Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/38F942E478FC11EEACC0381CC4F9AE02.roa
File: 38F942E478FC11EEACC0381CC4F9AE02.roa (raw, json)
Hash identifier: fjgV4myZn0cIYi2zo3xN2pq3jvEjbxU+Rjpe/sov5uk=
Subject key identifier: 26:05:D0:AE:92:BD:FB:55:7F:24:E8:17:A2:6E:05:56:0B:A9:13:8C
Certificate issuer: /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Certificate serial: 05D6
Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/38F942E478FC11EEACC0381CC4F9AE02.roa
Signing time: Wed 01 Nov 2023 21:18:38 +0000
ROA not before: Wed 01 Nov 2023 21:18:38 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 9790
IP address blocks: 60.234.0.0/16 maxlen: 20
101.98.0.0/16 maxlen: 20
101.100.128.0/19 maxlen: 24
103.237.40.0/22 maxlen: 24
110.44.16.0/22 maxlen: 24
119.224.0.0/18 maxlen: 20
119.224.64.0/19 maxlen: 20
119.224.128.0/20 maxlen: 20
121.98.0.0/15 maxlen: 20
124.197.0.0/18 maxlen: 20
202.49.244.0/22 maxlen: 24
202.50.170.0/24 maxlen: 24
202.53.176.0/20 maxlen: 20
202.89.128.0/19 maxlen: 20
202.150.96.0/20 maxlen: 20
202.150.112.0/20 maxlen: 20
202.180.64.0/18 maxlen: 20
202.189.160.0/20 maxlen: 20
202.191.32.0/20 maxlen: 20
203.184.0.0/18 maxlen: 20
2400:4800::/32 maxlen: 32
2402:6000::/32 maxlen: 32
2402:8200::/32 maxlen: 32
2404:4400::/28 maxlen: 36
Validation: Failed, certificate revoked on Thu 16 Nov 2023 21:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1494 (0x5d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Validity
Not Before: Nov 1 21:18:38 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6542c0ae-bde9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b3:ff:5a:b2:0c:93:fe:a8:30:b5:26:36:2a:
5f:2f:50:5e:d5:a1:75:e9:75:ee:e7:95:31:aa:42:
9b:63:9a:db:26:b9:2b:43:a2:c4:61:8c:8a:36:d9:
a3:6b:a6:89:1a:7d:bb:94:f9:69:51:1b:76:23:a5:
2b:8e:17:7b:cd:7a:90:60:41:91:c3:b3:f3:85:81:
7d:f3:3d:2b:17:38:ed:fd:b0:bc:ae:0c:e8:c4:ad:
0f:c9:fd:7e:71:16:d3:8c:90:ab:39:1a:d8:b3:f7:
82:df:69:71:81:13:21:77:99:3b:30:03:32:0c:e5:
c0:55:88:22:0d:2f:be:b2:65:eb:65:90:00:c1:e6:
6e:79:9f:72:01:28:cd:41:2e:bb:1a:9f:d1:d3:5d:
b2:55:5f:8c:89:d2:d1:47:01:13:1d:2d:d3:81:bc:
01:dc:21:f9:20:3b:96:9d:54:92:cd:9d:82:df:9e:
f9:da:75:3d:d0:a0:c0:7c:8b:8e:18:59:69:bc:72:
b3:50:3c:26:4f:10:f0:f4:b5:4b:0c:59:03:fb:66:
3e:50:3d:fb:42:65:af:c4:42:ea:a0:e6:5c:ee:aa:
4a:76:fb:fd:63:33:2b:64:af:41:f9:77:9c:f2:8f:
6d:61:7f:82:e5:7e:73:8a:49:42:68:d2:10:e4:ce:
be:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:05:D0:AE:92:BD:FB:55:7F:24:E8:17:A2:6E:05:56:0B:A9:13:8C
X509v3 Authority Key Identifier:
keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/38F942E478FC11EEACC0381CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
60.234.0.0/16
101.98.0.0/16
101.100.128.0/19
103.237.40.0/22
110.44.16.0/22
119.224.0.0-119.224.95.255
119.224.128.0/20
121.98.0.0/15
124.197.0.0/18
202.49.244.0/22
202.50.170.0/24
202.53.176.0/20
202.89.128.0/19
202.150.96.0/19
202.180.64.0/18
202.189.160.0/20
202.191.32.0/20
203.184.0.0/18
IPv6:
2400:4800::/32
2402:6000::/32
2402:8200::/32
2404:4400::/28
Signature Algorithm: sha256WithRSAEncryption
2d:14:2b:4d:32:1b:a5:d9:90:f3:ae:02:c1:fd:a9:79:8e:80:
b8:3a:8f:d5:4a:4d:04:bd:c4:9d:ee:14:a4:ff:9a:5a:3d:d4:
97:9c:80:87:f3:95:a7:9d:12:a5:5b:fb:77:7f:89:e3:95:64:
7d:b3:ac:7c:0d:f8:09:e8:64:da:9a:5d:63:04:5b:12:74:ca:
d8:3f:b3:3d:0d:89:19:f8:0c:81:a5:2e:5b:41:12:eb:48:93:
59:37:fa:12:ea:91:4b:ec:31:49:73:a7:af:a8:cc:bf:d5:ee:
c0:24:4a:82:9b:48:27:56:24:67:fa:3a:a4:a5:a0:cd:81:bb:
d0:5b:10:8d:a2:11:25:10:35:64:2e:9e:4b:f4:41:ed:83:74:
67:af:52:0e:22:81:33:83:cc:9a:ac:8c:9f:90:4e:e3:fc:9e:
cd:de:e8:3a:09:81:26:1e:38:b7:1c:28:d8:3d:c8:3e:99:30:
a6:2a:ca:1d:14:93:d7:d0:60:bf:ed:0e:e6:dc:f9:a3:94:17:
3f:7b:27:2e:a7:7c:51:8d:0d:26:14:1f:a8:41:00:89:ee:bc:
c6:9b:b8:88:90:89:71:82:68:30:f3:bc:d8:a5:65:e9:3e:3a:
3e:ee:03:01:25:76:1d:24:82:41:69:a4:b9:2c:95:0d:05:53:
41:29:11:e6
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgICBdYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC
NjBEQjFCMkMwHhcNMjMxMTAxMjExODM4WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQyYzBhZS1iZGU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm7P/WrIMk/6oMLUmNipfL1Be1aF16XXu55UxqkKbY5rbJrkrQ6LEYYyKNtmj
a6aJGn27lPlpURt2I6Urjhd7zXqQYEGRw7PzhYF98z0rFzjt/bC8rgzoxK0Pyf1+
cRbTjJCrORrYs/eC32lxgRMhd5k7MAMyDOXAVYgiDS++smXrZZAAweZueZ9yASjN
QS67Gp/R012yVV+MidLRRwETHS3TgbwB3CH5IDuWnVSSzZ2C35752nU90KDAfIuO
GFlpvHKzUDwmTxDw9LVLDFkD+2Y+UD37QmWvxELqoOZc7qpKdvv9YzMrZK9B+Xec
8o9tYX+C5X5ziklCaNIQ5M6+ewIDAQABo4IDJjCCAyIwHQYDVR0OBBYEFCYF0K6S
vftVfyToF6JuBVYLqROMMB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2
QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvMzhGOTQyRTQ3
OEZDMTFFRUFDQzAzODFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga8GCCsGAQUFBwEHAQH/
BIGfMIGcMHYEAgABMHADAwA86gMDAGViAwQFZWSAAwQCZ+0oAwQCbiwQMAsDAwV3
4AMEBXfgQAMEBHfggAMDAXliAwQGfMUAAwQCyjH0AwQAyjKqAwQEyjWwAwQFylmA
AwQFypZgAwQGyrRAAwQEyr2gAwQEyr8gAwQGy7gAMCIEAgACMBwDBQAkAEgAAwUA
JAJgAAMFACQCggADBQQkBEQAMA0GCSqGSIb3DQEBCwUAA4IBAQAtFCtNMhul2ZDz
rgLB/al5joC4Oo/VSk0EvcSd7hSk/5paPdSXnICH85WnnRKlW/t3f4njlWR9s6x8
DfgJ6GTaml1jBFsSdMrYP7M9DYkZ+AyBpS5bQRLrSJNZN/oS6pFL7DFJc6evqMy/
1e7AJEqCm0gnViRn+jqkpaDNgbvQWxCNohElEDVkLp5L9EHtg3Rnr1IOIoEzg8ya
rIyfkE7j/J7N3ug6CYEmHji3HCjYPcg+mTCmKsodFJPX0GC/7Q7m3PmjlBc/eycu
p3xRjQ0mFB+oQQCJ7rzGm7iIkIlxgmgw87zYpWXpPjo+7gMBJXYdJIJBaaS5LJUN
BVNBKRHm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:55 2024 by rpki-client on console-ams.rpki-client.org