Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/C30AEB000DE811EFB88BCD4AC4F9AE02.roa
File: C30AEB000DE811EFB88BCD4AC4F9AE02.roa (raw, json)
Hash identifier: 0BjMiDVMs4nvsMDBY+53Ve/jMWQSEG7DeFLtFWrtLLs=
Subject key identifier: A1:C3:13:74:44:85:7A:64:82:16:58:B6:E2:B0:E6:00:49:AC:B6:CB
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 05D9
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/C30AEB000DE811EFB88BCD4AC4F9AE02.roa
Signing time: Thu 09 May 2024 09:44:43 +0000
ROA not before: Thu 09 May 2024 09:44:43 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 64021
IP address blocks: 43.229.152.0/24 maxlen: 24
43.252.208.0/24 maxlen: 24
43.252.209.0/24 maxlen: 24
43.252.210.0/24 maxlen: 24
103.209.235.0/24 maxlen: 24
103.228.64.0/24 maxlen: 24
103.228.66.0/23 maxlen: 23
103.234.54.0/24 maxlen: 24
150.107.0.0/24 maxlen: 24
150.107.1.0/24 maxlen: 24
150.107.2.0/24 maxlen: 24
150.107.3.0/24 maxlen: 24
150.129.42.0/24 maxlen: 24
163.53.16.0/24 maxlen: 24
163.53.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 May 2024 09:05:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1497 (0x5d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: May 9 09:44:43 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=663c9b0b-50a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:21:59:c5:a7:84:c5:a4:c8:a1:7c:7a:c1:5a:
88:3b:23:cf:d2:f1:05:29:62:c7:33:87:ef:ec:31:
50:f3:b6:d6:8c:40:39:5c:0a:ba:04:bc:66:48:b8:
9d:3a:7f:0c:22:ca:94:86:ad:b2:9b:08:24:9c:5c:
29:f8:10:b1:38:e2:86:fd:a6:47:4d:6e:26:69:b9:
05:39:81:fb:69:35:4f:98:a3:a0:7e:2c:7d:32:87:
ea:5d:97:90:65:08:aa:3b:75:1e:7a:80:29:30:2c:
90:1a:81:61:e8:c3:f4:ba:8a:fc:e3:5d:d7:0d:61:
05:94:3d:6d:6f:23:b6:89:dc:14:37:5d:07:35:a5:
d9:82:9b:36:01:a8:8d:14:62:63:4e:92:dc:e6:8d:
14:76:3e:02:66:8a:ff:4f:8d:8b:42:b6:59:3f:14:
3a:12:f1:8c:16:e7:39:ec:79:c4:d5:4e:b8:38:82:
99:8a:bd:3f:e9:5b:83:35:60:b9:55:96:c1:19:3e:
0e:39:d9:e9:5b:64:bf:1f:51:b9:40:d0:e4:fb:30:
b5:9c:ae:c2:4d:d9:47:d7:00:e7:1b:f5:f5:7b:fe:
90:94:97:33:44:1d:a2:fd:68:c6:fb:ba:8c:83:9a:
3c:9b:8e:bf:de:61:8a:3a:33:4d:96:00:59:ab:37:
99:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C3:13:74:44:85:7A:64:82:16:58:B6:E2:B0:E6:00:49:AC:B6:CB
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/C30AEB000DE811EFB88BCD4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.152.0/24
43.252.208.0-43.252.210.255
103.209.235.0/24
103.228.64.0/24
103.228.66.0/23
103.234.54.0/24
150.107.0.0/22
150.129.42.0/24
163.53.16.0/24
163.53.19.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:e8:b3:0a:de:29:ba:f7:66:7d:72:38:11:bb:0e:3c:50:56:
d4:72:6e:30:e5:11:37:0f:ed:3d:cb:d5:fc:33:46:13:2e:81:
ca:6a:07:df:22:71:ba:e0:d8:24:37:f4:58:40:6f:15:07:9e:
9e:92:53:06:53:13:63:f8:e5:37:22:f9:e4:9c:48:91:44:fc:
d5:e2:7f:9a:3c:a6:d4:76:93:10:5e:cd:d9:09:5d:a3:3e:94:
7a:40:8f:49:10:00:dc:de:47:ed:0c:4d:ae:4d:f6:6d:18:0e:
9d:fe:ca:44:0a:55:0c:aa:76:81:b3:35:98:53:fe:eb:26:05:
7e:17:98:bb:54:88:a1:d3:f8:e2:6d:7b:8c:f3:5b:bd:f2:9a:
f9:b5:c9:34:3c:0b:f1:50:e3:c9:52:95:17:e4:3d:c9:b0:57:
7c:be:d1:fc:50:0a:c2:b1:91:7d:83:ba:bf:33:cc:25:d0:69:
30:c1:3c:05:8a:50:9c:36:97:64:04:d1:c7:da:8a:e1:01:47:
17:1b:ce:ef:a8:d1:8d:57:8e:7a:e6:e7:8c:aa:96:31:ca:42:
e7:2e:aa:89:6e:64:bd:93:70:f7:c6:15:69:15:36:77:1f:72:
4c:16:3a:ae:67:66:da:37:52:22:36:dc:74:57:ec:9e:81:1b:
14:d9:d6:17
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgICBdkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjQwNTA5MDk0NDQzWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNjOWIwYi01MGEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAliFZxaeExaTIoXx6wVqIOyPP0vEFKWLHM4fv7DFQ87bWjEA5XAq6BLxmSLid
On8MIsqUhq2ymwgknFwp+BCxOOKG/aZHTW4mabkFOYH7aTVPmKOgfix9MofqXZeQ
ZQiqO3UeeoApMCyQGoFh6MP0uor8413XDWEFlD1tbyO2idwUN10HNaXZgps2AaiN
FGJjTpLc5o0Udj4CZor/T42LQrZZPxQ6EvGMFuc57HnE1U64OIKZir0/6VuDNWC5
VZbBGT4OOdnpW2S/H1G5QNDk+zC1nK7CTdlH1wDnG/X1e/6QlJczRB2i/WjG+7qM
g5o8m46/3mGKOjNNlgBZqzeZlQIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFKHDE3RE
hXpkghZYtuKw5gBJrLbLMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvQzMwQUVCMDAw
REU4MTFFRkI4OEJDRDRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXQYIKwYBBQUHAQcBAf8E
TjBMMEoEAgABMEQDBAAr5ZgwDAMEBCv80AMEACv80gMEAGfR6wMEAGfkQAMEAWfk
QgMEAGfqNgMEApZrAAMEAJaBKgMEAKM1EAMEAKM1EzANBgkqhkiG9w0BAQsFAAOC
AQEAS+izCt4puvdmfXI4EbsOPFBW1HJuMOURNw/tPcvV/DNGEy6BymoH3yJxuuDY
JDf0WEBvFQeenpJTBlMTY/jlNyL55JxIkUT81eJ/mjym1HaTEF7N2Qldoz6UekCP
SRAA3N5H7QxNrk32bRgOnf7KRApVDKp2gbM1mFP+6yYFfheYu1SIodP44m17jPNb
vfKa+bXJNDwL8VDjyVKVF+Q9ybBXfL7R/FAKwrGRfYO6vzPMJdBpMME8BYpQnDaX
ZATRx9qK4QFHFxvO76jRjVeOeubnjKqWMcpC5y6qiW5kvZNw98YVaRU2dx9yTBY6
rmdm2jdSIjbcdFfsnoEbFNnWFw==
-----END CERTIFICATE-----
Generated at Tue May 14 13:24:38 2024 by rpki-client on console-fra.rpki-client.org