Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F1446/2A1FF56EC53511EC8E5A0313C4F9AE02/CF86FED8D48411EFA3E04425C4F9AE02.roa
File: CF86FED8D48411EFA3E04425C4F9AE02.roa (raw, json)
Hash identifier: wy59qMmjU+aGcikoC/wpvU3wMdD310d0R7K9M+ARqLI=
Subject key identifier: F1:BE:BA:93:83:EC:DE:BE:39:FB:F1:9A:0C:8F:7D:F4:5D:6A:15:B9
Certificate issuer: /CN=A91F1446/serialNumber=B5D33A7A32A5082D336B6B05B7965F307470A276
Certificate serial: 02FB
Authority key identifier: B5:D3:3A:7A:32:A5:08:2D:33:6B:6B:05:B7:96:5F:30:74:70:A2:76
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tdM6ejKlCC0za2sFt5ZfMHRwonY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F1446/2A1FF56EC53511EC8E5A0313C4F9AE02/CF86FED8D48411EFA3E04425C4F9AE02.roa
Signing time: Fri 17 Jan 2025 03:40:35 +0000
ROA not before: Fri 17 Jan 2025 03:40:35 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 132446
IP address blocks: 43.241.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 Jan 2025 03:46:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 763 (0x2fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F1446, serialNumber=B5D33A7A32A5082D336B6B05B7965F307470A276
Validity
Not Before: Jan 17 03:40:35 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6789d133-32dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0b:17:da:18:a9:db:a1:7f:2b:07:49:29:58:
ee:97:8f:aa:34:62:7a:37:2a:79:e4:95:b9:9e:f6:
71:22:86:0a:6b:2c:af:68:44:1b:57:61:e3:27:b3:
14:57:5e:5c:20:b3:c2:01:bd:fb:e8:eb:59:d2:2f:
64:c0:20:a6:c6:22:ad:b0:9f:97:ae:9d:db:da:fb:
50:19:51:07:23:86:81:50:e0:2e:10:03:f9:ff:68:
72:92:db:69:76:3c:75:d2:7b:4b:77:aa:7f:61:8c:
15:4f:5f:d8:22:9e:f6:f5:bb:b4:1a:b7:ee:71:11:
57:d4:24:e6:cf:58:d8:6d:70:1c:64:97:6d:4d:52:
52:1b:c6:43:c6:c6:29:3a:79:94:93:73:ca:8f:29:
04:9f:63:9f:5c:d0:7f:3d:73:40:12:01:86:b5:2a:
9b:ef:36:01:f9:f5:23:3b:44:82:f5:ad:07:ff:b2:
84:21:f1:b0:a6:15:5b:f9:dd:47:bc:67:f7:fe:7d:
e8:70:a2:c2:c4:f3:89:29:53:4d:23:bb:05:bc:63:
d2:e6:6e:44:ef:bb:1c:f5:e0:8f:fa:99:e3:7c:5d:
29:de:04:68:35:21:e4:e3:04:79:79:e7:f6:26:1f:
f0:38:14:56:3f:73:4d:a5:db:82:8b:4c:cd:16:23:
6b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:BE:BA:93:83:EC:DE:BE:39:FB:F1:9A:0C:8F:7D:F4:5D:6A:15:B9
X509v3 Authority Key Identifier:
keyid:B5:D3:3A:7A:32:A5:08:2D:33:6B:6B:05:B7:96:5F:30:74:70:A2:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F1446/2A1FF56EC53511EC8E5A0313C4F9AE02/tdM6ejKlCC0za2sFt5ZfMHRwonY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tdM6ejKlCC0za2sFt5ZfMHRwonY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F1446/2A1FF56EC53511EC8E5A0313C4F9AE02/CF86FED8D48411EFA3E04425C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.252.0/22
Signature Algorithm: sha256WithRSAEncryption
21:4a:48:30:cf:bd:c9:71:b6:b9:c3:47:78:fa:4d:0c:8b:a1:
4b:d2:ca:fb:1f:58:27:36:d9:cb:d8:ea:a2:83:03:f8:f4:78:
33:0a:2f:22:81:13:f8:cb:cc:31:39:aa:d2:13:91:01:36:c1:
5f:a4:35:22:9b:74:cc:11:01:c1:e6:80:e6:3b:a4:d6:ae:72:
5a:d5:e4:5f:00:0f:cd:86:9e:f2:72:78:76:45:0a:07:c6:e5:
c6:c8:60:4f:d0:e8:b9:76:22:0a:34:72:f0:eb:f8:b2:ec:77:
45:75:e6:76:46:94:8a:f1:c2:5d:6e:d6:0c:69:b7:3a:87:05:
77:a1:f2:40:3a:65:59:56:4d:64:d7:a9:f3:f4:54:62:42:e4:
0a:10:02:1b:38:23:24:db:ad:6c:79:de:7d:5a:e9:0c:81:15:
c8:77:8f:32:2b:4b:85:95:7a:2f:ab:bb:67:8f:a4:c7:34:b7:
a4:40:ec:a3:4b:c4:dc:67:ee:86:0d:da:fc:df:67:dc:24:ee:
91:dc:cc:c4:86:b6:51:27:3e:97:1f:32:59:6f:b8:e9:0c:a3:
e7:b9:5f:a2:1a:22:4d:4f:a7:c3:25:1c:74:70:3e:e5:78:98:
71:24:26:bf:23:da:60:21:aa:2f:17:dd:fe:d3:76:4c:3a:2d:
2b:2e:00:fa
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAvswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjE0NDYxMTAvBgNVBAUTKEI1RDMzQTdBMzJBNTA4MkQzMzZCNkIwNUI3OTY1RjMw
NzQ3MEEyNzYwHhcNMjUwMTE3MDM0MDM1WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg5ZDEzMy0zMmRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtAsX2hip26F/KwdJKVjul4+qNGJ6Nyp55JW5nvZxIoYKayyvaEQbV2HjJ7MU
V15cILPCAb376OtZ0i9kwCCmxiKtsJ+Xrp3b2vtQGVEHI4aBUOAuEAP5/2hykttp
djx10ntLd6p/YYwVT1/YIp729bu0GrfucRFX1CTmz1jYbXAcZJdtTVJSG8ZDxsYp
OnmUk3PKjykEn2OfXNB/PXNAEgGGtSqb7zYB+fUjO0SC9a0H/7KEIfGwphVb+d1H
vGf3/n3ocKLCxPOJKVNNI7sFvGPS5m5E77sc9eCP+pnjfF0p3gRoNSHk4wR5eef2
Jh/wOBRWP3NNpduCi0zNFiNr6wIDAQABo4IClTCCApEwHQYDVR0OBBYEFPG+upOD
7N6+OfvxmgyPffRdahW5MB8GA1UdIwQYMBaAFLXTOnoypQgtM2trBbeWXzB0cKJ2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTQ0Ni8yQTFGRjU2RUM1
MzUxMUVDOEU1QTAzMTNDNEY5QUUwMi90ZE02ZWpLbENDMHphMnNGdDVaZk1IUndv
blkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RkTTZlaktsQ0MwemEyc0Z0NVpmTUhSd29uWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjE0NDYvMkExRkY1NkVDNTM1MTFFQzhFNUEwMzEzQzRGOUFFMDIvQ0Y4NkZFRDhE
NDg0MTFFRkEzRTA0NDI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAIr8fwwDQYJKoZIhvcNAQELBQADggEBACFKSDDPvclxtrnD
R3j6TQyLoUvSyvsfWCc22cvY6qKDA/j0eDMKLyKBE/jLzDE5qtITkQE2wV+kNSKb
dMwRAcHmgOY7pNauclrV5F8AD82GnvJyeHZFCgfG5cbIYE/Q6Ll2Igo0cvDr+LLs
d0V15nZGlIrxwl1u1gxptzqHBXeh8kA6ZVlWTWTXqfP0VGJC5AoQAhs4IyTbrWx5
3n1a6QyBFch3jzIrS4WVei+ru2ePpMc0t6RA7KNLxNxn7oYN2vzfZ9wk7pHczMSG
tlEnPpcfMllvuOkMo+e5X6IaIk1Pp8MlHHRwPuV4mHEkJr8j2mAhqi8X3f7Tdkw6
LSsuAPo=
-----END CERTIFICATE-----
Generated at Fri Apr 18 18:04:25 2025 by rpki-client