Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/EFA5AAEE88FD11EE9BF81149C4F9AE02.roa
File: EFA5AAEE88FD11EE9BF81149C4F9AE02.roa (raw, json)
Hash identifier: 115uIotWwkTRa4WmkrBJbeJ12NtR63QUcipqjHZJPxc=
Subject key identifier: 7A:5B:F8:A5:AF:A6:EC:FB:A2:C3:0C:B8:16:A6:87:C7:EF:9A:DA:15
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0564
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/EFA5AAEE88FD11EE9BF81149C4F9AE02.roa
Signing time: Wed 22 Nov 2023 06:11:12 +0000
ROA not before: Wed 22 Nov 2023 06:11:12 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 9304
IP address blocks: 43.252.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 15:28:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1380 (0x564)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Nov 22 06:11:12 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=655d9b80-d452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:64:ba:af:fd:50:2d:75:5c:af:d0:7c:c4:f4:
a5:cf:2e:c0:df:1d:a3:be:d9:3e:d3:a4:27:86:7f:
f1:af:24:37:02:ae:6c:81:e6:98:62:9b:65:10:08:
b7:bb:c7:d0:62:06:b5:a0:32:67:0d:a6:a7:81:45:
d5:b3:82:00:26:1c:8b:ab:c5:8e:5b:c4:f5:7f:0d:
db:4e:fa:56:19:7d:4b:18:54:b9:66:76:15:f8:4e:
d3:68:6e:43:35:08:04:6d:a0:f8:52:a6:ea:38:7a:
3c:28:61:9c:9a:90:24:1d:93:15:78:1e:8f:c7:1a:
5b:03:b0:8a:aa:de:1d:8b:50:18:4e:15:36:07:08:
2e:03:e9:df:98:82:bd:02:f8:db:70:93:59:d9:80:
f5:09:06:99:75:46:5a:88:5b:76:da:64:a4:36:6d:
af:37:cd:44:bf:a3:4e:61:5b:21:06:85:71:f2:33:
49:9b:94:fc:67:36:fe:25:3e:e1:35:1a:db:93:c1:
00:43:50:2b:6e:4c:d2:ff:55:f2:a5:42:41:7f:0c:
24:26:cb:88:99:18:8f:da:98:9b:52:f1:98:f4:ea:
95:b4:f1:a6:cb:20:1b:d7:8d:e0:2b:2d:02:5a:eb:
1e:a3:a8:8c:7c:95:04:4f:f8:e1:9d:ce:76:e9:21:
a2:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:5B:F8:A5:AF:A6:EC:FB:A2:C3:0C:B8:16:A6:87:C7:EF:9A:DA:15
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/EFA5AAEE88FD11EE9BF81149C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.211.0/24
Signature Algorithm: sha256WithRSAEncryption
74:58:7b:ae:df:1a:52:0a:4d:dd:ce:b4:07:e4:1c:74:d6:95:
19:e5:b9:91:6c:60:56:46:95:90:5e:5e:7d:be:5c:25:6e:be:
37:a7:5f:fe:72:f3:74:a6:e0:4c:d6:15:ed:96:4a:e0:58:30:
0c:ce:df:de:72:e1:f0:8a:d4:4e:f1:c0:27:d2:07:b2:fb:6b:
64:70:9a:56:a1:c7:b2:bd:b1:f0:15:e0:b0:b0:5e:86:de:fe:
dc:41:35:11:36:08:bb:31:ed:31:8c:ab:8c:6f:a5:4e:c9:15:
de:2b:02:8a:57:1e:42:cf:9c:38:18:eb:e6:98:9d:3c:83:54:
79:ca:13:0a:a8:13:c0:53:b0:f9:0c:0f:22:46:1c:72:da:53:
bd:ec:e1:d1:b2:89:ff:41:e4:20:af:2c:10:b6:b4:87:60:43:
06:34:c1:cd:05:94:87:7e:9b:69:38:83:c5:7a:25:ee:1f:26:
9f:a9:2c:5b:06:46:31:3f:8a:1a:2b:81:6e:63:fb:90:53:54:
78:a7:3b:cf:77:2d:7b:46:95:e5:13:69:88:f4:3a:a6:8b:66:
65:e9:6b:b9:d5:24:8b:01:4a:b4:b7:04:a0:25:b9:71:62:37:
7a:a5:95:d6:56:61:03:55:04:f3:36:88:6b:7c:f7:06:ce:99:
8c:95:b3:9e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBWQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjMxMTIyMDYxMTEyWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVkOWI4MC1kNDUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwWS6r/1QLXVcr9B8xPSlzy7A3x2jvtk+06Qnhn/xryQ3Aq5sgeaYYptlEAi3
u8fQYga1oDJnDaangUXVs4IAJhyLq8WOW8T1fw3bTvpWGX1LGFS5ZnYV+E7TaG5D
NQgEbaD4UqbqOHo8KGGcmpAkHZMVeB6PxxpbA7CKqt4di1AYThU2BwguA+nfmIK9
AvjbcJNZ2YD1CQaZdUZaiFt22mSkNm2vN81Ev6NOYVshBoVx8jNJm5T8Zzb+JT7h
NRrbk8EAQ1ArbkzS/1XypUJBfwwkJsuImRiP2pibUvGY9OqVtPGmyyAb143gKy0C
Wuseo6iMfJUET/jhnc526SGi1QIDAQABo4IClTCCApEwHQYDVR0OBBYEFHpb+KWv
puz7osMMuBamh8fvmtoVMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvRUZBNUFBRUU4
OEZEMTFFRTlCRjgxMTQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr/NMwDQYJKoZIhvcNAQELBQADggEBAHRYe67fGlIKTd3O
tAfkHHTWlRnluZFsYFZGlZBeXn2+XCVuvjenX/5y83Sm4EzWFe2WSuBYMAzO395y
4fCK1E7xwCfSB7L7a2Rwmlahx7K9sfAV4LCwXobe/txBNRE2CLsx7TGMq4xvpU7J
Fd4rAopXHkLPnDgY6+aYnTyDVHnKEwqoE8BTsPkMDyJGHHLaU73s4dGyif9B5CCv
LBC2tIdgQwY0wc0FlId+m2k4g8V6Je4fJp+pLFsGRjE/ihorgW5j+5BTVHinO893
LXtGleUTaYj0OqaLZmXpa7nVJIsBSrS3BKAluXFiN3qlldZWYQNVBPM2iGt89wbO
mYyVs54=
-----END CERTIFICATE-----
Generated at Thu Aug 29 18:38:15 2024 by rpki-client on console-ams.rpki-client.org