Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/08550476367511EEA4204A4CC4F9AE02.roa
File: 08550476367511EEA4204A4CC4F9AE02.roa (raw, json)
Hash identifier: Vd+6/aU2PlJn61lHkqi22+3HzrDl96laEL91tcvHH6g=
Subject key identifier: 54:1C:8D:67:C3:1C:39:DE:E9:DB:7C:57:5B:44:76:FB:BB:CA:80:98
Certificate issuer: /CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Certificate serial: 82
Authority key identifier: 45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/08550476367511EEA4204A4CC4F9AE02.roa
Signing time: Tue 12 Sep 2023 11:49:34 +0000
ROA not before: Tue 12 Sep 2023 11:49:34 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 5065
IP address blocks: 202.126.110.0/24 maxlen: 24
202.126.111.0/24 maxlen: 24
202.134.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Dec 2023 14:40:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130 (0x82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Validity
Not Before: Sep 12 11:49:34 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6500504e-f632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a0:ed:06:83:7a:0b:80:fe:d5:1e:25:77:f0:
09:54:05:f6:c2:12:8e:61:85:fd:b3:50:2a:47:bc:
cd:c9:39:d0:ca:c0:14:ee:4a:01:8e:f7:a7:38:3d:
6c:df:82:65:0f:f5:d5:83:66:98:9c:31:ba:4f:f8:
e9:0a:39:c8:73:3f:43:74:ce:18:02:c7:0c:7d:aa:
b5:bf:8b:f5:5f:24:8b:fd:29:5c:41:95:dc:05:7a:
e8:3e:86:c6:08:8b:07:a6:4e:df:d6:b1:b7:06:08:
cd:98:94:28:d6:3b:aa:3c:db:aa:f4:9f:97:d8:2c:
39:cc:13:32:9a:25:99:85:aa:f0:b8:6c:58:92:b3:
6a:d3:85:b0:e7:89:6d:53:5e:79:11:85:51:c0:1e:
69:72:46:5a:38:c0:d2:fa:b2:25:3b:c2:5b:c6:80:
c8:75:60:3a:2e:56:03:0b:ef:01:bc:f4:8f:87:dd:
cd:9f:99:25:6d:70:89:60:a1:43:87:3e:14:d8:1d:
03:2a:94:0c:e2:32:ce:22:2e:bb:36:09:7d:23:74:
02:d5:8e:0b:1e:c9:a9:b1:29:55:57:23:74:d0:05:
ff:ea:39:ef:0b:95:0d:51:3e:41:49:39:42:12:09:
e6:04:9a:f4:c0:c1:e4:87:6b:de:dc:cb:9e:24:26:
3e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:1C:8D:67:C3:1C:39:DE:E9:DB:7C:57:5B:44:76:FB:BB:CA:80:98
X509v3 Authority Key Identifier:
keyid:45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/08550476367511EEA4204A4CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.126.110.0/23
202.134.229.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:e2:06:2e:76:77:f7:6b:a9:e3:cf:cd:36:e7:d5:61:0d:57:
fe:aa:6f:39:9f:a2:e1:5c:58:2e:36:24:18:70:67:3e:91:55:
8a:55:af:97:5f:67:f3:fd:cc:6d:c3:66:03:5a:6c:e4:86:7e:
dc:fc:fa:2e:17:56:16:ee:89:98:f8:13:f3:f2:17:f6:53:d8:
1f:b6:49:43:e0:0c:54:b3:a1:16:3b:40:06:c5:1c:f1:36:9a:
39:b9:b5:4f:91:1d:36:8f:f2:f9:59:f3:31:f0:0d:e8:c0:3f:
13:60:50:d9:c1:e0:a3:0c:dc:9c:90:e5:a1:98:de:78:4b:0d:
f6:33:b5:52:12:88:5c:a4:e9:7f:53:b0:9d:4e:57:6d:4c:ea:
9e:ba:24:a3:38:13:bc:c2:61:b1:2f:1b:57:e5:54:9e:0d:80:
8d:15:19:cf:c8:0b:f3:bd:ec:4d:b0:40:2f:7b:73:83:e5:00:
e7:1f:6f:19:9f:d2:f3:89:5d:1a:e7:80:2a:dc:d2:fe:80:b6:
b8:35:ab:04:73:92:09:27:a7:4e:05:45:87:35:5e:cc:f5:81:
07:22:84:f3:49:d5:30:ca:05:4b:d7:58:18:81:bf:98:e2:b7:
48:2d:0b:d8:31:a2:51:79:d8:11:a5:28:17:2a:53:bb:63:f8:
72:82:cb:54
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAIIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzY1NTAxMTAvBgNVBAUTKDQ1NkVFQTA2OTJDNkE0RjI2RjUzRDJEMjM3RDFDQjRE
Q0Q3ODMzMDUwHhcNMjMwOTEyMTE0OTM0WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTAwNTA0ZS1mNjMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxqDtBoN6C4D+1R4ld/AJVAX2whKOYYX9s1AqR7zNyTnQysAU7koBjvenOD1s
34JlD/XVg2aYnDG6T/jpCjnIcz9DdM4YAscMfaq1v4v1XySL/SlcQZXcBXroPobG
CIsHpk7f1rG3BgjNmJQo1juqPNuq9J+X2Cw5zBMymiWZharwuGxYkrNq04Ww54lt
U155EYVRwB5pckZaOMDS+rIlO8JbxoDIdWA6LlYDC+8BvPSPh93Nn5klbXCJYKFD
hz4U2B0DKpQM4jLOIi67Ngl9I3QC1Y4LHsmpsSlVVyN00AX/6jnvC5UNUT5BSTlC
EgnmBJr0wMHkh2ve3MueJCY+NQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFFQcjWfD
HDne6dt8V1tEdvu7yoCYMB8GA1UdIwQYMBaAFEVu6gaSxqTyb1PS0jfRy03NeDMF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjU1MC84NDAwOTU0QUNF
QzQxMUVEOEE4M0ZCMTFDNEY5QUUwMi9SVzdxQnBMR3BQSnZVOUxTTjlITFRjMTRN
d1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JXN3FCcExHcFBKdlU5TFNOOUhMVGMxNE13VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzY1NTAvODQwMDk1NEFDRUM0MTFFRDhBODNGQjExQzRGOUFFMDIvMDg1NTA0NzYz
Njc1MTFFRUE0MjA0QTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAHKfm4DBADKhuUwDQYJKoZIhvcNAQELBQADggEBAC/iBi52
d/drqePPzTbn1WENV/6qbzmfouFcWC42JBhwZz6RVYpVr5dfZ/P9zG3DZgNabOSG
ftz8+i4XVhbuiZj4E/PyF/ZT2B+2SUPgDFSzoRY7QAbFHPE2mjm5tU+RHTaP8vlZ
8zHwDejAPxNgUNnB4KMM3JyQ5aGY3nhLDfYztVISiFyk6X9TsJ1OV21M6p66JKM4
E7zCYbEvG1flVJ4NgI0VGc/IC/O97E2wQC97c4PlAOcfbxmf0vOJXRrngCrc0v6A
trg1qwRzkgknp04FRYc1Xsz1gQcihPNJ1TDKBUvXWBiBv5jit0gtC9gxolF52BGl
KBcqU7tj+HKCy1Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:25 2024 by rpki-client on console-ams.rpki-client.org