Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/401D13E889AA11EE970FD928C4F9AE02.roa
File: 401D13E889AA11EE970FD928C4F9AE02.roa (raw, json)
Hash identifier: QCVXX0znCUVj5ccZDwBoWZuw+7C5W2pL31YPsFicxu0=
Subject key identifier: 71:51:61:81:36:01:E5:26:5D:06:E7:51:6D:A7:4E:06:CC:8E:A2:D1
Certificate issuer: /CN=A91C9D76/serialNumber=1E5A6321B11AA0846FA89BF139BCECDBAD38BE37
Certificate serial: 33D5
Authority key identifier: 1E:5A:63:21:B1:1A:A0:84:6F:A8:9B:F1:39:BC:EC:DB:AD:38:BE:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlpjIbEaoIRvqJvxObzs2604vjc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/401D13E889AA11EE970FD928C4F9AE02.roa
Signing time: Thu 23 Nov 2023 02:44:41 +0000
ROA not before: Thu 23 Nov 2023 02:44:41 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 198949
IP address blocks: 45.119.92.0/24 maxlen: 24
45.119.93.0/24 maxlen: 24
45.119.94.0/24 maxlen: 24
45.119.95.0/24 maxlen: 24
45.127.0.0/24 maxlen: 24
45.127.1.0/24 maxlen: 24
45.127.2.0/24 maxlen: 24
45.127.3.0/24 maxlen: 24
202.128.224.0/24 maxlen: 24
202.128.225.0/24 maxlen: 24
202.128.227.0/24 maxlen: 24
202.128.228.0/24 maxlen: 24
202.128.229.0/24 maxlen: 24
202.128.230.0/24 maxlen: 24
202.128.231.0/24 maxlen: 24
202.128.234.0/24 maxlen: 24
202.128.235.0/24 maxlen: 24
202.128.236.0/24 maxlen: 24
202.128.237.0/24 maxlen: 24
202.128.238.0/24 maxlen: 24
202.128.239.0/24 maxlen: 24
202.128.240.0/24 maxlen: 24
202.128.241.0/24 maxlen: 24
202.128.242.0/24 maxlen: 24
202.128.243.0/24 maxlen: 24
202.128.244.0/24 maxlen: 24
202.128.245.0/24 maxlen: 24
202.128.246.0/24 maxlen: 24
202.128.247.0/24 maxlen: 24
202.128.248.0/24 maxlen: 24
202.128.249.0/24 maxlen: 24
202.128.250.0/24 maxlen: 24
202.128.251.0/24 maxlen: 24
202.128.252.0/24 maxlen: 24
202.128.253.0/24 maxlen: 24
202.128.254.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13269 (0x33d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9D76/serialNumber=1E5A6321B11AA0846FA89BF139BCECDBAD38BE37
Validity
Not Before: Nov 23 02:44:41 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=655ebc99-882f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f7:89:70:b4:fe:46:6d:58:9c:cd:59:f0:c8:
ec:b2:4a:df:11:29:e1:3e:e3:2a:f6:83:85:76:87:
48:5a:d3:16:ac:9d:98:38:c3:47:9e:0f:40:75:fa:
75:40:bb:2e:50:c3:ac:86:25:38:18:35:87:ee:40:
9b:7c:6b:1c:2f:ab:43:73:44:83:eb:08:35:11:01:
ac:b6:cd:95:ca:65:eb:f2:f0:4a:19:36:8d:c2:dd:
48:68:8c:eb:57:dd:69:50:36:c2:e8:16:dc:b0:ca:
9a:2b:ac:80:59:23:fa:6b:c3:57:72:c0:6c:db:01:
e4:c3:13:e7:12:e9:5d:97:af:83:21:ce:a3:5f:ee:
c4:33:ca:39:71:c0:66:a4:85:2c:86:a1:b7:81:f5:
62:83:26:74:fa:ac:a5:4a:5b:f9:74:f2:7f:81:07:
f6:87:51:77:47:6e:a7:ba:d2:fb:c8:24:0b:55:c3:
9e:ab:dc:bd:26:db:c2:50:ae:2c:7a:f3:fc:c9:da:
a8:79:99:3b:5e:fc:92:e2:87:37:39:35:61:55:a6:
2c:44:45:33:0a:26:21:a4:cc:d8:4e:98:5e:c9:7f:
ee:99:30:ff:b3:6c:8c:93:65:04:88:7b:d2:0c:a0:
a5:db:8f:c5:ea:2a:38:e0:83:7f:a2:16:fc:ee:15:
53:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:51:61:81:36:01:E5:26:5D:06:E7:51:6D:A7:4E:06:CC:8E:A2:D1
X509v3 Authority Key Identifier:
keyid:1E:5A:63:21:B1:1A:A0:84:6F:A8:9B:F1:39:BC:EC:DB:AD:38:BE:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/HlpjIbEaoIRvqJvxObzs2604vjc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlpjIbEaoIRvqJvxObzs2604vjc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/401D13E889AA11EE970FD928C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.119.92.0/22
45.127.0.0/22
202.128.224.0/23
202.128.227.0-202.128.231.255
202.128.234.0-202.128.254.255
Signature Algorithm: sha256WithRSAEncryption
5b:f2:e0:9e:15:62:6f:e6:87:35:63:f7:3d:c2:37:77:50:3e:
a0:e2:bf:30:48:bc:f6:53:c7:3c:09:75:3e:9c:9e:41:0e:48:
81:8b:97:cb:34:dc:69:dd:a3:4a:dd:83:82:e9:9a:27:b1:9b:
84:04:71:3a:4b:cc:2a:18:0b:eb:40:c3:b6:36:84:a5:9b:21:
53:ab:68:39:a1:22:a4:aa:1d:97:c8:25:02:6d:7d:c0:06:9f:
88:de:a5:ec:b8:d8:ba:aa:f1:ac:95:60:f3:3d:99:0f:80:80:
ce:b5:0d:7f:b5:af:20:ac:46:95:fe:3c:0d:f2:88:f4:8b:0a:
83:58:ab:6b:be:d3:2f:d0:39:4a:ff:d1:1d:f0:64:74:3f:fb:
e6:13:48:ab:a5:66:b4:92:2c:48:8a:a7:49:1e:b2:fe:c3:12:
0a:be:3d:46:dd:c1:e8:44:21:e6:db:eb:8c:b4:12:3f:95:53:
0d:ee:03:f1:45:88:31:b9:d7:23:4a:61:ea:fc:31:45:b4:8c:
b9:7a:ab:e2:53:07:3a:34:95:34:ad:1e:f0:5b:b6:45:3c:db:
35:21:d1:7e:25:fe:a3:62:d9:28:6f:32:5e:05:4c:d5:2f:70:
9f:8f:b7:69:56:cd:b5:fe:95:c1:90:23:2f:20:25:b0:e3:18:
b2:1e:8d:56
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICM9UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzlENzYxMTAvBgNVBAUTKDFFNUE2MzIxQjExQUEwODQ2RkE4OUJGMTM5QkNFQ0RC
QUQzOEJFMzcwHhcNMjMxMTIzMDI0NDQxWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVlYmM5OS04ODJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyPeJcLT+Rm1YnM1Z8MjsskrfESnhPuMq9oOFdodIWtMWrJ2YOMNHng9Adfp1
QLsuUMOshiU4GDWH7kCbfGscL6tDc0SD6wg1EQGsts2VymXr8vBKGTaNwt1IaIzr
V91pUDbC6BbcsMqaK6yAWSP6a8NXcsBs2wHkwxPnEuldl6+DIc6jX+7EM8o5ccBm
pIUshqG3gfVigyZ0+qylSlv5dPJ/gQf2h1F3R26nutL7yCQLVcOeq9y9JtvCUK4s
evP8ydqoeZk7XvyS4oc3OTVhVaYsREUzCiYhpMzYTpheyX/umTD/s2yMk2UEiHvS
DKCl24/F6io44IN/ohb87hVTYwIDAQABo4ICvTCCArkwHQYDVR0OBBYEFHFRYYE2
AeUmXQbnUW2nTgbMjqLRMB8GA1UdIwQYMBaAFB5aYyGxGqCEb6ib8Tm87NutOL43
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUQ3Ni82Mjg3QTExNDFE
NjkxMUUyODhBQkE5QTYwOEIwMkNEMi9IbHBqSWJFYW9JUnZxSnZ4T2J6czI2MDR2
amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hscGpJYkVhb0lSdnFKdnhPYnpzMjYwNHZqYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzlENzYvNjI4N0ExMTQxRDY5MTFFMjg4QUJBOUE2MDhCMDJDRDIvNDAxRDEzRTg4
OUFBMTFFRTk3MEZEOTI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MDQEAgABMC4DBAItd1wDBAItfwADBAHKgOAwDAMEAMqA4wMEA8qA4DAMAwQB
yoDqAwQAyoD+MA0GCSqGSIb3DQEBCwUAA4IBAQBb8uCeFWJv5oc1Y/c9wjd3UD6g
4r8wSLz2U8c8CXU+nJ5BDkiBi5fLNNxp3aNK3YOC6ZonsZuEBHE6S8wqGAvrQMO2
NoSlmyFTq2g5oSKkqh2XyCUCbX3ABp+I3qXsuNi6qvGslWDzPZkPgIDOtQ1/ta8g
rEaV/jwN8oj0iwqDWKtrvtMv0DlK/9Ed8GR0P/vmE0irpWa0kixIiqdJHrL+wxIK
vj1G3cHoRCHm2+uMtBI/lVMN7gPxRYgxudcjSmHq/DFFtIy5eqviUwc6NJU0rR7w
W7ZFPNs1IdF+Jf6jYtkobzJeBUzVL3Cfj7dpVs21/pXBkCMvICWw4xiyHo1W
-----END CERTIFICATE-----
Generated at Thu Nov 23 04:16:40 2023 by rpki-client on console-fra.rpki-client.org