Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/6A39367C4BEB11EEAA0AD77CC4F9AE02.roa
File: 6A39367C4BEB11EEAA0AD77CC4F9AE02.roa (raw, json)
Hash identifier: hm95VR8+Ft9FgAfbzX2YZpSy9kY+eU3xjtq/13VACzY=
Subject key identifier: 6A:F5:F0:33:7D:6C:8B:8A:05:E9:A6:B4:EE:DE:A8:E5:B0:33:2B:CE
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 04D5
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/6A39367C4BEB11EEAA0AD77CC4F9AE02.roa
Signing time: Sun 10 Sep 2023 18:51:48 +0000
ROA not before: Sun 10 Sep 2023 18:51:48 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 47813
IP address blocks: 43.254.165.0/24 maxlen: 24
43.255.158.0/23 maxlen: 24
103.240.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Oct 2023 18:02:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1237 (0x4d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Sep 10 18:51:48 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=64fe1044-beb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e2:2b:42:5b:4b:59:29:08:ff:77:fe:e2:fc:
8f:64:6e:bd:b2:45:eb:81:9b:63:5c:04:08:60:9b:
c7:9e:d1:66:5a:6c:e2:eb:e0:ed:04:ed:77:51:33:
a7:9f:0e:97:2d:ca:2a:12:b0:fe:cf:87:7f:e9:04:
f1:fe:13:a0:0e:37:83:07:57:9e:cb:b7:c5:b5:7f:
09:46:c2:64:9f:15:18:06:c8:d1:9e:a4:6b:c1:d8:
64:4e:3e:8d:c8:52:ff:cb:02:a9:53:2a:ad:18:79:
08:ac:17:6c:7a:dc:08:b2:e3:d1:af:ea:d8:2d:7b:
d1:af:11:cf:a5:43:34:a7:5e:0c:70:6c:3c:ef:6a:
1e:19:b7:93:55:45:60:0e:d5:99:f9:03:1c:dc:63:
3a:1a:c1:29:26:06:1d:bc:28:42:d3:56:ef:6f:58:
35:04:14:4f:d2:b1:0f:3e:33:cf:92:1b:e9:96:aa:
eb:38:ab:79:72:4b:35:0c:0e:c8:fe:e2:57:1b:ec:
54:d8:b8:37:b8:4b:f0:f8:f8:4e:59:ab:05:3a:1a:
97:ca:50:92:c3:08:78:b7:b4:f1:d3:5a:77:87:01:
f3:bc:bb:e3:07:fe:a8:65:eb:db:5b:af:9b:d1:af:
29:5d:e4:58:b9:04:e6:16:bc:a9:85:f8:8b:d3:15:
c4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F5:F0:33:7D:6C:8B:8A:05:E9:A6:B4:EE:DE:A8:E5:B0:33:2B:CE
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/6A39367C4BEB11EEAA0AD77CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.165.0/24
43.255.158.0/23
103.240.198.0/24
Signature Algorithm: sha256WithRSAEncryption
58:88:a4:2e:67:92:27:cb:26:05:81:ea:57:e5:00:6d:d9:15:
e9:45:f0:d7:f9:fc:6d:9b:a5:3d:83:9c:d7:1a:5c:25:a5:6f:
24:99:1b:b0:2c:ef:e3:dd:fe:c6:0d:e8:db:d1:59:fc:1e:45:
62:7f:87:0c:92:4f:1c:69:45:78:3b:ac:5a:2a:5c:e0:37:a2:
88:2e:02:06:68:05:08:cb:65:6c:ae:04:11:ac:fd:85:45:0c:
2f:b6:de:b0:e8:05:45:ed:3e:3b:3c:f7:d0:0c:c5:76:69:a1:
c5:be:a3:b7:62:96:2d:c2:70:a2:57:68:c8:74:35:e6:49:d6:
e6:77:39:63:68:ab:8a:6c:f1:db:a3:a3:32:4b:f0:d4:85:88:
3f:99:f4:d3:0c:73:dd:e0:19:d4:ba:e5:8f:87:85:91:e7:9a:
21:ec:bd:0a:58:09:5c:fb:fd:57:6d:7c:1a:fb:38:e6:38:72:
e3:c1:0c:7c:d7:03:8b:22:1e:ed:e8:db:86:18:ed:39:11:a1:
1a:2d:74:97:a5:ac:91:69:ef:34:df:be:ff:51:f4:42:0c:37:
95:0d:49:f4:61:b2:06:a7:ea:7e:b1:ef:a9:b8:66:ee:8e:21:
65:64:b7:3f:d8:1c:ee:76:fe:25:11:c8:e8:ae:ff:85:f1:ca:
97:10:61:aa
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBNUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwOTEwMTg1MTQ4WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGZlMTA0NC1iZWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0+IrQltLWSkI/3f+4vyPZG69skXrgZtjXAQIYJvHntFmWmzi6+DtBO13UTOn
nw6XLcoqErD+z4d/6QTx/hOgDjeDB1eey7fFtX8JRsJknxUYBsjRnqRrwdhkTj6N
yFL/ywKpUyqtGHkIrBdsetwIsuPRr+rYLXvRrxHPpUM0p14McGw872oeGbeTVUVg
DtWZ+QMc3GM6GsEpJgYdvChC01bvb1g1BBRP0rEPPjPPkhvplqrrOKt5cks1DA7I
/uJXG+xU2Lg3uEvw+PhOWasFOhqXylCSwwh4t7Tx01p3hwHzvLvjB/6oZevbW6+b
0a8pXeRYuQTmFryphfiL0xXEQQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFGr18DN9
bIuKBemmtO7eqOWwMyvOMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvNkEzOTM2N0M0
QkVCMTFFRUFBMEFENzdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAr/qUDBAEr/54DBABn8MYwDQYJKoZIhvcNAQELBQADggEB
AFiIpC5nkifLJgWB6lflAG3ZFelF8Nf5/G2bpT2DnNcaXCWlbySZG7As7+Pd/sYN
6NvRWfweRWJ/hwySTxxpRXg7rFoqXOA3ooguAgZoBQjLZWyuBBGs/YVFDC+23rDo
BUXtPjs899AMxXZpocW+o7dili3CcKJXaMh0NeZJ1uZ3OWNoq4ps8dujozJL8NSF
iD+Z9NMMc93gGdS65Y+HhZHnmiHsvQpYCVz7/VdtfBr7OOY4cuPBDHzXA4siHu3o
24YY7TkRoRotdJelrJFp7zTfvv9R9EIMN5UNSfRhsgan6n6x76m4Zu6OIWVktz/Y
HO52/iURyOiu/4XxypcQYao=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org