Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/B3127BA41B7711EFB9FEAF1DC4F9AE02.roa
File: B3127BA41B7711EFB9FEAF1DC4F9AE02.roa (raw, json)
Hash identifier: RtwXxFyEhcaCwWebfwxNhdTqW6XVOwQtYFE9wzyz7ms=
Subject key identifier: 4A:33:9D:57:6C:76:7B:A6:DF:FF:EE:B4:8F:5D:18:28:E2:AA:69:CE
Certificate issuer: /CN=A9198847/serialNumber=A6EF06B689581821C78C88291BBDF5C512A33F41
Certificate serial: 0CB1
Authority key identifier: A6:EF:06:B6:89:58:18:21:C7:8C:88:29:1B:BD:F5:C5:12:A3:3F:41
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pu8GtolYGCHHjIgpG731xRKjP0E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/B3127BA41B7711EFB9FEAF1DC4F9AE02.roa
Signing time: Sun 26 May 2024 15:50:39 +0000
ROA not before: Sun 26 May 2024 15:50:39 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 151080
IP address blocks: 43.246.200.0/24 maxlen: 24
43.246.201.0/24 maxlen: 24
103.109.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Jun 2024 16:51:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3249 (0xcb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9198847/serialNumber=A6EF06B689581821C78C88291BBDF5C512A33F41
Validity
Not Before: May 26 15:50:39 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66535a4f-9098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1a:42:a3:e3:e0:9b:06:67:df:65:59:1a:de:
4d:cf:8f:13:5c:c2:e2:66:8b:b5:fb:b4:ce:97:1e:
25:59:15:d1:5a:89:0b:cf:a4:0d:f3:11:ac:c8:f3:
20:2d:55:ef:33:ab:e0:ad:07:c4:5d:b6:00:d1:7f:
0a:ba:f8:bd:07:e6:73:f4:55:41:8f:86:d2:1c:d0:
11:92:60:ed:4c:8e:6e:1a:1e:24:2e:91:60:db:a8:
bb:82:c9:de:24:7a:de:78:cc:05:e2:23:57:5b:84:
f5:9c:1a:7b:58:5d:89:63:b1:bf:df:8d:26:38:6f:
df:7b:5f:0f:8c:f5:34:86:68:46:1d:cf:d5:1a:dc:
8a:ad:67:12:9b:ea:3c:f0:0d:77:e9:64:35:f7:85:
b4:d8:50:ca:8d:72:c5:ed:19:c9:63:4b:aa:58:cd:
c2:3f:c9:4a:7d:08:76:dc:05:0c:ef:92:fc:02:00:
2f:4d:92:63:02:33:7c:ae:c5:6b:df:f6:78:9a:96:
4e:2d:f6:20:52:99:a5:96:c7:74:91:94:59:f6:5a:
31:66:b3:74:64:21:b5:95:0f:b8:4d:26:c6:58:7e:
d3:c9:17:82:19:24:ec:c8:c7:56:58:6d:bb:84:8b:
08:5c:75:e5:0a:4c:f9:05:16:10:10:ad:44:2a:61:
7d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:33:9D:57:6C:76:7B:A6:DF:FF:EE:B4:8F:5D:18:28:E2:AA:69:CE
X509v3 Authority Key Identifier:
keyid:A6:EF:06:B6:89:58:18:21:C7:8C:88:29:1B:BD:F5:C5:12:A3:3F:41
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/pu8GtolYGCHHjIgpG731xRKjP0E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pu8GtolYGCHHjIgpG731xRKjP0E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/B3127BA41B7711EFB9FEAF1DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.246.200.0/23
103.109.57.0/24
Signature Algorithm: sha256WithRSAEncryption
44:9c:96:f6:58:f8:5a:13:ae:0d:13:aa:17:67:5e:0e:ba:7b:
65:fd:e6:88:c4:c4:8e:59:56:bf:21:e6:8e:97:2f:b9:e0:3d:
5e:c2:f3:c7:fc:ea:59:5c:ed:87:55:84:bc:e4:b7:ab:b2:04:
f4:4f:e8:15:6f:5b:f4:c7:4e:d8:39:2b:32:c7:aa:92:fd:5b:
d8:50:54:c9:a9:99:d5:f0:de:6e:bc:43:0b:26:b0:b9:77:03:
6d:6b:cc:02:f1:08:35:0e:81:e8:98:a4:34:7a:f9:78:f4:dd:
19:cf:e7:14:63:2c:e4:e0:80:06:50:5e:29:20:a3:06:e3:30:
12:44:fa:c9:69:88:10:6f:a9:27:02:fa:40:44:0a:bb:94:da:
df:73:bc:22:1f:ff:87:84:f9:67:6f:1d:97:8e:cc:c7:67:cb:
66:54:4e:c6:4b:94:c3:2f:01:7d:c4:7c:29:98:4d:88:59:eb:
6c:0e:da:df:62:54:d0:d3:ed:d0:0e:04:49:c2:f9:b6:86:59:
3e:18:fd:f5:b1:52:97:3d:34:bd:f5:35:7d:15:1f:fa:5d:4f:
23:0c:bd:76:52:8e:9b:7a:38:1c:48:7c:b3:97:d2:5a:24:11:
ca:be:69:95:2e:5d:c6:2e:a4:da:09:3c:57:cd:62:d8:74:95:
5a:34:0a:36
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDLEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTg4NDcxMTAvBgNVBAUTKEE2RUYwNkI2ODk1ODE4MjFDNzhDODgyOTFCQkRGNUM1
MTJBMzNGNDEwHhcNMjQwNTI2MTU1MDM5WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjUzNWE0Zi05MDk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyBpCo+PgmwZn32VZGt5Nz48TXMLiZou1+7TOlx4lWRXRWokLz6QN8xGsyPMg
LVXvM6vgrQfEXbYA0X8Kuvi9B+Zz9FVBj4bSHNARkmDtTI5uGh4kLpFg26i7gsne
JHreeMwF4iNXW4T1nBp7WF2JY7G/340mOG/fe18PjPU0hmhGHc/VGtyKrWcSm+o8
8A136WQ194W02FDKjXLF7RnJY0uqWM3CP8lKfQh23AUM75L8AgAvTZJjAjN8rsVr
3/Z4mpZOLfYgUpmllsd0kZRZ9loxZrN0ZCG1lQ+4TSbGWH7TyReCGSTsyMdWWG27
hIsIXHXlCkz5BRYQEK1EKmF9MQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEoznVds
dnum3//utI9dGCjiqmnOMB8GA1UdIwQYMBaAFKbvBraJWBghx4yIKRu99cUSoz9B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODg0Ny9EREZCQjBCOEQ3
ODExMUU5QjQyM0FDNEJDNEY5QUUwMi9wdThHdG9sWUdDSEhqSWdwRzczMXhSS2pQ
MEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3B1OEd0b2xZR0NISGpJZ3BHNzMxeFJLalAwRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTg4NDcvRERGQkIwQjhENzgxMTFFOUI0MjNBQzRCQzRGOUFFMDIvQjMxMjdCQTQx
Qjc3MTFFRkI5RkVBRjFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAEr9sgDBABnbTkwDQYJKoZIhvcNAQELBQADggEBAESclvZY
+FoTrg0TqhdnXg66e2X95ojExI5ZVr8h5o6XL7ngPV7C88f86llc7YdVhLzkt6uy
BPRP6BVvW/THTtg5KzLHqpL9W9hQVMmpmdXw3m68QwsmsLl3A21rzALxCDUOgeiY
pDR6+Xj03RnP5xRjLOTggAZQXikgowbjMBJE+slpiBBvqScC+kBECruU2t9zvCIf
/4eE+WdvHZeOzMdny2ZUTsZLlMMvAX3EfCmYTYhZ62wO2t9iVNDT7dAOBEnC+baG
WT4Y/fWxUpc9NL31NX0VH/pdTyMMvXZSjpt6OBxIfLOX0lokEcq+aZUuXcYupNoJ
PFfNYth0lVo0CjY=
-----END CERTIFICATE-----
Generated at Sat Jun 15 17:43:14 2024 by rpki-client on console-fra.rpki-client.org