Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F1446/2A1FF56EC53511EC8E5A0313C4F9AE02/D4D3CCDAC53811ECB4EAFD1AC4F9AE02.roa
File: D4D3CCDAC53811ECB4EAFD1AC4F9AE02.roa (raw, json)
Hash identifier: vCL+AHxIDNSdBVlj/krRHVGqXqiZLHjKnnURzczrLLQ=
Subject key identifier: 57:31:11:C0:8F:54:09:41:AA:0B:AB:3E:A5:19:54:FA:01:6E:AB:D2
Certificate issuer: /CN=A91F1446/serialNumber=B5D33A7A32A5082D336B6B05B7965F307470A276
Certificate serial: 02DE
Authority key identifier: B5:D3:3A:7A:32:A5:08:2D:33:6B:6B:05:B7:96:5F:30:74:70:A2:76
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tdM6ejKlCC0za2sFt5ZfMHRwonY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F1446/2A1FF56EC53511EC8E5A0313C4F9AE02/D4D3CCDAC53811ECB4EAFD1AC4F9AE02.roa
Signing time: Fri 29 Nov 2024 01:14:42 +0000
ROA not before: Fri 29 Nov 2024 01:14:42 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 132446
IP address blocks: 43.241.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 17 Jan 2025 03:40:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 734 (0x2de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F1446, serialNumber=B5D33A7A32A5082D336B6B05B7965F307470A276
Validity
Not Before: Nov 29 01:14:42 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67491581-2fd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:47:73:99:d5:37:df:62:8c:d1:bb:ed:de:55:
27:ab:85:33:c6:cf:bf:e7:d2:fd:a0:ad:23:33:60:
ba:d7:80:3b:79:b5:52:24:3d:fc:e9:cd:02:c1:47:
cf:bc:07:39:ad:ae:66:56:e0:82:f9:7f:76:6b:fa:
41:5d:be:af:f1:7d:31:9f:08:8d:97:77:c7:6f:00:
b8:5f:fa:c8:40:78:3a:fd:52:90:e7:a6:85:4e:6e:
f3:30:97:59:8c:08:a6:4d:8c:f9:73:d6:7e:b8:0c:
4b:cf:f8:27:67:53:cb:6c:8a:39:55:53:30:95:12:
80:b4:63:7f:af:f2:07:fe:fa:5c:64:04:4c:ba:54:
51:82:bd:87:05:fb:3f:2c:8a:5c:7b:8e:c1:ff:6f:
17:3e:7c:83:6b:3f:80:45:ae:0d:3d:31:b7:f8:4f:
3c:99:90:77:75:58:8c:04:af:a4:fb:bf:ff:f7:10:
05:55:a7:da:9f:98:72:49:43:5d:5d:09:d6:82:ef:
fa:eb:d7:6e:a2:0c:2f:fa:91:97:21:31:ed:85:5a:
cd:41:7e:60:ca:f6:31:be:f3:fa:d8:33:06:bb:88:
6c:ae:4b:2f:60:a5:49:40:c6:85:54:e9:a4:f3:a6:
a1:72:2d:5f:31:ea:ee:73:7c:e7:ac:61:36:e5:6a:
71:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:31:11:C0:8F:54:09:41:AA:0B:AB:3E:A5:19:54:FA:01:6E:AB:D2
X509v3 Authority Key Identifier:
keyid:B5:D3:3A:7A:32:A5:08:2D:33:6B:6B:05:B7:96:5F:30:74:70:A2:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F1446/2A1FF56EC53511EC8E5A0313C4F9AE02/tdM6ejKlCC0za2sFt5ZfMHRwonY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tdM6ejKlCC0za2sFt5ZfMHRwonY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F1446/2A1FF56EC53511EC8E5A0313C4F9AE02/D4D3CCDAC53811ECB4EAFD1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.252.0/22
Signature Algorithm: sha256WithRSAEncryption
52:b3:f8:d4:b8:99:33:16:05:7d:cd:76:e3:5a:e6:7a:e4:e1:
b6:b3:8c:ed:32:8b:75:1c:46:5d:b1:25:02:49:ee:86:46:36:
c4:05:71:5e:56:fe:1f:cc:04:e7:5c:f7:a6:73:aa:9f:a8:1c:
cc:76:f1:b3:8d:c4:a9:4c:9f:57:c4:d7:04:c5:da:ca:06:eb:
99:fd:87:0c:15:52:1e:0c:92:aa:3e:de:67:6d:4a:3d:4b:ab:
97:be:9f:c7:9e:bb:36:ce:a3:88:cf:a4:9f:7b:6a:ad:08:4a:
42:2d:6c:ec:ba:d3:e8:7b:d7:90:2f:1a:20:2f:01:6a:7e:02:
25:a6:28:0f:02:e1:5e:1a:1b:f8:dd:6a:03:30:c6:69:77:25:
06:a9:08:ad:ea:17:42:49:e2:bc:fe:e1:be:06:97:d4:df:01:
ab:5a:a8:93:2b:52:93:24:5e:d5:2a:07:fb:16:94:3f:0c:89:
a4:aa:9e:a3:92:75:f3:5e:40:9d:a7:11:93:3f:a7:2b:b8:23:
b8:61:fd:dc:44:31:f3:b1:d9:9a:21:36:75:d2:26:bf:e3:a3:
ee:90:d8:43:b1:ce:c7:21:3e:31:98:10:7d:ec:76:1e:a2:bf:
9c:83:10:18:31:a9:4b:9a:16:76:1c:b8:97:33:88:b6:42:fa:
40:04:4a:aa
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAt4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjE0NDYxMTAvBgNVBAUTKEI1RDMzQTdBMzJBNTA4MkQzMzZCNkIwNUI3OTY1RjMw
NzQ3MEEyNzYwHhcNMjQxMTI5MDExNDQyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ5MTU4MS0yZmQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtkdzmdU332KM0bvt3lUnq4Uzxs+/59L9oK0jM2C614A7ebVSJD386c0CwUfP
vAc5ra5mVuCC+X92a/pBXb6v8X0xnwiNl3fHbwC4X/rIQHg6/VKQ56aFTm7zMJdZ
jAimTYz5c9Z+uAxLz/gnZ1PLbIo5VVMwlRKAtGN/r/IH/vpcZARMulRRgr2HBfs/
LIpce47B/28XPnyDaz+ARa4NPTG3+E88mZB3dViMBK+k+7//9xAFVafan5hySUNd
XQnWgu/669duogwv+pGXITHthVrNQX5gyvYxvvP62DMGu4hsrksvYKVJQMaFVOmk
86ahci1fMeruc3znrGE25WpxPQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFcxEcCP
VAlBqgurPqUZVPoBbqvSMB8GA1UdIwQYMBaAFLXTOnoypQgtM2trBbeWXzB0cKJ2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTQ0Ni8yQTFGRjU2RUM1
MzUxMUVDOEU1QTAzMTNDNEY5QUUwMi90ZE02ZWpLbENDMHphMnNGdDVaZk1IUndv
blkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RkTTZlaktsQ0MwemEyc0Z0NVpmTUhSd29uWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjE0NDYvMkExRkY1NkVDNTM1MTFFQzhFNUEwMzEzQzRGOUFFMDIvRDREM0NDREFD
NTM4MTFFQ0I0RUFGRDFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAIr8fwwDQYJKoZIhvcNAQELBQADggEBAFKz+NS4mTMWBX3N
duNa5nrk4bazjO0yi3UcRl2xJQJJ7oZGNsQFcV5W/h/MBOdc96Zzqp+oHMx28bON
xKlMn1fE1wTF2soG65n9hwwVUh4Mkqo+3mdtSj1Lq5e+n8eeuzbOo4jPpJ97aq0I
SkItbOy60+h715AvGiAvAWp+AiWmKA8C4V4aG/jdagMwxml3JQapCK3qF0JJ4rz+
4b4Gl9TfAataqJMrUpMkXtUqB/sWlD8MiaSqnqOSdfNeQJ2nEZM/pyu4I7hh/dxE
MfOx2ZohNnXSJr/jo+6Q2EOxzschPjGYEH3sdh6iv5yDEBgxqUuaFnYcuJcziLZC
+kAESqo=
-----END CERTIFICATE-----
Generated at Fri Apr 18 18:08:14 2025 by rpki-client