Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FB103/2FB9850893FB11EE968EE442C4F9AE02/88EF68A493FB11EEB38F6C43C4F9AE02.roa
File: 88EF68A493FB11EEB38F6C43C4F9AE02.roa (raw, json)
Hash identifier: N7gXYPnxWIl9zdSTmIwWyh3CoXzXJ9+PxoO1xsssmaU=
Subject key identifier: 06:3C:93:56:74:16:20:78:DC:E7:05:94:5E:47:0D:AD:20:CC:2C:40
Certificate issuer: /CN=A91FB103/serialNumber=545C47C0E4313338DC9B4402C12BADCB4E9857C1
Certificate serial: 1D
Authority key identifier: 54:5C:47:C0:E4:31:33:38:DC:9B:44:02:C1:2B:AD:CB:4E:98:57:C1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VFxHwOQxMzjcm0QCwSuty06YV8E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FB103/2FB9850893FB11EE968EE442C4F9AE02/88EF68A493FB11EEB38F6C43C4F9AE02.roa
Signing time: Sun 14 Jan 2024 06:09:33 +0000
ROA not before: Sun 14 Jan 2024 06:09:33 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 152138
IP address blocks: 210.87.68.0/23 maxlen: 23
210.87.68.0/24 maxlen: 24
210.87.69.0/24 maxlen: 24
2001:df3:3dc0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 09 Sep 2024 06:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29 (0x1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FB103/serialNumber=545C47C0E4313338DC9B4402C12BADCB4E9857C1
Validity
Not Before: Jan 14 06:09:33 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65a37a9d-5c54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a5:6f:4f:fb:81:c7:20:91:24:61:f8:ff:5b:
8d:9f:db:22:43:2f:50:42:d0:39:11:87:fc:83:a0:
77:e4:43:52:2e:1b:19:c4:ae:5c:f4:6b:61:19:26:
69:8d:35:db:17:e4:62:2f:57:f7:58:69:69:95:a3:
64:9a:69:ad:fd:7c:f3:1e:3c:33:1f:d5:ef:31:ae:
df:f4:99:ee:c4:c3:bc:09:94:6a:32:78:28:6d:09:
82:e1:85:81:fd:c3:2a:97:93:f6:d6:99:20:0a:ef:
a3:5f:2a:6b:fc:c7:7a:26:3a:68:18:0d:dd:f2:0b:
b7:89:00:be:a4:d6:5e:1b:34:cb:e5:5d:b3:51:e3:
65:44:cd:67:e4:f6:36:21:29:4d:05:3a:33:3a:ec:
73:2d:5e:2b:e0:f5:c2:48:08:e4:16:fa:bc:91:28:
c2:66:4e:10:86:6b:a1:a1:dd:20:94:b4:a0:20:ac:
d8:a1:60:ad:9c:c1:bd:70:b5:49:79:de:bd:d9:23:
ff:b1:56:24:fd:e4:af:ab:42:8c:85:c3:34:1a:9d:
eb:74:01:12:57:2c:53:34:92:9f:67:c2:73:d9:91:
78:b4:c5:50:af:ab:94:cd:45:6b:06:59:ae:7e:1d:
10:8b:dd:d0:48:85:ac:26:2a:83:7c:f8:84:31:7b:
0c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:3C:93:56:74:16:20:78:DC:E7:05:94:5E:47:0D:AD:20:CC:2C:40
X509v3 Authority Key Identifier:
keyid:54:5C:47:C0:E4:31:33:38:DC:9B:44:02:C1:2B:AD:CB:4E:98:57:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FB103/2FB9850893FB11EE968EE442C4F9AE02/VFxHwOQxMzjcm0QCwSuty06YV8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VFxHwOQxMzjcm0QCwSuty06YV8E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FB103/2FB9850893FB11EE968EE442C4F9AE02/88EF68A493FB11EEB38F6C43C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.87.68.0/23
IPv6:
2001:df3:3dc0::/48
Signature Algorithm: sha256WithRSAEncryption
03:6a:13:4b:10:ff:12:c1:34:37:0e:d0:b4:c0:c5:0b:e5:29:
2e:71:52:8b:03:aa:6f:c0:98:8d:bc:85:44:c2:56:81:a2:71:
71:27:40:3f:f5:db:82:7c:85:f8:68:0a:95:53:f3:ed:ca:b8:
65:2b:19:d1:8e:bc:1f:92:9d:04:e3:e1:d4:f1:c5:74:9b:08:
f3:29:14:34:94:27:93:93:45:33:22:eb:4f:27:b3:9b:fe:2a:
57:42:91:61:63:73:2e:d7:3e:dd:5a:76:2d:18:f7:f8:09:7e:
2f:2d:a3:5a:bd:0b:3b:f7:53:8e:56:21:f7:68:2c:93:ad:d9:
e9:e1:d7:2c:ec:cd:5e:68:04:66:4e:03:20:33:64:ea:51:d4:
94:aa:3a:cc:9f:49:5f:6c:d4:a6:45:47:64:ff:a2:5c:3b:9c:
81:b0:bd:ed:25:45:c6:2c:12:ac:5f:dc:a7:e9:87:fd:11:70:
28:24:38:86:62:0f:7d:47:90:db:7d:e7:c0:5e:03:f1:ad:f6:
5f:df:72:fc:d8:d6:15:21:c8:e3:9d:54:a2:e0:5f:ef:22:db:
0a:10:84:46:02:81:10:51:a4:be:33:c7:49:33:d2:a9:4f:e5:
2f:dc:ce:b8:b8:b3:36:38:b3:42:8c:d1:12:e0:0d:b5:48:7f:
e9:94:16:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBHTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
QjEwMzExMC8GA1UEBRMoNTQ1QzQ3QzBFNDMxMzMzOERDOUI0NDAyQzEyQkFEQ0I0
RTk4NTdDMTAeFw0yNDAxMTQwNjA5MzNaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YTM3YTlkLTVjNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6pW9P+4HHIJEkYfj/W42f2yJDL1BC0DkRh/yDoHfkQ1IuGxnErlz0a2EZJmmN
NdsX5GIvV/dYaWmVo2Saaa39fPMePDMf1e8xrt/0me7Ew7wJlGoyeChtCYLhhYH9
wyqXk/bWmSAK76NfKmv8x3omOmgYDd3yC7eJAL6k1l4bNMvlXbNR42VEzWfk9jYh
KU0FOjM67HMtXivg9cJICOQW+ryRKMJmThCGa6Gh3SCUtKAgrNihYK2cwb1wtUl5
3r3ZI/+xViT95K+rQoyFwzQanet0ARJXLFM0kp9nwnPZkXi0xVCvq5TNRWsGWa5+
HRCL3dBIhawmKoN8+IQxewx/AgMBAAGjggKmMIICojAdBgNVHQ4EFgQUBjyTVnQW
IHjc5wWUXkcNrSDMLEAwHwYDVR0jBBgwFoAUVFxHwOQxMzjcm0QCwSuty06YV8Ew
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZCMTAzLzJGQjk4NTA4OTNG
QjExRUU5NjhFRTQ0MkM0RjlBRTAyL1ZGeEh3T1F4TXpqY20wUUN3U3V0eTA2WVY4
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVkZ4SHdPUXhNempjbTBRQ3dTdXR5MDZZVjhFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
QjEwMy8yRkI5ODUwODkzRkIxMUVFOTY4RUU0NDJDNEY5QUUwMi84OEVGNjhBNDkz
RkIxMUVFQjM4RjZDNDNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAdJXRDAPBAIAAjAJAwcAIAEN8z3AMA0GCSqGSIb3DQEBCwUA
A4IBAQADahNLEP8SwTQ3DtC0wMUL5SkucVKLA6pvwJiNvIVEwlaBonFxJ0A/9duC
fIX4aAqVU/PtyrhlKxnRjrwfkp0E4+HU8cV0mwjzKRQ0lCeTk0UzIutPJ7Ob/ipX
QpFhY3Mu1z7dWnYtGPf4CX4vLaNavQs791OOViH3aCyTrdnp4dcs7M1eaARmTgMg
M2TqUdSUqjrMn0lfbNSmRUdk/6JcO5yBsL3tJUXGLBKsX9yn6Yf9EXAoJDiGYg99
R5DbfefAXgPxrfZf33L82NYVIcjjnVSi4F/vItsKEIRGAoEQUaS+M8dJM9KpT+Uv
3M64uLM2OLNCjNES4A21SH/plBZQ
-----END CERTIFICATE-----
Generated at Mon Sep 9 08:20:43 2024 by rpki-client on console-ams.rpki-client.org