Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9132B1E/8936CC04883211EA84861B70C4F9AE02/123AC2B453B011EB98719516C4F9AE02.roa
File: 123AC2B453B011EB98719516C4F9AE02.roa (raw, json)
Hash identifier: Qnsq/yOCIUyIMwBZf56yrgvFYqV4r747a4EEw6ocAcA=
Subject key identifier: D7:47:4B:DD:69:8C:8B:93:FE:E7:91:12:5E:0D:7B:66:56:06:AC:74
Certificate issuer: /CN=A9132B1E/serialNumber=ABD43548659CBB276EF8D35B8212F838E8CEB75F
Certificate serial: 08F4
Authority key identifier: AB:D4:35:48:65:9C:BB:27:6E:F8:D3:5B:82:12:F8:38:E8:CE:B7:5F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q9Q1SGWcuydu-NNbghL4OOjOt18.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9132B1E/8936CC04883211EA84861B70C4F9AE02/123AC2B453B011EB98719516C4F9AE02.roa
Signing time: Thu 04 May 2023 22:39:23 +0000
ROA not before: Thu 04 May 2023 22:39:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39743
IP address blocks: 202.64.8.0/24 maxlen: 24
202.64.9.0/24 maxlen: 24
202.64.13.0/24 maxlen: 24
202.64.19.0/24 maxlen: 24
202.64.31.0/24 maxlen: 24
202.64.42.0/24 maxlen: 24
218.253.216.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Mar 2024 03:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2292 (0x8f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9132B1E/serialNumber=ABD43548659CBB276EF8D35B8212F838E8CEB75F
Validity
Not Before: May 4 22:39:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6454341b-5553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b1:9c:37:1e:b3:e0:fe:e0:3f:e0:c9:26:ce:
52:e4:c0:f8:05:09:ba:c3:9a:a9:b6:2f:78:e4:e7:
81:a2:67:2a:77:15:fa:0a:94:3c:44:9b:3a:1b:ea:
dd:b8:74:1a:8b:a1:0a:65:e9:bc:92:e0:da:32:e6:
14:e1:06:97:f6:36:7c:8e:1e:0b:b2:da:b6:7d:cd:
95:4b:ca:7c:c2:ed:19:50:c8:b8:ee:e3:d2:9a:0c:
60:80:ed:97:19:a9:9d:2e:9c:06:95:62:59:18:34:
60:5a:53:1c:a9:6b:c2:f2:4f:ed:53:e6:48:b8:5b:
0d:8c:82:88:9f:b0:4d:e0:0a:ad:86:40:f1:a0:cc:
34:52:0e:a4:bc:d3:d5:04:10:f5:4b:08:4b:97:03:
25:a6:f6:5f:a3:c1:9d:24:ad:ee:0f:25:88:ea:be:
83:e0:9d:54:ca:46:82:55:81:39:b8:5a:df:e5:c7:
46:fd:25:df:71:dc:20:16:57:85:e3:81:cd:b7:ce:
16:05:a4:a4:07:c8:45:32:c3:bf:92:61:f6:d8:4e:
13:4f:8f:a8:05:bc:a3:90:60:e3:44:4a:f2:bd:a6:
2a:55:01:91:ce:a1:23:0d:cb:d1:0c:b0:f8:4b:8b:
3e:c3:bc:85:9a:83:eb:4d:ca:6f:12:a1:5b:27:ef:
19:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:47:4B:DD:69:8C:8B:93:FE:E7:91:12:5E:0D:7B:66:56:06:AC:74
X509v3 Authority Key Identifier:
keyid:AB:D4:35:48:65:9C:BB:27:6E:F8:D3:5B:82:12:F8:38:E8:CE:B7:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9132B1E/8936CC04883211EA84861B70C4F9AE02/q9Q1SGWcuydu-NNbghL4OOjOt18.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q9Q1SGWcuydu-NNbghL4OOjOt18.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132B1E/8936CC04883211EA84861B70C4F9AE02/123AC2B453B011EB98719516C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.64.8.0/23
202.64.13.0/24
202.64.19.0/24
202.64.31.0/24
202.64.42.0/24
218.253.216.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:58:d5:17:0f:6e:06:7b:76:70:f5:63:c0:24:e3:41:92:54:
26:b6:70:c0:f9:09:8a:31:44:5b:5f:eb:c3:df:ba:f5:4d:99:
32:83:00:cb:95:9f:c5:0c:a4:e1:d9:74:60:75:16:52:b0:18:
d4:cb:c6:11:b5:eb:68:67:36:6d:39:f5:42:f4:86:07:19:67:
b2:1a:c6:9b:67:72:83:56:97:89:92:f3:a6:e0:f1:70:3a:65:
54:24:6e:6b:8c:98:f5:86:7c:15:6d:f8:18:1f:b9:c0:8c:ad:
6e:fc:ae:20:ec:4e:9f:8a:85:6b:d8:e0:fb:87:cc:88:7a:15:
4e:4b:b4:01:fc:5a:2b:ba:74:7c:59:56:0b:e2:f4:39:7c:41:
d1:c4:50:83:19:90:c3:fa:4b:77:5e:30:d8:e6:b9:c9:8c:35:
20:b5:aa:0b:d8:fe:a9:d5:f3:0c:29:f7:4b:55:b6:54:73:ec:
b1:13:ba:d2:9d:61:7e:43:0f:eb:1d:50:e8:df:14:57:2e:6a:
1a:a7:c8:e0:95:9c:81:ea:d4:7a:47:b3:c1:93:36:c5:03:a0:
a4:b6:fd:18:0c:5f:92:64:e1:e7:9b:05:7f:1f:51:a9:88:a1:
27:91:f7:e4:9b:2c:0a:22:0f:f1:dc:b2:13:9d:48:3f:59:0c:
17:f4:3e:c3
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICCPQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzJCMUUxMTAvBgNVBAUTKEFCRDQzNTQ4NjU5Q0JCMjc2RUY4RDM1QjgyMTJGODM4
RThDRUI3NUYwHhcNMjMwNTA0MjIzOTIzWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDU0MzQxYi01NTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4LGcNx6z4P7gP+DJJs5S5MD4BQm6w5qpti945OeBomcqdxX6CpQ8RJs6G+rd
uHQai6EKZem8kuDaMuYU4QaX9jZ8jh4Lstq2fc2VS8p8wu0ZUMi47uPSmgxggO2X
GamdLpwGlWJZGDRgWlMcqWvC8k/tU+ZIuFsNjIKIn7BN4AqthkDxoMw0Ug6kvNPV
BBD1SwhLlwMlpvZfo8GdJK3uDyWI6r6D4J1UykaCVYE5uFrf5cdG/SXfcdwgFleF
44HNt84WBaSkB8hFMsO/kmH22E4TT4+oBbyjkGDjREryvaYqVQGRzqEjDcvRDLD4
S4s+w7yFmoPrTcpvEqFbJ+8Z2wIDAQABo4ICszCCAq8wHQYDVR0OBBYEFNdHS91p
jIuT/ueREl4Ne2ZWBqx0MB8GA1UdIwQYMBaAFKvUNUhlnLsnbvjTW4IS+Djozrdf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkIxRS84OTM2Q0MwNDg4
MzIxMUVBODQ4NjFCNzBDNEY5QUUwMi9xOVExU0dXY3V5ZHUtTk5iZ2hMNE9Pak90
MTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3E5UTFTR1djdXlkdS1OTmJnaEw0T09qT3QxOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzJCMUUvODkzNkNDMDQ4ODMyMTFFQTg0ODYxQjcwQzRGOUFFMDIvMTIzQUMyQjQ1
M0IwMTFFQjk4NzE5NTE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAHKQAgDBADKQA0DBADKQBMDBADKQB8DBADKQCoDBAHa/dgw
DQYJKoZIhvcNAQELBQADggEBALNY1RcPbgZ7dnD1Y8Ak40GSVCa2cMD5CYoxRFtf
68PfuvVNmTKDAMuVn8UMpOHZdGB1FlKwGNTLxhG162hnNm059UL0hgcZZ7Iaxptn
coNWl4mS86bg8XA6ZVQkbmuMmPWGfBVt+BgfucCMrW78riDsTp+KhWvY4PuHzIh6
FU5LtAH8Wiu6dHxZVgvi9Dl8QdHEUIMZkMP6S3deMNjmucmMNSC1qgvY/qnV8wwp
90tVtlRz7LETutKdYX5DD+sdUOjfFFcuahqnyOCVnIHq1HpHs8GTNsUDoKS2/RgM
X5Jk4eebBX8fUamIoSeR9+SbLAoiD/HcshOdSD9ZDBf0PsM=
-----END CERTIFICATE-----
Generated at Mon Mar 18 04:44:28 2024 by rpki-client on console-fra.rpki-client.org