Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/2005B82854BA11EEB6F36C44C4F9AE02.roa
File: 2005B82854BA11EEB6F36C44C4F9AE02.roa (raw, json)
Hash identifier: l4W7jdOdRlOBaiNd5+G63OAezhE5Xam5ATOo0OO21z8=
Subject key identifier: 8A:92:0D:67:A6:A0:A6:57:F5:68:B1:5A:D0:CE:6E:6D:A3:F9:56:A5
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 0504
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/2005B82854BA11EEB6F36C44C4F9AE02.roa
Signing time: Fri 13 Oct 2023 18:02:57 +0000
ROA not before: Fri 13 Oct 2023 18:02:57 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 834
IP address blocks: 43.254.165.0/24 maxlen: 24
43.255.122.0/23 maxlen: 24
43.255.156.0/24 maxlen: 24
103.24.216.0/23 maxlen: 24
103.231.58.0/23 maxlen: 24
103.240.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1284 (0x504)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Oct 13 18:02:57 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65298651-6d2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:61:98:39:bb:55:20:c8:6c:85:df:0c:0c:ee:
8b:d9:c4:ad:da:59:07:77:02:60:64:f4:6b:60:87:
cb:b2:8e:51:2f:92:f1:d0:38:6e:05:8e:27:67:6d:
6d:5b:68:44:44:5d:2f:0a:e1:79:7e:d8:6f:0e:ef:
71:83:85:8c:8e:12:36:42:4e:da:39:9e:5c:27:47:
0d:c0:fe:65:f0:58:a2:06:e5:05:6d:91:de:dc:bf:
b3:50:ef:eb:a0:e8:2d:82:4f:12:7e:c4:ab:17:b2:
d4:bf:bc:7e:0d:3f:5e:e4:75:ab:a7:87:f1:3b:e6:
80:3e:70:d1:22:dc:bf:5f:72:71:9a:12:54:8e:27:
82:e8:58:bc:de:a0:5d:a2:b1:bd:48:8c:f0:1d:a7:
66:da:b6:8b:7e:4d:8a:03:ec:cc:8f:b8:ac:61:cc:
5b:df:0f:09:e2:53:fa:f9:73:23:e2:8c:23:be:e3:
f4:85:4d:0b:95:e0:27:da:9d:7e:f0:8c:88:6c:0b:
31:32:8b:e1:1e:e4:5f:82:30:ba:d3:a1:d7:3f:33:
91:0d:07:80:fb:d4:e0:5d:45:d8:a6:61:4d:91:4c:
ab:f1:6e:ff:ca:d0:3c:d7:de:a5:af:ba:06:05:0e:
0b:b2:2c:96:cd:2c:a8:c8:b1:37:89:5b:0f:67:1b:
84:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:92:0D:67:A6:A0:A6:57:F5:68:B1:5A:D0:CE:6E:6D:A3:F9:56:A5
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/2005B82854BA11EEB6F36C44C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.165.0/24
43.255.122.0/23
43.255.156.0/24
103.24.216.0/23
103.231.58.0/23
103.240.198.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:bf:f4:35:81:82:e1:6c:bc:65:f3:36:c3:66:c0:78:2e:db:
f8:e3:ed:86:4c:23:34:ca:e1:e6:21:54:eb:88:9f:29:73:3c:
05:3e:a0:b8:fe:e0:84:f3:ce:61:43:45:c8:cb:f7:85:7c:e8:
d1:59:15:58:c3:13:fe:0a:c8:ae:12:2b:3d:f0:46:f9:a4:88:
91:be:19:33:cd:56:36:eb:ec:13:b8:e8:bf:0e:9e:25:a7:c8:
ed:a5:68:9a:3e:28:fe:37:98:d8:7c:9b:d8:8d:77:0e:82:b0:
f4:eb:d0:85:f3:d5:7d:53:00:a3:15:3b:3e:e8:17:e6:7c:3f:
71:52:19:26:42:52:58:66:ac:79:b9:f2:e9:f5:12:1e:6b:13:
bb:7a:30:7a:b0:92:42:7a:89:10:8d:f4:a2:a2:a9:e4:e7:50:
7a:ba:82:87:0f:44:65:5a:0d:fd:f2:7f:37:db:23:d8:bb:52:
fc:75:68:71:33:42:c9:d3:b9:ca:2a:de:8f:6f:c0:37:ed:3b:
d4:9f:4a:63:b6:8b:3f:60:4f:f1:f7:9d:3e:cf:48:f1:ae:ef:
68:75:2f:43:a2:e3:23:7b:91:94:91:41:c7:d3:1e:f7:17:bd:
fc:09:a2:11:f5:ce:aa:de:a5:51:10:51:e3:f2:46:b4:ce:ad:
0d:9c:0d:72
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICBQQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMxMDEzMTgwMjU3WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI5ODY1MS02ZDJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1WGYObtVIMhshd8MDO6L2cSt2lkHdwJgZPRrYIfLso5RL5Lx0DhuBY4nZ21t
W2hERF0vCuF5fthvDu9xg4WMjhI2Qk7aOZ5cJ0cNwP5l8FiiBuUFbZHe3L+zUO/r
oOgtgk8SfsSrF7LUv7x+DT9e5HWrp4fxO+aAPnDRIty/X3JxmhJUjieC6Fi83qBd
orG9SIzwHadm2raLfk2KA+zMj7isYcxb3w8J4lP6+XMj4owjvuP0hU0LleAn2p1+
8IyIbAsxMovhHuRfgjC606HXPzORDQeA+9TgXUXYpmFNkUyr8W7/ytA8196lr7oG
BQ4LsiyWzSyoyLE3iVsPZxuEGwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFIqSDWem
oKZX9WixWtDObm2j+ValMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvMjAwNUI4Mjg1
NEJBMTFFRUI2RjM2QzQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAAr/qUDBAEr/3oDBAAr/5wDBAFnGNgDBAFn5zoDBABn8MYw
DQYJKoZIhvcNAQELBQADggEBAH6/9DWBguFsvGXzNsNmwHgu2/jj7YZMIzTK4eYh
VOuInylzPAU+oLj+4ITzzmFDRcjL94V86NFZFVjDE/4KyK4SKz3wRvmkiJG+GTPN
Vjbr7BO46L8OniWnyO2laJo+KP43mNh8m9iNdw6CsPTr0IXz1X1TAKMVOz7oF+Z8
P3FSGSZCUlhmrHm58un1Eh5rE7t6MHqwkkJ6iRCN9KKiqeTnUHq6gocPRGVaDf3y
fzfbI9i7Uvx1aHEzQsnTucoq3o9vwDftO9SfSmO2iz9gT/H3nT7PSPGu72h1L0Oi
4yN7kZSRQcfTHvcXvfwJohH1zqrepVEQUePyRrTOrQ2cDXI=
-----END CERTIFICATE-----
Generated at Tue Oct 17 16:29:17 2023 by rpki-client on console-ams.rpki-client.org