Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/5BA13C52346D11EFBF4BEF0AC4F9AE02.roa
File: 5BA13C52346D11EFBF4BEF0AC4F9AE02.roa (raw, json)
Hash identifier: QvPzkHWyy4LT8AXvDFFVW6vV5/2sDpAb2+1+h72eSsE=
Subject key identifier: E8:37:C4:63:05:76:65:54:D4:6E:10:48:45:EC:C8:52:6C:34:54:8A
Certificate issuer: /CN=A9155647/serialNumber=AD3445DB42010B1215A49E427F1AE7400D788BFB
Certificate serial: 45
Authority key identifier: AD:34:45:DB:42:01:0B:12:15:A4:9E:42:7F:1A:E7:40:0D:78:8B:FB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rTRF20IBCxIVpJ5CfxrnQA14i_s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/5BA13C52346D11EFBF4BEF0AC4F9AE02.roa
Signing time: Thu 27 Jun 2024 10:09:37 +0000
ROA not before: Thu 27 Jun 2024 10:09:37 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 834
IP address blocks: 43.231.205.0/24 maxlen: 24
43.231.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 Jul 2024 17:11:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69 (0x45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155647/serialNumber=AD3445DB42010B1215A49E427F1AE7400D788BFB
Validity
Not Before: Jun 27 10:09:37 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=667d3a60-6cc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:64:91:25:7a:b8:8a:aa:bb:b5:41:97:bf:ed:
84:37:a5:0a:49:23:ed:ed:2a:6c:32:b7:cb:4d:03:
66:db:04:d3:a7:9b:2e:9e:58:15:d0:22:bd:b8:68:
15:1d:a7:05:30:cd:51:4f:d6:5b:c7:a9:37:3a:08:
db:ca:2a:7e:82:9f:e6:ea:7c:8d:a6:62:d4:d4:cf:
f3:ad:9d:79:c3:c1:34:c0:ef:a1:54:cc:03:69:eb:
00:dc:fc:ab:5b:cd:45:21:4e:b8:3f:f8:a7:63:4c:
ac:12:1f:8e:6d:ec:6c:da:92:cb:a9:d4:cb:22:b0:
0d:13:ef:ff:5b:f4:c2:47:d1:60:e4:04:bc:2e:a2:
ef:0a:08:c3:e8:9e:78:36:8b:93:f8:20:c0:87:66:
43:a0:a9:f2:81:20:9b:9a:7c:d8:53:9e:18:9e:b6:
4d:34:cd:d8:ac:1f:c2:fd:7d:4c:e7:d7:e4:40:34:
1a:dd:75:3d:07:c4:b0:f0:21:0e:91:75:d5:50:31:
2d:54:b8:2d:b2:6d:ca:f7:1f:dd:61:84:51:a9:c0:
d7:28:6c:9b:9a:82:86:0e:f1:2d:c5:4f:84:f1:be:
c9:38:b4:32:8a:77:0c:e2:0a:63:8f:92:8a:64:ed:
f5:40:7e:ab:77:e1:09:95:16:e6:a7:22:37:67:8b:
3c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:37:C4:63:05:76:65:54:D4:6E:10:48:45:EC:C8:52:6C:34:54:8A
X509v3 Authority Key Identifier:
keyid:AD:34:45:DB:42:01:0B:12:15:A4:9E:42:7F:1A:E7:40:0D:78:8B:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/rTRF20IBCxIVpJ5CfxrnQA14i_s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rTRF20IBCxIVpJ5CfxrnQA14i_s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/5BA13C52346D11EFBF4BEF0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.231.205.0-43.231.206.255
Signature Algorithm: sha256WithRSAEncryption
51:82:59:f5:fe:27:b8:40:45:78:c1:20:0b:f8:02:8a:5a:8d:
84:ed:78:f8:de:76:f3:1c:19:6a:24:b4:3b:fc:79:80:e0:54:
45:d3:5c:eb:10:ef:3f:1f:44:7d:2f:bd:65:79:bb:ce:43:24:
e5:ac:2b:9b:30:04:02:bb:80:b5:83:e8:be:69:92:de:cb:50:
e9:b4:11:6d:2d:fc:31:7f:e9:02:e0:41:66:87:83:21:f3:fd:
77:f5:39:e6:ce:39:7d:65:f6:0a:54:d0:eb:c1:8e:e2:4f:ed:
22:6a:a9:d6:ce:e0:ed:92:8c:4d:38:2d:bb:e8:2d:47:1e:36:
15:14:5b:71:30:c2:a8:93:da:30:b7:59:5b:3c:9d:dc:98:de:
54:57:2d:56:2d:65:6f:cd:4c:62:bf:26:70:19:5b:e1:49:aa:
05:71:09:87:86:8d:93:f1:b1:49:d9:5f:cf:22:e3:64:7a:da:
a2:2d:7d:32:a6:df:42:93:bb:2a:f1:eb:fd:11:05:af:75:53:
57:dd:d6:82:55:5d:a9:bb:3b:e8:4b:24:12:26:ee:e5:ec:db:
1e:16:51:4a:ac:3a:5d:df:ab:f4:dc:5a:fb:ad:4f:90:40:71:
86:63:21:28:ba:57:d4:4d:a5:51:35:cf:28:06:15:a9:2b:65:
89:f1:cb:6a
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIBRTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NTY0NzExMC8GA1UEBRMoQUQzNDQ1REI0MjAxMEIxMjE1QTQ5RTQyN0YxQUU3NDAw
RDc4OEJGQjAeFw0yNDA2MjcxMDA5MzdaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2N2QzYTYwLTZjYzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCnZJEleriKqru1QZe/7YQ3pQpJI+3tKmwyt8tNA2bbBNOnmy6eWBXQIr24aBUd
pwUwzVFP1lvHqTc6CNvKKn6Cn+bqfI2mYtTUz/OtnXnDwTTA76FUzANp6wDc/Ktb
zUUhTrg/+KdjTKwSH45t7Gzaksup1MsisA0T7/9b9MJH0WDkBLwuou8KCMPonng2
i5P4IMCHZkOgqfKBIJuafNhTnhietk00zdisH8L9fUzn1+RANBrddT0HxLDwIQ6R
ddVQMS1UuC2ybcr3H91hhFGpwNcobJuagoYO8S3FT4Txvsk4tDKKdwziCmOPkopk
7fVAfqt34QmVFuanIjdnizxhAgMBAAGjggKdMIICmTAdBgNVHQ4EFgQU6DfEYwV2
ZVTUbhBIRezIUmw0VIowHwYDVR0jBBgwFoAUrTRF20IBCxIVpJ5CfxrnQA14i/sw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU1NjQ3LzkwNUMxMDQ2RjM2
RjExRUU5OTcyRUI3OUM0RjlBRTAyL3JUUkYyMElCQ3hJVnBKNUNmeHJuUUExNGlf
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvclRSRjIwSUJDeElWcEo1Q2Z4cm5RQTE0aV9zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NTY0Ny85MDVDMTA0NkYzNkYxMUVFOTk3MkVCNzlDNEY5QUUwMi81QkExM0M1MjM0
NkQxMUVGQkY0QkVGMEFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQAK+fNAwQAK+fOMA0GCSqGSIb3DQEBCwUAA4IBAQBRgln1
/ie4QEV4wSAL+AKKWo2E7Xj43nbzHBlqJLQ7/HmA4FRF01zrEO8/H0R9L71lebvO
QyTlrCubMAQCu4C1g+i+aZLey1DptBFtLfwxf+kC4EFmh4Mh8/139Tnmzjl9ZfYK
VNDrwY7iT+0iaqnWzuDtkoxNOC276C1HHjYVFFtxMMKok9owt1lbPJ3cmN5UVy1W
LWVvzUxivyZwGVvhSaoFcQmHho2T8bFJ2V/PIuNketqiLX0ypt9Ck7sq8ev9EQWv
dVNX3daCVV2puzvoSyQSJu7l7NseFlFKrDpd36v03Fr7rU+QQHGGYyEoulfUTaVR
Nc8oBhWpK2WJ8ctq
-----END CERTIFICATE-----
Generated at Sun Jul 7 18:29:08 2024 by rpki-client on console-ams.rpki-client.org