Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/25DD58BA7BCD11EFAE410E1EC4F9AE02.roa
File: 25DD58BA7BCD11EFAE410E1EC4F9AE02.roa (raw, json)
Hash identifier: a99IOF9RFLTWWC/8vk/Py9SdRkN6CfrDbql7T0XR3zg=
Subject key identifier: C9:3E:A4:3F:D4:37:09:46:7E:AE:EE:8E:E8:93:FB:34:3A:3C:2E:D2
Certificate issuer: /CN=A918F550/serialNumber=A24B6A62044B70065F0506388460E4AF2F17F3FF
Certificate serial: 348F
Authority key identifier: A2:4B:6A:62:04:4B:70:06:5F:05:06:38:84:60:E4:AF:2F:17:F3:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oktqYgRLcAZfBQY4hGDkry8X8_8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/25DD58BA7BCD11EFAE410E1EC4F9AE02.roa
Signing time: Thu 26 Sep 2024 06:04:11 +0000
ROA not before: Thu 26 Sep 2024 06:04:11 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 45650
IP address blocks: 202.51.64.0/24 maxlen: 24
202.51.68.0/24 maxlen: 24
202.51.76.0/24 maxlen: 24
202.51.84.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Sep 2024 06:43:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13455 (0x348f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918F550/serialNumber=A24B6A62044B70065F0506388460E4AF2F17F3FF
Validity
Not Before: Sep 26 06:04:11 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66f4f95a-014f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:67:b3:9b:92:e9:d1:ee:3d:a6:d9:bb:7a:c2:
da:25:cd:bd:4b:59:f2:82:73:e7:eb:c9:54:f7:39:
59:c4:96:21:09:89:99:b7:b4:6f:00:56:88:ef:8e:
d8:7e:df:d7:b4:0f:a6:18:55:de:5d:cb:36:a2:88:
52:1e:87:bb:43:9f:8b:52:2c:44:53:0f:55:74:7d:
85:83:f0:76:b3:93:28:fa:a3:bb:d0:4d:17:e5:63:
08:48:c4:1d:73:59:10:d9:07:21:04:7a:45:cf:8d:
c7:70:eb:99:2c:cd:8d:8c:0a:00:df:1b:0c:b8:49:
13:d3:44:fd:a1:ae:2f:df:7e:54:6c:79:35:d2:f1:
52:1a:80:10:12:b9:03:62:0d:c1:64:83:98:10:ff:
90:70:4b:e0:34:aa:e4:ad:5c:46:47:5c:51:f3:42:
3e:cb:af:a6:ec:0d:63:f3:3b:cc:63:8e:91:05:c1:
7a:23:0f:1f:96:cd:80:e8:de:98:11:73:55:64:d3:
4d:87:9d:66:a8:74:3f:cd:21:77:7a:c0:c2:e8:1b:
91:61:52:01:b8:31:31:fd:3b:4a:54:ff:a3:d7:82:
f3:17:1a:c2:58:8b:b6:d9:71:a8:8f:97:05:83:09:
a4:0e:d3:6c:78:83:0c:e2:be:a3:d3:ce:e0:8a:2e:
6d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:3E:A4:3F:D4:37:09:46:7E:AE:EE:8E:E8:93:FB:34:3A:3C:2E:D2
X509v3 Authority Key Identifier:
keyid:A2:4B:6A:62:04:4B:70:06:5F:05:06:38:84:60:E4:AF:2F:17:F3:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/oktqYgRLcAZfBQY4hGDkry8X8_8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oktqYgRLcAZfBQY4hGDkry8X8_8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/25DD58BA7BCD11EFAE410E1EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.51.64.0/24
202.51.68.0/24
202.51.76.0/24
202.51.84.0/22
Signature Algorithm: sha256WithRSAEncryption
62:b9:9f:2f:3c:af:ba:8f:a4:56:f5:4c:1a:d5:d0:f1:e0:b9:
79:d1:17:22:ce:ff:9e:1c:50:b3:f8:bb:a1:6d:b8:f1:df:83:
77:e8:3a:25:f6:a4:80:e3:ea:33:06:ac:ea:d6:cb:22:cf:40:
0a:1c:fb:e2:be:47:74:da:7a:95:6c:46:a9:5e:b9:59:52:ab:
56:8b:fb:af:a2:64:d8:90:66:48:b9:f4:79:6f:50:88:04:d2:
f6:95:87:84:68:54:23:82:5f:a6:90:3f:2c:41:2f:cc:ab:cb:
32:63:b4:36:be:d0:98:05:a2:f8:a2:67:7f:96:50:5a:a0:08:
a5:54:59:3f:78:09:06:02:b7:d6:dc:b3:d0:00:42:d9:82:d8:
71:f9:a0:d1:fe:15:4f:c4:92:d2:49:a3:eb:c4:5f:67:18:1d:
40:4d:a0:dc:22:54:ef:36:15:c0:a4:cf:fc:c4:ec:82:f7:ee:
d5:91:62:ad:c2:28:bb:39:df:57:16:31:57:5d:1f:6c:bb:8b:
4e:93:28:5a:d1:52:20:45:19:95:41:43:e6:5f:e1:64:ce:71:
28:bd:c1:32:2b:2f:d9:6c:c6:b6:fe:ba:6f:10:11:12:4c:84:
c0:f4:e8:31:ca:85:80:08:9a:a5:0d:24:16:09:86:88:fb:c1:
2d:41:f3:e6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICNI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEY1NTAxMTAvBgNVBAUTKEEyNEI2QTYyMDQ0QjcwMDY1RjA1MDYzODg0NjBFNEFG
MkYxN0YzRkYwHhcNMjQwOTI2MDYwNDExWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY0Zjk1YS0wMTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmmezm5Lp0e49ptm7esLaJc29S1nygnPn68lU9zlZxJYhCYmZt7RvAFaI747Y
ft/XtA+mGFXeXcs2oohSHoe7Q5+LUixEUw9VdH2Fg/B2s5Mo+qO70E0X5WMISMQd
c1kQ2QchBHpFz43HcOuZLM2NjAoA3xsMuEkT00T9oa4v335UbHk10vFSGoAQErkD
Yg3BZIOYEP+QcEvgNKrkrVxGR1xR80I+y6+m7A1j8zvMY46RBcF6Iw8fls2A6N6Y
EXNVZNNNh51mqHQ/zSF3esDC6BuRYVIBuDEx/TtKVP+j14LzFxrCWIu22XGoj5cF
gwmkDtNseIMM4r6j087gii5tSwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFMk+pD/U
NwlGfq7ujuiT+zQ6PC7SMB8GA1UdIwQYMBaAFKJLamIES3AGXwUGOIRg5K8vF/P/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjU1MC84QjlCRDIwMjFE
ODUxMUUyQjQxMjMwREMwOEIwMkNEMi9va3RxWWdSTGNBWmZCUVk0aEdEa3J5OFg4
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29rdHFZZ1JMY0FaZkJRWTRoR0Rrcnk4WDhfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEY1NTAvOEI5QkQyMDIxRDg1MTFFMkI0MTIzMERDMDhCMDJDRDIvMjVERDU4QkE3
QkNEMTFFRkFFNDEwRTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBADKM0ADBADKM0QDBADKM0wDBALKM1QwDQYJKoZIhvcNAQEL
BQADggEBAGK5ny88r7qPpFb1TBrV0PHguXnRFyLO/54cULP4u6FtuPHfg3foOiX2
pIDj6jMGrOrWyyLPQAoc++K+R3TaepVsRqleuVlSq1aL+6+iZNiQZki59HlvUIgE
0vaVh4RoVCOCX6aQPyxBL8yryzJjtDa+0JgFoviiZ3+WUFqgCKVUWT94CQYCt9bc
s9AAQtmC2HH5oNH+FU/EktJJo+vEX2cYHUBNoNwiVO82FcCkz/zE7IL37tWRYq3C
KLs531cWMVddH2y7i06TKFrRUiBFGZVBQ+Zf4WTOcSi9wTIrL9lsxrb+um8QERJM
hMD06DHKhYAImqUNJBYJhoj7wS1B8+Y=
-----END CERTIFICATE-----
Generated at Thu Sep 26 09:06:00 2024 by rpki-client on console-fra.rpki-client.org