Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/6753C1267E4311EF8FF42873C4F9AE02.roa
File: 6753C1267E4311EF8FF42873C4F9AE02.roa (raw, json)
Hash identifier: QSnSgkiNEBlyNx61JNITbk8uYW+O6oAp+dGAxNy0paE=
Subject key identifier: B3:5E:FB:8E:10:81:0F:4F:4F:E1:EF:56:70:F4:C3:E3:53:CD:66:51
Certificate issuer: /CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Certificate serial: 0197
Authority key identifier: 45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/6753C1267E4311EF8FF42873C4F9AE02.roa
Signing time: Sun 29 Sep 2024 09:15:43 +0000
ROA not before: Sun 29 Sep 2024 09:15:43 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 202.134.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Oct 2024 04:12:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 407 (0x197)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Validity
Not Before: Sep 29 09:15:43 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66f91abf-1fcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:e2:14:64:03:d6:89:8a:be:e0:39:72:db:56:
97:1d:99:fd:93:c4:54:6e:b3:2c:3a:90:3d:0c:73:
4e:fb:fc:e2:29:74:0e:1f:21:45:fa:ce:e3:6d:a7:
2b:8a:66:88:7e:1e:57:f6:17:69:36:41:a7:35:c9:
99:3b:33:62:9f:bd:a8:e4:0c:2f:3e:88:23:56:bd:
dd:6f:b1:42:4f:ad:09:62:b5:f3:89:b3:c3:5a:f0:
ac:41:f4:cb:b2:85:37:6c:8f:cc:b0:7f:2a:e6:3e:
6a:8a:b4:2c:24:87:20:30:1a:c5:ca:88:00:8b:16:
e7:2d:b6:0a:cf:f8:e4:fa:18:cd:14:38:a3:1b:08:
a0:14:e8:7c:99:67:e6:4c:16:90:d3:c4:f8:13:c4:
91:d3:64:3e:df:9b:a4:5b:e8:c0:4c:de:7e:0f:3c:
a3:ee:8d:8c:ea:af:1b:cb:74:b8:8e:83:b3:08:66:
56:c9:2e:74:af:97:e6:3c:fc:20:c7:fe:77:a9:26:
b3:ac:e2:19:1f:d9:42:62:f3:b8:19:95:95:a3:89:
c1:2a:a7:36:f0:4c:e0:26:ae:18:b4:14:44:d3:98:
64:47:ab:8d:30:bd:ae:e8:4b:3b:7a:f8:0b:57:3e:
ba:dd:70:e4:b4:5c:bb:94:5a:6d:a6:d1:42:4e:1a:
bb:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:5E:FB:8E:10:81:0F:4F:4F:E1:EF:56:70:F4:C3:E3:53:CD:66:51
X509v3 Authority Key Identifier:
keyid:45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/6753C1267E4311EF8FF42873C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.134.249.0/24
Signature Algorithm: sha256WithRSAEncryption
78:01:09:69:98:40:4f:69:98:f2:ee:0c:4e:34:8f:22:c9:a5:
89:98:23:eb:e3:e8:bb:a1:58:1d:6a:d5:19:de:86:3c:52:b5:
2f:0c:f1:f3:0c:ea:85:e4:09:66:9a:b0:2e:c0:8e:bd:1a:70:
77:b7:83:f4:2c:ff:cf:4a:7a:aa:13:ae:33:33:8f:21:36:99:
26:ed:11:d7:9d:1b:0f:fe:f1:47:e3:27:dc:1e:f7:a9:74:ee:
a9:56:52:e5:b2:ed:c8:a5:58:60:eb:ae:ef:6e:3a:ab:0e:4c:
47:ac:2b:db:e4:30:ff:6e:4c:21:18:86:4a:73:6a:59:60:d8:
c0:0d:28:ec:91:16:4c:ab:3f:a9:1f:ea:bc:ca:f7:b3:12:d4:
4e:83:d7:26:7e:ac:1b:59:f2:a2:de:7d:6c:ce:4d:6d:b3:fe:
5d:ea:01:b2:52:a3:da:80:4e:16:dd:1d:8e:cd:cf:59:16:3d:
f1:07:8b:4c:c9:15:10:c8:98:a9:20:c5:4b:bd:99:40:9d:b4:
89:f8:07:67:c3:96:75:b4:d9:81:5b:0b:9a:89:e4:33:21:b0:
10:9b:8b:83:91:d9:ba:21:76:86:9b:11:a4:5c:b6:b7:06:80:
ae:61:05:bc:a1:fe:6d:4b:57:ee:ed:f6:28:af:9a:84:75:61:
93:e1:42:43
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzY1NTAxMTAvBgNVBAUTKDQ1NkVFQTA2OTJDNkE0RjI2RjUzRDJEMjM3RDFDQjRE
Q0Q3ODMzMDUwHhcNMjQwOTI5MDkxNTQzWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY5MWFiZi0xZmNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8OIUZAPWiYq+4Dly21aXHZn9k8RUbrMsOpA9DHNO+/ziKXQOHyFF+s7jbacr
imaIfh5X9hdpNkGnNcmZOzNin72o5AwvPogjVr3db7FCT60JYrXzibPDWvCsQfTL
soU3bI/MsH8q5j5qirQsJIcgMBrFyogAixbnLbYKz/jk+hjNFDijGwigFOh8mWfm
TBaQ08T4E8SR02Q+35ukW+jATN5+Dzyj7o2M6q8by3S4joOzCGZWyS50r5fmPPwg
x/53qSazrOIZH9lCYvO4GZWVo4nBKqc28EzgJq4YtBRE05hkR6uNML2u6Es7evgL
Vz663XDktFy7lFptptFCThq77QIDAQABo4IClTCCApEwHQYDVR0OBBYEFLNe+44Q
gQ9PT+HvVnD0w+NTzWZRMB8GA1UdIwQYMBaAFEVu6gaSxqTyb1PS0jfRy03NeDMF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjU1MC84NDAwOTU0QUNF
QzQxMUVEOEE4M0ZCMTFDNEY5QUUwMi9SVzdxQnBMR3BQSnZVOUxTTjlITFRjMTRN
d1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JXN3FCcExHcFBKdlU5TFNOOUhMVGMxNE13VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzY1NTAvODQwMDk1NEFDRUM0MTFFRDhBODNGQjExQzRGOUFFMDIvNjc1M0MxMjY3
RTQzMTFFRjhGRjQyODczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKhvkwDQYJKoZIhvcNAQELBQADggEBAHgBCWmYQE9pmPLu
DE40jyLJpYmYI+vj6LuhWB1q1RnehjxStS8M8fMM6oXkCWaasC7Ajr0acHe3g/Qs
/89KeqoTrjMzjyE2mSbtEdedGw/+8UfjJ9we96l07qlWUuWy7cilWGDrru9uOqsO
TEesK9vkMP9uTCEYhkpzallg2MANKOyRFkyrP6kf6rzK97MS1E6D1yZ+rBtZ8qLe
fWzOTW2z/l3qAbJSo9qAThbdHY7Nz1kWPfEHi0zJFRDImKkgxUu9mUCdtIn4B2fD
lnW02YFbC5qJ5DMhsBCbi4OR2bohdoabEaRctrcGgK5hBbyh/m1LV+7t9iivmoR1
YZPhQkM=
-----END CERTIFICATE-----
Generated at Tue Oct 1 05:45:27 2024 by rpki-client on console-fra.rpki-client.org