Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/80EF4F386E9511EE803FC320C4F9AE02.roa
File: 80EF4F386E9511EE803FC320C4F9AE02.roa (raw, json)
Hash identifier: CSZUDxzC7PxndTTb+bTCaK1HPkXWY6Q22e79ftYymiA=
Subject key identifier: 4E:8B:56:3A:8B:66:F3:03:72:17:9A:40:29:ED:33:1C:A7:88:8C:13
Certificate issuer: /CN=A9198847/serialNumber=A6EF06B689581821C78C88291BBDF5C512A33F41
Certificate serial: 0C7F
Authority key identifier: A6:EF:06:B6:89:58:18:21:C7:8C:88:29:1B:BD:F5:C5:12:A3:3F:41
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pu8GtolYGCHHjIgpG731xRKjP0E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/80EF4F386E9511EE803FC320C4F9AE02.roa
Signing time: Thu 14 Mar 2024 19:07:09 +0000
ROA not before: Thu 14 Mar 2024 19:07:09 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 137449
IP address blocks: 43.246.200.0/22 maxlen: 22
43.246.202.0/23 maxlen: 24
2402:76c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 29 Apr 2024 10:47:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3199 (0xc7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9198847/serialNumber=A6EF06B689581821C78C88291BBDF5C512A33F41
Validity
Not Before: Mar 14 19:07:09 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=65f34add-3c18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:82:e0:91:e8:07:23:49:ca:96:d2:49:39:c8:
0b:b3:76:96:f3:43:9c:6f:cb:bc:4f:ae:1e:fd:1f:
81:66:d4:3d:90:ac:59:48:3c:8c:11:d9:b4:1e:90:
58:df:cb:ad:7d:9e:e6:c4:11:58:54:6d:89:33:40:
cd:02:e8:dc:9e:0b:75:51:9b:ca:18:ad:62:0f:67:
b7:11:bb:b4:af:d6:96:8e:52:10:ff:a7:3c:39:e4:
51:42:97:b7:f6:14:93:23:ec:f9:9c:26:2c:b5:8d:
cb:55:d5:95:0a:7e:92:9a:4b:1f:bd:45:92:7e:e2:
02:dd:f3:1e:fa:c0:0c:b8:c9:0b:ca:ce:87:3d:92:
d2:fc:4f:4e:46:9d:22:01:e2:0b:ab:86:eb:3e:fc:
4b:85:10:86:b5:67:5e:70:fa:95:08:ea:e3:5b:86:
61:cf:3d:30:85:ee:84:cf:e4:d7:2c:08:a4:71:67:
91:cc:27:ce:e5:c5:07:76:9c:6f:63:06:12:2a:40:
af:57:de:0e:3c:8f:8a:fc:b7:07:88:29:de:6c:26:
78:59:8c:94:58:7c:2b:7b:d8:c5:52:dc:e6:eb:2d:
46:3c:74:7f:6d:09:4d:fb:b0:33:4c:46:99:e3:2e:
55:34:41:1c:78:37:c5:47:a8:1d:11:02:7d:87:1b:
36:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:8B:56:3A:8B:66:F3:03:72:17:9A:40:29:ED:33:1C:A7:88:8C:13
X509v3 Authority Key Identifier:
keyid:A6:EF:06:B6:89:58:18:21:C7:8C:88:29:1B:BD:F5:C5:12:A3:3F:41
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/pu8GtolYGCHHjIgpG731xRKjP0E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pu8GtolYGCHHjIgpG731xRKjP0E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/80EF4F386E9511EE803FC320C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.246.200.0/22
IPv6:
2402:76c0::/32
Signature Algorithm: sha256WithRSAEncryption
6e:c3:be:08:18:35:72:ae:21:09:98:91:ba:7a:3c:a0:11:2a:
ad:c1:1f:36:7b:a4:a4:04:3c:b2:db:c9:f7:0d:0b:ea:bd:4c:
7a:4d:8a:02:c9:8c:3f:48:92:ec:03:45:c9:8b:87:4c:ca:ef:
72:ab:20:33:54:fe:dc:ca:29:a1:50:7b:bd:e1:89:39:11:05:
6f:c7:2b:fc:1d:40:cd:17:98:4b:c7:60:0d:9b:4b:82:34:0d:
02:cf:ce:95:ca:94:37:b8:ea:25:0b:9d:48:25:f9:ba:63:9d:
e0:97:25:1e:33:84:30:40:b2:2d:1e:56:e4:e4:65:59:54:26:
75:d7:30:52:57:67:4b:b9:96:be:63:b5:aa:9c:5b:4d:0b:fc:
c4:10:6c:9d:f7:1e:95:3d:dd:b5:7f:1e:81:ea:c8:08:ad:01:
4d:a1:6a:0a:f5:74:f8:d8:b8:2c:c0:64:0b:e6:a5:8e:a3:b2:
d5:aa:40:bf:70:5e:ef:0e:79:23:0e:98:af:4d:41:06:43:15:
ea:44:d0:2e:5a:c7:f0:79:2c:51:2b:48:a6:19:82:ce:d3:44:
7a:a9:9c:53:cf:4f:27:63:d8:40:c1:6e:41:b5:32:03:54:d0:
44:cb:3c:f9:1d:4b:35:ec:f1:a5:01:76:55:e5:46:9c:84:28:
ba:c1:90:b3
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDH8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTg4NDcxMTAvBgNVBAUTKEE2RUYwNkI2ODk1ODE4MjFDNzhDODgyOTFCQkRGNUM1
MTJBMzNGNDEwHhcNMjQwMzE0MTkwNzA5WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NWYzNGFkZC0zYzE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnYLgkegHI0nKltJJOcgLs3aW80Ocb8u8T64e/R+BZtQ9kKxZSDyMEdm0HpBY
38utfZ7mxBFYVG2JM0DNAujcngt1UZvKGK1iD2e3Ebu0r9aWjlIQ/6c8OeRRQpe3
9hSTI+z5nCYstY3LVdWVCn6SmksfvUWSfuIC3fMe+sAMuMkLys6HPZLS/E9ORp0i
AeILq4brPvxLhRCGtWdecPqVCOrjW4Zhzz0whe6Ez+TXLAikcWeRzCfO5cUHdpxv
YwYSKkCvV94OPI+K/LcHiCnebCZ4WYyUWHwre9jFUtzm6y1GPHR/bQlN+7AzTEaZ
4y5VNEEceDfFR6gdEQJ9hxs2KQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFE6LVjqL
ZvMDcheaQCntMxyniIwTMB8GA1UdIwQYMBaAFKbvBraJWBghx4yIKRu99cUSoz9B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODg0Ny9EREZCQjBCOEQ3
ODExMUU5QjQyM0FDNEJDNEY5QUUwMi9wdThHdG9sWUdDSEhqSWdwRzczMXhSS2pQ
MEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3B1OEd0b2xZR0NISGpJZ3BHNzMxeFJLalAwRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTg4NDcvRERGQkIwQjhENzgxMTFFOUI0MjNBQzRCQzRGOUFFMDIvODBFRjRGMzg2
RTk1MTFFRTgwM0ZDMzIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAIr9sgwDQQCAAIwBwMFACQCdsAwDQYJKoZIhvcNAQELBQAD
ggEBAG7DvggYNXKuIQmYkbp6PKARKq3BHzZ7pKQEPLLbyfcNC+q9THpNigLJjD9I
kuwDRcmLh0zK73KrIDNU/tzKKaFQe73hiTkRBW/HK/wdQM0XmEvHYA2bS4I0DQLP
zpXKlDe46iULnUgl+bpjneCXJR4zhDBAsi0eVuTkZVlUJnXXMFJXZ0u5lr5jtaqc
W00L/MQQbJ33HpU93bV/HoHqyAitAU2hagr1dPjYuCzAZAvmpY6jstWqQL9wXu8O
eSMOmK9NQQZDFepE0C5ax/B5LFErSKYZgs7TRHqpnFPPTydj2EDBbkG1MgNU0ETL
PPkdSzXs8aUBdlXlRpyEKLrBkLM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:48 2024 by rpki-client on console-ams.rpki-client.org