Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D63EA/50A4289E95FF11EEA6A4F70AC4F9AE02/AA15BE96433411EF95FBC341C4F9AE02.roa
File: AA15BE96433411EF95FBC341C4F9AE02.roa (raw, json)
Hash identifier: UZaC7/qErnIqNv3T4VyT/kW1TUgqc+MfcjIpB3nLpjM=
Subject key identifier: A0:D6:C3:3A:E5:76:CA:41:95:92:C9:F5:79:D7:23:4E:D7:EB:C1:19
Certificate issuer: /CN=A91D63EA/serialNumber=5E7DD05A9C1BE04444ACE03FE4A92026804D4B2A
Certificate serial: 7F
Authority key identifier: 5E:7D:D0:5A:9C:1B:E0:44:44:AC:E0:3F:E4:A9:20:26:80:4D:4B:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xn3QWpwb4ERErOA_5KkgJoBNSyo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D63EA/50A4289E95FF11EEA6A4F70AC4F9AE02/AA15BE96433411EF95FBC341C4F9AE02.roa
Signing time: Tue 16 Jul 2024 05:31:34 +0000
ROA not before: Tue 16 Jul 2024 05:31:34 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 150750
IP address blocks: 113.192.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jul 2024 07:40:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127 (0x7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D63EA/serialNumber=5E7DD05A9C1BE04444ACE03FE4A92026804D4B2A
Validity
Not Before: Jul 16 05:31:34 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=669605b6-2627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:39:ee:7b:d6:3a:3e:3e:ad:bf:16:9b:f8:a0:
00:30:77:90:cc:1d:81:78:c9:7e:34:1e:a5:37:0b:
36:84:f2:23:52:3b:cf:53:ec:ff:0e:ae:f1:49:ec:
b3:7b:92:87:7d:d6:aa:0a:1a:96:95:90:d9:18:40:
33:0b:73:8a:16:19:73:07:73:47:e6:4c:cf:28:e0:
7c:c4:9b:cc:9f:56:dc:29:70:a2:68:6e:4b:a8:b7:
7f:5e:89:05:71:06:21:26:62:8f:0a:1c:d9:4d:6f:
b9:8d:5c:7d:c9:55:6e:5f:b7:af:08:fe:4b:99:e0:
ce:78:48:09:82:fa:76:2f:bb:f5:53:76:af:b6:69:
37:53:c7:74:6c:5e:23:d0:54:d6:c2:c8:9f:1e:1f:
f0:6d:9d:11:54:ae:87:33:2b:4f:59:37:89:65:6f:
78:08:17:f8:9a:d3:85:4f:08:44:75:cc:c8:a0:89:
d4:64:76:e3:14:4e:c0:50:47:12:09:26:70:16:ef:
e7:29:e2:47:cf:14:98:bf:25:7d:44:6b:ab:90:c9:
2a:9d:32:3c:f7:21:ef:33:35:76:98:b0:e4:3a:bd:
54:85:4a:45:4c:f3:ac:85:07:0d:1a:eb:ca:1a:ba:
52:6f:3b:80:1a:5e:70:3c:02:a1:43:d2:46:82:3d:
16:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:D6:C3:3A:E5:76:CA:41:95:92:C9:F5:79:D7:23:4E:D7:EB:C1:19
X509v3 Authority Key Identifier:
keyid:5E:7D:D0:5A:9C:1B:E0:44:44:AC:E0:3F:E4:A9:20:26:80:4D:4B:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D63EA/50A4289E95FF11EEA6A4F70AC4F9AE02/Xn3QWpwb4ERErOA_5KkgJoBNSyo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xn3QWpwb4ERErOA_5KkgJoBNSyo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D63EA/50A4289E95FF11EEA6A4F70AC4F9AE02/AA15BE96433411EF95FBC341C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.192.47.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:f4:04:c2:b7:79:b9:aa:3b:d8:8e:98:e0:6d:ca:f0:cf:f2:
aa:a9:e8:1c:b4:87:28:6a:78:86:f5:9f:12:c0:38:41:45:bb:
ef:f7:7d:a6:09:d8:7d:e7:01:ee:a5:5f:2d:90:b4:8e:cc:f3:
dd:af:d4:d0:05:36:3d:b8:2d:a5:42:a6:cd:c6:ec:c6:ff:ed:
cd:b8:11:71:8e:c1:74:70:cb:ca:0d:29:47:20:db:60:21:99:
2f:08:0f:77:e1:3f:6d:e3:cc:30:bf:57:49:c5:22:4b:d0:7b:
0f:4a:42:ef:f2:c9:e5:7c:da:a2:1e:c0:b1:d1:be:30:ef:13:
bc:63:de:29:16:e5:94:e7:3d:1b:a8:6a:6c:ce:7a:8b:6f:ef:
e4:f6:1a:4e:44:ed:ca:f4:51:4d:c1:b4:ea:78:9b:39:70:4a:
51:a4:ad:5b:b8:18:a2:15:27:3f:a2:58:d2:f4:d6:b8:ae:76:
f8:b6:f5:72:96:c0:f3:87:53:db:18:66:f4:94:24:97:51:c0:
be:50:50:28:93:c6:c4:57:56:8c:b0:af:e4:c4:74:ec:03:b5:
8b:d1:d2:e2:a7:51:2f:97:2d:80:29:89:7a:95:f7:4f:9e:d3:
1c:5b:73:13:2d:b0:83:f1:93:c8:42:6d:df:59:28:6c:b4:73:
40:af:44:08
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBfzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
NjNFQTExMC8GA1UEBRMoNUU3REQwNUE5QzFCRTA0NDQ0QUNFMDNGRTRBOTIwMjY4
MDRENEIyQTAeFw0yNDA3MTYwNTMxMzRaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2OTYwNWI2LTI2MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC1Oe571jo+Pq2/Fpv4oAAwd5DMHYF4yX40HqU3CzaE8iNSO89T7P8OrvFJ7LN7
kod91qoKGpaVkNkYQDMLc4oWGXMHc0fmTM8o4HzEm8yfVtwpcKJobkuot39eiQVx
BiEmYo8KHNlNb7mNXH3JVW5ft68I/kuZ4M54SAmC+nYvu/VTdq+2aTdTx3RsXiPQ
VNbCyJ8eH/BtnRFUroczK09ZN4llb3gIF/ia04VPCER1zMigidRkduMUTsBQRxIJ
JnAW7+cp4kfPFJi/JX1Ea6uQySqdMjz3Ie8zNXaYsOQ6vVSFSkVM86yFBw0a68oa
ulJvO4AaXnA8AqFD0kaCPRbjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUoNbDOuV2
ykGVksn1edcjTtfrwRkwHwYDVR0jBBgwFoAUXn3QWpwb4ERErOA/5KkgJoBNSyow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ2M0VBLzUwQTQyODlFOTVG
RjExRUVBNkE0RjcwQUM0RjlBRTAyL1huM1FXcHdiNEVSRXJPQV81S2tnSm9CTlN5
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWG4zUVdwd2I0RVJFck9BXzVLa2dKb0JOU3lvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
NjNFQS81MEE0Mjg5RTk1RkYxMUVFQTZBNEY3MEFDNEY5QUUwMi9BQTE1QkU5NjQz
MzQxMUVGOTVGQkMzNDFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAHHALzANBgkqhkiG9w0BAQsFAAOCAQEASvQEwrd5uao72I6Y
4G3K8M/yqqnoHLSHKGp4hvWfEsA4QUW77/d9pgnYfecB7qVfLZC0jszz3a/U0AU2
PbgtpUKmzcbsxv/tzbgRcY7BdHDLyg0pRyDbYCGZLwgPd+E/bePMML9XScUiS9B7
D0pC7/LJ5Xzaoh7AsdG+MO8TvGPeKRbllOc9G6hqbM56i2/v5PYaTkTtyvRRTcG0
6nibOXBKUaStW7gYohUnP6JY0vTWuK52+Lb1cpbA84dT2xhm9JQkl1HAvlBQKJPG
xFdWjLCv5MR07AO1i9HS4qdRL5ctgCmJepX3T57THFtzEy2wg/GTyEJt31kobLRz
QK9ECA==
-----END CERTIFICATE-----
Generated at Sun Jul 21 09:14:45 2024 by rpki-client on console-fra.rpki-client.org