Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/ABEC0296E69D11EEAB68C141C4F9AE02.roa
File: ABEC0296E69D11EEAB68C141C4F9AE02.roa (raw, json)
Hash identifier: dwU9vNw7Lw/7R67VKxcCT5k9dkYW3270iSwQeDOx8I0=
Subject key identifier: BF:FE:09:75:5C:3C:8E:6F:50:7D:25:AE:A5:12:01:1B:40:2D:62:B6
Certificate issuer: /CN=A914EC08/serialNumber=D1B8E671973559020F8703D17DCD892692E640A2
Certificate serial: 0125
Authority key identifier: D1:B8:E6:71:97:35:59:02:0F:87:03:D1:7D:CD:89:26:92:E6:40:A2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0bjmcZc1WQIPhwPRfc2JJpLmQKI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/ABEC0296E69D11EEAB68C141C4F9AE02.roa
Signing time: Wed 20 Mar 2024 09:38:57 +0000
ROA not before: Wed 20 Mar 2024 09:38:57 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 40940
IP address blocks: 45.127.194.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 26 Mar 2024 06:50:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 293 (0x125)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EC08/serialNumber=D1B8E671973559020F8703D17DCD892692E640A2
Validity
Not Before: Mar 20 09:38:57 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65faaeb0-3b84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6b:45:fc:5f:d3:cd:e2:15:b9:92:24:96:61:
a7:83:91:04:b5:dc:fe:74:17:4a:1f:1a:d9:f2:b6:
53:86:53:54:a4:0d:45:15:97:8a:43:36:4a:24:23:
4d:e7:b9:fd:5a:3f:83:a1:f7:da:29:81:5f:cc:27:
0a:dc:f2:9c:e8:3b:c0:03:82:1a:39:18:fc:c1:99:
37:5d:90:b0:a4:c1:ac:ae:64:6b:ec:7a:39:18:15:
da:30:62:b0:35:f6:e4:27:73:de:b1:60:0d:f8:01:
fc:07:03:cd:49:da:4d:eb:94:f5:42:34:b4:2e:6d:
16:4a:9b:f2:db:d5:61:ce:eb:16:b1:9f:d9:6f:53:
94:40:28:84:1f:6c:ac:59:c7:c6:53:97:14:01:41:
de:0f:fa:02:da:b5:19:a3:c3:72:7c:f8:03:e3:2d:
a5:cc:bf:fc:f1:6c:0e:71:06:3a:b7:7b:b7:c2:a8:
34:64:3f:2d:9b:7e:52:e3:61:8c:d6:71:0f:14:fb:
ea:48:03:61:53:0a:49:ae:e8:6a:d2:64:64:e3:3f:
f3:bc:88:c2:8d:0c:8a:13:4d:e8:29:01:28:14:41:
68:10:fb:4b:50:3b:59:bb:49:86:01:89:0f:78:ff:
9c:31:15:2d:3d:b7:6a:1f:54:62:6e:f5:b8:d8:41:
a6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:FE:09:75:5C:3C:8E:6F:50:7D:25:AE:A5:12:01:1B:40:2D:62:B6
X509v3 Authority Key Identifier:
keyid:D1:B8:E6:71:97:35:59:02:0F:87:03:D1:7D:CD:89:26:92:E6:40:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/0bjmcZc1WQIPhwPRfc2JJpLmQKI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0bjmcZc1WQIPhwPRfc2JJpLmQKI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/ABEC0296E69D11EEAB68C141C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.127.194.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:bc:80:15:1e:87:98:fe:53:b0:a8:5e:ad:1c:ea:66:99:32:
93:76:9c:67:0a:61:64:f8:0b:fb:00:4f:26:96:dd:08:0e:d3:
42:22:da:81:53:eb:d0:3a:33:63:01:d9:0b:b7:10:0b:e2:d5:
8a:87:be:b9:e1:c2:2d:95:25:d6:94:0b:af:9a:25:00:5a:cb:
fe:35:aa:20:84:24:74:e5:c4:c4:9e:82:11:13:0c:68:d5:2a:
39:84:1d:20:c7:48:4e:69:f1:8e:d3:85:45:4e:64:75:b4:f9:
d4:cd:a5:10:ef:75:71:3e:c8:bb:02:66:e7:ff:d5:c8:ca:51:
10:f3:d8:c9:d3:2b:ec:d0:0b:3e:95:67:63:e3:08:97:9a:ca:
f9:b4:bb:d7:fc:be:71:6e:eb:56:02:09:5b:bb:a8:48:75:32:
7b:36:54:49:af:8a:54:b3:76:bf:ac:6d:6d:b1:a0:bd:48:cd:
c1:37:7f:b5:15:06:8e:3f:87:63:e9:d3:28:c0:b5:e4:9e:a5:
52:c9:e7:77:ae:c7:30:28:74:30:36:00:2e:2a:c2:c5:03:bc:
06:94:eb:74:6e:95:da:7f:a7:78:83:17:d4:a7:95:12:a6:de:
91:c3:28:ba:7e:6a:ee:26:ef:5c:67:5d:9e:c9:d3:87:90:19:
21:f0:a3:3c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICASUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVDMDgxMTAvBgNVBAUTKEQxQjhFNjcxOTczNTU5MDIwRjg3MDNEMTdEQ0Q4OTI2
OTJFNjQwQTIwHhcNMjQwMzIwMDkzODU3WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWZhYWViMC0zYjg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnmtF/F/TzeIVuZIklmGng5EEtdz+dBdKHxrZ8rZThlNUpA1FFZeKQzZKJCNN
57n9Wj+DoffaKYFfzCcK3PKc6DvAA4IaORj8wZk3XZCwpMGsrmRr7Ho5GBXaMGKw
NfbkJ3PesWAN+AH8BwPNSdpN65T1QjS0Lm0WSpvy29VhzusWsZ/Zb1OUQCiEH2ys
WcfGU5cUAUHeD/oC2rUZo8NyfPgD4y2lzL/88WwOcQY6t3u3wqg0ZD8tm35S42GM
1nEPFPvqSANhUwpJruhq0mRk4z/zvIjCjQyKE03oKQEoFEFoEPtLUDtZu0mGAYkP
eP+cMRUtPbdqH1RibvW42EGmnQIDAQABo4IClTCCApEwHQYDVR0OBBYEFL/+CXVc
PI5vUH0lrqUSARtALWK2MB8GA1UdIwQYMBaAFNG45nGXNVkCD4cD0X3NiSaS5kCi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUMwOC84MTJBMkM1ODdE
M0IxMUVEOThCRjlFNDhDNEY5QUUwMi8wYmptY1pjMVdRSVBod1BSZmMySkpwTG1R
S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBiam1jWmMxV1FJUGh3UFJmYzJKSnBMbVFLSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVDMDgvODEyQTJDNTg3RDNCMTFFRDk4QkY5RTQ4QzRGOUFFMDIvQUJFQzAyOTZF
NjlEMTFFRUFCNjhDMTQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEtf8IwDQYJKoZIhvcNAQELBQADggEBADq8gBUeh5j+U7Co
Xq0c6maZMpN2nGcKYWT4C/sATyaW3QgO00Ii2oFT69A6M2MB2Qu3EAvi1YqHvrnh
wi2VJdaUC6+aJQBay/41qiCEJHTlxMSeghETDGjVKjmEHSDHSE5p8Y7ThUVOZHW0
+dTNpRDvdXE+yLsCZuf/1cjKURDz2MnTK+zQCz6VZ2PjCJeayvm0u9f8vnFu61YC
CVu7qEh1Mns2VEmvilSzdr+sbW2xoL1IzcE3f7UVBo4/h2Pp0yjAteSepVLJ53eu
xzAodDA2AC4qwsUDvAaU63Ruldp/p3iDF9SnlRKm3pHDKLp+au4m71xnXZ7J04eQ
GSHwozw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org