Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913025C/AC0558265E2511EBAB29892AC4F9AE02/E6662FF852E311EE9EA8AA40C4F9AE02.roa
File: E6662FF852E311EE9EA8AA40C4F9AE02.roa (raw, json)
Hash identifier: weGn21VF7zp+jP4Z4GeEn891eAgoNnHTL63iF6NQ7bk=
Subject key identifier: C7:1A:DB:8C:E0:9B:6D:A4:96:07:91:9D:9B:10:7C:F0:D9:A7:6C:3D
Certificate issuer: /CN=A913025C/serialNumber=0CEA68A02C529F88752C642DE0D2FEF9F5D7A14A
Certificate serial: 05B2
Authority key identifier: 0C:EA:68:A0:2C:52:9F:88:75:2C:64:2D:E0:D2:FE:F9:F5:D7:A1:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DOpooCxSn4h1LGQt4NL--fXXoUo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913025C/AC0558265E2511EBAB29892AC4F9AE02/E6662FF852E311EE9EA8AA40C4F9AE02.roa
Signing time: Fri 10 Nov 2023 23:31:45 +0000
ROA not before: Fri 10 Nov 2023 23:31:45 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 40138
IP address blocks: 45.127.112.0/23 maxlen: 24
45.127.114.0/24 maxlen: 24
45.127.115.0/24 maxlen: 24
103.196.36.0/24 maxlen: 24
103.196.37.0/24 maxlen: 24
103.196.38.0/24 maxlen: 24
103.196.39.0/24 maxlen: 24
2402:e580::/32 maxlen: 48
2402:e580:40::/42 maxlen: 42
2402:e580:100::/40 maxlen: 40
2402:e580:200::/39 maxlen: 39
2402:e580:400::/38 maxlen: 38
2402:e580:800::/37 maxlen: 37
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1458 (0x5b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913025C/serialNumber=0CEA68A02C529F88752C642DE0D2FEF9F5D7A14A
Validity
Not Before: Nov 10 23:31:45 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=654ebd61-01a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f3:12:60:1a:9c:f1:b3:d3:ca:c0:7e:c6:82:
6d:33:09:14:ce:c2:5a:cc:aa:a5:e1:27:90:db:f6:
f4:c3:d1:03:53:3f:ba:fc:ce:66:b9:b0:d9:3d:fd:
f6:ef:24:e7:a2:70:54:35:6b:ac:71:bc:bb:cb:77:
45:ac:9d:f1:05:44:7f:30:8d:6c:5c:53:51:9c:15:
e3:0a:e9:5d:38:36:a0:38:9a:8a:cd:39:1e:38:e6:
ac:c8:0c:79:93:f2:81:6b:6a:77:b8:b8:8b:21:b4:
86:87:28:67:8a:fc:48:75:80:65:7a:c2:2d:ac:04:
94:fe:5e:33:27:34:26:a4:a1:e7:1a:53:31:e1:ca:
07:ff:d8:0f:c5:f6:4e:7c:eb:da:f4:0a:4a:7e:b9:
e0:a4:ac:c0:90:70:5f:33:67:b7:4e:50:0d:2c:95:
3b:10:94:b4:c0:21:32:50:0e:66:ec:80:f4:b4:61:
7c:ac:37:76:5c:d9:9e:b9:4e:c6:2a:4f:d2:77:ea:
c2:8c:b8:5f:bd:63:c9:87:88:f2:e1:42:e6:65:44:
14:db:84:0d:26:6e:bf:9e:8c:69:fb:af:7a:90:95:
75:02:6c:a0:40:8c:9e:ae:80:16:0f:eb:83:6c:43:
63:fc:b3:30:1e:24:bb:36:23:ff:2e:bc:50:e7:c1:
fa:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:1A:DB:8C:E0:9B:6D:A4:96:07:91:9D:9B:10:7C:F0:D9:A7:6C:3D
X509v3 Authority Key Identifier:
keyid:0C:EA:68:A0:2C:52:9F:88:75:2C:64:2D:E0:D2:FE:F9:F5:D7:A1:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913025C/AC0558265E2511EBAB29892AC4F9AE02/DOpooCxSn4h1LGQt4NL--fXXoUo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DOpooCxSn4h1LGQt4NL--fXXoUo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913025C/AC0558265E2511EBAB29892AC4F9AE02/E6662FF852E311EE9EA8AA40C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.127.112.0/22
103.196.36.0/22
IPv6:
2402:e580::/32
Signature Algorithm: sha256WithRSAEncryption
c8:e2:6a:18:16:60:4d:26:ae:82:70:f1:44:dc:c7:39:0e:e1:
a1:67:fb:47:70:a2:2a:b7:56:36:93:dc:41:7f:51:e2:8e:b1:
fb:a5:a6:c4:64:c3:e2:53:66:76:58:c0:e4:e2:c4:63:3b:3a:
e8:e7:5a:4f:d3:7f:40:c7:13:7c:34:db:b4:e7:34:3b:a0:43:
7b:ab:a6:57:32:37:cc:8c:b2:13:65:2f:10:f9:a7:ac:d9:da:
e1:83:9a:74:d9:c2:2f:01:54:01:04:76:9e:08:87:17:97:76:
9f:b5:ad:5e:d9:67:a2:cd:e9:2d:f9:b9:37:7f:fe:8c:a0:df:
35:8b:40:15:41:fc:0c:b1:00:2d:eb:29:25:88:f6:83:de:00:
53:ae:32:30:f1:17:d4:72:fe:b3:df:09:83:64:9e:d1:94:b7:
97:2b:6d:e2:62:ac:98:72:61:84:fa:aa:98:34:ca:66:44:2a:
ef:d2:b8:af:53:a2:aa:90:15:b3:c7:ec:6d:12:84:df:7c:47:
04:ff:3f:de:e7:f4:45:02:c7:0c:06:e6:62:30:18:0d:5f:9d:
68:10:7e:d0:fa:0e:48:0b:ee:c0:7e:7f:3a:90:42:d1:8f:84:
ef:76:fb:06:44:60:d3:4f:ec:6f:8d:47:0c:b7:67:08:07:03:
66:cd:db:10
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBbIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzAyNUMxMTAvBgNVBAUTKDBDRUE2OEEwMkM1MjlGODg3NTJDNjQyREUwRDJGRUY5
RjVEN0ExNEEwHhcNMjMxMTEwMjMzMTQ1WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTRlYmQ2MS0wMWE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp/MSYBqc8bPTysB+xoJtMwkUzsJazKql4SeQ2/b0w9EDUz+6/M5mubDZPf32
7yTnonBUNWuscby7y3dFrJ3xBUR/MI1sXFNRnBXjCuldODagOJqKzTkeOOasyAx5
k/KBa2p3uLiLIbSGhyhnivxIdYBlesItrASU/l4zJzQmpKHnGlMx4coH/9gPxfZO
fOva9ApKfrngpKzAkHBfM2e3TlANLJU7EJS0wCEyUA5m7ID0tGF8rDd2XNmeuU7G
Kk/Sd+rCjLhfvWPJh4jy4ULmZUQU24QNJm6/noxp+696kJV1AmygQIyeroAWD+uD
bENj/LMwHiS7NiP/LrxQ58H6BQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMca24zg
m22klgeRnZsQfPDZp2w9MB8GA1UdIwQYMBaAFAzqaKAsUp+IdSxkLeDS/vn116FK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMDI1Qy9BQzA1NTgyNjVF
MjUxMUVCQUIyOTg5MkFDNEY5QUUwMi9ET3Bvb0N4U240aDFMR1F0NE5MLS1mWFhv
VW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RPcG9vQ3hTbjRoMUxHUXQ0TkwtLWZYWG9Vby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzAyNUMvQUMwNTU4MjY1RTI1MTFFQkFCMjk4OTJBQzRGOUFFMDIvRTY2NjJGRjg1
MkUzMTFFRTlFQThBQTQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAItf3ADBAJnxCQwDQQCAAIwBwMFACQC5YAwDQYJKoZIhvcN
AQELBQADggEBAMjiahgWYE0mroJw8UTcxzkO4aFn+0dwoiq3VjaT3EF/UeKOsful
psRkw+JTZnZYwOTixGM7OujnWk/Tf0DHE3w027TnNDugQ3urplcyN8yMshNlLxD5
p6zZ2uGDmnTZwi8BVAEEdp4IhxeXdp+1rV7ZZ6LN6S35uTd//oyg3zWLQBVB/Ayx
AC3rKSWI9oPeAFOuMjDxF9Ry/rPfCYNkntGUt5crbeJirJhyYYT6qpg0ymZEKu/S
uK9ToqqQFbPH7G0ShN98RwT/P97n9EUCxwwG5mIwGA1fnWgQftD6DkgL7sB+fzqQ
QtGPhO92+wZEYNNP7G+NRwy3ZwgHA2bN2xA=
-----END CERTIFICATE-----
Generated at Mon Dec 4 20:43:17 2023 by rpki-client on console-fra.rpki-client.org