Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/48862F2E3E9611EEB963E262C4F9AE02.roa
File: 48862F2E3E9611EEB963E262C4F9AE02.roa (raw, json)
Hash identifier: zW82ICm4bm7hsbN2BWg86UmZ/KOD1po5AaRH7VUCEgc=
Subject key identifier: 88:48:9B:B0:87:85:44:9B:D1:AC:A5:CA:DB:1C:BF:70:66:30:7F:29
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0538
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/48862F2E3E9611EEB963E262C4F9AE02.roa
Signing time: Fri 13 Oct 2023 00:53:10 +0000
ROA not before: Fri 13 Oct 2023 00:53:10 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 64021
IP address blocks: 43.252.208.0/24 maxlen: 24
43.252.209.0/24 maxlen: 24
43.252.210.0/24 maxlen: 24
43.252.211.0/24 maxlen: 24
103.209.233.0/24 maxlen: 24
103.228.64.0/24 maxlen: 24
103.228.66.0/23 maxlen: 23
103.234.54.0/24 maxlen: 24
150.107.0.0/24 maxlen: 24
150.107.1.0/24 maxlen: 24
150.107.2.0/24 maxlen: 24
150.107.3.0/24 maxlen: 24
150.129.42.0/24 maxlen: 24
163.53.16.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1336 (0x538)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Oct 13 00:53:10 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=652894f6-0fef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:52:ab:8f:46:4c:19:64:6b:c3:07:f2:ad:7e:
40:24:41:02:66:36:cb:ce:17:1d:20:57:66:80:35:
f5:07:30:e8:bb:7a:21:31:2e:67:f1:93:93:05:15:
32:dc:28:54:b4:6b:39:cb:d6:23:0b:67:e4:ad:6c:
3f:01:a4:01:f5:63:d5:d5:ca:23:4d:96:34:f6:d6:
71:a7:a2:d8:50:2e:4f:02:a9:0b:3e:83:41:1c:14:
de:48:52:57:36:b0:17:cb:d6:e6:ec:72:6a:a3:c1:
1b:7c:49:79:cf:e9:02:a2:80:c0:2b:38:cf:7c:05:
d4:66:4b:57:ae:62:73:be:d6:27:7f:6c:1a:06:f0:
0a:21:21:2c:ad:55:86:b7:78:51:10:f3:c1:c1:d7:
3a:83:9d:ce:66:52:56:9c:19:40:c3:94:ae:2a:aa:
ae:54:52:8f:29:78:95:2d:f8:a1:13:9a:a4:f3:2b:
66:fc:68:62:2a:84:87:3f:63:d8:10:34:a8:1c:11:
c4:32:4d:b8:fe:cd:d0:67:8f:b4:0d:33:6e:a4:ff:
a7:0d:9b:c1:66:27:ec:e4:ce:b5:55:38:2a:ba:78:
09:a7:e4:d0:1c:20:57:02:dd:38:a2:aa:ce:0e:4a:
43:d1:ab:60:38:93:de:9c:8b:c6:77:d5:0f:24:c5:
43:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:48:9B:B0:87:85:44:9B:D1:AC:A5:CA:DB:1C:BF:70:66:30:7F:29
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/48862F2E3E9611EEB963E262C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.208.0/22
103.209.233.0/24
103.228.64.0/24
103.228.66.0/23
103.234.54.0/24
150.107.0.0/22
150.129.42.0/24
163.53.16.0/24
Signature Algorithm: sha256WithRSAEncryption
07:b5:bd:61:a0:23:9d:81:8f:ad:64:02:14:96:d7:93:51:cd:
1d:34:7b:ec:bc:e6:5f:49:09:d1:0d:5e:15:8a:3f:a5:bf:65:
42:4d:0c:4e:83:43:58:ba:84:22:3f:36:df:f3:a7:62:6a:61:
90:56:e3:d5:f9:1f:27:58:c3:fe:e4:e4:7a:19:fc:f7:3a:46:
65:00:3d:cd:39:30:1e:5c:aa:71:49:d0:db:0e:3c:1a:a6:65:
d0:53:aa:73:b8:8c:a1:5f:21:12:5c:84:d8:dd:3c:bd:24:99:
49:f0:83:0c:dd:b3:77:db:e5:2f:f4:97:69:13:db:fa:e7:ea:
85:13:7f:49:9d:8f:ce:13:4c:51:a1:28:4a:cd:f5:be:12:ba:
33:02:bb:75:8b:12:05:c3:b3:09:d3:53:71:c0:0a:06:ea:d8:
5b:d9:a9:db:2d:72:3c:db:61:60:08:56:99:35:6e:04:4b:5d:
95:ff:de:ca:d0:50:7b:4a:ac:11:6b:39:06:3e:2d:ac:11:1a:
8c:32:cc:d6:7c:0e:55:4c:44:2a:4c:86:15:85:af:d5:15:da:
ac:21:e5:9f:6d:04:e6:25:82:92:ef:4f:e6:d6:49:87:07:ef:
e6:47:e7:7a:1f:44:1c:ff:d9:6c:59:5f:43:b1:c9:22:b9:98:
76:90:1e:42
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICBTgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjMxMDEzMDA1MzEwWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI4OTRmNi0wZmVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1VKrj0ZMGWRrwwfyrX5AJEECZjbLzhcdIFdmgDX1BzDou3ohMS5n8ZOTBRUy
3ChUtGs5y9YjC2fkrWw/AaQB9WPV1cojTZY09tZxp6LYUC5PAqkLPoNBHBTeSFJX
NrAXy9bm7HJqo8EbfEl5z+kCooDAKzjPfAXUZktXrmJzvtYnf2waBvAKISEsrVWG
t3hREPPBwdc6g53OZlJWnBlAw5SuKqquVFKPKXiVLfihE5qk8ytm/GhiKoSHP2PY
EDSoHBHEMk24/s3QZ4+0DTNupP+nDZvBZifs5M61VTgqungJp+TQHCBXAt04oqrO
DkpD0atgOJPenIvGd9UPJMVDWwIDAQABo4ICvzCCArswHQYDVR0OBBYEFIhIm7CH
hUSb0aylytscv3BmMH8pMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvNDg4NjJGMkUz
RTk2MTFFRUI5NjNFMjYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDADBAIr/NADBABn0ekDBABn5EADBAFn5EIDBABn6jYDBAKWawAD
BACWgSoDBACjNRAwDQYJKoZIhvcNAQELBQADggEBAAe1vWGgI52Bj61kAhSW15NR
zR00e+y85l9JCdENXhWKP6W/ZUJNDE6DQ1i6hCI/Nt/zp2JqYZBW49X5HydYw/7k
5HoZ/Pc6RmUAPc05MB5cqnFJ0NsOPBqmZdBTqnO4jKFfIRJchNjdPL0kmUnwgwzd
s3fb5S/0l2kT2/rn6oUTf0mdj84TTFGhKErN9b4SujMCu3WLEgXDswnTU3HACgbq
2FvZqdstcjzbYWAIVpk1bgRLXZX/3srQUHtKrBFrOQY+LawRGowyzNZ8DlVMRCpM
hhWFr9UV2qwh5Z9tBOYlgpLvT+bWSYcH7+ZH53ofRBz/2WxZX0OxySK5mHaQHkI=
-----END CERTIFICATE-----
Generated at Tue Nov 7 13:50:40 2023 by rpki-client on console-fra.rpki-client.org