Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/3F5A6596BCEE11EA90A05581C4F9AE02.roa
File: 3F5A6596BCEE11EA90A05581C4F9AE02.roa (raw, json)
Hash identifier: F9fZdN7r7EzLAPPJtj+1Hd5C2Pm13zsI9E6MwHky9x4=
Subject key identifier: 5F:D7:28:F5:18:EA:5E:96:11:3F:A7:9D:80:07:67:71:E6:09:27:45
Certificate issuer: /CN=A91C9D76/serialNumber=1E5A6321B11AA0846FA89BF139BCECDBAD38BE37
Certificate serial: 33C2
Authority key identifier: 1E:5A:63:21:B1:1A:A0:84:6F:A8:9B:F1:39:BC:EC:DB:AD:38:BE:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlpjIbEaoIRvqJvxObzs2604vjc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/3F5A6596BCEE11EA90A05581C4F9AE02.roa
Signing time: Tue 07 Nov 2023 06:04:14 +0000
ROA not before: Tue 07 Nov 2023 06:04:14 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 198949
IP address blocks: 45.119.92.0/24 maxlen: 24
45.119.93.0/24 maxlen: 24
45.119.94.0/24 maxlen: 24
45.119.95.0/24 maxlen: 24
45.127.0.0/24 maxlen: 24
45.127.1.0/24 maxlen: 24
45.127.2.0/24 maxlen: 24
45.127.3.0/24 maxlen: 24
202.128.224.0/24 maxlen: 24
202.128.225.0/24 maxlen: 24
202.128.227.0/24 maxlen: 24
202.128.228.0/24 maxlen: 24
202.128.229.0/24 maxlen: 24
202.128.230.0/24 maxlen: 24
202.128.231.0/24 maxlen: 24
202.128.232.0/24 maxlen: 24
202.128.233.0/24 maxlen: 24
202.128.234.0/24 maxlen: 24
202.128.235.0/24 maxlen: 24
202.128.236.0/24 maxlen: 24
202.128.237.0/24 maxlen: 24
202.128.238.0/24 maxlen: 24
202.128.239.0/24 maxlen: 24
202.128.240.0/24 maxlen: 24
202.128.241.0/24 maxlen: 24
202.128.242.0/24 maxlen: 24
202.128.243.0/24 maxlen: 24
202.128.244.0/24 maxlen: 24
202.128.245.0/24 maxlen: 24
202.128.246.0/24 maxlen: 24
202.128.247.0/24 maxlen: 24
202.128.248.0/24 maxlen: 24
202.128.249.0/24 maxlen: 24
202.128.250.0/24 maxlen: 24
202.128.251.0/24 maxlen: 24
202.128.252.0/24 maxlen: 24
202.128.253.0/24 maxlen: 24
202.128.254.0/24 maxlen: 24
202.128.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13250 (0x33c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9D76/serialNumber=1E5A6321B11AA0846FA89BF139BCECDBAD38BE37
Validity
Not Before: Nov 7 06:04:14 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6549d35e-6967
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:92:01:e5:21:66:27:8e:22:ce:09:c3:e8:4a:
5e:3b:db:e6:c6:04:99:a5:75:f4:2e:d7:1a:29:0e:
24:3b:18:75:61:e1:2b:f0:ff:0c:3c:4c:24:f1:8e:
cd:33:fc:ad:95:59:dc:ff:de:b9:6c:d6:3c:54:05:
2a:69:cf:1b:64:06:f3:18:a2:8b:9f:c2:7b:3a:e1:
95:6d:ea:b2:35:28:09:90:2b:ad:a8:01:ec:33:37:
12:29:10:94:40:6a:4d:87:77:35:8c:12:ab:c2:52:
de:d5:ed:83:de:fa:d4:24:9d:e5:f4:55:aa:df:a4:
e5:57:30:32:58:28:b0:17:61:ca:bb:44:42:54:9f:
ec:6a:99:fd:a1:6f:f9:97:ec:e0:03:20:62:ed:8c:
2d:46:80:b9:d5:50:24:7e:98:5a:6b:b0:53:0b:37:
9d:a4:e6:d3:86:9d:08:d6:a4:ca:00:b6:30:e1:84:
47:99:11:f8:14:fd:67:f5:11:f8:0c:1c:82:4f:8f:
a0:3f:eb:50:af:3d:65:c9:64:50:a5:fd:37:da:75:
cd:cd:8b:9f:03:1b:af:94:c8:50:e5:b4:52:d3:70:
83:7a:3a:87:1f:17:de:af:aa:ce:6a:1d:70:5b:93:
9b:88:d2:df:40:88:0a:96:08:ba:62:54:73:e6:37:
3c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D7:28:F5:18:EA:5E:96:11:3F:A7:9D:80:07:67:71:E6:09:27:45
X509v3 Authority Key Identifier:
keyid:1E:5A:63:21:B1:1A:A0:84:6F:A8:9B:F1:39:BC:EC:DB:AD:38:BE:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/HlpjIbEaoIRvqJvxObzs2604vjc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlpjIbEaoIRvqJvxObzs2604vjc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/3F5A6596BCEE11EA90A05581C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.119.92.0/22
45.127.0.0/22
202.128.224.0/23
202.128.227.0-202.128.255.255
Signature Algorithm: sha256WithRSAEncryption
39:21:78:b9:c5:41:9f:12:d4:4b:cc:05:25:82:ac:74:95:b7:
bc:84:7c:e4:aa:da:f3:b8:d2:11:cf:da:9e:30:08:91:f6:c1:
76:03:3c:6a:a2:4b:62:22:3c:c9:ce:86:ed:f3:aa:e0:f1:6e:
20:1f:31:13:a3:81:4b:1d:02:42:6f:3c:f0:64:e0:70:70:9f:
f0:2b:fe:c6:b4:06:29:16:67:40:73:68:7b:75:d1:11:b2:d1:
8b:64:59:e2:41:5d:8c:04:6e:21:e3:11:cc:3a:50:30:4c:ee:
69:4a:34:64:98:2d:a5:01:77:13:9e:d6:06:e0:0d:3a:18:21:
b8:e7:d6:69:2f:d6:40:e7:85:44:eb:c6:db:1d:d1:65:d2:c9:
1f:1b:4f:38:5e:bc:bb:9f:96:1f:2b:a6:d4:d7:41:b9:b1:45:
8a:50:bd:62:6e:dc:68:f2:34:50:9a:41:76:b5:8e:57:a9:8a:
67:ac:da:98:60:d2:6c:bf:05:0c:21:e6:e4:f5:bd:79:a8:6a:
c7:89:2a:bf:9a:ea:ce:a0:80:50:db:5d:8a:d7:cb:34:ad:22:
40:f6:4d:5a:6d:2f:ce:87:0e:ea:0d:1a:2f:12:b9:9f:8d:c9:
67:48:c4:9b:6b:f9:9d:62:25:6c:77:c6:78:ff:12:28:af:63:
36:0f:c4:d9
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgICM8IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzlENzYxMTAvBgNVBAUTKDFFNUE2MzIxQjExQUEwODQ2RkE4OUJGMTM5QkNFQ0RC
QUQzOEJFMzcwHhcNMjMxMTA3MDYwNDE0WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ5ZDM1ZS02OTY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxpIB5SFmJ44izgnD6EpeO9vmxgSZpXX0LtcaKQ4kOxh1YeEr8P8MPEwk8Y7N
M/ytlVnc/965bNY8VAUqac8bZAbzGKKLn8J7OuGVbeqyNSgJkCutqAHsMzcSKRCU
QGpNh3c1jBKrwlLe1e2D3vrUJJ3l9FWq36TlVzAyWCiwF2HKu0RCVJ/sapn9oW/5
l+zgAyBi7YwtRoC51VAkfphaa7BTCzedpObThp0I1qTKALYw4YRHmRH4FP1n9RH4
DByCT4+gP+tQrz1lyWRQpf032nXNzYufAxuvlMhQ5bRS03CDejqHHxfer6rOah1w
W5ObiNLfQIgKlgi6YlRz5jc87wIDAQABo4ICrjCCAqowHQYDVR0OBBYEFF/XKPUY
6l6WET+nnYAHZ3HmCSdFMB8GA1UdIwQYMBaAFB5aYyGxGqCEb6ib8Tm87NutOL43
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUQ3Ni82Mjg3QTExNDFE
NjkxMUUyODhBQkE5QTYwOEIwMkNEMi9IbHBqSWJFYW9JUnZxSnZ4T2J6czI2MDR2
amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hscGpJYkVhb0lSdnFKdnhPYnpzMjYwNHZqYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzlENzYvNjI4N0ExMTQxRDY5MTFFMjg4QUJBOUE2MDhCMDJDRDIvM0Y1QTY1OTZC
Q0VFMTFFQTkwQTA1NTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E
KTAnMCUEAgABMB8DBAItd1wDBAItfwADBAHKgOAwCwMEAMqA4wMDAMqAMA0GCSqG
SIb3DQEBCwUAA4IBAQA5IXi5xUGfEtRLzAUlgqx0lbe8hHzkqtrzuNIRz9qeMAiR
9sF2AzxqoktiIjzJzobt86rg8W4gHzETo4FLHQJCbzzwZOBwcJ/wK/7GtAYpFmdA
c2h7ddERstGLZFniQV2MBG4h4xHMOlAwTO5pSjRkmC2lAXcTntYG4A06GCG459Zp
L9ZA54VE68bbHdFl0skfG084Xry7n5YfK6bU10G5sUWKUL1ibtxo8jRQmkF2tY5X
qYpnrNqYYNJsvwUMIebk9b15qGrHiSq/murOoIBQ212K18s0rSJA9k1abS/Ohw7q
DRovErmfjclnSMSba/mdYiVsd8Z4/xIor2M2D8TZ
-----END CERTIFICATE-----
Generated at Thu Nov 23 02:32:21 2023 by rpki-client on console-fra.rpki-client.org