Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/5C28D68A11D111EFB40E6557C4F9AE02.roa
File: 5C28D68A11D111EFB40E6557C4F9AE02.roa (raw, json)
Hash identifier: ntQVoALl4Xn6H+nB0V+atW69YmcyMn33rZgsnmheQiI=
Subject key identifier: 69:FB:53:93:40:C3:F3:ED:16:64:80:AC:FA:F9:B8:E9:89:A4:BD:FF
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 05E3
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/5C28D68A11D111EFB40E6557C4F9AE02.roa
Signing time: Tue 14 May 2024 09:07:16 +0000
ROA not before: Tue 14 May 2024 09:07:16 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 64021
IP address blocks: 43.229.152.0/24 maxlen: 24
43.252.208.0/24 maxlen: 24
43.252.209.0/24 maxlen: 24
43.252.210.0/24 maxlen: 24
103.228.64.0/24 maxlen: 24
103.228.66.0/23 maxlen: 23
103.234.54.0/24 maxlen: 24
150.107.0.0/24 maxlen: 24
150.107.1.0/24 maxlen: 24
150.107.2.0/24 maxlen: 24
150.107.3.0/24 maxlen: 24
150.129.42.0/24 maxlen: 24
163.53.16.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Jun 2024 10:15:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1507 (0x5e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: May 14 09:07:16 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=664329c4-e4bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:5a:a8:80:34:f6:c2:59:de:a5:36:1b:f3:21:
73:e5:fd:a6:1d:c2:41:47:45:c6:18:1b:8a:20:7e:
fa:96:19:1e:2f:bd:cd:ea:cd:51:90:93:00:e1:52:
20:33:8b:9f:92:da:b6:37:42:73:3e:ad:aa:36:24:
5b:ef:8c:49:d8:5d:08:9e:68:c6:32:e6:84:1a:03:
d6:7a:f2:ea:d9:e5:7d:6d:c4:0d:2c:e1:69:65:18:
1d:f7:eb:76:76:3c:f1:10:b6:b8:e2:67:2f:fa:8e:
df:ab:1c:76:03:8c:2f:33:df:ef:96:4b:34:4e:6a:
f9:52:c3:26:a4:c1:34:89:bd:07:a8:a3:57:b1:07:
ea:7c:65:8c:7c:9e:32:0d:da:c8:4a:40:b4:9a:63:
b5:a1:26:8b:84:23:fc:98:25:c8:96:4b:47:26:d1:
13:42:9c:ed:dd:e0:c3:1e:c3:f2:4f:e6:88:02:b0:
53:6c:d5:9d:74:20:22:25:0c:1c:fc:48:7c:5d:86:
9d:fe:07:c9:35:f9:da:0b:96:40:bf:ae:ce:b4:95:
1a:ac:a0:e0:b0:01:f9:fe:0f:5d:4b:8d:43:ca:46:
c4:f3:e5:3e:93:46:e3:00:64:07:c7:41:e7:f3:12:
d2:f7:89:55:c5:24:d5:1c:fc:9d:7e:9c:02:5c:80:
e1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:FB:53:93:40:C3:F3:ED:16:64:80:AC:FA:F9:B8:E9:89:A4:BD:FF
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/5C28D68A11D111EFB40E6557C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.152.0/24
43.252.208.0-43.252.210.255
103.228.64.0/24
103.228.66.0/23
103.234.54.0/24
150.107.0.0/22
150.129.42.0/24
163.53.16.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:3c:0b:83:05:3e:11:bf:bd:35:f4:42:99:4e:65:31:4e:cb:
0d:cf:59:db:18:48:62:c2:dc:b7:dd:41:7c:34:d5:f7:4f:9d:
53:45:00:da:d4:da:8e:1c:56:c8:ff:a7:49:ed:a6:0a:67:30:
49:f6:cb:14:f4:04:7e:09:27:6e:92:bf:35:5e:39:e8:44:bb:
92:1f:e6:2a:91:0b:e7:a3:b5:92:52:a2:bb:b1:7f:78:71:e7:
4c:70:3e:b3:4a:5e:7f:c8:27:3b:76:7a:56:7f:88:0f:a4:7e:
41:d5:7d:99:e4:ad:4b:67:a2:13:28:08:e8:bc:3c:bd:b8:97:
39:d9:5b:4e:a5:68:ae:df:a5:a4:bb:63:93:bb:93:35:05:7b:
af:90:8b:a3:67:4f:0a:0d:43:a2:ce:1e:26:bb:8e:86:26:ba:
ff:9e:6f:dc:e5:e9:4f:e4:94:37:49:9e:16:43:b6:e8:2a:6d:
69:e7:bf:3e:5a:b4:b4:7b:de:ee:65:74:e7:f5:4c:2d:30:83:
4a:15:13:64:aa:0b:8c:89:bb:63:81:f4:10:9d:f9:63:75:ba:
d0:11:49:4d:a5:05:be:7f:2e:be:f6:b8:69:4d:42:b5:4c:80:
d1:ac:36:bf:ee:26:fe:81:c1:d1:b2:14:8f:b2:49:74:be:45:
66:db:72:3b
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgICBeMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjQwNTE0MDkwNzE2WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQzMjljNC1lNGJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzlqogDT2wlnepTYb8yFz5f2mHcJBR0XGGBuKIH76lhkeL73N6s1RkJMA4VIg
M4ufktq2N0JzPq2qNiRb74xJ2F0InmjGMuaEGgPWevLq2eV9bcQNLOFpZRgd9+t2
djzxELa44mcv+o7fqxx2A4wvM9/vlks0Tmr5UsMmpME0ib0HqKNXsQfqfGWMfJ4y
DdrISkC0mmO1oSaLhCP8mCXIlktHJtETQpzt3eDDHsPyT+aIArBTbNWddCAiJQwc
/Eh8XYad/gfJNfnaC5ZAv67OtJUarKDgsAH5/g9dS41DykbE8+U+k0bjAGQHx0Hn
8xLS94lVxSTVHPydfpwCXIDhrQIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFGn7U5NA
w/PtFmSArPr5uOmJpL3/MB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvNUMyOEQ2OEEx
MUQxMTFFRkI0MEU2NTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUQYIKwYBBQUHAQcBAf8E
QjBAMD4EAgABMDgDBAAr5ZgwDAMEBCv80AMEACv80gMEAGfkQAMEAWfkQgMEAGfq
NgMEApZrAAMEAJaBKgMEAKM1EDANBgkqhkiG9w0BAQsFAAOCAQEAfDwLgwU+Eb+9
NfRCmU5lMU7LDc9Z2xhIYsLct91BfDTV90+dU0UA2tTajhxWyP+nSe2mCmcwSfbL
FPQEfgknbpK/NV456ES7kh/mKpEL56O1klKiu7F/eHHnTHA+s0pef8gnO3Z6Vn+I
D6R+QdV9meStS2eiEygI6Lw8vbiXOdlbTqVort+lpLtjk7uTNQV7r5CLo2dPCg1D
os4eJruOhia6/55v3OXpT+SUN0meFkO26Cptaee/Plq0tHve7mV05/VMLTCDShUT
ZKoLjIm7Y4H0EJ35Y3W60BFJTaUFvn8uvva4aU1CtUyA0aw2v+4m/oHB0bIUj7JJ
dL5FZttyOw==
-----END CERTIFICATE-----
Generated at Thu Jun 13 12:13:56 2024 by rpki-client on console-fra.rpki-client.org