Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AD0B2/2213E5BCCB2E11EBB2D39748C4F9AE02/23BF7F9AA91511ED9E2AC948C4F9AE02.roa
File: 23BF7F9AA91511ED9E2AC948C4F9AE02.roa (raw, json)
Hash identifier: K/iDiG9TQY9BFGiid9SsMqV/jkIShEpBjhZw0oEjRKI=
Subject key identifier: D3:86:AA:E2:A2:AD:CD:84:C9:C6:FC:F3:89:78:5C:CB:C5:1C:D3:55
Certificate issuer: /CN=A91AD0B2/serialNumber=44BA569BFD2EC816B069734513E0BBF2D34EB707
Certificate serial: 0476
Authority key identifier: 44:BA:56:9B:FD:2E:C8:16:B0:69:73:45:13:E0:BB:F2:D3:4E:B7:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RLpWm_0uyBawaXNFE-C78tNOtwc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AD0B2/2213E5BCCB2E11EBB2D39748C4F9AE02/23BF7F9AA91511ED9E2AC948C4F9AE02.roa
Signing time: Wed 13 Sep 2023 00:42:14 +0000
ROA not before: Wed 13 Sep 2023 00:42:14 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 55020
IP address blocks: 43.242.200.0/22 maxlen: 24
103.38.80.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 15:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1142 (0x476)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AD0B2/serialNumber=44BA569BFD2EC816B069734513E0BBF2D34EB707
Validity
Not Before: Sep 13 00:42:14 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65010566-af1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:93:d2:0a:06:8f:98:e6:39:fd:ea:28:bd:2c:
db:75:93:01:22:99:9b:20:e2:f7:a1:5c:b6:d7:e5:
08:92:82:90:4c:ce:10:64:ac:36:c8:ab:e8:fd:80:
10:6c:c9:3a:97:b7:32:08:77:b5:70:3d:4b:43:e3:
fc:d0:5f:6e:21:df:d6:a5:21:ca:ea:c8:d9:0f:1b:
d9:45:b9:8b:15:3b:48:34:2e:0f:01:66:3b:f4:20:
83:98:45:95:72:df:3d:26:49:f4:53:4a:95:d8:06:
1c:88:4c:f2:56:78:20:92:14:97:d0:6b:a4:a0:7f:
17:6e:7d:73:77:bd:82:97:92:e4:53:38:19:21:cc:
78:e6:6f:53:81:0b:42:73:02:78:e3:cc:bb:a1:29:
b2:9f:ac:13:06:87:d5:73:0f:37:4c:27:73:07:56:
ca:7c:47:36:a4:ec:c0:34:c4:91:a8:18:4f:02:bf:
fa:15:55:8c:af:f8:14:97:4b:25:41:25:81:8c:d6:
d8:d6:00:15:7d:82:62:ef:15:50:3b:00:d1:28:03:
55:a1:37:79:de:03:b4:38:d2:6e:90:cc:67:87:77:
6c:70:72:90:a2:8b:d6:b0:d6:e1:b3:7e:d7:84:68:
9f:ac:1f:c9:37:50:d3:af:b9:82:c1:f9:60:73:e3:
d9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:86:AA:E2:A2:AD:CD:84:C9:C6:FC:F3:89:78:5C:CB:C5:1C:D3:55
X509v3 Authority Key Identifier:
keyid:44:BA:56:9B:FD:2E:C8:16:B0:69:73:45:13:E0:BB:F2:D3:4E:B7:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AD0B2/2213E5BCCB2E11EBB2D39748C4F9AE02/RLpWm_0uyBawaXNFE-C78tNOtwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RLpWm_0uyBawaXNFE-C78tNOtwc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AD0B2/2213E5BCCB2E11EBB2D39748C4F9AE02/23BF7F9AA91511ED9E2AC948C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.242.200.0/22
103.38.80.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:bc:c7:63:bc:62:c6:09:c7:93:b8:0a:c8:ef:09:b3:0b:dd:
9d:5f:2f:a6:46:90:3a:d6:ec:29:44:ec:8e:7c:da:90:42:bf:
22:d0:aa:40:6b:86:dc:41:43:01:57:45:e7:eb:f4:af:5c:fb:
36:e7:ed:5c:74:64:53:8e:fa:b3:7a:ad:95:24:b2:9d:b6:1b:
4a:c2:54:b7:54:9a:b9:8c:f2:53:4c:32:5a:e3:6a:33:a1:12:
77:e6:5c:ea:e1:58:bc:8d:79:01:c5:cc:c1:95:cb:37:87:5e:
c1:48:b1:c3:0c:ff:48:12:b2:83:77:c2:7a:ea:00:27:de:ec:
c9:13:73:be:ac:64:3b:98:4d:6e:6e:05:ba:e4:19:c8:d5:84:
b9:b8:30:e0:36:46:4e:5f:cd:55:a5:f1:98:0c:d5:b0:33:97:
15:fb:d5:3c:67:9b:52:61:ae:38:bb:2a:40:52:07:b5:b1:58:
6c:60:e6:a0:30:dc:7e:a2:70:82:33:bc:bf:1c:ad:61:55:67:
97:60:b1:43:25:4d:58:0a:9d:da:d0:c5:58:1d:56:06:e1:7e:
2f:3c:1a:8a:8c:37:4c:5b:24:fc:6b:93:0c:0e:6e:00:0a:82:
9a:2b:17:87:fc:1b:e3:84:ff:4b:e4:d3:9f:3d:93:ce:26:c5:
62:ac:0d:41
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBHYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUQwQjIxMTAvBgNVBAUTKDQ0QkE1NjlCRkQyRUM4MTZCMDY5NzM0NTEzRTBCQkYy
RDM0RUI3MDcwHhcNMjMwOTEzMDA0MjE0WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTAxMDU2Ni1hZjFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy5PSCgaPmOY5/eoovSzbdZMBIpmbIOL3oVy21+UIkoKQTM4QZKw2yKvo/YAQ
bMk6l7cyCHe1cD1LQ+P80F9uId/WpSHK6sjZDxvZRbmLFTtINC4PAWY79CCDmEWV
ct89Jkn0U0qV2AYciEzyVnggkhSX0GukoH8Xbn1zd72Cl5LkUzgZIcx45m9TgQtC
cwJ448y7oSmyn6wTBofVcw83TCdzB1bKfEc2pOzANMSRqBhPAr/6FVWMr/gUl0sl
QSWBjNbY1gAVfYJi7xVQOwDRKANVoTd53gO0ONJukMxnh3dscHKQoovWsNbhs37X
hGifrB/JN1DTr7mCwflgc+PZuQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNOGquKi
rc2Eycb884l4XMvFHNNVMB8GA1UdIwQYMBaAFES6Vpv9LsgWsGlzRRPgu/LTTrcH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRDBCMi8yMjEzRTVCQ0NC
MkUxMUVCQjJEMzk3NDhDNEY5QUUwMi9STHBXbV8wdXlCYXdhWE5GRS1DNzh0Tk90
d2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JMcFdtXzB1eUJhd2FYTkZFLUM3OHROT3R3Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUQwQjIvMjIxM0U1QkNDQjJFMTFFQkIyRDM5NzQ4QzRGOUFFMDIvMjNCRjdGOUFB
OTE1MTFFRDlFMkFDOTQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr8sgDBAJnJlAwDQYJKoZIhvcNAQELBQADggEBAKK8x2O8
YsYJx5O4CsjvCbML3Z1fL6ZGkDrW7ClE7I582pBCvyLQqkBrhtxBQwFXRefr9K9c
+zbn7Vx0ZFOO+rN6rZUksp22G0rCVLdUmrmM8lNMMlrjajOhEnfmXOrhWLyNeQHF
zMGVyzeHXsFIscMM/0gSsoN3wnrqACfe7MkTc76sZDuYTW5uBbrkGcjVhLm4MOA2
Rk5fzVWl8ZgM1bAzlxX71Txnm1Jhrji7KkBSB7WxWGxg5qAw3H6icIIzvL8crWFV
Z5dgsUMlTVgKndrQxVgdVgbhfi88GoqMN0xbJPxrkwwObgAKgporF4f8G+OE/0vk
0589k84mxWKsDUE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org