Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3834/8BC2EDB03A4111EB83B57F14C4F9AE02/C7DC98823AFA11EBB1D9CD42C4F9AE02.roa
File: C7DC98823AFA11EBB1D9CD42C4F9AE02.roa (raw, json)
Hash identifier: +fnmxsEukWZRwb7kOVgO+lKJvaYvky68tzBrdUyumtI=
Subject key identifier: 6B:4F:24:DD:8C:2F:42:5A:E4:06:33:50:50:41:FC:A9:53:2C:20:76
Certificate issuer: /CN=A91D3834/serialNumber=1A0D0BFA191911F855B5BABDFA03B9C07FDD2282
Certificate serial: 06CD
Authority key identifier: 1A:0D:0B:FA:19:19:11:F8:55:B5:BA:BD:FA:03:B9:C0:7F:DD:22:82
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gg0L-hkZEfhVtbq9-gO5wH_dIoI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D3834/8BC2EDB03A4111EB83B57F14C4F9AE02/C7DC98823AFA11EBB1D9CD42C4F9AE02.roa
Signing time: Thu 21 Nov 2024 07:19:01 +0000
ROA not before: Thu 21 Nov 2024 07:19:01 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 24323
IP address blocks: 45.64.132.0/22 maxlen: 24
103.4.64.0/22 maxlen: 22
103.4.64.0/24 maxlen: 24
103.4.65.0/24 maxlen: 24
103.4.66.0/24 maxlen: 24
103.4.67.0/24 maxlen: 24
182.160.96.0/19 maxlen: 24
202.74.240.0/21 maxlen: 24
203.202.240.0/20 maxlen: 24
2401:c000::/32 maxlen: 32
2401:c000::/48 maxlen: 48
2401:c000:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 21 Nov 2024 09:25:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1741 (0x6cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D3834/serialNumber=1A0D0BFA191911F855B5BABDFA03B9C07FDD2282
Validity
Not Before: Nov 21 07:19:01 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=673edee5-df53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:72:20:b5:b9:fe:69:09:8a:3c:50:4c:10:53:
6a:1e:dd:49:3c:79:99:b4:5c:36:20:41:3d:f5:90:
df:2e:60:c2:22:9b:15:59:ad:bb:82:81:d0:c9:be:
68:d4:7e:e3:f2:5b:f4:0e:a4:2c:3f:cf:c7:a7:7f:
08:9d:e0:68:aa:47:b2:1d:3c:88:ad:26:f6:52:73:
a0:8f:17:86:0f:ea:28:7b:b1:1c:a4:03:2a:39:f9:
95:32:14:3a:e7:5c:f2:5e:81:9d:1c:cb:a7:b1:6e:
8f:8a:50:4a:27:7a:c9:77:d9:b1:51:0a:c4:be:e9:
3e:c5:a3:9e:00:0b:4e:4e:44:4b:43:1c:d5:88:d4:
af:c1:d1:7f:8d:66:23:94:a9:17:f2:20:ab:2b:a5:
27:58:42:d8:ab:70:1c:fa:6f:86:14:7a:f6:3f:d5:
d1:32:ec:73:1d:ea:64:93:7a:99:10:45:60:95:12:
22:a2:96:b5:5d:7b:8b:2e:92:03:f5:30:83:c1:c5:
d5:2a:77:80:7d:54:04:95:81:31:0d:78:19:c3:ac:
56:3f:5f:87:b3:30:ab:02:65:55:1b:15:8f:79:f7:
2e:55:55:bf:8f:f1:b8:bd:95:2e:85:9b:7e:3e:47:
a9:19:6c:cf:d5:8c:0e:be:fa:9e:88:f0:f6:95:5a:
52:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:4F:24:DD:8C:2F:42:5A:E4:06:33:50:50:41:FC:A9:53:2C:20:76
X509v3 Authority Key Identifier:
keyid:1A:0D:0B:FA:19:19:11:F8:55:B5:BA:BD:FA:03:B9:C0:7F:DD:22:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D3834/8BC2EDB03A4111EB83B57F14C4F9AE02/Gg0L-hkZEfhVtbq9-gO5wH_dIoI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gg0L-hkZEfhVtbq9-gO5wH_dIoI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3834/8BC2EDB03A4111EB83B57F14C4F9AE02/C7DC98823AFA11EBB1D9CD42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.132.0/22
103.4.64.0/22
182.160.96.0/19
202.74.240.0/21
203.202.240.0/20
IPv6:
2401:c000::/32
Signature Algorithm: sha256WithRSAEncryption
ce:3e:f4:fb:68:34:55:eb:d2:41:0b:f1:ff:37:28:1c:b8:b7:
80:1d:9e:01:94:0b:d4:e3:24:0c:95:d8:59:a4:80:5f:e3:c3:
7d:d0:86:64:15:0f:2d:ae:fa:1c:9e:aa:45:ab:44:d6:96:41:
3e:ff:4b:c6:77:80:fe:38:86:ec:66:2e:58:ca:e4:1c:1a:22:
2e:d7:b5:91:94:96:fa:63:68:7e:53:4d:9f:ab:1c:83:d0:be:
c8:49:f0:a1:2e:ee:58:8c:ef:81:c4:1e:91:e5:f0:51:f4:3d:
5f:87:50:c8:21:5a:43:e6:27:78:b1:22:65:5d:01:70:05:3b:
03:0a:ad:9e:ce:9e:70:55:42:e4:3d:6c:5b:36:2a:e6:f8:08:
24:5d:1e:b2:9c:df:92:0b:fb:1d:e0:56:74:0e:0c:71:0f:da:
a0:f0:c5:c6:4f:9d:4b:a9:cd:e7:ab:72:80:81:3e:8b:61:81:
6a:68:23:11:18:17:c4:06:77:a0:86:b0:a2:b3:12:fa:8b:29:
e0:9b:7a:c3:70:fa:77:6d:b4:ff:67:a9:e2:12:fb:f3:41:05:
54:a6:75:1b:c0:7c:bc:36:4b:a2:35:6f:05:84:8f:c7:23:87:
9e:b2:51:6e:d4:ef:2b:4e:1d:9a:4e:1a:7c:ba:8f:54:e5:59:
c0:1f:e0:d3
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICBs0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM4MzQxMTAvBgNVBAUTKDFBMEQwQkZBMTkxOTExRjg1NUI1QkFCREZBMDNCOUMw
N0ZERDIyODIwHhcNMjQxMTIxMDcxOTAxWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNlZGVlNS1kZjUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyXIgtbn+aQmKPFBMEFNqHt1JPHmZtFw2IEE99ZDfLmDCIpsVWa27goHQyb5o
1H7j8lv0DqQsP8/Hp38IneBoqkeyHTyIrSb2UnOgjxeGD+ooe7EcpAMqOfmVMhQ6
51zyXoGdHMunsW6PilBKJ3rJd9mxUQrEvuk+xaOeAAtOTkRLQxzViNSvwdF/jWYj
lKkX8iCrK6UnWELYq3Ac+m+GFHr2P9XRMuxzHepkk3qZEEVglRIiopa1XXuLLpID
9TCDwcXVKneAfVQElYExDXgZw6xWP1+HszCrAmVVGxWPefcuVVW/j/G4vZUuhZt+
PkepGWzP1YwOvvqeiPD2lVpSzQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFGtPJN2M
L0Ja5AYzUFBB/KlTLCB2MB8GA1UdIwQYMBaAFBoNC/oZGRH4VbW6vfoDucB/3SKC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzgzNC84QkMyRURCMDNB
NDExMUVCODNCNTdGMTRDNEY5QUUwMi9HZzBMLWhrWkVmaFZ0YnE5LWdPNXdIX2RJ
b0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dnMEwtaGtaRWZoVnRicTktZ081d0hfZElvSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM4MzQvOEJDMkVEQjAzQTQxMTFFQjgzQjU3RjE0QzRGOUFFMDIvQzdEQzk4ODIz
QUZBMTFFQkIxRDlDRDQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAItQIQDBAJnBEADBAW2oGADBAPKSvADBATLyvAwDQQCAAIw
BwMFACQBwAAwDQYJKoZIhvcNAQELBQADggEBAM4+9PtoNFXr0kEL8f83KBy4t4Ad
ngGUC9TjJAyV2FmkgF/jw33QhmQVDy2u+hyeqkWrRNaWQT7/S8Z3gP44huxmLljK
5BwaIi7XtZGUlvpjaH5TTZ+rHIPQvshJ8KEu7liM74HEHpHl8FH0PV+HUMghWkPm
J3ixImVdAXAFOwMKrZ7OnnBVQuQ9bFs2Kub4CCRdHrKc35IL+x3gVnQODHEP2qDw
xcZPnUupzeercoCBPothgWpoIxEYF8QGd6CGsKKzEvqLKeCbesNw+ndttP9nqeIS
+/NBBVSmdRvAfLw2S6I1bwWEj8cjh56yUW7U7ytOHZpOGny6j1TlWcAf4NM=
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:18:59 2024 by rpki-client on console-ams.rpki-client.org