Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/08D62A5231D711EF926EB844C4F9AE02.roa
File: 08D62A5231D711EF926EB844C4F9AE02.roa (raw, json)
Hash identifier: bdL7BLVoJ5bRlUQka5l7PNlrXwZdu7VxgYpIkx3/9Ec=
Subject key identifier: 97:66:C0:9D:BB:AB:0C:9C:94:58:D9:8C:9D:41:EA:7D:61:23:EE:55
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0618
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/08D62A5231D711EF926EB844C4F9AE02.roa
Signing time: Mon 24 Jun 2024 03:08:31 +0000
ROA not before: Mon 24 Jun 2024 03:08:31 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 64021
IP address blocks: 43.252.208.0/24 maxlen: 24
43.252.209.0/24 maxlen: 24
43.252.210.0/24 maxlen: 24
103.228.64.0/24 maxlen: 24
103.234.54.0/24 maxlen: 24
150.107.1.0/24 maxlen: 24
150.107.2.0/24 maxlen: 24
150.107.3.0/24 maxlen: 24
150.129.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Aug 2024 08:15:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1560 (0x618)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Jun 24 03:08:31 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6678e32f-257a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:38:89:21:c0:b7:92:51:0b:3a:20:c4:21:ba:
3c:2a:60:1a:81:b7:bc:fe:49:4a:71:91:82:e8:7b:
84:76:a1:ee:00:3e:1a:7c:87:40:7f:5e:fe:75:d7:
67:c7:a3:bf:ba:ee:a2:ba:a2:e6:cf:1a:aa:f3:b3:
72:9d:a7:b7:9a:92:99:35:39:d0:29:26:71:26:c5:
39:5f:d0:17:a7:7a:0e:0e:58:20:56:dd:f5:fe:51:
54:d3:6d:94:6e:44:04:7e:61:dd:9c:8d:82:96:8b:
72:40:9a:13:61:e9:ea:9f:16:db:57:ed:27:b6:61:
aa:1a:4e:a9:df:0f:08:b6:25:b3:cd:13:83:f3:fc:
1b:36:25:56:57:35:0b:25:e1:5e:30:65:94:8e:8e:
28:8a:da:a5:47:4f:ae:0c:3f:7f:fd:fe:f2:99:d6:
8a:97:67:7f:4d:87:5e:99:4c:d8:08:90:70:58:bd:
ee:72:f7:46:9f:aa:c4:b2:27:21:e5:a6:fb:de:50:
98:ec:cf:e3:38:55:e5:01:22:74:4a:6f:ff:92:7c:
8c:f7:a1:5e:16:60:36:33:70:20:82:55:62:06:0b:
2d:bc:31:fe:fb:22:df:6b:5f:47:5e:e8:6f:41:11:
65:8d:10:51:2c:fb:6e:8f:7a:94:a8:a5:df:d9:cb:
68:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:66:C0:9D:BB:AB:0C:9C:94:58:D9:8C:9D:41:EA:7D:61:23:EE:55
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/08D62A5231D711EF926EB844C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.208.0-43.252.210.255
103.228.64.0/24
103.234.54.0/24
150.107.1.0-150.107.3.255
150.129.42.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:50:eb:72:ad:cb:79:8f:9e:5d:78:3d:be:11:1a:1c:61:4b:
74:0e:68:a8:54:be:74:dc:4b:8e:1a:81:22:b3:51:7b:4b:a7:
db:a8:4e:44:46:47:3d:f0:11:f2:4c:96:02:41:5b:ac:29:d1:
86:ac:8a:eb:03:32:5a:8e:2e:af:c9:46:55:ff:3a:1f:ab:2c:
ec:dc:1a:35:2b:5b:28:8c:12:b6:28:e7:9f:5c:c7:5a:e9:17:
f7:1e:92:f3:3a:0d:4d:46:b1:3f:93:65:5a:85:e7:22:92:37:
cd:9e:56:32:47:b8:72:25:00:1c:2c:92:11:c5:92:2a:8c:85:
47:77:69:98:42:67:80:6f:2d:8c:bc:80:40:07:53:b5:1b:ac:
bf:56:1f:22:b2:2d:b6:1e:38:30:7c:a8:2f:3d:4c:9e:b0:81:
87:49:91:fa:b9:6b:f4:91:11:8f:60:06:48:72:3c:3f:37:1d:
d0:a7:a3:4a:7b:1f:e7:04:da:c4:2b:b5:03:47:24:1b:2b:c0:
a1:f4:c3:5c:93:d5:2e:74:be:fe:e8:ca:8b:91:3e:d2:3a:30:
9a:e1:3e:5e:f1:44:b6:d7:c5:0b:5a:4f:ed:5a:8c:36:bb:25:
89:60:cf:ef:11:e1:75:4c:57:4a:cb:51:84:40:e4:7c:a5:08:
ff:e1:99:f6
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICBhgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjQwNjI0MDMwODMxWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njc4ZTMyZi0yNTdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvjiJIcC3klELOiDEIbo8KmAagbe8/klKcZGC6HuEdqHuAD4afIdAf17+dddn
x6O/uu6iuqLmzxqq87Nynae3mpKZNTnQKSZxJsU5X9AXp3oODlggVt31/lFU022U
bkQEfmHdnI2ClotyQJoTYenqnxbbV+0ntmGqGk6p3w8ItiWzzROD8/wbNiVWVzUL
JeFeMGWUjo4oitqlR0+uDD9//f7ymdaKl2d/TYdemUzYCJBwWL3ucvdGn6rEsich
5ab73lCY7M/jOFXlASJ0Sm//knyM96FeFmA2M3AgglViBgstvDH++yLfa19HXuhv
QRFljRBRLPtuj3qUqKXf2ctoZwIDAQABo4ICvTCCArkwHQYDVR0OBBYEFJdmwJ27
qwyclFjZjJ1B6n1hI+5VMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvMDhENjJBNTIz
MUQ3MTFFRjkyNkVCODQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MDQEAgABMC4wDAMEBCv80AMEACv80gMEAGfkQAMEAGfqNjAMAwQAlmsBAwQC
lmsAAwQAloEqMA0GCSqGSIb3DQEBCwUAA4IBAQBvUOtyrct5j55deD2+ERocYUt0
DmioVL503EuOGoEis1F7S6fbqE5ERkc98BHyTJYCQVusKdGGrIrrAzJaji6vyUZV
/zofqyzs3Bo1K1sojBK2KOefXMda6Rf3HpLzOg1NRrE/k2VahecikjfNnlYyR7hy
JQAcLJIRxZIqjIVHd2mYQmeAby2MvIBAB1O1G6y/Vh8isi22HjgwfKgvPUyesIGH
SZH6uWv0kRGPYAZIcjw/Nx3Qp6NKex/nBNrEK7UDRyQbK8Ch9MNck9UudL7+6MqL
kT7SOjCa4T5e8US218ULWk/tWow2uyWJYM/vEeF1TFdKy1GEQOR8pQj/4Zn2
-----END CERTIFICATE-----
Generated at Wed Aug 14 12:20:47 2024 by rpki-client on console-ams.rpki-client.org