Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/30D8A7D6B3CF11EE848BCB83C4F9AE02.roa
File: 30D8A7D6B3CF11EE848BCB83C4F9AE02.roa (raw, json)
Hash identifier: MmeHl5N9IRFaw+aW1K7LJPGyoKSRC8BrYQzUnAy9msQ=
Subject key identifier: BB:49:6B:33:DB:3E:B1:1E:B2:0F:C0:4C:A6:CA:53:F6:0A:26:00:E3
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 05A2
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/30D8A7D6B3CF11EE848BCB83C4F9AE02.roa
Signing time: Thu 29 Feb 2024 09:47:42 +0000
ROA not before: Thu 29 Feb 2024 09:47:42 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 834
IP address blocks: 43.247.135.0/24 maxlen: 24
43.255.122.0/24 maxlen: 24
103.24.216.0/23 maxlen: 24
103.231.58.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 11:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1442 (0x5a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Feb 29 09:47:42 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65e052be-946e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:43:d6:5b:0e:e9:1a:4e:22:74:2d:ca:4d:96:
40:5e:69:22:57:81:6c:47:ea:f7:44:5c:12:46:f8:
47:ac:87:b2:6a:fb:a9:a8:c3:7e:00:61:82:eb:7a:
37:92:6d:a6:29:e9:a2:52:01:b8:3e:9b:53:af:1b:
3d:c8:72:8e:33:14:42:60:8a:79:3a:62:12:85:1d:
0a:7e:60:37:cd:f9:72:22:77:3d:94:88:ac:a0:71:
c1:05:8d:93:94:0e:5e:eb:16:70:01:f8:3a:1b:25:
c5:bc:6f:7d:b5:bb:a4:12:bf:3c:17:72:4e:72:c6:
25:02:72:47:71:ec:30:1f:90:59:7d:d7:75:3e:21:
65:8e:1f:dc:43:a8:d7:2b:a5:9e:c8:86:f7:a6:53:
c3:53:1f:b0:ed:83:ac:b2:12:a7:fe:c1:a5:6f:fb:
65:d2:ae:08:44:5a:8b:f5:4b:45:f6:00:30:9a:7a:
36:07:80:44:2c:c1:4b:a3:a3:d1:4a:ad:dc:1f:4f:
98:2c:8b:69:8d:8a:70:1e:aa:e5:c3:87:5d:fa:54:
82:b6:b5:1e:09:1e:be:76:c5:d7:3c:8a:f4:c7:a3:
c8:20:3f:d5:1f:82:b0:06:f7:51:fc:86:b9:1d:f8:
6c:6f:4b:80:02:fc:7c:8c:ed:58:1e:57:de:60:ce:
49:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:49:6B:33:DB:3E:B1:1E:B2:0F:C0:4C:A6:CA:53:F6:0A:26:00:E3
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/30D8A7D6B3CF11EE848BCB83C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.135.0/24
43.255.122.0/24
103.24.216.0/23
103.231.58.0/23
Signature Algorithm: sha256WithRSAEncryption
c8:45:73:95:25:59:9e:2c:32:29:83:d8:72:ca:b7:67:68:98:
d1:60:ee:78:04:1b:ff:1a:8c:65:03:60:a2:3d:c8:76:ec:3d:
93:80:f2:6a:9c:b8:e8:c2:76:c6:94:94:c3:79:17:29:e2:e9:
d2:10:c2:2d:87:15:ca:0e:67:55:22:08:c1:3d:75:71:9b:40:
da:b3:90:2a:aa:9e:0a:9d:e2:c8:0d:09:73:1b:d4:43:3f:f1:
6e:3f:ae:3e:b0:e4:c1:9f:65:cf:c9:25:de:aa:ef:de:00:40:
f4:49:b8:22:39:34:f5:fb:b7:24:2d:34:39:b9:4b:1b:27:eb:
e7:30:d8:21:ad:9e:a8:a9:e4:47:4d:94:d5:4f:fe:81:a6:78:
34:b4:4f:36:6e:b2:35:79:ee:3f:78:b7:8d:b2:bb:20:98:2a:
b2:3d:23:4e:1c:bc:a1:78:91:f2:25:20:65:32:9c:39:80:45:
7a:15:d3:f1:db:7c:68:91:e4:ab:b9:45:c8:fa:e3:11:ee:42:
1e:54:d7:8e:50:96:5f:27:4d:f2:c1:8f:7e:d5:13:26:b2:3a:
4a:82:30:0a:ca:09:3d:5f:07:4d:d3:83:a8:f3:cd:84:c5:b6:
19:26:f0:4f:92:36:f7:9e:1d:35:f5:88:1c:29:94:d6:ff:62:
e9:a1:7a:2f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBaIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjQwMjI5MDk0NzQyWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUwNTJiZS05NDZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7UPWWw7pGk4idC3KTZZAXmkiV4FsR+r3RFwSRvhHrIeyavupqMN+AGGC63o3
km2mKemiUgG4PptTrxs9yHKOMxRCYIp5OmIShR0KfmA3zflyInc9lIisoHHBBY2T
lA5e6xZwAfg6GyXFvG99tbukEr88F3JOcsYlAnJHcewwH5BZfdd1PiFljh/cQ6jX
K6WeyIb3plPDUx+w7YOsshKn/sGlb/tl0q4IRFqL9UtF9gAwmno2B4BELMFLo6PR
Sq3cH0+YLItpjYpwHqrlw4dd+lSCtrUeCR6+dsXXPIr0x6PIID/VH4KwBvdR/Ia5
Hfhsb0uAAvx8jO1YHlfeYM5JwwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFLtJazPb
PrEesg/ATKbKU/YKJgDjMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvMzBEOEE3RDZC
M0NGMTFFRTg0OEJDQjgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAAr94cDBAAr/3oDBAFnGNgDBAFn5zowDQYJKoZIhvcNAQEL
BQADggEBAMhFc5UlWZ4sMimD2HLKt2domNFg7ngEG/8ajGUDYKI9yHbsPZOA8mqc
uOjCdsaUlMN5Fyni6dIQwi2HFcoOZ1UiCME9dXGbQNqzkCqqngqd4sgNCXMb1EM/
8W4/rj6w5MGfZc/JJd6q794AQPRJuCI5NPX7tyQtNDm5Sxsn6+cw2CGtnqip5EdN
lNVP/oGmeDS0TzZusjV57j94t42yuyCYKrI9I04cvKF4kfIlIGUynDmARXoV0/Hb
fGiR5Ku5Rcj64xHuQh5U145Qll8nTfLBj37VEyayOkqCMArKCT1fB03Tg6jzzYTF
thkm8E+SNveeHTX1iBwplNb/Yumhei8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org