14oMa6hPJxlSi0o
w346zSg6c1aZ9vVYmk+cfk6hzSKwTq6ZLFuSyueofVu9ln4woED2n9XqthWiu888
lxe3oEvfdsC8R1+M/7W7n8CJREGcW0Iq5I0kUqeCPIrDQLUNnOF5SMSaJ2BTy5Ln
WTbGoYHbu4kbY5RBFviPucREn5BEQY4WzoWHBfq+ifVblvZ7q9hHP8aHERZK2H3r
Cxj9O7+EXx9xyVOIifZo5f4sVIYsGY8u7zRBgHGYJSYEC2etaPXCNs5z2JSamjs/
FwbH4EwvuKNlkgkVOk2jE/xkMwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBn3nApr
Nha7txHzyMPVF38Zv6BoMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvQjZCOUMzMkVF
MkI2MTFFRUEwMkNCNTA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAF0WnQDBAB5LkIwDQYJKoZIhvcNAQELBQADggEBAIycaiO6
iepiPAYgVis7YfiiozJxgEzGpqqBdZCx2WgjiXMkl9gQuL3XFBRvUtDF9ebacy/X
e4A2vll4D0B0RtNNStfxOuVLd1FS6WhXzDsqBvd0zoJ6KqbHC/bsIQMU9MKbXP1W
zC6unbnTwz3HHLJVwITdrkHq988uIBUvAc6sRaL+A7XC0aVHthBnSSEv6dHRs6xi
1ytzd07TyYefUqo+5fw6qV1N9xAXbjwlbHhH/5p4xrOdygw8AovUj/cCyo0GWf4d
oNXnlzwj5e7PlHSY2RUL+poLv5BnxNOuqpdqC4cg2YV/zZu17eh7a9WYsSc10toy
msKc62qEPFjXA7U=
-----END CERTIFICATE-----
Generated at Tue Apr 30 12:15:42 2024 by rpki-client on console-fra.rpki-client.org