Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/C84325DA88FD11EE8616C748C4F9AE02.roa
File: C84325DA88FD11EE8616C748C4F9AE02.roa (raw, json)
Hash identifier: ljiSOa04ZRk4f01Imz7GrfYtCeITQsE/PKYjPyrPHh4=
Subject key identifier: 71:3B:04:87:C8:24:44:EA:59:E7:9A:17:3D:0A:53:FA:BC:80:0F:F1
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 05CB
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/C84325DA88FD11EE8616C748C4F9AE02.roa
Signing time: Fri 19 Apr 2024 11:51:00 +0000
ROA not before: Fri 19 Apr 2024 11:51:00 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 137451
IP address blocks: 43.229.152.0/24 maxlen: 24
43.252.208.0/24 maxlen: 24
43.252.209.0/24 maxlen: 24
43.252.210.0/24 maxlen: 24
103.209.235.0/24 maxlen: 24
103.228.64.0/24 maxlen: 24
103.234.52.0/24 maxlen: 24
103.234.54.0/24 maxlen: 24
150.107.0.0/24 maxlen: 24
150.107.1.0/24 maxlen: 24
150.107.2.0/24 maxlen: 24
150.107.3.0/24 maxlen: 24
150.129.42.0/24 maxlen: 24
163.53.16.0/24 maxlen: 24
163.53.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 May 2024 09:44:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1483 (0x5cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Apr 19 11:51:00 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=66225aa4-aa12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a2:36:9e:97:c0:f1:c3:a1:74:8f:57:9f:ee:
c2:6e:b1:2d:d3:0a:36:17:07:05:2a:74:f7:7f:fb:
f5:aa:be:01:e4:f0:60:1f:d8:2a:00:14:5a:02:62:
b1:81:6e:4f:b6:af:d1:f0:38:dc:5b:7e:ff:d1:e4:
44:1d:d2:0c:da:67:68:62:68:a0:df:1f:32:39:03:
a4:f7:29:98:7c:5c:87:72:b6:dd:d7:df:3f:0e:f8:
ad:6f:65:52:4e:6b:44:d4:19:9c:3b:83:e0:f0:99:
14:ca:bc:ea:f6:79:2b:8b:d0:94:b4:4a:54:b8:49:
be:38:c5:f6:db:e9:c3:52:4d:1a:88:8a:e7:aa:d3:
41:09:0b:20:51:c7:fb:32:f9:08:d6:8f:80:c6:74:
ba:04:54:e4:42:36:d0:51:ba:9e:01:66:62:e2:99:
bb:14:b6:e5:c9:fd:ed:ce:1f:af:5a:d3:b0:68:09:
c5:3a:e3:99:cb:b9:0b:c6:d9:c0:22:01:b4:a0:21:
da:bc:04:21:0e:b0:a7:24:0d:95:36:c9:45:bb:5c:
18:cc:d3:b6:3e:f5:e4:cf:9d:2c:4f:46:e0:d4:14:
28:60:14:18:cc:b1:ff:a1:05:c2:03:77:7c:c7:2b:
f8:80:38:19:20:da:2f:54:e4:75:18:54:28:08:8f:
48:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:3B:04:87:C8:24:44:EA:59:E7:9A:17:3D:0A:53:FA:BC:80:0F:F1
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/C84325DA88FD11EE8616C748C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.152.0/24
43.252.208.0-43.252.210.255
103.209.235.0/24
103.228.64.0/24
103.234.52.0/24
103.234.54.0/24
150.107.0.0/22
150.129.42.0/24
163.53.16.0/24
163.53.19.0/24
Signature Algorithm: sha256WithRSAEncryption
46:46:8d:89:44:15:87:5c:b0:8a:4f:9d:5b:c0:6d:e6:06:8c:
e3:66:ba:0f:43:c1:0a:01:00:85:32:e4:55:df:51:a9:5e:33:
52:e2:36:e0:82:7e:86:47:7b:81:8f:21:b8:f9:10:30:a7:79:
f1:b4:e6:0d:60:13:1a:9e:4e:32:e3:cb:7f:b5:54:5f:96:fd:
d1:f7:d6:01:54:af:31:5c:7d:43:4b:c5:a5:f0:b9:15:74:ad:
35:2a:e4:7d:d6:84:5b:61:c6:80:f4:31:99:50:57:88:dd:42:
28:e9:aa:dd:3d:e7:58:e8:84:b9:0a:1b:b4:d0:b4:d2:f3:71:
39:ff:2c:52:9d:c9:c9:e2:f9:ea:08:07:25:e7:91:87:5b:e8:
da:55:a6:e3:2c:17:dc:78:be:da:fc:69:13:f8:05:7a:f8:e0:
87:50:c5:c4:82:2e:54:78:78:33:38:9e:a1:2b:1f:57:99:5d:
bf:e9:fe:d9:e8:da:41:e1:99:43:2e:06:ba:8a:99:7c:06:fd:
8e:18:92:b9:cd:f4:55:a9:73:9b:b4:4e:39:63:a5:39:36:90:
27:d0:04:b0:78:eb:93:a1:07:43:48:75:47:89:28:60:c3:1c:
9c:39:46:75:2c:f7:ee:44:99:2d:b9:d7:7c:cf:a5:ca:9b:66:
9c:5a:ea:8a
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgICBcswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjQwNDE5MTE1MTAwWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjIyNWFhNC1hYTEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxqI2npfA8cOhdI9Xn+7CbrEt0wo2FwcFKnT3f/v1qr4B5PBgH9gqABRaAmKx
gW5Ptq/R8DjcW37/0eREHdIM2mdoYmig3x8yOQOk9ymYfFyHcrbd198/Dvitb2VS
TmtE1BmcO4Pg8JkUyrzq9nkri9CUtEpUuEm+OMX22+nDUk0aiIrnqtNBCQsgUcf7
MvkI1o+AxnS6BFTkQjbQUbqeAWZi4pm7FLblyf3tzh+vWtOwaAnFOuOZy7kLxtnA
IgG0oCHavAQhDrCnJA2VNslFu1wYzNO2PvXkz50sT0bg1BQoYBQYzLH/oQXCA3d8
xyv4gDgZINovVOR1GFQoCI9IaQIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFHE7BIfI
JETqWeeaFz0KU/q8gA/xMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvQzg0MzI1REE4
OEZEMTFFRTg2MTZDNzQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXQYIKwYBBQUHAQcBAf8E
TjBMMEoEAgABMEQDBAAr5ZgwDAMEBCv80AMEACv80gMEAGfR6wMEAGfkQAMEAGfq
NAMEAGfqNgMEApZrAAMEAJaBKgMEAKM1EAMEAKM1EzANBgkqhkiG9w0BAQsFAAOC
AQEARkaNiUQVh1ywik+dW8Bt5gaM42a6D0PBCgEAhTLkVd9RqV4zUuI24IJ+hkd7
gY8huPkQMKd58bTmDWATGp5OMuPLf7VUX5b90ffWAVSvMVx9Q0vFpfC5FXStNSrk
fdaEW2HGgPQxmVBXiN1CKOmq3T3nWOiEuQobtNC00vNxOf8sUp3JyeL56ggHJeeR
h1vo2lWm4ywX3Hi+2vxpE/gFevjgh1DFxIIuVHh4MzieoSsfV5ldv+n+2ejaQeGZ
Qy4GuoqZfAb9jhiSuc30Valzm7ROOWOlOTaQJ9AEsHjrk6EHQ0h1R4koYMMcnDlG
dSz37kSZLbnXfM+lyptmnFrqig==
-----END CERTIFICATE-----
Generated at Thu May 9 12:21:32 2024 by rpki-client on console-fra.rpki-client.org