Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/5EF6FA5813BD11EE96A4742CC4F9AE02.roa
File: 5EF6FA5813BD11EE96A4742CC4F9AE02.roa (raw, json)
Hash identifier: /CHVelGsjqanwGYEMX1OyFauZKfmuuBWAsgSKAsdIRo=
Subject key identifier: 9F:B7:66:F7:EC:17:10:C0:1B:A9:C5:75:69:35:38:03:2C:BC:F8:EA
Certificate issuer: /CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Certificate serial: 34
Authority key identifier: 45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/5EF6FA5813BD11EE96A4742CC4F9AE02.roa
Signing time: Mon 26 Jun 2023 01:04:16 +0000
ROA not before: Mon 26 Jun 2023 01:04:16 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 21859
IP address blocks: 125.62.77.0/24 maxlen: 24
125.62.78.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Sep 2023 14:04:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52 (0x34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Validity
Not Before: Jun 26 01:04:16 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6498e410-3a4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:bb:d4:47:ec:ac:92:73:5e:d9:92:68:9d:46:
16:8c:67:98:7e:e7:4e:41:84:44:b3:c5:1a:76:38:
57:37:6a:b5:6b:1b:3e:d2:0d:ee:4c:cb:13:ca:09:
bb:53:03:4d:be:a1:65:be:76:61:2e:31:ca:6b:32:
79:be:93:e7:6e:24:cf:2e:f7:e5:90:f8:2a:10:f5:
91:0b:17:47:f2:5b:ec:ab:6c:6b:dc:4c:3e:fc:7b:
50:bf:76:dc:a6:9b:42:f5:52:74:55:27:36:83:f1:
4a:83:ac:25:4d:e3:e2:1f:5f:4e:4c:38:c7:43:3d:
87:f3:ae:a4:a4:26:a8:a8:20:ed:ad:ff:a3:71:81:
33:ea:ec:7c:8f:48:a6:a8:96:2e:aa:d4:79:c2:ee:
85:60:62:3c:69:72:29:21:60:ef:26:b1:bc:59:2d:
26:56:d9:f9:f3:8b:8e:a1:6d:c4:58:38:be:1e:0c:
eb:9b:96:0c:2b:76:bf:03:7e:b8:80:f4:4f:20:8b:
b7:22:34:84:a5:eb:bb:28:89:9c:95:65:44:58:cc:
4b:43:10:bc:17:b3:32:37:da:f1:f4:be:7f:15:26:
4f:9f:0b:84:68:a6:8b:dc:68:9f:a4:8b:4f:c8:c1:
fc:bd:7b:be:1f:99:6f:82:2b:a0:bb:0b:2f:ec:41:
c7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:B7:66:F7:EC:17:10:C0:1B:A9:C5:75:69:35:38:03:2C:BC:F8:EA
X509v3 Authority Key Identifier:
keyid:45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/5EF6FA5813BD11EE96A4742CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
125.62.77.0-125.62.78.255
Signature Algorithm: sha256WithRSAEncryption
06:7e:4e:18:bc:d2:44:c5:d5:4d:02:31:ad:ae:01:ce:f4:28:
82:94:19:26:6c:40:df:f3:6b:4b:ff:56:19:d3:a3:f0:38:fe:
d2:eb:10:0e:9d:95:52:cb:e5:1d:cd:9d:32:9c:c7:46:93:2d:
6a:14:2e:e1:05:53:e5:1a:93:fb:47:0c:8d:c8:61:d8:0a:3a:
6d:e1:12:9f:92:8a:64:ca:50:49:76:ae:a0:e7:53:75:2c:29:
d1:7f:83:c1:43:cd:cd:e7:40:ae:da:d6:cf:e7:b1:04:b9:00:
21:5b:ab:45:56:a5:e8:f8:85:68:00:37:d0:c0:48:41:a9:80:
be:05:1e:4e:d4:60:e6:aa:e3:6d:f5:73:da:1f:2d:3c:86:1f:
af:85:cd:16:a5:cb:6c:ac:b6:3a:85:f5:68:a9:d0:14:86:14:
8e:59:6f:0d:8c:7d:1e:40:bc:41:a8:03:6e:58:9f:9c:2f:a4:
e6:5b:39:5d:37:7f:c0:bf:cd:77:4b:5a:e5:1d:9f:3e:a0:e9:
c7:ab:fb:7e:fa:9c:17:72:4a:32:f2:db:9b:21:13:06:31:79:
0d:a3:77:c1:09:78:6c:71:ee:4c:8e:4d:fa:8e:aa:cc:37:9d:
9c:54:b1:32:2d:25:5e:f4:a5:61:68:1b:6b:63:cb:fb:48:f4:
c4:bb:41:5c
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIBNDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
NjU1MDExMC8GA1UEBRMoNDU2RUVBMDY5MkM2QTRGMjZGNTNEMkQyMzdEMUNCNERD
RDc4MzMwNTAeFw0yMzA2MjYwMTA0MTZaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0OThlNDEwLTNhNGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDHu9RH7KySc17ZkmidRhaMZ5h+505BhESzxRp2OFc3arVrGz7SDe5MyxPKCbtT
A02+oWW+dmEuMcprMnm+k+duJM8u9+WQ+CoQ9ZELF0fyW+yrbGvcTD78e1C/dtym
m0L1UnRVJzaD8UqDrCVN4+IfX05MOMdDPYfzrqSkJqioIO2t/6NxgTPq7HyPSKao
li6q1HnC7oVgYjxpcikhYO8msbxZLSZW2fnzi46hbcRYOL4eDOublgwrdr8DfriA
9E8gi7ciNISl67soiZyVZURYzEtDELwXszI32vH0vn8VJk+fC4RopovcaJ+ki0/I
wfy9e74fmW+CK6C7Cy/sQce3AgMBAAGjggKdMIICmTAdBgNVHQ4EFgQUn7dm9+wX
EMAbqcV1aTU4Ayy8+OowHwYDVR0jBBgwFoAURW7qBpLGpPJvU9LSN9HLTc14MwUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM2NTUwLzg0MDA5NTRBQ0VD
NDExRUQ4QTgzRkIxMUM0RjlBRTAyL1JXN3FCcExHcFBKdlU5TFNOOUhMVGMxNE13
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUlc3cUJwTEdwUEp2VTlMU045SExUYzE0TXdVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NjU1MC84NDAwOTU0QUNFQzQxMUVEOEE4M0ZCMTFDNEY5QUUwMi81RUY2RkE1ODEz
QkQxMUVFOTZBNDc0MkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQAfT5NAwQAfT5OMA0GCSqGSIb3DQEBCwUAA4IBAQAGfk4Y
vNJExdVNAjGtrgHO9CiClBkmbEDf82tL/1YZ06PwOP7S6xAOnZVSy+UdzZ0ynMdG
ky1qFC7hBVPlGpP7RwyNyGHYCjpt4RKfkopkylBJdq6g51N1LCnRf4PBQ83N50Cu
2tbP57EEuQAhW6tFVqXo+IVoADfQwEhBqYC+BR5O1GDmquNt9XPaHy08hh+vhc0W
pctsrLY6hfVoqdAUhhSOWW8NjH0eQLxBqANuWJ+cL6TmWzldN3/Av813S1rlHZ8+
oOnHq/t++pwXckoy8tubIRMGMXkNo3fBCXhsce5Mjk36jqrMN52cVLEyLSVe9KVh
aBtrY8v7SPTEu0Fc
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org