Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AD0B2/2213E5BCCB2E11EBB2D39748C4F9AE02/11EE5CD2AF6811EEB5F3A61AC4F9AE02.roa
File: 11EE5CD2AF6811EEB5F3A61AC4F9AE02.roa (raw, json)
Hash identifier: fPf74WciY/emu/DNYlaOLySievJWoU57vWOpT33OzKE=
Subject key identifier: 99:FA:6B:32:49:27:D3:FA:BE:89:1E:41:1A:58:47:2F:2A:E8:33:05
Certificate issuer: /CN=A91AD0B2/serialNumber=44BA569BFD2EC816B069734513E0BBF2D34EB707
Certificate serial: 04BC
Authority key identifier: 44:BA:56:9B:FD:2E:C8:16:B0:69:73:45:13:E0:BB:F2:D3:4E:B7:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RLpWm_0uyBawaXNFE-C78tNOtwc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AD0B2/2213E5BCCB2E11EBB2D39748C4F9AE02/11EE5CD2AF6811EEB5F3A61AC4F9AE02.roa
Signing time: Wed 10 Jan 2024 03:27:24 +0000
ROA not before: Wed 10 Jan 2024 03:27:24 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 18013
IP address blocks: 43.242.200.0/22 maxlen: 24
103.38.80.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 15:49:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1212 (0x4bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AD0B2/serialNumber=44BA569BFD2EC816B069734513E0BBF2D34EB707
Validity
Not Before: Jan 10 03:27:24 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=659e0e9b-5136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:76:d6:ca:59:79:26:e4:4e:59:38:14:28:d0:
67:01:99:9d:bc:2d:ac:8c:ea:fa:52:f0:b3:11:5e:
d0:91:bd:a9:45:22:6a:dd:3b:32:c6:2a:34:6a:df:
17:26:7f:c9:81:3c:1c:d4:40:e6:07:f3:c7:51:47:
76:bf:12:19:9d:4d:38:1a:36:fc:65:24:24:d8:56:
26:a8:b0:8a:d9:78:d3:fe:65:82:82:28:8c:d3:84:
6f:2a:7c:13:19:30:99:ea:69:52:6f:c7:d8:9f:ce:
1d:96:30:fd:07:70:01:b7:be:da:8a:c0:e2:18:dc:
26:c9:08:6d:25:a2:d3:66:d2:1e:24:61:f0:be:a2:
9d:b6:7d:88:59:84:18:dc:1c:42:60:da:84:3b:8f:
ef:95:44:bd:7e:0f:14:87:01:27:0a:ce:ea:5b:24:
5e:aa:f4:ec:43:7e:06:ac:1f:c7:1f:c4:a5:b6:84:
87:b0:c7:0a:36:e5:20:cc:31:8a:8d:08:f3:4e:dc:
58:95:b7:a0:0e:7d:c1:f4:50:79:0a:d5:b7:52:cd:
1f:f1:ef:8a:41:ed:eb:95:2c:64:bd:63:1a:57:33:
95:c9:9f:37:5d:43:cf:c5:1f:a8:bb:76:77:f3:22:
e0:3d:00:4b:be:6f:60:ef:09:9b:ee:89:07:b2:f8:
ec:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:FA:6B:32:49:27:D3:FA:BE:89:1E:41:1A:58:47:2F:2A:E8:33:05
X509v3 Authority Key Identifier:
keyid:44:BA:56:9B:FD:2E:C8:16:B0:69:73:45:13:E0:BB:F2:D3:4E:B7:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AD0B2/2213E5BCCB2E11EBB2D39748C4F9AE02/RLpWm_0uyBawaXNFE-C78tNOtwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RLpWm_0uyBawaXNFE-C78tNOtwc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AD0B2/2213E5BCCB2E11EBB2D39748C4F9AE02/11EE5CD2AF6811EEB5F3A61AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.242.200.0/22
103.38.80.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:53:8b:67:fd:31:f5:30:a5:fd:74:96:f0:2a:06:9f:23:2b:
13:18:37:31:41:1e:ed:02:71:4c:b3:93:bd:71:8a:69:6d:b6:
bb:98:ef:a2:4d:04:2d:2c:74:89:06:59:8e:c6:79:33:d3:11:
f3:f9:ee:d1:f7:84:c9:3f:d7:5f:e7:d3:1e:53:97:7d:bc:fc:
55:94:1b:d6:65:74:51:26:a6:27:4a:a9:6f:ec:22:a5:c1:73:
f2:f9:a1:a3:9f:6e:02:a7:3c:71:2f:1c:32:3f:19:f8:fd:be:
b6:33:a9:d9:aa:66:d1:8e:bd:86:54:3e:a0:3b:a3:35:fa:aa:
b4:c5:1c:7d:bd:b1:dc:dd:5f:fb:02:b4:13:8a:3e:5d:07:7a:
1a:0d:51:b6:a3:56:cb:1a:06:59:b0:8f:cd:3a:47:38:02:6c:
30:4e:19:33:e6:66:3b:23:aa:38:d4:7c:09:a3:ba:1b:2b:66:
7d:ae:f0:44:97:9a:bb:99:14:8a:07:57:9c:10:af:c8:cb:1b:
21:a3:8d:4f:e0:92:b2:89:01:4b:1a:43:ab:8d:b4:ca:6c:05:
38:db:62:f0:4e:24:b6:76:44:7e:0d:d7:94:cc:e0:23:bc:3b:
0b:e6:43:93:09:6a:56:60:af:bb:fe:c3:cb:8e:02:3d:8f:8f:
b9:dc:b2:75
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBLwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUQwQjIxMTAvBgNVBAUTKDQ0QkE1NjlCRkQyRUM4MTZCMDY5NzM0NTEzRTBCQkYy
RDM0RUI3MDcwHhcNMjQwMTEwMDMyNzI0WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTllMGU5Yi01MTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6XbWyll5JuROWTgUKNBnAZmdvC2sjOr6UvCzEV7Qkb2pRSJq3Tsyxio0at8X
Jn/JgTwc1EDmB/PHUUd2vxIZnU04Gjb8ZSQk2FYmqLCK2XjT/mWCgiiM04RvKnwT
GTCZ6mlSb8fYn84dljD9B3ABt77aisDiGNwmyQhtJaLTZtIeJGHwvqKdtn2IWYQY
3BxCYNqEO4/vlUS9fg8UhwEnCs7qWyReqvTsQ34GrB/HH8SltoSHsMcKNuUgzDGK
jQjzTtxYlbegDn3B9FB5CtW3Us0f8e+KQe3rlSxkvWMaVzOVyZ83XUPPxR+ou3Z3
8yLgPQBLvm9g7wmb7okHsvjsmwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJn6azJJ
J9P6vokeQRpYRy8q6DMFMB8GA1UdIwQYMBaAFES6Vpv9LsgWsGlzRRPgu/LTTrcH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRDBCMi8yMjEzRTVCQ0NC
MkUxMUVCQjJEMzk3NDhDNEY5QUUwMi9STHBXbV8wdXlCYXdhWE5GRS1DNzh0Tk90
d2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JMcFdtXzB1eUJhd2FYTkZFLUM3OHROT3R3Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUQwQjIvMjIxM0U1QkNDQjJFMTFFQkIyRDM5NzQ4QzRGOUFFMDIvMTFFRTVDRDJB
RjY4MTFFRUI1RjNBNjFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr8sgDBAJnJlAwDQYJKoZIhvcNAQELBQADggEBAHtTi2f9
MfUwpf10lvAqBp8jKxMYNzFBHu0CcUyzk71ximlttruY76JNBC0sdIkGWY7GeTPT
EfP57tH3hMk/11/n0x5Tl328/FWUG9ZldFEmpidKqW/sIqXBc/L5oaOfbgKnPHEv
HDI/Gfj9vrYzqdmqZtGOvYZUPqA7ozX6qrTFHH29sdzdX/sCtBOKPl0HehoNUbaj
VssaBlmwj806RzgCbDBOGTPmZjsjqjjUfAmjuhsrZn2u8ESXmruZFIoHV5wQr8jL
GyGjjU/gkrKJAUsaQ6uNtMpsBTjbYvBOJLZ2RH4N15TM4CO8OwvmQ5MJalZgr7v+
w8uOAj2Pj7ncsnU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org