Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/7B8DCA22D53F11EE98B61A0EC4F9AE02.roa
File: 7B8DCA22D53F11EE98B61A0EC4F9AE02.roa (raw, json)
Hash identifier: uzExXZb8+41pH95Kl6NGHlaPw4OBwghc+c00rpDfBhw=
Subject key identifier: D0:1E:E3:A0:54:BB:66:16:AE:BC:9A:C6:1C:5A:77:26:62:49:68:8D
Certificate issuer: /CN=A91E91BC/serialNumber=6D5D50E88B9D65E8AFDA28C2CEA6150127038608
Certificate serial: 0273
Authority key identifier: 6D:5D:50:E8:8B:9D:65:E8:AF:DA:28:C2:CE:A6:15:01:27:03:86:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bV1Q6IudZeiv2ijCzqYVAScDhgg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/7B8DCA22D53F11EE98B61A0EC4F9AE02.roa
Signing time: Wed 05 Jun 2024 04:31:45 +0000
ROA not before: Wed 05 Jun 2024 04:31:45 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 7545
IP address blocks: 202.12.87.0/24 maxlen: 24
202.12.88.0/24 maxlen: 24
202.12.90.0/24 maxlen: 24
203.0.12.0/24 maxlen: 24
203.0.13.0/24 maxlen: 24
203.3.124.0/22 maxlen: 22
203.4.226.0/24 maxlen: 24
203.14.152.0/24 maxlen: 24
203.14.154.0/24 maxlen: 24
203.14.155.0/24 maxlen: 24
203.14.156.0/23 maxlen: 23
203.14.158.0/23 maxlen: 23
203.27.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jul 2024 08:44:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 627 (0x273)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E91BC
Validity
Not Before: Jun 5 04:31:45 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=665fea31-8fbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:88:a9:78:dd:cb:a7:5e:2e:ec:60:af:13:78:
87:a7:9b:9a:ca:88:d9:35:3f:b2:3f:42:4b:4c:c7:
43:b6:80:f6:55:c8:81:b5:08:04:f4:82:e3:70:cf:
73:68:29:42:f4:07:c2:81:71:09:cc:28:df:44:8b:
c8:c9:d2:d3:96:a8:e4:26:20:ab:ab:af:10:67:b4:
95:fb:69:aa:ad:52:ca:09:a9:16:ff:3d:2f:b9:b2:
d0:83:57:75:5a:9b:ab:38:61:a6:2b:22:36:c8:a5:
cd:33:6c:f7:58:b1:57:d4:ef:38:26:2e:e5:52:2b:
e5:35:8c:95:bd:60:a4:54:12:5e:a1:06:7a:d6:7f:
87:d2:81:4f:21:bf:eb:6e:e4:e4:e3:2a:0c:50:58:
a4:e9:b8:d4:c4:94:54:20:49:35:b4:11:01:9e:fe:
2f:ab:ea:4b:36:30:c3:f0:ea:0e:13:e9:f0:81:d0:
7f:e8:0d:07:1f:3a:db:a4:fa:38:cb:5e:68:d0:2f:
db:d1:5b:61:cb:db:ec:9c:aa:51:94:cc:43:6c:d1:
1b:8d:5f:1c:79:76:c8:7b:0c:05:79:63:ba:ec:0f:
3f:1d:83:42:4e:ce:90:cf:14:81:f9:d9:fc:40:6d:
38:0b:d0:29:58:d0:d1:2e:e2:f8:01:06:d0:4b:f9:
32:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:1E:E3:A0:54:BB:66:16:AE:BC:9A:C6:1C:5A:77:26:62:49:68:8D
X509v3 Authority Key Identifier:
keyid:6D:5D:50:E8:8B:9D:65:E8:AF:DA:28:C2:CE:A6:15:01:27:03:86:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/bV1Q6IudZeiv2ijCzqYVAScDhgg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bV1Q6IudZeiv2ijCzqYVAScDhgg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/7B8DCA22D53F11EE98B61A0EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.12.87.0-202.12.88.255
202.12.90.0/24
203.0.12.0/23
203.3.124.0/22
203.4.226.0/24
203.14.152.0/24
203.14.154.0-203.14.159.255
203.27.126.0/24
Signature Algorithm: sha256WithRSAEncryption
35:7c:13:dc:4b:46:c6:16:bf:9c:a8:25:01:be:11:58:a2:78:
8d:de:31:47:ab:d0:41:b1:ae:37:b7:73:bf:27:0e:eb:77:a4:
b7:ec:bc:66:3c:61:24:4d:7a:0c:7b:75:39:a6:df:48:0d:f5:
89:c5:99:1b:2c:65:04:27:7e:83:77:5c:ff:c1:44:0c:61:57:
da:c8:ed:40:21:dd:cf:dc:6d:ef:85:aa:24:ad:fc:e3:e9:01:
d1:27:fa:22:a8:f4:d2:ec:38:77:13:b9:50:00:d7:fc:91:e8:
a0:93:66:61:23:c4:bb:ba:2d:04:e3:18:2d:26:69:94:a1:71:
b0:60:68:a4:8a:07:8b:6b:85:20:76:fb:8d:c5:bc:e2:f5:38:
1a:ee:91:60:10:d9:51:6f:2b:8d:c0:d5:88:1e:60:87:96:58:
46:af:30:6d:8d:62:61:43:3d:a7:90:9a:eb:f2:54:51:ae:3f:
76:dd:d5:15:58:9a:1b:4a:f2:ad:fc:e7:cd:a2:65:aa:23:f9:
1e:8a:de:3d:a8:c9:0f:59:34:ca:a4:b5:35:40:71:37:36:17:
80:6a:5e:b2:4c:9c:ea:9a:f3:8c:41:d6:90:23:fc:48:e1:98:
c1:5f:1d:60:74:17:bb:06:a0:60:af:82:f7:22:60:9c:c1:3f:
0d:22:8a:e7
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICAnMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTkxQkMxMTAvBgNVBAUTKDZENUQ1MEU4OEI5RDY1RThBRkRBMjhDMkNFQTYxNTAx
MjcwMzg2MDgwHhcNMjQwNjA1MDQzMTQ1WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVmZWEzMS04ZmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv4ipeN3Lp14u7GCvE3iHp5uayojZNT+yP0JLTMdDtoD2VciBtQgE9ILjcM9z
aClC9AfCgXEJzCjfRIvIydLTlqjkJiCrq68QZ7SV+2mqrVLKCakW/z0vubLQg1d1
WpurOGGmKyI2yKXNM2z3WLFX1O84Ji7lUivlNYyVvWCkVBJeoQZ61n+H0oFPIb/r
buTk4yoMUFik6bjUxJRUIEk1tBEBnv4vq+pLNjDD8OoOE+nwgdB/6A0HHzrbpPo4
y15o0C/b0Vthy9vsnKpRlMxDbNEbjV8ceXbIewwFeWO67A8/HYNCTs6QzxSB+dn8
QG04C9ApWNDRLuL4AQbQS/kylwIDAQABo4ICzzCCAsswHQYDVR0OBBYEFNAe46BU
u2YWrryaxhxadyZiSWiNMB8GA1UdIwQYMBaAFG1dUOiLnWXor9oows6mFQEnA4YI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTFCQy9BRTQ0RDI0QURC
RTkxMUVDOTUxMTA1MTVDNEY5QUUwMi9iVjFRNkl1ZFplaXYyaWpDenFZVkFTY0Ro
Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JWMVE2SXVkWmVpdjJpakN6cVlWQVNjRGhnZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTkxQkMvQUU0NEQyNEFEQkU5MTFFQzk1MTEwNTE1QzRGOUFFMDIvN0I4RENBMjJE
NTNGMTFFRTk4QjYxQTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMEYEAgABMEAwDAMEAMoMVwMEAMoMWAMEAMoMWgMEAcsADAMEAssDfAMEAMsE
4gMEAMsOmDAMAwQByw6aAwQFyw6AAwQAyxt+MA0GCSqGSIb3DQEBCwUAA4IBAQA1
fBPcS0bGFr+cqCUBvhFYoniN3jFHq9BBsa43t3O/Jw7rd6S37LxmPGEkTXoMe3U5
pt9IDfWJxZkbLGUEJ36Dd1z/wUQMYVfayO1AId3P3G3vhaokrfzj6QHRJ/oiqPTS
7Dh3E7lQANf8keigk2ZhI8S7ui0E4xgtJmmUoXGwYGikigeLa4UgdvuNxbzi9Tga
7pFgENlRbyuNwNWIHmCHllhGrzBtjWJhQz2nkJrr8lRRrj923dUVWJobSvKt/OfN
omWqI/keit49qMkPWTTKpLU1QHE3NheAal6yTJzqmvOMQdaQI/xI4ZjBXx1gdBe7
BqBgr4L3ImCcwT8NIorn
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:43 2025 by rpki-client