Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/8C752946504E11EE86EDFF4EC4F9AE02.roa
File: 8C752946504E11EE86EDFF4EC4F9AE02.roa (raw, json)
Hash identifier: t68Tyiz30MVPTPAMblsKNfeYRUwy5WShiYZ6U/iqNHY=
Subject key identifier: A3:EB:BA:AA:82:F4:A3:B8:78:D2:DD:32:89:EF:F0:88:33:52:6F:EA
Certificate issuer: /CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Certificate serial: 7E
Authority key identifier: 45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/8C752946504E11EE86EDFF4EC4F9AE02.roa
Signing time: Mon 11 Sep 2023 02:54:39 +0000
ROA not before: Mon 11 Sep 2023 02:54:39 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 202.134.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Sep 2023 11:49:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126 (0x7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Validity
Not Before: Sep 11 02:54:39 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64fe816f-6154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:92:45:52:06:91:65:11:07:44:8a:2a:3a:8b:
5d:92:e8:8e:69:5f:86:cb:08:86:43:88:f5:e9:ad:
b3:b4:0c:bf:16:6d:7b:dd:9c:d5:c4:73:dc:a7:a4:
24:17:e2:97:79:ad:c9:82:88:ea:2b:fb:45:41:ac:
58:b8:24:49:97:ed:a5:9e:af:9e:d8:38:b9:37:5b:
0b:56:d8:2f:39:87:84:af:dc:86:a6:ab:aa:f8:39:
3d:42:0b:51:ae:e9:7d:a1:81:89:84:a9:85:2e:9f:
a1:57:27:c3:d2:4c:b8:b1:71:e0:e7:1b:8f:8d:75:
09:fc:f9:52:91:f7:81:3f:8d:5e:cb:93:90:67:8f:
af:45:0d:ea:b3:c5:ce:f4:9a:d4:6b:b8:e4:0c:e1:
6f:5c:23:e2:3f:36:75:f9:ff:d9:a9:bb:82:21:9c:
0a:c2:81:31:a1:51:6d:2f:ae:dc:42:88:8b:f4:60:
06:1e:76:00:ea:83:48:25:fb:3c:d5:7f:29:f2:ea:
48:37:08:d6:b0:0b:5d:9f:cf:7c:ca:a9:d0:ee:ad:
5c:27:94:d1:5b:da:ab:39:96:48:42:41:f7:98:88:
4d:d8:e7:71:d0:a2:3c:0c:78:c0:29:a2:46:d1:38:
68:db:2c:6f:e0:76:b5:0f:fe:a9:cf:c0:48:d1:f7:
6e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:EB:BA:AA:82:F4:A3:B8:78:D2:DD:32:89:EF:F0:88:33:52:6F:EA
X509v3 Authority Key Identifier:
keyid:45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/8C752946504E11EE86EDFF4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.134.229.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:83:fe:26:12:18:2c:64:f8:e0:d1:c6:de:f6:28:59:60:76:
77:16:2c:1e:bb:b0:9a:a3:36:35:9f:06:75:84:4f:5a:26:17:
7a:41:32:97:29:40:5e:13:e7:86:83:9c:df:b9:82:37:13:f9:
88:d3:a9:90:a7:7d:5e:d1:8c:e2:62:33:b9:4a:ad:cd:a0:e5:
68:a0:a8:68:c6:10:15:b8:5d:1b:f7:58:46:36:3d:04:dd:7e:
9a:32:42:47:a1:14:9b:77:7d:46:ce:fe:b6:51:55:c6:80:57:
a1:a0:65:26:e6:39:b0:2f:db:a5:8c:ad:82:96:e4:ee:65:dc:
66:05:35:f0:f2:6d:ab:fd:c4:68:0d:6f:b3:05:42:c6:81:90:
2a:dc:8e:e9:8b:13:8c:3d:26:29:48:7b:ea:0c:fe:cc:a9:40:
d4:82:3b:9f:54:e2:c2:ae:a6:39:15:90:5b:57:d5:47:7f:a5:
0d:31:2e:b1:6d:28:49:15:63:ab:b4:9d:58:c2:ff:71:e4:60:
e9:40:39:bf:54:4e:ed:84:15:d2:f9:29:46:b8:a0:77:30:f1:
79:9b:9e:d2:a7:69:e7:be:47:97:e8:bc:04:53:4f:9d:ec:6d:
16:50:8c:cf:86:67:05:1b:ed:91:1e:69:d5:f0:c1:07:90:b3:
e2:7c:52:28
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBfjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
NjU1MDExMC8GA1UEBRMoNDU2RUVBMDY5MkM2QTRGMjZGNTNEMkQyMzdEMUNCNERD
RDc4MzMwNTAeFw0yMzA5MTEwMjU0MzlaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZmU4MTZmLTYxNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGkkVSBpFlEQdEiio6i12S6I5pX4bLCIZDiPXprbO0DL8WbXvdnNXEc9ynpCQX
4pd5rcmCiOor+0VBrFi4JEmX7aWer57YOLk3WwtW2C85h4Sv3Iamq6r4OT1CC1Gu
6X2hgYmEqYUun6FXJ8PSTLixceDnG4+NdQn8+VKR94E/jV7Lk5Bnj69FDeqzxc70
mtRruOQM4W9cI+I/NnX5/9mpu4IhnArCgTGhUW0vrtxCiIv0YAYedgDqg0gl+zzV
fyny6kg3CNawC12fz3zKqdDurVwnlNFb2qs5lkhCQfeYiE3Y53HQojwMeMApokbR
OGjbLG/gdrUP/qnPwEjR927XAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUo+u6qoL0
o7h40t0yie/wiDNSb+owHwYDVR0jBBgwFoAURW7qBpLGpPJvU9LSN9HLTc14MwUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM2NTUwLzg0MDA5NTRBQ0VD
NDExRUQ4QTgzRkIxMUM0RjlBRTAyL1JXN3FCcExHcFBKdlU5TFNOOUhMVGMxNE13
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUlc3cUJwTEdwUEp2VTlMU045SExUYzE0TXdVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NjU1MC84NDAwOTU0QUNFQzQxMUVEOEE4M0ZCMTFDNEY5QUUwMi84Qzc1Mjk0NjUw
NEUxMUVFODZFREZGNEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMqG5TANBgkqhkiG9w0BAQsFAAOCAQEAfIP+JhIYLGT44NHG
3vYoWWB2dxYsHruwmqM2NZ8GdYRPWiYXekEylylAXhPnhoOc37mCNxP5iNOpkKd9
XtGM4mIzuUqtzaDlaKCoaMYQFbhdG/dYRjY9BN1+mjJCR6EUm3d9Rs7+tlFVxoBX
oaBlJuY5sC/bpYytgpbk7mXcZgU18PJtq/3EaA1vswVCxoGQKtyO6YsTjD0mKUh7
6gz+zKlA1II7n1Tiwq6mORWQW1fVR3+lDTEusW0oSRVjq7SdWML/ceRg6UA5v1RO
7YQV0vkpRrigdzDxeZue0qdp575Hl+i8BFNPnextFlCMz4ZnBRvtkR5p1fDBB5Cz
4nxSKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org