Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/09A79FA8295111EFB7604836C4F9AE02.roa
File: 09A79FA8295111EFB7604836C4F9AE02.roa (raw, json)
Hash identifier: hTz0F8V9//HZ9iWOSJ8x5piVjtloRWDQA8aAJgd1Ps8=
Subject key identifier: DD:4C:BC:DC:7A:D4:BD:4B:97:59:A4:36:73:FC:5F:6E:C0:DD:F7:18
Certificate issuer: /CN=A91F3C87/serialNumber=EF9FE381DA3D42EB7C4E0D049CCAE7228E28FB4B
Certificate serial: D4
Authority key identifier: EF:9F:E3:81:DA:3D:42:EB:7C:4E:0D:04:9C:CA:E7:22:8E:28:FB:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75_jgdo9Qut8Tg0EnMrnIo4o-0s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/09A79FA8295111EFB7604836C4F9AE02.roa
Signing time: Thu 13 Jun 2024 06:49:10 +0000
ROA not before: Thu 13 Jun 2024 06:49:10 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 136173
IP address blocks: 43.224.148.0/24 maxlen: 24
103.43.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Jul 2024 11:23:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 212 (0xd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F3C87/serialNumber=EF9FE381DA3D42EB7C4E0D049CCAE7228E28FB4B
Validity
Not Before: Jun 13 06:49:10 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=666a9666-0ab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:82:ac:cb:80:b2:32:e7:d5:96:5e:fc:35:cf:
aa:0f:2a:c9:b0:9e:b8:d8:9a:1c:54:37:bf:50:0e:
78:5a:e7:77:61:2a:d4:2d:42:57:4b:3a:34:ec:1d:
11:01:4c:36:f2:f1:32:03:1c:e8:f4:a7:4a:43:4e:
43:2a:2c:f0:a5:83:66:14:86:11:40:33:91:1d:bf:
07:12:23:2b:05:8e:af:96:45:a5:8b:1c:a2:b1:11:
0e:e3:58:f0:66:cd:9b:72:cf:3c:26:42:c2:5a:bf:
c7:51:67:9a:46:bd:b9:7b:f0:d1:e3:bb:43:d0:e2:
de:0f:af:65:d5:be:ad:ae:70:25:2f:67:3d:57:43:
66:6d:a4:5d:51:4b:68:fd:ba:3e:a2:2d:42:c3:1d:
6d:2b:8d:ab:64:bc:ab:ae:54:3d:11:3d:8e:1e:8d:
75:98:74:a2:46:6d:c3:0d:d4:9f:b1:bb:6b:46:a2:
29:67:2b:a3:da:f2:d5:ca:e3:a7:b9:dd:90:88:1a:
16:af:02:72:ed:5b:3d:dc:4a:1c:b0:2f:89:a7:03:
f2:fd:9d:e3:ef:f6:f1:b7:3e:91:ec:e9:54:6f:5a:
8e:76:9a:70:85:05:4d:6b:f8:71:d7:ae:e1:20:b4:
f6:76:36:5b:3d:c9:ae:1a:e8:7e:da:98:9b:d6:3d:
0d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:4C:BC:DC:7A:D4:BD:4B:97:59:A4:36:73:FC:5F:6E:C0:DD:F7:18
X509v3 Authority Key Identifier:
keyid:EF:9F:E3:81:DA:3D:42:EB:7C:4E:0D:04:9C:CA:E7:22:8E:28:FB:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/75_jgdo9Qut8Tg0EnMrnIo4o-0s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75_jgdo9Qut8Tg0EnMrnIo4o-0s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/09A79FA8295111EFB7604836C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.148.0/24
103.43.173.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:fc:a8:c8:7b:02:f5:15:2f:d5:75:d4:b1:d3:91:7f:d6:6d:
a0:48:cc:8a:20:46:5a:73:05:d9:44:72:47:51:1b:41:ba:6d:
76:36:94:06:9c:80:2a:b1:34:6f:37:62:53:48:12:75:a9:48:
09:c9:03:b3:c7:93:9a:26:43:03:6a:a6:cc:9a:2c:d4:13:fa:
09:11:64:ea:de:60:dd:b7:17:02:f7:f7:1c:04:dd:a6:60:53:
f4:93:e7:c8:14:64:0c:f6:ce:73:f1:6f:5d:7f:d3:a3:fd:4b:
2e:65:04:ce:3b:12:29:a8:bb:84:80:44:e3:bd:8e:5f:fa:68:
b7:2f:04:43:7a:f5:d9:9c:21:8a:d6:87:da:2c:84:4a:3c:6e:
fd:3c:76:47:c5:4a:3a:c0:96:66:f9:76:2d:1a:25:ce:4a:9c:
38:66:8d:7b:79:65:40:db:5b:d1:2d:e9:0d:87:14:97:dc:71:
5b:c3:51:d6:00:db:7c:1f:9c:9e:fa:7d:c2:48:d9:20:ce:59:
fd:cf:70:81:a0:cd:d0:7f:f3:21:13:44:a2:49:8e:f2:67:7e:
bd:39:06:77:8a:db:95:b0:b4:11:a6:9f:63:40:71:a4:51:c2:
72:30:17:26:98:fe:9d:1b:ef:5c:fb:b2:f4:4f:a2:93:9d:7d:
fd:cb:1f:1f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICANQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjNDODcxMTAvBgNVBAUTKEVGOUZFMzgxREEzRDQyRUI3QzRFMEQwNDlDQ0FFNzIy
OEUyOEZCNEIwHhcNMjQwNjEzMDY0OTEwWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjZhOTY2Ni0wYWI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtYKsy4CyMufVll78Nc+qDyrJsJ642JocVDe/UA54Wud3YSrULUJXSzo07B0R
AUw28vEyAxzo9KdKQ05DKizwpYNmFIYRQDORHb8HEiMrBY6vlkWlixyisREO41jw
Zs2bcs88JkLCWr/HUWeaRr25e/DR47tD0OLeD69l1b6trnAlL2c9V0NmbaRdUUto
/bo+oi1Cwx1tK42rZLyrrlQ9ET2OHo11mHSiRm3DDdSfsbtrRqIpZyuj2vLVyuOn
ud2QiBoWrwJy7Vs93EocsC+JpwPy/Z3j7/bxtz6R7OlUb1qOdppwhQVNa/hx167h
ILT2djZbPcmuGuh+2pib1j0NBwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFN1MvNx6
1L1Ll1mkNnP8X27A3fcYMB8GA1UdIwQYMBaAFO+f44HaPULrfE4NBJzK5yKOKPtL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0M4Ny9FNzgyODU0RUVG
MEIxMUVEODFERDJENzJDNEY5QUUwMi83NV9qZ2RvOVF1dDhUZzBFbk1ybklvNG8t
MHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzc1X2pnZG85UXV0OFRnMEVuTXJuSW80by0wcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjNDODcvRTc4Mjg1NEVFRjBCMTFFRDgxREQyRDcyQzRGOUFFMDIvMDlBNzlGQTgy
OTUxMTFFRkI3NjA0ODM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAr4JQDBABnK60wDQYJKoZIhvcNAQELBQADggEBAK38qMh7
AvUVL9V11LHTkX/WbaBIzIogRlpzBdlEckdRG0G6bXY2lAacgCqxNG83YlNIEnWp
SAnJA7PHk5omQwNqpsyaLNQT+gkRZOreYN23FwL39xwE3aZgU/ST58gUZAz2znPx
b11/06P9Sy5lBM47Eimou4SAROO9jl/6aLcvBEN69dmcIYrWh9oshEo8bv08dkfF
SjrAlmb5di0aJc5KnDhmjXt5ZUDbW9Et6Q2HFJfccVvDUdYA23wfnJ76fcJI2SDO
Wf3PcIGgzdB/8yETRKJJjvJnfr05BneK25WwtBGmn2NAcaRRwnIwFyaY/p0b71z7
svRPopOdff3LHx8=
-----END CERTIFICATE-----
Generated at Fri Jul 5 13:08:45 2024 by rpki-client on console-fra.rpki-client.org