Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/46EF38D63E9611EEB963E262C4F9AE02.roa
File: 46EF38D63E9611EEB963E262C4F9AE02.roa (raw, json)
Hash identifier: 2b4HibdS2k0amrxNiGnivopdNXCTugKa1B8X4TZqprM=
Subject key identifier: E2:F4:F9:4C:D7:60:FD:ED:7C:A4:8A:93:9E:EC:0F:DD:78:07:92:34
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0528
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/46EF38D63E9611EEB963E262C4F9AE02.roa
Signing time: Fri 13 Oct 2023 00:52:55 +0000
ROA not before: Fri 13 Oct 2023 00:52:55 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 132422
IP address blocks: 43.252.208.0/24 maxlen: 24
43.252.209.0/24 maxlen: 24
43.252.210.0/24 maxlen: 24
43.252.211.0/24 maxlen: 24
103.209.233.0/24 maxlen: 24
103.228.64.0/24 maxlen: 24
103.234.54.0/24 maxlen: 24
150.107.0.0/24 maxlen: 24
150.107.1.0/24 maxlen: 24
150.107.2.0/24 maxlen: 24
150.107.3.0/24 maxlen: 24
150.129.42.0/24 maxlen: 24
163.53.16.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Nov 2023 13:06:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1320 (0x528)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Oct 13 00:52:55 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=652894e7-25c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:be:bf:0c:3e:15:2e:49:22:56:7b:65:8c:6b:
7f:b2:0b:c0:ce:9f:7a:ef:37:c8:d4:c2:40:85:ef:
23:08:15:9e:d4:f1:10:ba:de:90:20:52:5e:a5:98:
09:63:d8:da:52:a1:90:64:31:43:79:ea:ab:f3:3a:
f1:e6:15:77:d7:cc:d1:de:94:3a:6a:74:33:db:13:
37:e8:f7:75:f1:fd:cb:39:f3:5e:92:c0:25:ab:5f:
cb:66:bf:b2:a8:3f:e7:83:62:37:99:85:26:2f:67:
be:f5:32:4d:1d:d4:1a:a9:89:36:9a:65:40:4d:ec:
4f:55:fc:c1:42:a9:ef:6f:f0:5b:d6:ce:32:fc:1d:
06:66:43:2b:84:dc:48:31:a2:1d:c3:f5:70:cd:ad:
24:86:9f:e0:64:86:30:41:5d:1e:f2:f9:8c:46:0c:
58:a2:29:e1:fe:c6:4f:75:12:56:4f:17:78:29:4a:
f3:eb:6d:6f:7f:55:fd:31:11:3f:93:7e:30:76:50:
96:e1:7a:a3:41:ef:c6:66:4a:6d:38:4a:8d:69:cd:
58:c2:ec:8c:72:59:67:58:3b:9e:8d:78:60:00:53:
bf:d3:8b:b6:c6:79:8e:bf:c6:0f:3b:55:49:cd:0d:
12:1d:4f:23:ee:93:06:fa:be:0d:b2:60:9b:6a:91:
db:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:F4:F9:4C:D7:60:FD:ED:7C:A4:8A:93:9E:EC:0F:DD:78:07:92:34
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/46EF38D63E9611EEB963E262C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.208.0/22
103.209.233.0/24
103.228.64.0/24
103.234.54.0/24
150.107.0.0/22
150.129.42.0/24
163.53.16.0/24
Signature Algorithm: sha256WithRSAEncryption
75:2d:2d:f4:32:48:b4:12:cf:c6:8f:f8:1a:d8:f7:50:25:4c:
3e:f0:4c:bf:8d:48:d5:b1:a8:98:e8:08:1e:0b:58:75:c7:b7:
78:27:b5:ae:5f:43:5f:67:a8:d2:92:0a:f9:49:24:99:12:ff:
34:ab:46:7d:97:db:13:66:70:42:e1:fe:11:65:b3:d7:fd:13:
42:f4:2c:42:97:d6:39:f4:3f:07:12:87:ec:dd:8b:24:63:a4:
8e:00:83:c7:38:db:ad:fb:92:c0:a7:fd:66:79:01:64:2b:fc:
d9:bf:c8:ca:d1:a9:70:e2:44:96:7f:49:1a:28:1c:f8:ff:d1:
ec:ca:6f:61:40:5f:9d:ff:3d:f4:6b:d3:74:99:76:fa:c8:94:
72:a6:62:c2:7e:d9:3a:39:0a:0c:07:e4:12:27:b3:ed:7b:d8:
b3:47:8a:b6:bf:65:0d:36:a5:15:2a:58:77:9d:70:70:e2:a1:
8c:c8:4d:8c:ae:18:df:fe:22:a8:aa:9a:ad:9e:42:5d:a9:b2:
1b:fe:17:88:84:e1:16:07:36:c8:38:26:ce:04:db:78:39:d3:
ad:30:84:45:cd:27:cc:72:a8:11:b0:13:7e:35:6f:b8:6d:94:
85:81:43:ee:a6:e4:f8:7c:67:fc:a2:b9:4b:e2:c8:6d:9a:06:
cc:a0:47:c4
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICBSgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjMxMDEzMDA1MjU1WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI4OTRlNy0yNWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyr6/DD4VLkkiVntljGt/sgvAzp967zfI1MJAhe8jCBWe1PEQut6QIFJepZgJ
Y9jaUqGQZDFDeeqr8zrx5hV318zR3pQ6anQz2xM36Pd18f3LOfNeksAlq1/LZr+y
qD/ng2I3mYUmL2e+9TJNHdQaqYk2mmVATexPVfzBQqnvb/Bb1s4y/B0GZkMrhNxI
MaIdw/Vwza0khp/gZIYwQV0e8vmMRgxYoinh/sZPdRJWTxd4KUrz621vf1X9MRE/
k34wdlCW4XqjQe/GZkptOEqNac1YwuyMcllnWDuejXhgAFO/04u2xnmOv8YPO1VJ
zQ0SHU8j7pMG+r4NsmCbapHb4wIDAQABo4ICuTCCArUwHQYDVR0OBBYEFOL0+UzX
YP3tfKSKk57sD914B5I0MB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvNDZFRjM4RDYz
RTk2MTFFRUI5NjNFMjYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCoDBAIr/NADBABn0ekDBABn5EADBABn6jYDBAKWawADBACWgSoD
BACjNRAwDQYJKoZIhvcNAQELBQADggEBAHUtLfQySLQSz8aP+BrY91AlTD7wTL+N
SNWxqJjoCB4LWHXHt3gnta5fQ19nqNKSCvlJJJkS/zSrRn2X2xNmcELh/hFls9f9
E0L0LEKX1jn0PwcSh+zdiyRjpI4Ag8c42637ksCn/WZ5AWQr/Nm/yMrRqXDiRJZ/
SRooHPj/0ezKb2FAX53/PfRr03SZdvrIlHKmYsJ+2To5CgwH5BIns+172LNHira/
ZQ02pRUqWHedcHDioYzITYyuGN/+Iqiqmq2eQl2pshv+F4iE4RYHNsg4Js4E23g5
060whEXNJ8xyqBGwE341b7htlIWBQ+6m5Ph8Z/yiuUviyG2aBsygR8Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org