Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/6E875DD8907611EE82DBAD15C4F9AE02.roa
File: 6E875DD8907611EE82DBAD15C4F9AE02.roa (raw, json)
Hash identifier: 0rtTGbYOalVyECcJCifHiWXwYb0uQS4DYpi25hr73zE=
Subject key identifier: DA:6D:5A:FC:D8:AF:E5:EE:D2:03:89:92:C8:C5:7B:39:30:F4:43:54
Certificate issuer: /CN=A91EE09C/serialNumber=3C69B9B601D2C9F2A3915A6FFBCA3DAD62E99245
Certificate serial: 08
Authority key identifier: 3C:69:B9:B6:01:D2:C9:F2:A3:91:5A:6F:FB:CA:3D:AD:62:E9:92:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGm5tgHSyfKjkVpv-8o9rWLpkkU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/6E875DD8907611EE82DBAD15C4F9AE02.roa
Signing time: Fri 01 Dec 2023 18:23:50 +0000
ROA not before: Fri 01 Dec 2023 18:23:50 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 151987
IP address blocks: 203.99.144.0/23 maxlen: 23
203.99.144.0/24 maxlen: 24
203.99.145.0/24 maxlen: 24
2001:df3:18c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 25 Feb 2024 16:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EE09C/serialNumber=3C69B9B601D2C9F2A3915A6FFBCA3DAD62E99245
Validity
Not Before: Dec 1 18:23:50 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=656a24b6-2644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:eb:ad:37:d2:ac:1a:cf:61:b7:01:cc:b1:8a:
3f:8a:e5:59:85:e7:ce:d0:84:41:0d:27:ed:1a:f0:
19:20:96:d4:06:51:9e:da:52:94:0d:2f:1a:8c:be:
5c:4a:bc:d9:ee:eb:db:e4:f2:7b:e4:f9:e9:09:af:
38:d1:01:cb:8b:9d:d2:30:1f:9b:cb:54:b3:b4:16:
ad:50:69:34:e7:52:54:32:5c:83:e2:71:cd:14:20:
9b:f8:2f:4a:8f:a7:14:13:13:2b:88:62:fe:18:76:
50:17:b0:dc:7c:a1:fa:49:7c:dc:56:7b:3b:00:70:
02:64:1b:15:44:92:91:c9:46:68:11:4e:26:18:57:
04:d2:ce:e4:9f:38:19:e5:78:6e:b4:31:a3:d3:34:
f7:46:5c:7b:f3:0d:99:54:5d:66:03:3a:a8:ef:2a:
c8:74:b0:07:eb:2e:55:bd:2f:06:bb:e3:67:a2:0f:
11:db:78:5b:14:53:5b:3d:4b:9c:de:48:f6:f0:67:
5c:9b:d5:47:2b:70:4c:ef:25:c3:08:52:7b:4a:9f:
b0:52:04:5e:37:60:a9:e0:ea:e9:f5:dd:22:a9:30:
e4:a9:d9:41:df:6d:9d:99:d4:25:ba:00:d6:69:0a:
e5:f8:01:a3:94:12:67:9d:f6:60:db:59:9d:b6:e6:
14:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:6D:5A:FC:D8:AF:E5:EE:D2:03:89:92:C8:C5:7B:39:30:F4:43:54
X509v3 Authority Key Identifier:
keyid:3C:69:B9:B6:01:D2:C9:F2:A3:91:5A:6F:FB:CA:3D:AD:62:E9:92:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/PGm5tgHSyfKjkVpv-8o9rWLpkkU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGm5tgHSyfKjkVpv-8o9rWLpkkU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/6E875DD8907611EE82DBAD15C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.99.144.0/23
IPv6:
2001:df3:18c0::/48
Signature Algorithm: sha256WithRSAEncryption
27:c9:48:14:c4:4d:85:3a:75:f7:44:57:bf:df:aa:0c:66:f5:
c1:dd:10:60:3f:57:89:30:84:d2:92:fc:22:0b:4c:80:48:35:
e7:6d:8d:c0:29:cb:12:a5:5a:51:ac:03:17:d6:90:a5:b4:a4:
8a:bf:1b:79:33:8c:81:76:52:44:3a:48:ac:b8:ce:49:80:39:
32:ec:9b:72:ea:89:a0:84:ae:03:5a:3e:b9:26:eb:3d:68:3d:
4c:3a:ed:4a:83:ed:75:88:cb:7b:6b:ee:e6:1d:85:d0:e7:4b:
3c:1a:95:3a:dc:9a:b9:04:52:b7:a7:bb:32:b7:65:bc:53:8a:
b5:13:3b:d7:ab:88:eb:12:e0:41:17:ac:44:df:03:5b:52:a9:
1c:26:b3:09:a0:68:f4:6b:89:f7:21:27:5c:c8:a8:67:28:3f:
52:58:98:73:9e:d8:78:61:1d:70:b3:6a:22:29:8a:66:98:ea:
c4:02:c6:0c:a2:21:91:00:9e:da:cd:96:9c:fe:d9:0b:40:9a:
31:55:a8:76:2a:7b:15:a8:c6:76:f0:9b:32:49:75:66:86:cf:
88:cb:c3:4d:b3:87:96:fd:91:50:d8:3c:b5:24:94:5b:15:d7:
ea:2a:16:8f:cc:43:68:3f:67:af:8a:38:ed:ec:e6:74:5d:4d:
43:dc:e1:c7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RTA5QzExMC8GA1UEBRMoM0M2OUI5QjYwMUQyQzlGMkEzOTE1QTZGRkJDQTNEQUQ2
MkU5OTI0NTAeFw0yMzEyMDExODIzNTBaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NmEyNGI2LTI2NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDe66030qwaz2G3Acyxij+K5VmF587QhEENJ+0a8BkgltQGUZ7aUpQNLxqMvlxK
vNnu69vk8nvk+ekJrzjRAcuLndIwH5vLVLO0Fq1QaTTnUlQyXIPicc0UIJv4L0qP
pxQTEyuIYv4YdlAXsNx8ofpJfNxWezsAcAJkGxVEkpHJRmgRTiYYVwTSzuSfOBnl
eG60MaPTNPdGXHvzDZlUXWYDOqjvKsh0sAfrLlW9Lwa742eiDxHbeFsUU1s9S5ze
SPbwZ1yb1UcrcEzvJcMIUntKn7BSBF43YKng6un13SKpMOSp2UHfbZ2Z1CW6ANZp
CuX4AaOUEmed9mDbWZ225hTZAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU2m1a/Niv
5e7SA4mSyMV7OTD0Q1QwHwYDVR0jBBgwFoAUPGm5tgHSyfKjkVpv+8o9rWLpkkUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVFMDlDL0VFRjc2MkMwOTA3
NTExRUU4N0QyNjY4MEM0RjlBRTAyL1BHbTV0Z0hTeWZLamtWcHYtOG85cldMcGtr
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUEdtNXRnSFN5Zktqa1Zwdi04bzlyV0xwa2tVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RTA5Qy9FRUY3NjJDMDkwNzUxMUVFODdEMjY2ODBDNEY5QUUwMi82RTg3NUREODkw
NzYxMUVFODJEQkFEMTVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEActjkDAPBAIAAjAJAwcAIAEN8xjAMA0GCSqGSIb3DQEBCwUA
A4IBAQAnyUgUxE2FOnX3RFe/36oMZvXB3RBgP1eJMITSkvwiC0yASDXnbY3AKcsS
pVpRrAMX1pCltKSKvxt5M4yBdlJEOkisuM5JgDky7Jty6omghK4DWj65Jus9aD1M
Ou1Kg+11iMt7a+7mHYXQ50s8GpU63Jq5BFK3p7syt2W8U4q1EzvXq4jrEuBBF6xE
3wNbUqkcJrMJoGj0a4n3ISdcyKhnKD9SWJhznth4YR1ws2oiKYpmmOrEAsYMoiGR
AJ7azZac/tkLQJoxVah2KnsVqMZ28JsySXVmhs+Iy8NNs4eW/ZFQ2Dy1JJRbFdfq
KhaPzENoP2evijjt7OZ0XU1D3OHH
-----END CERTIFICATE-----
Generated at Sun Feb 25 17:37:38 2024 by rpki-client on console-fra.rpki-client.org