Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91620E0/E1A384AC310E11EA9C3CE72FC4F9AE02/8DC573F8E4F811ED9F93311EC4F9AE02.roa
File: 8DC573F8E4F811ED9F93311EC4F9AE02.roa (raw, json)
Hash identifier: tUgIFNkcTmHxr6u7ShjAaxAyszTJ92yHCwlkz5gO1Tc=
Subject key identifier: 57:55:8A:88:AA:D7:2A:0D:7A:AA:14:8D:84:A8:F6:41:9C:D0:44:DA
Certificate issuer: /CN=A91620E0/serialNumber=FD3B4EF8F79B0AE127E71E4B6C1869D81B22E880
Certificate serial: 0C51
Authority key identifier: FD:3B:4E:F8:F7:9B:0A:E1:27:E7:1E:4B:6C:18:69:D8:1B:22:E8:80
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_TtO-PebCuEn5x5LbBhp2Bsi6IA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91620E0/E1A384AC310E11EA9C3CE72FC4F9AE02/8DC573F8E4F811ED9F93311EC4F9AE02.roa
Signing time: Thu 30 Nov 2023 20:27:51 +0000
ROA not before: Thu 30 Nov 2023 20:27:51 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 55386
IP address blocks: 115.245.40.0/22 maxlen: 22
115.245.96.0/22 maxlen: 22
2409:4091:4000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3153 (0xc51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91620E0/serialNumber=FD3B4EF8F79B0AE127E71E4B6C1869D81B22E880
Validity
Not Before: Nov 30 20:27:51 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6568f047-76d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e4:5c:18:4c:2c:86:7d:8f:8d:75:45:5e:12:
00:92:1f:05:e2:d5:16:b0:de:0d:b4:13:04:24:fe:
2e:92:74:03:c7:32:e8:af:55:c3:d6:01:56:da:45:
47:88:a9:5d:f2:1f:b5:39:2d:63:cc:e5:6b:0a:02:
30:a0:19:d0:dd:91:13:06:8d:56:81:74:78:be:27:
bc:39:04:80:4b:bf:4b:96:de:b0:5a:e6:5c:c0:47:
6a:24:b8:35:e2:e4:e6:82:5b:ec:e6:21:20:f8:64:
8a:a0:85:97:71:90:b0:27:17:a1:59:45:2c:89:8b:
af:1e:5a:35:69:04:29:e5:2d:bd:e1:46:84:51:b5:
39:3e:c0:c8:9f:51:57:30:3a:94:c1:bc:e3:8d:68:
a1:2a:57:33:c8:e7:9b:6f:f2:b1:c9:40:c6:34:8d:
d5:ed:34:8a:08:10:32:f2:ad:18:72:2a:69:dd:6a:
61:36:38:c9:15:dc:50:09:42:a8:68:c0:4b:05:ab:
e7:41:82:a4:5f:1e:c1:26:a4:f9:e3:17:83:03:7d:
de:78:45:9e:79:24:9b:c9:a9:35:de:32:18:e7:6c:
d8:d0:8e:5e:b8:d6:bc:44:38:ae:6a:1d:f4:ac:91:
00:fe:77:ab:25:77:bc:8b:50:81:51:23:c4:ec:2a:
37:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:55:8A:88:AA:D7:2A:0D:7A:AA:14:8D:84:A8:F6:41:9C:D0:44:DA
X509v3 Authority Key Identifier:
keyid:FD:3B:4E:F8:F7:9B:0A:E1:27:E7:1E:4B:6C:18:69:D8:1B:22:E8:80
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91620E0/E1A384AC310E11EA9C3CE72FC4F9AE02/_TtO-PebCuEn5x5LbBhp2Bsi6IA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_TtO-PebCuEn5x5LbBhp2Bsi6IA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91620E0/E1A384AC310E11EA9C3CE72FC4F9AE02/8DC573F8E4F811ED9F93311EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.245.40.0/22
115.245.96.0/22
IPv6:
2409:4091:4000::/36
Signature Algorithm: sha256WithRSAEncryption
6b:6b:19:a6:33:8d:01:09:6b:c8:9b:9f:cf:c2:46:fc:55:74:
61:bb:b4:10:10:a0:d8:3c:94:5e:4f:9b:26:16:9a:83:cc:cc:
f1:bd:dd:a8:72:b7:e0:2a:a8:01:14:ee:62:9a:be:c1:87:77:
9a:bd:8b:88:d5:2f:ed:55:17:81:42:b8:25:05:80:2f:28:e1:
aa:43:26:b3:a2:7b:86:de:c3:db:09:9f:d8:4a:2b:51:43:24:
ce:3c:ca:23:79:f4:bd:79:ea:e6:36:5a:74:75:d5:e7:cd:bc:
75:78:26:f3:eb:ec:a9:95:e7:43:7d:ae:6f:e8:93:df:1b:70:
3d:60:e3:49:2a:aa:df:32:b0:0f:9c:2c:b4:a2:01:21:af:01:
32:b6:8c:fd:a3:c2:50:73:08:05:43:ba:ff:51:22:a7:51:5a:
69:6d:93:5b:41:5f:30:8b:63:18:0a:31:08:e4:b2:f6:f9:65:
41:9a:d2:05:3d:f9:48:f8:9d:d5:93:3d:a2:3c:60:ee:f8:d9:
ac:71:1c:ec:fd:fc:97:9b:21:e3:53:85:9b:a0:30:2f:63:c5:
8d:19:a4:a5:67:1b:c9:49:91:06:a7:23:62:7b:3d:63:12:e6:
49:bb:78:01:e5:b7:4c:9d:07:36:c9:ad:88:22:0c:d8:94:06:
9b:46:22:b0
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICDFEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjIwRTAxMTAvBgNVBAUTKEZEM0I0RUY4Rjc5QjBBRTEyN0U3MUU0QjZDMTg2OUQ4
MUIyMkU4ODAwHhcNMjMxMTMwMjAyNzUxWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTY4ZjA0Ny03NmQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzORcGEwshn2PjXVFXhIAkh8F4tUWsN4NtBMEJP4uknQDxzLor1XD1gFW2kVH
iKld8h+1OS1jzOVrCgIwoBnQ3ZETBo1WgXR4vie8OQSAS79Llt6wWuZcwEdqJLg1
4uTmglvs5iEg+GSKoIWXcZCwJxehWUUsiYuvHlo1aQQp5S294UaEUbU5PsDIn1FX
MDqUwbzjjWihKlczyOebb/KxyUDGNI3V7TSKCBAy8q0Ycipp3WphNjjJFdxQCUKo
aMBLBavnQYKkXx7BJqT54xeDA33eeEWeeSSbyak13jIY52zY0I5euNa8RDiuah30
rJEA/nerJXe8i1CBUSPE7Co3lwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFFdVioiq
1yoNeqoUjYSo9kGc0ETaMB8GA1UdIwQYMBaAFP07Tvj3mwrhJ+ceS2wYadgbIuiA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjBFMC9FMUEzODRBQzMx
MEUxMUVBOUMzQ0U3MkZDNEY5QUUwMi9fVHRPLVBlYkN1RW41eDVMYkJocDJCc2k2
SUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19UdE8tUGViQ3VFbjV4NUxiQmhwMkJzaTZJQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjIwRTAvRTFBMzg0QUMzMTBFMTFFQTlDM0NFNzJGQzRGOUFFMDIvOERDNTczRjhF
NEY4MTFFRDlGOTMzMTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMBIEAgABMAwDBAJz9SgDBAJz9WAwDgQCAAIwCAMGBCQJQJFAMA0GCSqGSIb3
DQEBCwUAA4IBAQBraxmmM40BCWvIm5/Pwkb8VXRhu7QQEKDYPJReT5smFpqDzMzx
vd2ocrfgKqgBFO5imr7Bh3eavYuI1S/tVReBQrglBYAvKOGqQyazonuG3sPbCZ/Y
SitRQyTOPMojefS9eermNlp0ddXnzbx1eCbz6+ypledDfa5v6JPfG3A9YONJKqrf
MrAPnCy0ogEhrwEytoz9o8JQcwgFQ7r/USKnUVppbZNbQV8wi2MYCjEI5LL2+WVB
mtIFPflI+J3Vkz2iPGDu+NmscRzs/fyXmyHjU4WboDAvY8WNGaSlZxvJSZEGpyNi
ez1jEuZJu3gB5bdMnQc2ya2IIgzYlAabRiKw
-----END CERTIFICATE-----
Generated at Fri Dec 8 07:04:50 2023 by rpki-client on console-fra.rpki-client.org