Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915B978/FC4A2A20E90111E68C2CD311C4F9AE02/CF4257EEFEBD11EEA50E3240C4F9AE02.roa
File: CF4257EEFEBD11EEA50E3240C4F9AE02.roa (raw, json)
Hash identifier: m2qWI7kWSh3RmiBcVxfB3QMSHoM+SuIpXaZf9pJnww8=
Subject key identifier: EC:98:E1:D3:9B:6D:92:F3:38:29:61:7C:B6:C7:B9:DF:3D:28:34:2C
Certificate issuer: /CN=A915B978/serialNumber=A83B01C96E794DE8CF8F1C9FA86421296DA871C4
Certificate serial: 1B81
Authority key identifier: A8:3B:01:C9:6E:79:4D:E8:CF:8F:1C:9F:A8:64:21:29:6D:A8:71:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qDsByW55TejPjxyfqGQhKW2occQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915B978/FC4A2A20E90111E68C2CD311C4F9AE02/CF4257EEFEBD11EEA50E3240C4F9AE02.roa
Signing time: Wed 24 Apr 2024 11:52:14 +0000
ROA not before: Wed 24 Apr 2024 11:52:14 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 834
IP address blocks: 43.228.144.0/23 maxlen: 24
43.228.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 May 2024 13:57:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7041 (0x1b81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915B978/serialNumber=A83B01C96E794DE8CF8F1C9FA86421296DA871C4
Validity
Not Before: Apr 24 11:52:14 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=6628f26d-4909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9e:4f:15:09:f0:ca:eb:f9:5e:20:07:23:34:
44:36:f7:c9:f4:64:e3:1a:79:12:57:e1:d5:c6:9e:
b9:56:ab:c3:20:c0:7e:32:2b:b8:36:b4:a5:8f:e6:
9d:75:1a:6e:84:81:fc:6c:08:be:40:c2:a9:9b:22:
4d:13:39:e8:18:e5:4f:ba:f8:48:fa:6b:c8:e3:99:
95:81:ec:b6:1c:ba:44:12:6b:dc:5f:37:82:65:d0:
cc:61:83:4b:6e:b3:63:c9:8d:8d:7f:07:90:68:92:
0b:97:5c:41:96:71:44:c5:15:4d:3e:97:3d:87:c7:
d8:36:df:15:0e:ef:4c:08:7e:f1:8f:f7:8a:69:48:
1a:9b:ba:27:12:b8:96:0b:c5:3c:29:ea:14:6a:c9:
78:0e:eb:50:af:bf:a3:24:0c:88:38:19:db:41:20:
50:4d:77:4e:97:eb:1b:08:39:24:93:db:f0:a2:3a:
07:02:96:d3:df:90:d9:9b:b8:d8:24:9a:6f:7a:79:
d7:d5:1b:fd:58:5c:bc:37:06:1b:b4:b8:2d:b7:19:
25:37:61:ac:65:20:b0:d8:15:de:9b:67:7a:54:8d:
8c:cf:6d:03:34:c2:07:de:8c:8e:8f:f2:83:98:eb:
91:f9:ed:a6:e9:85:77:ff:50:9b:7c:04:28:b5:d5:
81:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:98:E1:D3:9B:6D:92:F3:38:29:61:7C:B6:C7:B9:DF:3D:28:34:2C
X509v3 Authority Key Identifier:
keyid:A8:3B:01:C9:6E:79:4D:E8:CF:8F:1C:9F:A8:64:21:29:6D:A8:71:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915B978/FC4A2A20E90111E68C2CD311C4F9AE02/qDsByW55TejPjxyfqGQhKW2occQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qDsByW55TejPjxyfqGQhKW2occQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B978/FC4A2A20E90111E68C2CD311C4F9AE02/CF4257EEFEBD11EEA50E3240C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.228.144.0/22
Signature Algorithm: sha256WithRSAEncryption
56:aa:1a:38:34:dc:4b:30:ed:47:ff:bc:67:e5:2d:3f:e9:e0:
bf:9a:d7:db:5d:85:d4:6e:9e:09:a8:b0:b9:72:e1:38:20:7d:
07:39:4a:4a:6d:7d:89:8b:69:b6:9b:11:c5:16:c2:67:4c:fc:
2c:d7:2e:95:6c:fa:a4:7e:f2:3f:14:45:86:d2:aa:e4:78:cd:
e4:4e:8e:66:1a:44:5e:8f:cb:65:ab:dc:69:d8:69:4f:0a:e0:
72:ea:e1:e0:3c:17:0a:a4:0d:9c:18:5e:da:4a:85:9c:1f:f3:
62:1b:27:40:b1:fa:2e:e9:ba:f3:f5:6c:2d:71:e1:29:da:86:
a8:62:58:16:c5:15:9b:fc:7a:6c:df:2d:d7:0e:e8:f3:85:c8:
96:5e:fa:58:44:b9:c4:1d:92:bb:b2:8b:6e:9d:3f:5d:f6:a2:
52:68:3a:33:33:1b:0c:01:38:4f:b7:7e:13:5d:a9:e5:66:7d:
ba:56:37:34:62:eb:21:20:6e:04:09:d1:21:d3:02:f2:d2:08:
0d:cb:1c:ff:57:45:2e:54:00:ce:04:43:90:5e:cf:7f:8f:5f:
ac:a2:47:b4:3e:87:90:cb:c2:6a:5d:58:d8:57:41:cc:1d:6d:
56:f7:22:6c:78:52:42:f3:0f:38:48:60:cf:83:d6:7e:e7:02:
77:a6:27:25
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICG4EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUI5NzgxMTAvBgNVBAUTKEE4M0IwMUM5NkU3OTRERThDRjhGMUM5RkE4NjQyMTI5
NkRBODcxQzQwHhcNMjQwNDI0MTE1MjE0WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjI4ZjI2ZC00OTA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnZ5PFQnwyuv5XiAHIzRENvfJ9GTjGnkSV+HVxp65VqvDIMB+Miu4NrSlj+ad
dRpuhIH8bAi+QMKpmyJNEznoGOVPuvhI+mvI45mVgey2HLpEEmvcXzeCZdDMYYNL
brNjyY2NfweQaJILl1xBlnFExRVNPpc9h8fYNt8VDu9MCH7xj/eKaUgam7onEriW
C8U8KeoUasl4DutQr7+jJAyIOBnbQSBQTXdOl+sbCDkkk9vwojoHApbT35DZm7jY
JJpvennX1Rv9WFy8NwYbtLgttxklN2GsZSCw2BXem2d6VI2Mz20DNMIH3oyOj/KD
mOuR+e2m6YV3/1CbfAQotdWBlQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOyY4dOb
bZLzOClhfLbHud89KDQsMB8GA1UdIwQYMBaAFKg7AclueU3oz48cn6hkISltqHHE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Qjk3OC9GQzRBMkEyMEU5
MDExMUU2OEMyQ0QzMTFDNEY5QUUwMi9xRHNCeVc1NVRlalBqeHlmcUdRaEtXMm9j
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FEc0J5VzU1VGVqUGp4eWZxR1FoS1cyb2NjUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUI5NzgvRkM0QTJBMjBFOTAxMTFFNjhDMkNEMzExQzRGOUFFMDIvQ0Y0MjU3RUVG
RUJEMTFFRUE1MEUzMjQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAIr5JAwDQYJKoZIhvcNAQELBQADggEBAFaqGjg03Esw7Uf/
vGflLT/p4L+a19tdhdRungmosLly4TggfQc5SkptfYmLababEcUWwmdM/CzXLpVs
+qR+8j8URYbSquR4zeROjmYaRF6Py2Wr3GnYaU8K4HLq4eA8FwqkDZwYXtpKhZwf
82IbJ0Cx+i7puvP1bC1x4SnahqhiWBbFFZv8emzfLdcO6POFyJZe+lhEucQdkruy
i26dP132olJoOjMzGwwBOE+3fhNdqeVmfbpWNzRi6yEgbgQJ0SHTAvLSCA3LHP9X
RS5UAM4EQ5Bez3+PX6yiR7Q+h5DLwmpdWNhXQcwdbVb3Imx4UkLzDzhIYM+D1n7n
AnemJyU=
-----END CERTIFICATE-----
Generated at Sat May 11 16:58:17 2024 by rpki-client on console-ams.rpki-client.org