Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DFFB0/D00C5F88B68F11EEA56BAE11C4F9AE02/C68948A8B69011EE89956F1BC4F9AE02.roa
File: C68948A8B69011EE89956F1BC4F9AE02.roa (raw, json)
Hash identifier: wH1ShJaMaBqiYJ7/3UTETDgMb2Kw7Kxw2lXSMaYbp20=
Subject key identifier: 82:3B:32:38:B8:FA:AE:BA:93:1E:46:1B:65:3B:36:F5:20:1A:45:49
Certificate issuer: /CN=A91DFFB0/serialNumber=17A66E6EFDED105E812190990536A5DF603BA80E
Certificate serial: 02
Authority key identifier: 17:A6:6E:6E:FD:ED:10:5E:81:21:90:99:05:36:A5:DF:60:3B:A8:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F6Zubv3tEF6BIZCZBTal32A7qA4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DFFB0/D00C5F88B68F11EEA56BAE11C4F9AE02/C68948A8B69011EE89956F1BC4F9AE02.roa
Signing time: Fri 19 Jan 2024 06:05:42 +0000
ROA not before: Fri 19 Jan 2024 06:05:42 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 17667
IP address blocks: 110.238.0.0/23 maxlen: 23
110.238.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jan 2024 06:41:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DFFB0/serialNumber=17A66E6EFDED105E812190990536A5DF603BA80E
Validity
Not Before: Jan 19 06:05:42 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65aa1136-2dd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:dd:75:58:21:e9:98:c5:3a:a5:02:a0:89:19:
7d:dc:fe:63:56:3e:f3:2f:f6:36:d4:97:dc:61:6d:
47:32:60:80:2b:86:93:40:9c:a4:34:9d:55:9c:19:
ce:c5:70:63:0e:a3:67:11:ab:c8:76:7c:b3:87:1a:
b2:75:b7:1f:0d:6f:d9:0d:23:46:31:94:58:51:4b:
c1:3c:75:a9:93:3e:93:a8:f3:45:8c:5c:de:f8:27:
4c:a9:b9:83:5e:be:ac:80:c9:05:59:14:0d:da:de:
7c:5b:e6:44:7f:f9:a4:b1:f5:a7:0d:6a:6c:96:de:
60:89:56:f0:6d:1e:82:09:a1:49:8e:c8:c6:b9:2c:
7c:a8:59:90:68:3b:61:be:f2:c8:7e:2a:b6:7f:f8:
84:13:81:ba:c6:dd:3d:46:dc:80:9e:89:2a:c1:d1:
27:37:58:0a:30:f8:7a:19:29:5b:96:28:d0:20:80:
a3:96:80:a3:7d:c1:8d:2c:9c:3d:da:88:70:39:bb:
34:41:4f:2a:a2:ef:dd:b7:16:77:c1:dc:c4:5f:8e:
35:1f:8d:99:2a:86:e5:76:d5:21:1b:50:42:ff:d5:
4b:62:e8:c3:cd:29:4a:c2:4f:fe:a5:b1:66:7d:ba:
d8:51:3b:6b:9f:e5:d8:0f:a7:49:90:80:21:5c:aa:
f6:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:3B:32:38:B8:FA:AE:BA:93:1E:46:1B:65:3B:36:F5:20:1A:45:49
X509v3 Authority Key Identifier:
keyid:17:A6:6E:6E:FD:ED:10:5E:81:21:90:99:05:36:A5:DF:60:3B:A8:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DFFB0/D00C5F88B68F11EEA56BAE11C4F9AE02/F6Zubv3tEF6BIZCZBTal32A7qA4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F6Zubv3tEF6BIZCZBTal32A7qA4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DFFB0/D00C5F88B68F11EEA56BAE11C4F9AE02/C68948A8B69011EE89956F1BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
110.238.0.0/23
Signature Algorithm: sha256WithRSAEncryption
60:87:5f:72:be:fe:e2:bd:4b:97:54:e5:e9:67:6c:61:dc:b3:
ee:09:df:5e:9e:81:90:c9:bd:b6:2c:b3:8f:0b:36:db:5a:d6:
27:79:a9:32:fc:d8:e4:7f:fd:27:b2:0a:85:af:97:e2:0d:a4:
a7:17:9a:42:05:06:50:93:92:24:5f:4e:ad:ce:23:32:45:73:
9c:f7:fc:c9:29:b8:cd:ba:e5:72:66:68:e1:a0:48:61:f2:94:
a8:8a:0c:cd:66:f4:26:ee:55:c7:85:77:56:bc:60:d6:95:c3:
85:95:40:ac:7f:42:9a:e0:cf:ee:a2:f5:82:aa:2d:1c:47:98:
7d:02:35:34:4e:dd:7c:6e:c4:4f:33:2b:c7:ea:5a:a2:a4:a9:
60:97:29:ef:5f:bc:1e:67:9a:30:46:6b:01:66:d7:f2:24:18:
20:e0:10:63:64:c9:a8:4d:94:53:5f:8a:d1:0c:7d:87:c7:8e:
3e:71:51:91:00:1f:ff:dd:1a:02:0f:d1:b3:44:8f:66:47:c0:
2b:da:e3:ad:96:d5:18:7c:7f:f0:cd:44:ff:d4:93:72:9f:5b:
eb:80:4c:b4:0e:51:a1:f8:e1:a8:6b:14:da:4b:25:a8:2c:db:
66:80:e3:4a:8d:74:67:58:96:a9:83:cd:0d:93:da:cf:b1:d2:
a6:1c:a9:2b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
RkZCMDExMC8GA1UEBRMoMTdBNjZFNkVGREVEMTA1RTgxMjE5MDk5MDUzNkE1REY2
MDNCQTgwRTAeFw0yNDAxMTkwNjA1NDJaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YWExMTM2LTJkZDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCt3XVYIemYxTqlAqCJGX3c/mNWPvMv9jbUl9xhbUcyYIArhpNAnKQ0nVWcGc7F
cGMOo2cRq8h2fLOHGrJ1tx8Nb9kNI0YxlFhRS8E8damTPpOo80WMXN74J0ypuYNe
vqyAyQVZFA3a3nxb5kR/+aSx9acNamyW3mCJVvBtHoIJoUmOyMa5LHyoWZBoO2G+
8sh+KrZ/+IQTgbrG3T1G3ICeiSrB0Sc3WAow+HoZKVuWKNAggKOWgKN9wY0snD3a
iHA5uzRBTyqi7923FnfB3MRfjjUfjZkqhuV21SEbUEL/1Uti6MPNKUrCT/6lsWZ9
uthRO2uf5dgPp0mQgCFcqvbVAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUgjsyOLj6
rrqTHkYbZTs29SAaRUkwHwYDVR0jBBgwFoAUF6Zubv3tEF6BIZCZBTal32A7qA4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURGRkIwL0QwMEM1Rjg4QjY4
RjExRUVBNTZCQUUxMUM0RjlBRTAyL0Y2WnVidjN0RUY2QklaQ1pCVGFsMzJBN3FB
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRjZadWJ2M3RFRjZCSVpDWkJUYWwzMkE3cUE0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
RkZCMC9EMDBDNUY4OEI2OEYxMUVFQTU2QkFFMTFDNEY5QUUwMi9DNjg5NDhBOEI2
OTAxMUVFODk5NTZGMUJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAW7uADANBgkqhkiG9w0BAQsFAAOCAQEAYIdfcr7+4r1Ll1Tl
6WdsYdyz7gnfXp6BkMm9tiyzjws221rWJ3mpMvzY5H/9J7IKha+X4g2kpxeaQgUG
UJOSJF9Orc4jMkVznPf8ySm4zbrlcmZo4aBIYfKUqIoMzWb0Ju5Vx4V3Vrxg1pXD
hZVArH9CmuDP7qL1gqotHEeYfQI1NE7dfG7ETzMrx+paoqSpYJcp71+8HmeaMEZr
AWbX8iQYIOAQY2TJqE2UU1+K0Qx9h8eOPnFRkQAf/90aAg/Rs0SPZkfAK9rjrZbV
GHx/8M1E/9STcp9b64BMtA5RofjhqGsU2kslqCzbZoDjSo10Z1iWqYPNDZPaz7HS
phypKw==
-----END CERTIFICATE-----
Generated at Fri Jan 19 09:47:51 2024 by rpki-client on console-fra.rpki-client.org