Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919ECE7/5E05DBA45FAC11EB8494452FC4F9AE02/1765B116531811EF8B34D609C4F9AE02.roa
File: 1765B116531811EF8B34D609C4F9AE02.roa (raw, json)
Hash identifier: ejA+kq3qYi6NqfL+B6Ka31LZKtO/jzvXHYB5GHEA6w4=
Subject key identifier: CA:88:0C:CA:9D:D8:A5:16:97:99:8D:E8:06:E7:5A:F6:21:E5:A8:84
Certificate issuer: /CN=A919ECE7/serialNumber=77370BC07305D19DBDACCE4BF7209E1EB6D40E33
Certificate serial: 0675
Authority key identifier: 77:37:0B:C0:73:05:D1:9D:BD:AC:CE:4B:F7:20:9E:1E:B6:D4:0E:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dzcLwHMF0Z29rM5L9yCeHrbUDjM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919ECE7/5E05DBA45FAC11EB8494452FC4F9AE02/1765B116531811EF8B34D609C4F9AE02.roa
Signing time: Thu 22 Aug 2024 02:31:48 +0000
ROA not before: Thu 22 Aug 2024 02:31:48 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 62468
IP address blocks: 43.250.172.0/22 maxlen: 22
43.250.174.0/24 maxlen: 24
103.42.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 03:15:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1653 (0x675)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919ECE7/serialNumber=77370BC07305D19DBDACCE4BF7209E1EB6D40E33
Validity
Not Before: Aug 22 02:31:48 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66c6a314-d29b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:4c:1c:a7:c7:7d:8f:58:96:c0:e4:2c:27:a8:
b5:fd:d6:73:d7:19:3b:4b:69:f1:de:ec:0c:6e:f8:
f9:36:4e:76:a4:2f:a4:a7:12:65:08:7f:5f:2d:78:
54:dc:08:cf:b2:72:ce:14:1f:56:c1:6b:50:73:6a:
76:43:db:70:36:0d:35:ae:56:8b:b7:5a:7d:70:f5:
ec:44:0b:07:58:e3:57:55:d7:3c:07:34:da:a5:3c:
95:e7:31:d9:6e:93:e8:9c:0b:88:29:09:12:f6:be:
66:f4:32:0a:f6:51:c0:bd:93:64:57:1b:99:f0:45:
d7:aa:7f:19:83:40:9a:9e:b7:fe:05:01:30:08:d2:
c0:79:b9:bf:94:ce:c8:f6:34:f1:c8:0f:06:10:be:
8c:65:f3:26:31:05:43:ed:63:8e:3c:ad:b4:2c:5b:
b8:fb:73:c9:c0:f1:85:63:69:6e:15:0f:15:8d:a8:
72:da:84:6a:5d:6b:68:fd:de:25:23:a2:8b:de:86:
bc:b4:e8:fa:92:96:00:6c:9e:5f:f2:81:80:c4:79:
b5:1a:73:db:2b:16:cb:90:c3:d7:65:0a:a8:78:df:
7a:54:ea:2d:b0:b2:25:3e:e1:0a:c8:44:cd:79:d4:
9a:28:9f:64:88:53:79:db:00:7f:f0:70:fb:82:4b:
5f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:88:0C:CA:9D:D8:A5:16:97:99:8D:E8:06:E7:5A:F6:21:E5:A8:84
X509v3 Authority Key Identifier:
keyid:77:37:0B:C0:73:05:D1:9D:BD:AC:CE:4B:F7:20:9E:1E:B6:D4:0E:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919ECE7/5E05DBA45FAC11EB8494452FC4F9AE02/dzcLwHMF0Z29rM5L9yCeHrbUDjM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dzcLwHMF0Z29rM5L9yCeHrbUDjM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919ECE7/5E05DBA45FAC11EB8494452FC4F9AE02/1765B116531811EF8B34D609C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.172.0/22
103.42.28.0/22
Signature Algorithm: sha256WithRSAEncryption
34:d4:95:25:28:5e:1c:99:49:f7:68:47:a6:5b:78:41:69:19:
37:f5:81:15:2e:7e:ae:77:86:d3:97:d3:cd:b6:8c:e4:81:3d:
4e:e8:21:2f:0c:ac:fc:a2:7f:3f:bc:c6:09:50:ac:b0:76:0b:
8a:06:5f:37:27:71:f8:4b:df:1d:4e:ef:70:b5:5d:91:05:c3:
8c:3b:01:dc:41:59:64:e1:ef:aa:92:f5:41:06:44:7e:43:e0:
a0:3d:e9:45:6c:f6:7e:60:9f:73:0a:8c:22:5f:19:11:a2:2b:
c1:8d:e0:e0:1f:df:7b:20:25:d6:ec:23:ba:86:53:18:59:ad:
11:d0:f1:03:30:04:a0:d5:70:ef:5e:cd:a6:12:24:40:72:ab:
87:24:5e:b2:28:bb:8f:3f:4b:b8:15:83:e1:b0:2c:36:ac:96:
42:11:a0:cd:5d:e2:72:a7:cf:ab:b3:ad:30:8b:42:2d:8f:0a:
a8:bf:4d:75:87:6d:67:d3:a8:5b:4c:d3:e3:2f:91:bd:d4:ea:
3b:8e:ee:64:2c:7c:23:1c:53:e2:21:66:b7:dd:9a:6f:a5:7c:
74:7b:8c:6e:9a:0f:76:6c:4f:1a:6b:85:55:b3:23:70:06:6f:
22:72:0b:fa:32:b6:14:89:7f:60:4d:35:42:ef:07:fb:b4:7a:
a4:d5:15:76
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBnUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVDRTcxMTAvBgNVBAUTKDc3MzcwQkMwNzMwNUQxOURCREFDQ0U0QkY3MjA5RTFF
QjZENDBFMzMwHhcNMjQwODIyMDIzMTQ4WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM2YTMxNC1kMjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8Uwcp8d9j1iWwOQsJ6i1/dZz1xk7S2nx3uwMbvj5Nk52pC+kpxJlCH9fLXhU
3AjPsnLOFB9WwWtQc2p2Q9twNg01rlaLt1p9cPXsRAsHWONXVdc8BzTapTyV5zHZ
bpPonAuIKQkS9r5m9DIK9lHAvZNkVxuZ8EXXqn8Zg0Canrf+BQEwCNLAebm/lM7I
9jTxyA8GEL6MZfMmMQVD7WOOPK20LFu4+3PJwPGFY2luFQ8Vjahy2oRqXWto/d4l
I6KL3oa8tOj6kpYAbJ5f8oGAxHm1GnPbKxbLkMPXZQqoeN96VOotsLIlPuEKyETN
edSaKJ9kiFN52wB/8HD7gktffwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMqIDMqd
2KUWl5mN6AbnWvYh5aiEMB8GA1UdIwQYMBaAFHc3C8BzBdGdvazOS/cgnh621A4z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUNFNy81RTA1REJBNDVG
QUMxMUVCODQ5NDQ1MkZDNEY5QUUwMi9kemNMd0hNRjBaMjlyTTVMOXlDZUhyYlVE
ak0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2R6Y0x3SE1GMFoyOXJNNUw5eUNlSHJiVURqTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVDRTcvNUUwNURCQTQ1RkFDMTFFQjg0OTQ0NTJGQzRGOUFFMDIvMTc2NUIxMTY1
MzE4MTFFRjhCMzRENjA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr+qwDBAJnKhwwDQYJKoZIhvcNAQELBQADggEBADTUlSUo
XhyZSfdoR6ZbeEFpGTf1gRUufq53htOX0822jOSBPU7oIS8MrPyifz+8xglQrLB2
C4oGXzcncfhL3x1O73C1XZEFw4w7AdxBWWTh76qS9UEGRH5D4KA96UVs9n5gn3MK
jCJfGRGiK8GN4OAf33sgJdbsI7qGUxhZrRHQ8QMwBKDVcO9ezaYSJEByq4ckXrIo
u48/S7gVg+GwLDaslkIRoM1d4nKnz6uzrTCLQi2PCqi/TXWHbWfTqFtM0+Mvkb3U
6juO7mQsfCMcU+IhZrfdmm+lfHR7jG6aD3ZsTxprhVWzI3AGbyJyC/oythSJf2BN
NULvB/u0eqTVFXY=
-----END CERTIFICATE-----
Generated at Fri Sep 27 05:07:46 2024 by rpki-client on console-fra.rpki-client.org