Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/D574B096296D11EFB222A54EC4F9AE02.roa
File: D574B096296D11EFB222A54EC4F9AE02.roa (raw, json)
Hash identifier: sYIbwNrBsYXZZcL3pcnYmV/vCMnZSAXRnZazIQXcj8o=
Subject key identifier: 80:DA:0E:07:2C:AC:93:4D:CA:01:43:CC:B2:A5:61:A1:C4:47:B7:CB
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 05FF
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/D574B096296D11EFB222A54EC4F9AE02.roa
Signing time: Thu 13 Jun 2024 10:15:18 +0000
ROA not before: Thu 13 Jun 2024 10:15:18 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 132422
IP address blocks: 43.252.208.0/24 maxlen: 24
43.252.209.0/24 maxlen: 24
43.252.210.0/24 maxlen: 24
103.228.64.0/24 maxlen: 24
103.234.54.0/24 maxlen: 24
150.107.0.0/24 maxlen: 24
150.107.1.0/24 maxlen: 24
150.107.2.0/24 maxlen: 24
150.107.3.0/24 maxlen: 24
150.129.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Jun 2024 09:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1535 (0x5ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Jun 13 10:15:18 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=666ac6b6-2748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a6:5f:94:81:31:42:30:e3:41:d3:c9:ad:74:
6c:ca:09:29:25:bd:6b:99:64:a1:b0:e0:47:79:54:
d0:01:50:1a:9b:a1:b7:6f:58:04:fa:0d:c7:11:64:
e9:f3:5f:76:9c:ff:ac:9d:31:95:0c:4c:3c:41:70:
5a:d1:b3:1d:e6:4e:13:43:b9:6f:00:e3:6e:44:b0:
c4:b4:f8:23:5c:51:ca:ba:0e:c3:a0:a2:17:d7:6d:
b2:eb:7b:25:fc:e5:1a:02:3b:1e:4e:05:d5:35:fd:
a9:c8:45:70:37:a2:a4:64:73:78:4c:b5:11:a3:7d:
1d:e8:85:c9:fb:5f:e6:9a:db:0d:9a:7e:95:45:23:
bd:00:61:3e:16:a1:c5:1f:5b:93:67:44:28:1e:14:
20:46:13:a0:05:e1:fd:25:8f:95:a7:ba:20:8b:59:
f8:93:3b:5e:4f:cf:ee:13:42:7e:0e:ce:32:32:e8:
35:14:cf:ad:79:82:56:93:3c:fb:71:1e:d3:33:7c:
39:50:4e:ee:a1:da:3c:62:b7:dc:29:b0:c8:34:75:
5c:f1:d8:0a:76:80:8e:46:1e:f6:6c:60:a6:83:d1:
23:22:c4:5a:f6:9c:65:99:56:65:c8:95:20:79:a7:
13:13:cb:61:41:07:80:01:78:19:cd:2d:32:63:54:
0d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:DA:0E:07:2C:AC:93:4D:CA:01:43:CC:B2:A5:61:A1:C4:47:B7:CB
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/D574B096296D11EFB222A54EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.208.0-43.252.210.255
103.228.64.0/24
103.234.54.0/24
150.107.0.0/22
150.129.42.0/24
Signature Algorithm: sha256WithRSAEncryption
41:9e:52:56:3f:a5:22:a3:25:ee:e7:3e:b9:c7:58:f4:30:67:
c1:29:73:9d:c2:57:1d:9b:ad:8d:16:94:5f:26:3b:90:e9:f7:
b7:00:d9:76:77:6d:fe:ed:dc:09:53:fc:9a:69:15:25:a0:ca:
a8:ea:2e:16:28:c3:57:a4:47:32:7b:d9:ff:61:4a:92:ae:51:
64:2c:14:7a:1f:1f:5a:b0:f7:1b:ec:eb:43:75:24:88:91:ad:
f9:4b:e9:8b:23:d5:95:7c:e0:2d:9b:34:57:20:e5:b5:f4:06:
85:84:68:6b:69:6c:2f:c5:fa:35:f9:5c:87:14:10:ad:d7:41:
0e:df:a9:ba:3c:75:23:20:e0:f1:7a:63:82:41:01:10:0a:63:
ac:0e:e7:2e:46:b8:38:da:8f:48:a3:32:85:a7:cd:f2:ed:78:
50:fa:b2:f5:45:49:40:5b:a9:a4:be:ea:ec:3e:85:46:eb:a9:
0e:b4:a2:95:ea:d6:2a:97:a3:b4:15:73:c2:97:1b:be:ce:39:
84:ed:0a:54:8c:b9:c5:67:2e:f0:59:05:b6:43:e7:c2:46:88:
d6:15:c0:cc:32:97:c2:86:6f:a2:31:18:49:71:fc:91:46:9b:
92:52:08:17:6a:87:e1:d9:be:8a:ca:79:bc:ae:c2:d1:76:43:
6f:c2:4b:29
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICBf8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjQwNjEzMTAxNTE4WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjZhYzZiNi0yNzQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtKZflIExQjDjQdPJrXRsygkpJb1rmWShsOBHeVTQAVAam6G3b1gE+g3HEWTp
8192nP+snTGVDEw8QXBa0bMd5k4TQ7lvAONuRLDEtPgjXFHKug7DoKIX122y63sl
/OUaAjseTgXVNf2pyEVwN6KkZHN4TLURo30d6IXJ+1/mmtsNmn6VRSO9AGE+FqHF
H1uTZ0QoHhQgRhOgBeH9JY+Vp7ogi1n4kzteT8/uE0J+Ds4yMug1FM+teYJWkzz7
cR7TM3w5UE7uodo8YrfcKbDINHVc8dgKdoCORh72bGCmg9EjIsRa9pxlmVZlyJUg
eacTE8thQQeAAXgZzS0yY1QN7wIDAQABo4ICtTCCArEwHQYDVR0OBBYEFIDaDgcs
rJNNygFDzLKlYaHER7fLMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvRDU3NEIwOTYy
OTZEMTFFRkIyMjJBNTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYwDAMEBCv80AMEACv80gMEAGfkQAMEAGfqNgMEApZrAAMEAJaB
KjANBgkqhkiG9w0BAQsFAAOCAQEAQZ5SVj+lIqMl7uc+ucdY9DBnwSlzncJXHZut
jRaUXyY7kOn3twDZdndt/u3cCVP8mmkVJaDKqOouFijDV6RHMnvZ/2FKkq5RZCwU
eh8fWrD3G+zrQ3UkiJGt+UvpiyPVlXzgLZs0VyDltfQGhYRoa2lsL8X6NflchxQQ
rddBDt+pujx1IyDg8XpjgkEBEApjrA7nLka4ONqPSKMyhafN8u14UPqy9UVJQFup
pL7q7D6FRuupDrSilerWKpejtBVzwpcbvs45hO0KVIy5xWcu8FkFtkPnwkaI1hXA
zDKXwoZvojEYSXH8kUabklIIF2qH4dm+isp5vK7C0XZDb8JLKQ==
-----END CERTIFICATE-----
Generated at Fri Jun 14 13:58:27 2024 by rpki-client on console-ams.rpki-client.org