Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/2E2B22D26ED011EE85A20719C4F9AE02.roa
File: 2E2B22D26ED011EE85A20719C4F9AE02.roa (raw, json)
Hash identifier: l4+eUxuSsDBsTjkdeNWlcRg+8lYpGPjQkkEjUKQ8TMU=
Subject key identifier: C2:E1:E4:82:6A:52:9D:9C:8D:F5:06:28:A8:A2:54:BF:6D:AB:94:94
Certificate issuer: /CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Certificate serial: A1
Authority key identifier: 45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/2E2B22D26ED011EE85A20719C4F9AE02.roa
Signing time: Thu 19 Oct 2023 22:38:10 +0000
ROA not before: Thu 19 Oct 2023 22:38:10 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 125.62.77.0/24 maxlen: 24
125.62.78.0/24 maxlen: 24
202.134.233.0/24 maxlen: 24
202.134.235.0/24 maxlen: 24
202.134.236.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161 (0xa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Validity
Not Before: Oct 19 22:38:10 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6531afd2-a946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4e:c9:25:8c:64:0c:24:7a:74:0d:49:eb:d7:
a0:66:29:fc:bb:64:06:52:e3:ce:18:5b:02:1c:c6:
3e:60:8c:9f:16:f7:eb:9c:8d:ec:93:d2:ae:a8:de:
83:15:e8:06:8f:da:44:a5:1f:2c:7a:9f:4b:7b:19:
a9:94:1a:aa:c8:82:9f:26:23:1a:a5:ab:51:90:4c:
ff:bd:29:f9:96:81:20:6a:4a:f3:1c:af:b7:70:00:
d5:a1:17:46:06:3a:17:ba:fe:6e:3f:4c:47:d9:93:
64:a4:2b:53:b4:4d:55:ed:76:82:8a:e3:c1:81:0f:
25:a4:0b:67:89:f4:d1:fe:f4:fe:7f:20:de:fa:89:
7e:b0:bd:e2:24:88:3e:0e:c7:ff:18:c5:d9:dd:46:
90:4f:41:6f:31:a0:60:c6:83:6a:d5:d6:da:50:9c:
68:85:c9:bb:1e:0d:6b:93:65:96:d3:21:73:9e:bf:
a2:8c:3c:e7:fb:83:ec:d5:19:df:4e:89:6e:09:2a:
c5:cf:ac:24:11:00:8d:7c:97:a1:86:57:fd:10:01:
0c:be:78:0c:88:9a:9a:34:65:67:0d:26:9c:43:7a:
81:67:4b:1e:0d:38:1b:7f:19:8a:c5:a5:96:a0:1d:
93:5d:3b:d0:2a:4b:0c:00:7d:c7:4d:0f:6a:04:eb:
37:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:E1:E4:82:6A:52:9D:9C:8D:F5:06:28:A8:A2:54:BF:6D:AB:94:94
X509v3 Authority Key Identifier:
keyid:45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/2E2B22D26ED011EE85A20719C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
125.62.77.0-125.62.78.255
202.134.233.0/24
202.134.235.0-202.134.236.255
Signature Algorithm: sha256WithRSAEncryption
57:34:78:97:86:d7:53:0d:2a:dd:14:1b:bf:43:d9:6a:ec:9c:
c8:cd:41:45:48:9f:03:fa:dc:fc:c8:68:78:54:a6:cd:e1:4c:
3e:38:58:5f:aa:fe:73:5c:b7:9f:3d:5b:4a:d9:01:27:32:bb:
57:cb:9f:16:97:6e:18:03:a7:8e:0d:52:2c:6e:76:2a:45:5d:
69:5e:5b:75:c4:6e:2f:62:19:5a:85:4f:4a:46:b0:0f:5f:dd:
39:8d:f0:30:c8:45:c2:fa:80:71:41:30:21:7d:12:94:bf:eb:
df:ac:8a:ab:88:0c:ed:63:39:8f:b6:b1:90:8d:ea:e8:07:c9:
5e:a0:ca:20:e7:e2:41:ce:0f:e5:7b:ad:df:02:75:57:fe:3c:
62:5d:8a:a2:33:3c:2e:9d:05:d2:26:ea:f0:c1:7a:b5:27:50:
08:d2:0d:83:e4:cc:f9:70:c2:bf:0e:69:ba:26:54:e4:0f:9e:
d5:76:e7:70:12:0b:ec:82:94:06:5d:fd:a5:82:d7:d8:8d:d5:
36:4e:01:6d:1f:da:51:bb:fa:a8:47:86:9e:ad:30:ee:f0:df:
5d:d3:55:e3:da:b3:6c:7e:4d:30:88:1e:b3:d4:56:d8:07:90:
2b:71:3c:73:b8:b9:ec:92:78:f0:d1:9f:ff:1d:b8:35:08:bb:
c5:b0:f4:48
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICAKEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzY1NTAxMTAvBgNVBAUTKDQ1NkVFQTA2OTJDNkE0RjI2RjUzRDJEMjM3RDFDQjRE
Q0Q3ODMzMDUwHhcNMjMxMDE5MjIzODEwWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTMxYWZkMi1hOTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyU7JJYxkDCR6dA1J69egZin8u2QGUuPOGFsCHMY+YIyfFvfrnI3sk9KuqN6D
FegGj9pEpR8sep9LexmplBqqyIKfJiMapatRkEz/vSn5loEgakrzHK+3cADVoRdG
BjoXuv5uP0xH2ZNkpCtTtE1V7XaCiuPBgQ8lpAtnifTR/vT+fyDe+ol+sL3iJIg+
Dsf/GMXZ3UaQT0FvMaBgxoNq1dbaUJxohcm7Hg1rk2WW0yFznr+ijDzn+4Ps1Rnf
ToluCSrFz6wkEQCNfJehhlf9EAEMvngMiJqaNGVnDSacQ3qBZ0seDTgbfxmKxaWW
oB2TXTvQKksMAH3HTQ9qBOs32QIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFMLh5IJq
Up2cjfUGKKiiVL9tq5SUMB8GA1UdIwQYMBaAFEVu6gaSxqTyb1PS0jfRy03NeDMF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjU1MC84NDAwOTU0QUNF
QzQxMUVEOEE4M0ZCMTFDNEY5QUUwMi9SVzdxQnBMR3BQSnZVOUxTTjlITFRjMTRN
d1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JXN3FCcExHcFBKdlU5TFNOOUhMVGMxNE13VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzY1NTAvODQwMDk1NEFDRUM0MTFFRDhBODNGQjExQzRGOUFFMDIvMkUyQjIyRDI2
RUQwMTFFRTg1QTIwNzE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMCgEAgABMCIwDAMEAH0+TQMEAH0+TgMEAMqG6TAMAwQAyobrAwQAyobsMA0G
CSqGSIb3DQEBCwUAA4IBAQBXNHiXhtdTDSrdFBu/Q9lq7JzIzUFFSJ8D+tz8yGh4
VKbN4Uw+OFhfqv5zXLefPVtK2QEnMrtXy58Wl24YA6eODVIsbnYqRV1pXlt1xG4v
YhlahU9KRrAPX905jfAwyEXC+oBxQTAhfRKUv+vfrIqriAztYzmPtrGQjeroB8le
oMog5+JBzg/le63fAnVX/jxiXYqiMzwunQXSJurwwXq1J1AI0g2D5Mz5cMK/Dmm6
JlTkD57VdudwEgvsgpQGXf2lgtfYjdU2TgFtH9pRu/qoR4aerTDu8N9d01Xj2rNs
fk0wiB6z1FbYB5ArcTxzuLnsknjw0Z//Hbg1CLvFsPRI
-----END CERTIFICATE-----
Generated at Thu Oct 26 00:48:48 2023 by rpki-client on console-fra.rpki-client.org