Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/80F60C0AB36A11EEAE9FF05FC4F9AE02.roa
File: 80F60C0AB36A11EEAE9FF05FC4F9AE02.roa (raw, json)
Hash identifier: mPmPvCdQywstYRyflEV6nN7rcE2aRGyDBbdAty6Jy8I=
Subject key identifier: CF:FF:EB:D6:65:07:A1:0F:C9:DF:B1:22:EA:60:A0:EA:A8:A8:DA:20
Certificate issuer: /CN=A91B0770/serialNumber=1D6225AD943ECA389FA4B66C1974351E34C428FB
Certificate serial: 3408
Authority key identifier: 1D:62:25:AD:94:3E:CA:38:9F:A4:B6:6C:19:74:35:1E:34:C4:28:FB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/80F60C0AB36A11EEAE9FF05FC4F9AE02.roa
Signing time: Mon 22 Apr 2024 14:50:49 +0000
ROA not before: Mon 22 Apr 2024 14:50:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38461
IP address blocks: 123.242.240.0/22 maxlen: 22
123.242.240.0/24 maxlen: 24
123.242.241.0/24 maxlen: 24
123.242.242.0/24 maxlen: 24
123.242.243.0/24 maxlen: 24
123.242.248.0/23 maxlen: 24
123.242.250.0/23 maxlen: 24
202.61.8.0/23 maxlen: 23
202.61.8.0/24 maxlen: 24
203.189.176.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 08 Nov 2024 11:52:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13320 (0x3408)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B0770/serialNumber=1D6225AD943ECA389FA4B66C1974351E34C428FB
Validity
Not Before: Apr 22 14:50:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66267949-8700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d7:fd:16:f9:6a:2c:f0:dd:b8:f1:c5:e4:bb:
83:78:5d:46:fd:b1:68:70:84:5a:42:a1:4d:5d:4b:
a8:1c:42:fe:ae:47:2f:6e:55:e5:31:18:ce:7a:4d:
c3:5a:f1:b3:91:6c:29:55:85:71:f9:cb:ca:f9:06:
6f:d4:a1:79:b8:cb:e6:a3:ac:e2:1f:e5:14:f7:71:
1a:6d:0e:a4:48:85:e5:9b:fe:c0:19:12:99:6c:2c:
94:d4:55:1a:ad:24:04:81:a4:3c:1a:3a:b0:54:ab:
e0:ba:83:cb:b3:64:10:cf:76:d8:0d:b6:67:a3:41:
b9:91:34:3a:eb:b9:f8:9b:82:e9:19:85:c1:2f:a4:
77:bc:a0:77:f2:16:85:eb:78:70:90:65:b8:34:54:
d8:5d:01:a3:98:1c:99:53:1a:56:81:36:43:0f:b4:
9f:4d:62:3c:75:4a:6e:7c:51:32:26:fa:1d:07:4e:
c8:77:3f:53:56:a3:05:eb:f9:b9:25:27:49:95:31:
23:7e:60:41:6e:dd:30:27:12:71:7b:4b:c7:bc:b1:
e0:87:be:5a:9e:40:18:24:f2:4a:1e:cf:58:e3:d7:
f9:e7:a7:0e:a4:08:2f:60:8c:de:ca:9e:c4:7c:ef:
fe:50:99:85:ea:e5:81:53:8e:4c:0f:ca:70:88:95:
91:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:FF:EB:D6:65:07:A1:0F:C9:DF:B1:22:EA:60:A0:EA:A8:A8:DA:20
X509v3 Authority Key Identifier:
keyid:1D:62:25:AD:94:3E:CA:38:9F:A4:B6:6C:19:74:35:1E:34:C4:28:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/80F60C0AB36A11EEAE9FF05FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.242.240.0/22
123.242.248.0/22
202.61.8.0/23
203.189.176.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:15:9a:5d:c9:e2:f1:dc:53:50:db:6a:3a:cf:ea:40:88:3a:
61:8c:0e:ea:2a:2e:a6:fc:fc:23:7b:5d:fa:b0:08:20:28:a5:
dd:fe:aa:75:42:fa:e4:0c:09:ac:20:a0:69:8a:7b:bf:8b:67:
94:46:b1:71:bb:a2:15:c3:51:1d:c9:83:7c:c2:e8:d2:1c:e2:
d2:3d:39:4a:d4:fc:2a:4f:76:24:5b:72:5f:80:ea:13:a1:53:
a1:b7:7a:e8:e8:09:cc:6f:08:33:78:51:73:62:f6:01:a6:3d:
8f:37:16:c1:83:9d:2e:73:cc:32:2c:88:02:d0:b5:80:d2:cf:
f6:61:9a:3b:fd:6c:fd:72:12:32:8e:83:bc:22:dd:04:55:a3:
6a:57:2d:e5:de:a7:c8:91:0e:d1:9e:94:35:b0:6e:a5:f5:76:
85:32:e2:34:95:bb:78:28:04:ee:7d:c0:1a:f5:92:dc:a6:01:
ee:eb:06:cc:b4:27:17:a8:f3:e2:9b:e6:e1:27:57:a3:f5:41:
d9:21:cd:d1:0e:68:a4:a4:52:15:6f:08:cd:35:29:43:c2:54:
69:89:23:b8:f4:60:5c:45:b1:58:4b:b9:19:56:6d:ac:8d:d2:
ea:b9:53:79:ba:34:4c:e7:0f:cf:8b:43:63:e9:18:7f:d8:14:
17:c8:14:cb
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICNAgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjA3NzAxMTAvBgNVBAUTKDFENjIyNUFEOTQzRUNBMzg5RkE0QjY2QzE5NzQzNTFF
MzRDNDI4RkIwHhcNMjQwNDIyMTQ1MDQ5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjI2Nzk0OS04NzAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu9f9FvlqLPDduPHF5LuDeF1G/bFocIRaQqFNXUuoHEL+rkcvblXlMRjOek3D
WvGzkWwpVYVx+cvK+QZv1KF5uMvmo6ziH+UU93EabQ6kSIXlm/7AGRKZbCyU1FUa
rSQEgaQ8GjqwVKvguoPLs2QQz3bYDbZno0G5kTQ667n4m4LpGYXBL6R3vKB38haF
63hwkGW4NFTYXQGjmByZUxpWgTZDD7SfTWI8dUpufFEyJvodB07Idz9TVqMF6/m5
JSdJlTEjfmBBbt0wJxJxe0vHvLHgh75ankAYJPJKHs9Y49f556cOpAgvYIzeyp7E
fO/+UJmF6uWBU45MD8pwiJWRjQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFM//69Zl
B6EPyd+xIupgoOqoqNogMB8GA1UdIwQYMBaAFB1iJa2UPso4n6S2bBl0NR40xCj7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDc3MC9DMzM2ODNCNjFE
OEUxMUUyOEE5QjU3RUQwOEIwMkNEMi9IV0lsclpRLXlqaWZwTFpzR1hRMUhqVEVL
UHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hXSWxyWlEteWppZnBMWnNHWFExSGpURUtQcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjA3NzAvQzMzNjgzQjYxRDhFMTFFMjhBOUI1N0VEMDhCMDJDRDIvODBGNjBDMEFC
MzZBMTFFRUFFOUZGMDVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAJ78vADBAJ78vgDBAHKPQgDBALLvbAwDQYJKoZIhvcNAQEL
BQADggEBAJ8Vml3J4vHcU1DbajrP6kCIOmGMDuoqLqb8/CN7XfqwCCAopd3+qnVC
+uQMCawgoGmKe7+LZ5RGsXG7ohXDUR3Jg3zC6NIc4tI9OUrU/CpPdiRbcl+A6hOh
U6G3eujoCcxvCDN4UXNi9gGmPY83FsGDnS5zzDIsiALQtYDSz/Zhmjv9bP1yEjKO
g7wi3QRVo2pXLeXep8iRDtGelDWwbqX1doUy4jSVu3goBO59wBr1ktymAe7rBsy0
Jxeo8+Kb5uEnV6P1QdkhzdEOaKSkUhVvCM01KUPCVGmJI7j0YFxFsVhLuRlWbayN
0uq5U3m6NEznD8+LQ2PpGH/YFBfIFMs=
-----END CERTIFICATE-----
Generated at Fri Nov 8 16:57:55 2024 by rpki-client on console-ams.rpki-client.org