Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/684394266FD111EDA007D478C4F9AE02.roa
File: 684394266FD111EDA007D478C4F9AE02.roa (raw, json)
Hash identifier: +JjZgmWxvQMkJiveNDBO6fEd7wXiJl5Jo+57WKcDNC8=
Subject key identifier: D6:44:29:90:7B:65:BE:AC:57:6E:31:C0:82:A7:2F:8D:88:79:9C:FB
Certificate issuer: /CN=A91AEB42/serialNumber=56237928548B082F5B13C16EDC3E6A7C2F80FCF1
Certificate serial: 0186
Authority key identifier: 56:23:79:28:54:8B:08:2F:5B:13:C1:6E:DC:3E:6A:7C:2F:80:FC:F1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/684394266FD111EDA007D478C4F9AE02.roa
Signing time: Sun 08 Dec 2024 10:28:45 +0000
ROA not before: Sun 08 Dec 2024 10:28:45 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 132839
IP address blocks: 43.229.212.0/22 maxlen: 24
43.241.45.0/24 maxlen: 24
43.241.46.0/24 maxlen: 24
43.251.106.0/24 maxlen: 24
43.251.107.0/24 maxlen: 24
103.37.42.0/24 maxlen: 24
103.37.43.0/24 maxlen: 24
103.42.177.0/24 maxlen: 24
103.42.178.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 08 Dec 2024 14:35:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 390 (0x186)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AEB42, serialNumber=56237928548B082F5B13C16EDC3E6A7C2F80FCF1
Validity
Not Before: Dec 8 10:28:45 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=675574dd-e8b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a0:13:88:fc:b4:03:62:33:99:d7:f7:b3:7b:
95:3d:e6:d5:f7:d3:9e:83:68:31:d3:30:13:f8:af:
a7:d8:11:d2:80:b1:8c:5f:6a:14:c5:1b:28:61:16:
85:0a:01:61:64:db:d8:e9:2b:6a:04:b2:93:af:8f:
96:e4:a2:a4:6c:5c:0d:57:50:01:d0:9d:11:66:e1:
df:3d:0c:24:73:6b:55:30:ed:44:77:f6:31:82:51:
8b:af:46:28:8c:f6:74:6d:50:17:55:b7:ef:74:76:
e6:20:0f:a9:fc:ac:04:db:61:81:2d:1e:1e:37:6f:
fc:0b:18:03:16:0f:fb:6f:fd:28:a6:2c:c8:77:3e:
7f:42:48:c6:a4:a2:fb:d9:69:cc:9a:97:dd:d6:d1:
ff:86:9f:66:06:16:90:87:f3:7f:47:00:28:e2:a2:
fc:6b:9b:e7:94:3b:70:70:fa:8c:e6:3a:a8:8f:ab:
a6:e1:e1:cf:c9:ad:19:3b:ee:dd:50:ff:f4:f9:75:
95:5f:63:da:be:ff:24:54:25:46:cb:d4:a3:41:8f:
08:63:ca:b9:7f:28:89:d0:8c:b8:96:02:ed:3a:b4:
cc:d0:37:8b:63:48:6c:28:e7:19:b0:f2:e6:b8:7e:
c7:d1:05:b6:c8:0a:31:d8:c5:20:9d:0d:ca:d7:d1:
90:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:44:29:90:7B:65:BE:AC:57:6E:31:C0:82:A7:2F:8D:88:79:9C:FB
X509v3 Authority Key Identifier:
keyid:56:23:79:28:54:8B:08:2F:5B:13:C1:6E:DC:3E:6A:7C:2F:80:FC:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/684394266FD111EDA007D478C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.212.0/22
43.241.45.0-43.241.46.255
43.251.106.0/23
103.37.42.0/23
103.42.177.0-103.42.178.255
Signature Algorithm: sha256WithRSAEncryption
2a:35:5d:00:d8:0e:22:2c:a9:8a:3c:f9:75:58:42:15:bd:50:
23:ad:35:68:8c:36:34:df:7e:a7:30:18:a8:15:93:ad:64:3b:
9b:c3:88:f2:de:24:5e:b3:0b:69:2f:6f:2e:8c:9b:f0:69:e5:
e6:33:02:cb:87:9b:e0:11:e7:ef:82:66:89:ec:e8:03:65:73:
52:9a:c0:a6:83:da:d0:12:99:67:90:d4:b0:7d:16:81:85:7d:
ba:2e:1a:02:f1:c1:dd:aa:6b:c0:42:b3:e7:fe:e3:2a:45:39:
19:2c:2b:de:e2:17:e2:43:b4:1f:85:e8:c2:ee:4b:8f:8b:15:
e7:15:0a:3e:92:a2:a2:3e:89:2b:0c:22:4d:1a:71:f6:dc:dc:
14:26:a1:31:8e:a9:ee:a7:de:f5:3f:2f:e1:72:6f:53:22:dc:
ba:9e:ae:7d:3e:bf:c0:3e:62:4a:cf:be:cd:ac:c2:b2:23:86:
51:08:08:5a:b4:73:78:37:46:81:94:d3:ed:23:3f:64:d5:4d:
49:ba:bd:72:3a:9e:bf:fe:ad:c3:1b:8b:ba:c0:05:1d:57:ea:
4c:c7:57:68:af:b5:66:66:59:8d:0d:e8:e2:e1:13:a0:fe:29:
5d:6f:21:f4:f4:89:97:eb:76:63:a3:9e:b7:d8:04:59:50:0d:
af:49:f9:93
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICAYYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUVCNDIxMTAvBgNVBAUTKDU2MjM3OTI4NTQ4QjA4MkY1QjEzQzE2RURDM0U2QTdD
MkY4MEZDRjEwHhcNMjQxMjA4MTAyODQ1WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU1NzRkZC1lOGIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuKATiPy0A2Izmdf3s3uVPebV99Oeg2gx0zAT+K+n2BHSgLGMX2oUxRsoYRaF
CgFhZNvY6StqBLKTr4+W5KKkbFwNV1AB0J0RZuHfPQwkc2tVMO1Ed/YxglGLr0Yo
jPZ0bVAXVbfvdHbmIA+p/KwE22GBLR4eN2/8CxgDFg/7b/0opizIdz5/QkjGpKL7
2WnMmpfd1tH/hp9mBhaQh/N/RwAo4qL8a5vnlDtwcPqM5jqoj6um4eHPya0ZO+7d
UP/0+XWVX2Pavv8kVCVGy9SjQY8IY8q5fyiJ0Iy4lgLtOrTM0DeLY0hsKOcZsPLm
uH7H0QW2yAox2MUgnQ3K19GQvwIDAQABo4ICvTCCArkwHQYDVR0OBBYEFNZEKZB7
Zb6sV24xwIKnL42IeZz7MB8GA1UdIwQYMBaAFFYjeShUiwgvWxPBbtw+anwvgPzx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRUI0Mi8xQUQ5N0I2NDZB
NkUxMUVEQkI5OTAzNjNDNEY5QUUwMi9WaU41S0ZTTENDOWJFOEZ1M0Q1cWZDLUFf
UEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZpTjVLRlNMQ0M5YkU4RnUzRDVxZkMtQV9QRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUVCNDIvMUFEOTdCNjQ2QTZFMTFFREJCOTkwMzYzQzRGOUFFMDIvNjg0Mzk0MjY2
RkQxMTFFREEwMDdENDc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MDQEAgABMC4DBAIr5dQwDAMEACvxLQMEACvxLgMEASv7agMEAWclKjAMAwQA
ZyqxAwQAZyqyMA0GCSqGSIb3DQEBCwUAA4IBAQAqNV0A2A4iLKmKPPl1WEIVvVAj
rTVojDY0336nMBioFZOtZDubw4jy3iReswtpL28ujJvwaeXmMwLLh5vgEefvgmaJ
7OgDZXNSmsCmg9rQEplnkNSwfRaBhX26LhoC8cHdqmvAQrPn/uMqRTkZLCve4hfi
Q7QfhejC7kuPixXnFQo+kqKiPokrDCJNGnH23NwUJqExjqnup971Py/hcm9TIty6
nq59Pr/APmJKz77NrMKyI4ZRCAhatHN4N0aBlNPtIz9k1U1Jur1yOp6//q3DG4u6
wAUdV+pMx1dor7VmZlmNDeji4ROg/ildbyH09ImX63Zjo5632ARZUA2vSfmT
-----END CERTIFICATE-----
Generated at Sun Apr 13 04:45:55 2025 by rpki-client