Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/88F391E03C8411EF9457AA31C4F9AE02.roa
File: 88F391E03C8411EF9457AA31C4F9AE02.roa (raw, json)
Hash identifier: 94B5PUwgd4j2s+pCdUBPvu+Z72EnPFSck33yLHrWkbc=
Subject key identifier: 4E:E1:18:83:2A:57:D8:BB:0D:4A:91:A8:C6:87:DF:B3:82:AA:A7:63
Certificate issuer: /CN=A9155647/serialNumber=AD3445DB42010B1215A49E427F1AE7400D788BFB
Certificate serial: 4F
Authority key identifier: AD:34:45:DB:42:01:0B:12:15:A4:9E:42:7F:1A:E7:40:0D:78:8B:FB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rTRF20IBCxIVpJ5CfxrnQA14i_s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/88F391E03C8411EF9457AA31C4F9AE02.roa
Signing time: Sun 07 Jul 2024 17:15:40 +0000
ROA not before: Sun 07 Jul 2024 17:15:40 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 136902
IP address blocks: 43.231.205.0/24 maxlen: 24
43.231.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Sep 2024 07:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79 (0x4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155647/serialNumber=AD3445DB42010B1215A49E427F1AE7400D788BFB
Validity
Not Before: Jul 7 17:15:40 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=668acd3c-9580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:20:d9:39:13:fd:84:1b:d0:ae:c7:59:23:b1:
da:8e:b0:3d:2e:ce:56:78:80:76:9e:e8:e2:64:06:
3b:9c:32:1b:67:07:6c:eb:2b:dd:a9:26:6b:75:6d:
00:c9:83:c6:13:11:a7:b7:d8:f6:6b:47:fd:ae:6b:
14:f7:65:cd:60:38:2e:1f:d4:30:0c:76:9d:08:f7:
db:2e:6d:1c:b5:ea:f2:1e:ac:8c:31:0f:1b:b3:8b:
e3:78:34:8f:ca:b2:32:5e:2e:8f:f7:07:1b:43:38:
37:fe:bb:7c:a9:88:36:18:4a:ff:38:a2:54:a5:ef:
eb:d5:ec:84:11:48:85:01:6c:9e:82:d0:89:2c:85:
32:39:17:da:16:5c:e7:9f:f7:58:8c:e0:bd:0f:ef:
fd:63:17:46:97:e1:60:ac:17:cb:d6:ad:85:36:24:
87:26:aa:96:03:4e:26:89:9a:c5:ac:78:36:3b:6d:
c9:e2:06:6b:c6:e6:23:0a:4a:09:e2:95:91:b4:94:
7a:71:6a:ea:2d:dc:cc:b2:ca:5e:af:12:f6:25:02:
cb:c9:e3:ea:bb:35:45:fd:57:0b:29:e3:ea:96:81:
a5:e5:cc:79:5a:69:e7:38:63:35:65:5b:a6:f1:ed:
25:1c:7a:17:8c:68:0c:1c:d8:76:95:8e:fb:2f:d2:
b6:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:E1:18:83:2A:57:D8:BB:0D:4A:91:A8:C6:87:DF:B3:82:AA:A7:63
X509v3 Authority Key Identifier:
keyid:AD:34:45:DB:42:01:0B:12:15:A4:9E:42:7F:1A:E7:40:0D:78:8B:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/rTRF20IBCxIVpJ5CfxrnQA14i_s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rTRF20IBCxIVpJ5CfxrnQA14i_s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/88F391E03C8411EF9457AA31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.231.205.0-43.231.206.255
Signature Algorithm: sha256WithRSAEncryption
3a:6a:fc:dd:aa:30:a2:ff:c0:8b:e1:bc:33:08:1a:b1:6d:2e:
13:cf:12:6d:bb:07:ae:c1:8b:63:ba:0f:f7:6f:c1:7e:23:6e:
cb:8d:42:63:ae:53:d9:4c:36:16:05:61:18:a6:f4:3d:a1:ad:
e8:77:9d:f3:fd:3f:c7:f3:5f:c5:2d:a5:1c:0d:63:4e:78:cf:
64:0b:f5:16:f6:6c:44:d1:dc:08:ab:2e:1f:66:82:61:84:89:
0e:5e:0f:dd:85:6b:a2:07:b7:3b:dd:b6:00:c6:eb:a7:62:bd:
83:70:1d:c2:82:d0:e5:bb:ab:3a:de:12:ed:8f:83:2d:96:bb:
0d:b1:32:84:45:31:a4:42:ac:36:a7:7f:1a:1d:67:bf:ac:57:
f3:d2:22:ce:23:d7:60:ff:1d:c4:39:99:cb:4f:8c:89:80:7f:
e0:36:9b:cf:41:7e:3f:0c:01:be:41:cf:ca:25:e4:a5:2a:ea:
d8:7e:b9:9b:ac:76:64:5e:33:43:f8:2b:44:fe:75:c6:2c:38:
94:50:fc:77:c7:69:7c:d3:bb:4e:8e:95:01:42:41:60:1b:dc:
5d:5a:bd:3f:48:5c:57:93:d2:fb:f9:5a:4f:e3:00:9e:ec:76:
ec:3d:b4:32:55:b7:c1:7b:84:3a:14:86:2a:e5:6d:db:10:31:
29:ef:37:65
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIBTzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NTY0NzExMC8GA1UEBRMoQUQzNDQ1REI0MjAxMEIxMjE1QTQ5RTQyN0YxQUU3NDAw
RDc4OEJGQjAeFw0yNDA3MDcxNzE1NDBaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2OGFjZDNjLTk1ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCxINk5E/2EG9Cux1kjsdqOsD0uzlZ4gHae6OJkBjucMhtnB2zrK92pJmt1bQDJ
g8YTEae32PZrR/2uaxT3Zc1gOC4f1DAMdp0I99subRy16vIerIwxDxuzi+N4NI/K
sjJeLo/3BxtDODf+u3ypiDYYSv84olSl7+vV7IQRSIUBbJ6C0IkshTI5F9oWXOef
91iM4L0P7/1jF0aX4WCsF8vWrYU2JIcmqpYDTiaJmsWseDY7bcniBmvG5iMKSgni
lZG0lHpxauot3Myyyl6vEvYlAsvJ4+q7NUX9Vwsp4+qWgaXlzHlaaec4YzVlW6bx
7SUceheMaAwc2HaVjvsv0rbdAgMBAAGjggKdMIICmTAdBgNVHQ4EFgQUTuEYgypX
2LsNSpGoxoffs4Kqp2MwHwYDVR0jBBgwFoAUrTRF20IBCxIVpJ5CfxrnQA14i/sw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU1NjQ3LzkwNUMxMDQ2RjM2
RjExRUU5OTcyRUI3OUM0RjlBRTAyL3JUUkYyMElCQ3hJVnBKNUNmeHJuUUExNGlf
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvclRSRjIwSUJDeElWcEo1Q2Z4cm5RQTE0aV9zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NTY0Ny85MDVDMTA0NkYzNkYxMUVFOTk3MkVCNzlDNEY5QUUwMi84OEYzOTFFMDND
ODQxMUVGOTQ1N0FBMzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQAK+fNAwQAK+fOMA0GCSqGSIb3DQEBCwUAA4IBAQA6avzd
qjCi/8CL4bwzCBqxbS4TzxJtuweuwYtjug/3b8F+I27LjUJjrlPZTDYWBWEYpvQ9
oa3od53z/T/H81/FLaUcDWNOeM9kC/UW9mxE0dwIqy4fZoJhhIkOXg/dhWuiB7c7
3bYAxuunYr2DcB3CgtDlu6s63hLtj4MtlrsNsTKERTGkQqw2p38aHWe/rFfz0iLO
I9dg/x3EOZnLT4yJgH/gNpvPQX4/DAG+Qc/KJeSlKurYfrmbrHZkXjND+CtE/nXG
LDiUUPx3x2l807tOjpUBQkFgG9xdWr0/SFxXk9L7+VpP4wCe7HbsPbQyVbfBe4Q6
FIYq5W3bEDEp7zdl
-----END CERTIFICATE-----
Generated at Mon Sep 9 10:15:51 2024 by rpki-client on console-ams.rpki-client.org