Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/68FB91C8D62011EEB71DB418C4F9AE02.roa
File: 68FB91C8D62011EEB71DB418C4F9AE02.roa (raw, json)
Hash identifier: Y82kcv/M2LHp498bo2fsaqhck+xJ95yDD5ruup9f5Qc=
Subject key identifier: B9:44:D3:10:F3:62:3A:F1:7D:D5:28:5C:4E:1A:EC:8E:09:41:A5:42
Certificate issuer: /CN=A91E170B/serialNumber=6D38C5B4CF4BAD3D984871A7321A9D16960BE268
Certificate serial: 350A
Authority key identifier: 6D:38:C5:B4:CF:4B:AD:3D:98:48:71:A7:32:1A:9D:16:96:0B:E2:68
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/68FB91C8D62011EEB71DB418C4F9AE02.roa
Signing time: Wed 28 Feb 2024 11:19:27 +0000
ROA not before: Wed 28 Feb 2024 11:19:27 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 45192
IP address blocks: 202.125.96.0/23 maxlen: 23
202.125.96.0/24 maxlen: 24
202.125.97.0/24 maxlen: 24
2001:df0:a::/48 maxlen: 48
2001:df2:ee00::/47 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 May 2024 23:20:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13578 (0x350a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E170B/serialNumber=6D38C5B4CF4BAD3D984871A7321A9D16960BE268
Validity
Not Before: Feb 28 11:19:27 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=65df16be-e663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:db:84:d4:c4:0c:0d:b4:ac:00:0e:c3:84:5e:
3b:b3:9c:44:b1:8a:c0:f4:79:51:89:8b:6a:7e:a7:
64:91:80:ca:05:f5:03:b6:1b:4f:33:cf:f3:c9:ac:
d8:9f:13:69:76:57:2d:12:fb:9c:a4:17:a4:f9:50:
59:d8:ac:9f:38:30:be:94:bc:25:a9:17:8d:6a:42:
5d:69:63:61:de:fb:eb:ac:7c:12:3d:56:23:1a:ef:
6d:7c:ca:55:85:e7:09:7f:53:e7:ea:b2:1d:33:dc:
2d:73:be:0c:5e:47:35:72:da:89:37:46:d0:15:20:
25:ac:13:3f:b6:0b:1d:21:7f:de:0b:de:d5:79:76:
90:9a:5b:11:15:c8:8a:cd:f5:28:1c:71:e1:62:bf:
53:9e:21:22:90:fc:39:bb:83:29:25:52:6d:ab:6f:
49:b0:07:58:7e:fa:93:97:f4:0d:f8:25:26:72:4b:
c0:b4:6b:6d:60:50:a6:ed:e3:0b:62:e2:66:26:7a:
d8:07:c8:25:a0:b0:ca:6e:9b:50:8b:f0:1d:7f:9d:
ae:a8:b9:78:6e:b8:f2:c2:e4:32:57:f1:c7:68:79:
c8:74:dc:b6:31:30:11:0c:12:67:ad:8f:ad:53:e5:
25:04:aa:ca:fe:91:87:43:2e:fd:73:9b:a8:46:5e:
8c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:44:D3:10:F3:62:3A:F1:7D:D5:28:5C:4E:1A:EC:8E:09:41:A5:42
X509v3 Authority Key Identifier:
keyid:6D:38:C5:B4:CF:4B:AD:3D:98:48:71:A7:32:1A:9D:16:96:0B:E2:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/68FB91C8D62011EEB71DB418C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.125.96.0/23
IPv6:
2001:df0:a::/48
2001:df2:ee00::/47
Signature Algorithm: sha256WithRSAEncryption
82:47:e1:50:a2:17:19:eb:b3:39:3c:22:da:9e:e9:a3:84:75:
cf:ca:1e:dc:b1:2f:e3:7f:21:47:75:c7:d6:f6:f7:1c:e1:59:
d0:32:78:32:28:a7:f4:2c:76:d4:99:b7:75:7b:88:4c:9b:5d:
ad:fc:3f:83:cd:1e:0a:46:57:34:6f:23:86:19:ef:32:34:25:
49:68:e8:b2:d7:24:0c:4f:a7:01:67:5f:fd:72:89:62:0c:79:
f2:3b:c3:ca:0e:9e:60:38:49:72:fa:40:94:ff:77:eb:b0:a1:
a5:27:e6:14:c4:58:52:f8:1d:c8:be:b2:47:1e:d6:f0:42:fd:
ff:28:d0:a6:33:c1:e3:32:f0:1b:49:db:0a:f9:84:91:64:c8:
70:af:6f:26:dd:1f:1f:44:82:95:bc:fc:24:75:d2:c9:25:3b:
ef:b7:ce:47:05:87:44:e5:a7:8b:95:b3:23:95:20:2c:20:99:
2a:2e:2c:7b:50:a9:9a:6a:96:2e:ac:ae:52:15:e0:0a:d5:df:
b5:db:9b:30:74:8b:25:b2:7a:9d:01:d9:5c:f6:78:aa:ee:29:
e1:a9:04:2f:a5:df:29:44:21:e8:44:50:ea:34:cc:a7:c4:86:
34:c9:09:50:cf:56:5c:f5:1a:be:54:1e:37:ff:62:41:94:bf:
a3:fa:70:b9
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICNQowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTE3MEIxMTAvBgNVBAUTKDZEMzhDNUI0Q0Y0QkFEM0Q5ODQ4NzFBNzMyMUE5RDE2
OTYwQkUyNjgwHhcNMjQwMjI4MTExOTI3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWRmMTZiZS1lNjYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1duE1MQMDbSsAA7DhF47s5xEsYrA9HlRiYtqfqdkkYDKBfUDthtPM8/zyazY
nxNpdlctEvucpBek+VBZ2KyfODC+lLwlqReNakJdaWNh3vvrrHwSPVYjGu9tfMpV
hecJf1Pn6rIdM9wtc74MXkc1ctqJN0bQFSAlrBM/tgsdIX/eC97VeXaQmlsRFciK
zfUoHHHhYr9TniEikPw5u4MpJVJtq29JsAdYfvqTl/QN+CUmckvAtGttYFCm7eML
YuJmJnrYB8gloLDKbptQi/Adf52uqLl4brjywuQyV/HHaHnIdNy2MTARDBJnrY+t
U+UlBKrK/pGHQy79c5uoRl6MSQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFLlE0xDz
YjrxfdUoXE4a7I4JQaVCMB8GA1UdIwQYMBaAFG04xbTPS609mEhxpzIanRaWC+Jo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMTcwQi85N0FGNkRGMDFE
NkQxMUUyQTEyRDlFQUUwOEIwMkNEMi9iVGpGdE05THJUMllTSEduTWhxZEZwWUw0
bWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JUakZ0TTlMclQyWVNIR25NaHFkRnBZTDRtZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTE3MEIvOTdBRjZERjAxRDZEMTFFMkExMkQ5RUFFMDhCMDJDRDIvNjhGQjkxQzhE
NjIwMTFFRUI3MURCNDE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMAwEAgABMAYDBAHKfWAwGAQCAAIwEgMHACABDfAACgMHASABDfLuADANBgkq
hkiG9w0BAQsFAAOCAQEAgkfhUKIXGeuzOTwi2p7po4R1z8oe3LEv438hR3XH1vb3
HOFZ0DJ4Miin9Cx21Jm3dXuITJtdrfw/g80eCkZXNG8jhhnvMjQlSWjostckDE+n
AWdf/XKJYgx58jvDyg6eYDhJcvpAlP9367ChpSfmFMRYUvgdyL6yRx7W8EL9/yjQ
pjPB4zLwG0nbCvmEkWTIcK9vJt0fH0SClbz8JHXSySU777fORwWHROWni5WzI5Ug
LCCZKi4se1CpmmqWLqyuUhXgCtXftdubMHSLJbJ6nQHZXPZ4qu4p4akEL6XfKUQh
6ERQ6jTMp8SGNMkJUM9WXPUavlQeN/9iQZS/o/pwuQ==
-----END CERTIFICATE-----
Generated at Thu May 9 23:56:50 2024 by rpki-client on console-fra.rpki-client.org