Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/FAC301A82A3111EFA2F4C557C4F9AE02.roa
File: FAC301A82A3111EFA2F4C557C4F9AE02.roa (raw, json)
Hash identifier: xjuAKhX4Wwj3d/ELBkOj2Jd+w3gDTtH+PePnkQqslH0=
Subject key identifier: 1F:17:55:14:8A:25:62:A9:7F:E4:74:AD:9D:4D:CB:8D:08:92:50:14
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0607
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/FAC301A82A3111EFA2F4C557C4F9AE02.roa
Signing time: Fri 14 Jun 2024 09:39:22 +0000
ROA not before: Fri 14 Jun 2024 09:39:22 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 137451
IP address blocks: 43.229.152.0/24 maxlen: 24
43.252.208.0/24 maxlen: 24
43.252.209.0/24 maxlen: 24
43.252.210.0/24 maxlen: 24
103.228.64.0/24 maxlen: 24
103.234.54.0/24 maxlen: 24
150.107.1.0/24 maxlen: 24
150.107.2.0/24 maxlen: 24
150.107.3.0/24 maxlen: 24
150.129.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jun 2024 03:08:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1543 (0x607)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Jun 14 09:39:22 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=666c0fca-abd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:78:0a:62:0c:9c:77:2b:d8:9d:cd:5d:0c:ae:
89:bc:40:fa:14:ea:eb:3e:bf:65:6a:80:04:c5:ff:
6f:7a:34:45:2b:57:6d:14:aa:c6:9b:f6:3e:09:00:
98:07:78:7f:92:a6:e2:ef:9a:d8:14:b0:a3:b1:32:
f3:04:6f:df:1a:b9:12:ce:b7:8e:cd:46:ec:66:2f:
e6:f9:10:34:28:45:51:a6:cd:55:4b:9f:f6:bc:ef:
e0:a5:4d:20:fe:0c:29:8e:07:74:d4:63:62:3a:65:
16:e9:ed:bb:a2:86:3e:a8:e9:34:a8:26:bb:b1:42:
6e:a1:f4:33:8c:18:26:31:02:1b:2b:85:a6:58:93:
8c:e2:9d:7c:9f:d3:06:b0:01:9c:d1:84:33:62:1c:
86:1f:8f:f5:1b:ab:3a:a6:6b:02:b3:37:99:58:77:
e7:bd:76:23:c6:04:95:af:22:63:5e:f7:22:96:57:
21:ab:63:4d:e1:e8:c2:a3:83:d1:01:9d:63:37:3a:
f0:d9:c8:cf:a6:06:21:37:43:d7:73:41:12:a3:6c:
1c:f4:66:c2:ff:73:a0:f1:2e:01:47:db:21:3e:d5:
6b:cd:e9:bc:b8:20:ab:a1:81:ac:1d:d0:0e:06:37:
74:88:ec:ef:21:d4:39:39:ea:33:58:6c:d1:99:2d:
53:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:17:55:14:8A:25:62:A9:7F:E4:74:AD:9D:4D:CB:8D:08:92:50:14
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/FAC301A82A3111EFA2F4C557C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.152.0/24
43.252.208.0-43.252.210.255
103.228.64.0/24
103.234.54.0/24
150.107.1.0-150.107.3.255
150.129.42.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:9d:54:d6:8d:01:d9:f2:ae:70:1f:4d:c6:94:c9:6d:b4:e4:
50:26:d6:95:1b:2d:9d:11:11:da:dd:38:0d:74:09:35:f1:4f:
bf:b8:fc:78:dd:52:74:73:e0:96:a8:95:0f:fe:bb:fd:ac:66:
d1:81:0f:d5:82:ce:65:d5:c4:86:34:97:36:29:d2:cc:d8:17:
f2:ee:ea:41:83:ef:3c:46:67:09:db:b2:e1:a4:ff:9f:fc:2f:
37:97:06:69:47:52:1a:0f:8b:70:63:e8:eb:85:7f:80:88:ad:
2f:69:55:c1:d1:88:f9:5c:75:ce:51:91:2d:92:73:e7:ac:53:
4a:dc:d2:f3:d7:c0:31:a9:83:5d:31:09:5b:06:24:cd:77:34:
0d:ca:cf:5f:71:72:78:03:51:c3:bd:6b:c4:d4:b2:25:fb:25:
2f:09:6d:87:27:3e:20:92:cf:30:e7:de:78:d5:8b:15:87:df:
72:43:9c:07:f7:e2:c2:e9:66:41:3b:61:8a:3f:c9:66:b3:0f:
79:09:e7:47:69:66:0a:9d:b6:6d:85:ea:68:1b:7c:e2:70:83:
89:22:22:5b:a4:db:c3:09:ba:a2:95:f1:7b:7f:0c:ad:9f:1a:
2c:29:96:2c:f8:ba:cc:98:d7:24:44:8f:99:a5:bb:d3:17:99:
27:1c:24:ab
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgICBgcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjQwNjE0MDkzOTIyWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjZjMGZjYS1hYmQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7XgKYgycdyvYnc1dDK6JvED6FOrrPr9laoAExf9vejRFK1dtFKrGm/Y+CQCY
B3h/kqbi75rYFLCjsTLzBG/fGrkSzreOzUbsZi/m+RA0KEVRps1VS5/2vO/gpU0g
/gwpjgd01GNiOmUW6e27ooY+qOk0qCa7sUJuofQzjBgmMQIbK4WmWJOM4p18n9MG
sAGc0YQzYhyGH4/1G6s6pmsCszeZWHfnvXYjxgSVryJjXvcillchq2NN4ejCo4PR
AZ1jNzrw2cjPpgYhN0PXc0ESo2wc9GbC/3Og8S4BR9shPtVrzem8uCCroYGsHdAO
Bjd0iOzvIdQ5OeozWGzRmS1TuQIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFB8XVRSK
JWKpf+R0rZ1Ny40IklAUMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvRkFDMzAxQTgy
QTMxMTFFRkEyRjRDNTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E
PjA8MDoEAgABMDQDBAAr5ZgwDAMEBCv80AMEACv80gMEAGfkQAMEAGfqNjAMAwQA
lmsBAwQClmsAAwQAloEqMA0GCSqGSIb3DQEBCwUAA4IBAQCanVTWjQHZ8q5wH03G
lMlttORQJtaVGy2dERHa3TgNdAk18U+/uPx43VJ0c+CWqJUP/rv9rGbRgQ/Vgs5l
1cSGNJc2KdLM2Bfy7upBg+88RmcJ27LhpP+f/C83lwZpR1IaD4twY+jrhX+AiK0v
aVXB0Yj5XHXOUZEtknPnrFNK3NLz18AxqYNdMQlbBiTNdzQNys9fcXJ4A1HDvWvE
1LIl+yUvCW2HJz4gks8w59541YsVh99yQ5wH9+LC6WZBO2GKP8lmsw95CedHaWYK
nbZthepoG3zicIOJIiJbpNvDCbqilfF7fwytnxosKZYs+LrMmNckRI+ZpbvTF5kn
HCSr
-----END CERTIFICATE-----
Generated at Mon Jun 24 04:02:49 2024 by rpki-client on console-fra.rpki-client.org