Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91237A2/49E6E3D6933C11EEB4210F29C4F9AE02/C72DB368940611EE9FC25630C4F9AE02.roa
File: C72DB368940611EE9FC25630C4F9AE02.roa (raw, json)
Hash identifier: ntG7PtwGlfsGsqgkhXuc3k5LRGZvSKq0Da/76NdrvOo=
Subject key identifier: D2:86:1E:26:A8:65:8E:13:DC:AC:75:41:06:18:A7:16:2C:8A:0C:00
Certificate issuer: /CN=A91237A2/serialNumber=4382F9AA3016FCBF31F924CF132E95BF92709ADD
Certificate serial: 03
Authority key identifier: 43:82:F9:AA:30:16:FC:BF:31:F9:24:CF:13:2E:95:BF:92:70:9A:DD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q4L5qjAW_L8x-STPEy6Vv5Jwmt0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91237A2/49E6E3D6933C11EEB4210F29C4F9AE02/C72DB368940611EE9FC25630C4F9AE02.roa
Signing time: Wed 06 Dec 2023 07:12:13 +0000
ROA not before: Wed 06 Dec 2023 07:12:13 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 18229
IP address blocks: 43.248.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Dec 2023 07:59:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91237A2/serialNumber=4382F9AA3016FCBF31F924CF132E95BF92709ADD
Validity
Not Before: Dec 6 07:12:13 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=65701ecd-705d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c4:85:97:a5:62:c2:4a:04:cd:11:63:ec:52:
57:00:c1:77:0e:85:b9:9c:01:03:ac:8f:a3:87:22:
c2:64:a1:f6:4f:54:4e:d8:82:9c:ae:be:55:93:d6:
ba:9d:88:39:13:ed:ab:a3:d6:ac:ae:69:42:cb:98:
ad:27:5a:2b:83:e3:51:88:43:6c:91:e7:e5:dc:fe:
e0:b8:42:1b:16:17:65:41:b6:c3:68:8a:4c:27:f8:
e8:7c:64:6d:76:e2:ea:2d:46:98:5c:66:6d:e6:f9:
42:cd:df:3e:72:d8:79:e5:a3:34:32:49:b1:82:f8:
07:06:19:d0:91:96:69:33:30:b8:ff:de:22:eb:da:
65:2b:75:c1:e5:e8:69:ff:53:bd:8a:63:51:5b:7f:
79:3d:c0:68:f9:69:5b:67:d3:0a:a8:c3:04:b9:0b:
af:b4:16:72:6b:f5:73:b8:2b:15:d4:03:54:b3:a1:
9b:4c:7c:86:03:8d:ff:27:8b:77:04:c1:e6:3e:0c:
48:97:08:7c:7a:3a:f1:69:58:55:24:9c:23:f6:5d:
31:e1:09:fa:eb:4a:cc:c7:ea:45:d5:52:32:a9:78:
fa:da:40:f8:cc:47:3f:79:49:5c:0b:94:b2:d7:b1:
47:34:2b:a2:f9:9e:00:14:23:6e:59:7d:8d:70:07:
5a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:86:1E:26:A8:65:8E:13:DC:AC:75:41:06:18:A7:16:2C:8A:0C:00
X509v3 Authority Key Identifier:
keyid:43:82:F9:AA:30:16:FC:BF:31:F9:24:CF:13:2E:95:BF:92:70:9A:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91237A2/49E6E3D6933C11EEB4210F29C4F9AE02/Q4L5qjAW_L8x-STPEy6Vv5Jwmt0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q4L5qjAW_L8x-STPEy6Vv5Jwmt0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91237A2/49E6E3D6933C11EEB4210F29C4F9AE02/C72DB368940611EE9FC25630C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.56.0/24
Signature Algorithm: sha256WithRSAEncryption
91:80:6e:7d:62:4f:72:b3:c7:85:84:50:c8:16:f9:f1:e9:a9:
cd:88:f8:8d:ba:7f:05:71:9d:64:1e:89:61:44:cf:3a:ff:9e:
85:2a:eb:ab:fc:18:15:96:6d:59:5c:fa:60:dd:74:8f:df:3c:
73:a4:f5:de:0b:4c:d2:c2:eb:66:67:80:6e:39:76:53:62:a8:
23:b2:e4:79:65:d1:32:a5:26:01:c0:95:b5:81:0f:b9:5c:e9:
90:af:29:c5:3b:99:24:d4:5b:cb:4d:97:88:8f:86:88:d0:f7:
28:6a:7c:f2:74:ac:45:3c:e7:a5:14:a1:0c:e5:5a:8e:57:95:
20:14:74:52:59:ec:1e:32:04:98:60:a8:64:bc:94:35:cb:02:
32:05:90:a3:bd:12:01:04:26:3e:74:04:63:5c:41:57:1e:02:
14:f9:7c:ca:52:d7:94:95:ce:48:4f:dc:27:b9:23:a1:9b:66:
54:35:0f:37:3f:43:d3:ca:a8:49:f7:f7:5d:3b:bb:cd:75:d7:
e5:6a:49:ce:47:70:f7:d9:b2:eb:3c:ef:13:e8:dd:ec:d4:0a:
e3:9c:ad:3c:7d:ed:15:c1:ea:9b:4b:42:e1:ea:43:59:02:83:
1f:de:3a:8e:6d:13:09:24:7a:27:1e:3a:43:9a:91:ea:59:54:
5e:e7:7f:1d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
MzdBMjExMC8GA1UEBRMoNDM4MkY5QUEzMDE2RkNCRjMxRjkyNENGMTMyRTk1QkY5
MjcwOUFERDAeFw0yMzEyMDYwNzEyMTNaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NzAxZWNkLTcwNWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLxIWXpWLCSgTNEWPsUlcAwXcOhbmcAQOsj6OHIsJkofZPVE7YgpyuvlWT1rqd
iDkT7auj1qyuaULLmK0nWiuD41GIQ2yR5+Xc/uC4QhsWF2VBtsNoikwn+Oh8ZG12
4uotRphcZm3m+ULN3z5y2HnlozQySbGC+AcGGdCRlmkzMLj/3iLr2mUrdcHl6Gn/
U72KY1Fbf3k9wGj5aVtn0wqowwS5C6+0FnJr9XO4KxXUA1SzoZtMfIYDjf8ni3cE
weY+DEiXCHx6OvFpWFUknCP2XTHhCfrrSszH6kXVUjKpePraQPjMRz95SVwLlLLX
sUc0K6L5ngAUI25ZfY1wB1rZAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU0oYeJqhl
jhPcrHVBBhinFiyKDAAwHwYDVR0jBBgwFoAUQ4L5qjAW/L8x+STPEy6Vv5Jwmt0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIzN0EyLzQ5RTZFM0Q2OTMz
QzExRUVCNDIxMEYyOUM0RjlBRTAyL1E0TDVxakFXX0w4eC1TVFBFeTZWdjVKd210
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUTRMNXFqQVdfTDh4LVNUUEV5NlZ2NUp3bXQwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
MzdBMi80OUU2RTNENjkzM0MxMUVFQjQyMTBGMjlDNEY5QUUwMi9DNzJEQjM2ODk0
MDYxMUVFOUZDMjU2MzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEACv4ODANBgkqhkiG9w0BAQsFAAOCAQEAkYBufWJPcrPHhYRQ
yBb58empzYj4jbp/BXGdZB6JYUTPOv+ehSrrq/wYFZZtWVz6YN10j988c6T13gtM
0sLrZmeAbjl2U2KoI7LkeWXRMqUmAcCVtYEPuVzpkK8pxTuZJNRby02XiI+GiND3
KGp88nSsRTznpRShDOVajleVIBR0UlnsHjIEmGCoZLyUNcsCMgWQo70SAQQmPnQE
Y1xBVx4CFPl8ylLXlJXOSE/cJ7kjoZtmVDUPNz9D08qoSff3XTu7zXXX5WpJzkdw
99my6zzvE+jd7NQK45ytPH3tFcHqm0tC4epDWQKDH946jm0TCSR6Jx46Q5qR6llU
Xud/HQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org