Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/47BF12683E9611EEB963E262C4F9AE02.roa
File: 47BF12683E9611EEB963E262C4F9AE02.roa (raw, json)
Hash identifier: VN2v31yqJL2q+xUGQFmhccAEf1xbKGoC7TdVczfwRaw=
Subject key identifier: AD:61:06:0C:FE:75:8C:E3:68:38:B3:54:87:1A:E3:AE:8B:3C:5F:0A
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 052C
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/47BF12683E9611EEB963E262C4F9AE02.roa
Signing time: Fri 13 Oct 2023 00:52:59 +0000
ROA not before: Fri 13 Oct 2023 00:52:59 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 137451
IP address blocks: 43.252.208.0/24 maxlen: 24
43.252.209.0/24 maxlen: 24
43.252.210.0/24 maxlen: 24
43.252.211.0/24 maxlen: 24
103.209.233.0/24 maxlen: 24
103.228.64.0/24 maxlen: 24
103.234.54.0/24 maxlen: 24
150.107.0.0/24 maxlen: 24
150.107.1.0/24 maxlen: 24
150.107.2.0/24 maxlen: 24
150.107.3.0/24 maxlen: 24
150.129.42.0/24 maxlen: 24
163.53.16.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Nov 2023 13:07:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1324 (0x52c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Oct 13 00:52:59 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=652894ea-1e77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5f:d4:45:2b:19:9f:58:b1:bf:fc:07:2f:18:
f7:0f:a7:80:c8:a1:57:13:c6:e8:92:c1:89:3e:6d:
b8:3b:d4:75:0d:51:dc:53:3f:63:44:8c:28:58:6d:
6d:17:69:81:0e:f9:fc:74:ca:4e:34:0d:95:f7:f8:
9b:45:de:f9:a0:4f:7a:22:5c:ee:a5:50:9f:55:cc:
b1:6f:68:7c:b4:aa:f1:a7:7c:e3:ee:65:00:8d:0c:
8c:62:12:44:a5:ac:27:8f:0d:62:b0:6d:88:83:7e:
d7:07:1b:09:66:eb:00:73:c5:85:dd:f9:55:66:2e:
03:3a:8d:9f:97:b9:81:f4:b7:13:d1:46:45:18:d0:
41:7f:6b:65:e9:97:71:58:d5:33:04:b1:27:49:83:
67:5f:d0:ed:67:26:7f:50:c9:39:24:7b:56:1b:d1:
ab:6d:c0:a2:b6:e2:39:07:5c:e0:0d:e3:20:8a:20:
de:83:e7:67:d6:4a:78:a9:2d:7f:c1:b2:a8:e9:08:
8f:ef:0d:d2:b9:c2:86:e6:9f:77:bd:da:ee:c9:6d:
94:39:7d:4c:5b:59:fb:bd:c2:14:29:d8:eb:99:73:
0b:bc:e1:85:ba:7a:11:e8:51:75:50:b3:9c:37:5c:
e6:c4:97:77:0c:39:31:49:71:cd:32:55:b9:76:03:
ae:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:61:06:0C:FE:75:8C:E3:68:38:B3:54:87:1A:E3:AE:8B:3C:5F:0A
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/47BF12683E9611EEB963E262C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.208.0/22
103.209.233.0/24
103.228.64.0/24
103.234.54.0/24
150.107.0.0/22
150.129.42.0/24
163.53.16.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:84:0e:ba:a3:f8:61:f9:e6:47:ec:34:a1:7b:e5:33:4a:b0:
b4:e4:93:4a:6c:4b:54:fb:e1:f4:8a:c9:45:e3:e8:6b:59:9c:
af:eb:c7:85:7f:30:56:cd:97:4f:69:d9:8f:54:2d:6e:71:e7:
3c:5e:4e:6b:83:dd:db:13:8e:29:0f:02:94:ab:4d:e5:79:88:
32:f8:b0:2d:38:c7:7a:94:35:17:df:84:a6:27:f7:aa:48:e0:
f6:b3:3f:d2:f2:75:5f:f5:d0:f3:08:78:2e:8b:8c:a4:c0:32:
0c:87:75:d1:bc:1a:59:55:89:ff:5a:a0:81:5e:fb:c7:fa:3d:
fc:bd:ec:05:91:f0:59:83:b8:c2:83:18:49:46:ce:f2:e0:bf:
60:45:4a:b9:43:74:6c:e5:aa:a7:25:90:79:68:2d:ac:a0:c1:
77:32:5f:03:a1:ec:90:59:8c:24:0f:c2:cb:eb:ac:27:68:12:
0d:47:83:a7:13:3c:ce:f4:fd:44:1a:d4:df:0b:d3:ae:f6:00:
dd:88:90:93:00:d5:30:78:96:fd:7b:fb:c3:a3:1e:06:0e:e7:
88:51:56:53:fa:51:54:a2:a5:fc:12:f2:cf:a1:d8:90:f0:12:
51:89:dc:3d:cd:86:11:16:76:63:51:06:fa:60:a0:da:bc:ed:
cd:ad:60:6c
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICBSwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjMxMDEzMDA1MjU5WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI4OTRlYS0xZTc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0l/URSsZn1ixv/wHLxj3D6eAyKFXE8boksGJPm24O9R1DVHcUz9jRIwoWG1t
F2mBDvn8dMpONA2V9/ibRd75oE96IlzupVCfVcyxb2h8tKrxp3zj7mUAjQyMYhJE
pawnjw1isG2Ig37XBxsJZusAc8WF3flVZi4DOo2fl7mB9LcT0UZFGNBBf2tl6Zdx
WNUzBLEnSYNnX9DtZyZ/UMk5JHtWG9GrbcCituI5B1zgDeMgiiDeg+dn1kp4qS1/
wbKo6QiP7w3SucKG5p93vdruyW2UOX1MW1n7vcIUKdjrmXMLvOGFunoR6FF1ULOc
N1zmxJd3DDkxSXHNMlW5dgOu9QIDAQABo4ICuTCCArUwHQYDVR0OBBYEFK1hBgz+
dYzjaDizVIca466LPF8KMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvNDdCRjEyNjgz
RTk2MTFFRUI5NjNFMjYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCoDBAIr/NADBABn0ekDBABn5EADBABn6jYDBAKWawADBACWgSoD
BACjNRAwDQYJKoZIhvcNAQELBQADggEBAJ2EDrqj+GH55kfsNKF75TNKsLTkk0ps
S1T74fSKyUXj6GtZnK/rx4V/MFbNl09p2Y9ULW5x5zxeTmuD3dsTjikPApSrTeV5
iDL4sC04x3qUNRffhKYn96pI4PazP9LydV/10PMIeC6LjKTAMgyHddG8GllVif9a
oIFe+8f6Pfy97AWR8FmDuMKDGElGzvLgv2BFSrlDdGzlqqclkHloLaygwXcyXwOh
7JBZjCQPwsvrrCdoEg1Hg6cTPM70/UQa1N8L0672AN2IkJMA1TB4lv17+8OjHgYO
54hRVlP6UVSipfwS8s+h2JDwElGJ3D3NhhEWdmNRBvpgoNq87c2tYGw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org