Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C362/6A08F492257711EFBB0B8251C4F9AE02/5F9CC190257811EF94122453C4F9AE02.roa
File: 5F9CC190257811EF94122453C4F9AE02.roa (raw, json)
Hash identifier: mEadfL/HQu4am4AMEDtdMTTv44hGxx2KcucChJ3fjqk=
Subject key identifier: 9E:BB:D2:76:53:15:E8:83:22:E3:46:91:AD:C3:39:A9:85:FB:EE:A1
Certificate issuer: /CN=A911C362/serialNumber=EA83AF4A21CBC2071F56956E5DDD584C7638FA5B
Certificate serial: 41
Authority key identifier: EA:83:AF:4A:21:CB:C2:07:1F:56:95:6E:5D:DD:58:4C:76:38:FA:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6oOvSiHLwgcfVpVuXd1YTHY4-ls.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C362/6A08F492257711EFBB0B8251C4F9AE02/5F9CC190257811EF94122453C4F9AE02.roa
Signing time: Mon 05 Aug 2024 03:52:59 +0000
ROA not before: Mon 05 Aug 2024 03:52:59 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 146943
IP address blocks: 43.230.203.0/24 maxlen: 24
45.113.224.0/24 maxlen: 24
45.113.225.0/24 maxlen: 24
45.113.226.0/24 maxlen: 24
45.113.227.0/24 maxlen: 24
45.120.137.0/24 maxlen: 24
45.120.138.0/24 maxlen: 24
2405:7140:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 16 Aug 2024 05:28:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65 (0x41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C362/serialNumber=EA83AF4A21CBC2071F56956E5DDD584C7638FA5B
Validity
Not Before: Aug 5 03:52:59 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66b04c9b-ed68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:25:ab:25:ba:a8:f2:4e:15:0e:94:9e:e3:3c:
f9:e7:aa:1b:c9:88:49:1f:da:df:6c:74:41:25:6a:
4a:d9:21:4e:a0:99:2c:6a:ee:3c:29:71:61:ef:b3:
92:d0:e1:0f:22:b4:33:65:55:34:35:3a:f1:3f:d6:
66:d8:44:58:90:64:f6:9a:ef:7c:63:2c:5f:b8:1c:
fb:6e:dc:34:79:bd:14:01:92:ed:73:9b:1f:36:d9:
c8:01:04:94:67:e0:fa:7e:b9:17:44:07:ca:c5:e9:
b9:b0:89:dd:82:74:17:95:e8:eb:fb:80:08:76:51:
e9:47:44:70:ba:33:3b:ea:3b:8b:06:37:d3:c5:f8:
fc:a9:a5:90:f8:02:31:6a:56:83:47:ef:86:50:47:
09:fa:ed:e4:98:c9:81:3b:f8:02:38:cc:7b:b1:d7:
ff:dd:36:8d:af:9c:a9:c8:60:70:54:9e:b4:7c:ba:
40:9f:3e:83:7e:0f:54:a5:9d:86:a6:98:41:ff:bb:
9b:89:f8:b7:18:75:64:2d:eb:38:98:cd:89:19:0d:
73:a7:3d:0a:1d:cd:ff:56:a9:d3:0a:74:c1:ea:2a:
99:cc:de:4d:fa:f4:31:64:c4:05:6e:be:7d:a2:84:
b9:a0:95:92:af:36:4d:f9:a2:8b:6d:4b:d5:b1:eb:
08:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:BB:D2:76:53:15:E8:83:22:E3:46:91:AD:C3:39:A9:85:FB:EE:A1
X509v3 Authority Key Identifier:
keyid:EA:83:AF:4A:21:CB:C2:07:1F:56:95:6E:5D:DD:58:4C:76:38:FA:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C362/6A08F492257711EFBB0B8251C4F9AE02/6oOvSiHLwgcfVpVuXd1YTHY4-ls.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6oOvSiHLwgcfVpVuXd1YTHY4-ls.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C362/6A08F492257711EFBB0B8251C4F9AE02/5F9CC190257811EF94122453C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.203.0/24
45.113.224.0/22
45.120.137.0-45.120.138.255
IPv6:
2405:7140:2::/48
Signature Algorithm: sha256WithRSAEncryption
b5:47:68:e8:12:af:44:f9:a2:fa:ed:b7:1a:1b:fc:68:37:9f:
ae:20:b4:b2:80:b0:29:49:27:ae:0b:1f:ec:47:bd:8f:85:e6:
c5:36:5c:7e:17:48:b3:0d:86:4a:f5:5d:28:3c:97:32:c7:e4:
85:39:f2:4d:bf:4d:d7:c4:e7:28:57:b8:ac:f8:92:1e:86:34:
3f:4d:39:02:94:86:0f:86:72:3a:7b:b8:d1:61:be:a7:23:a9:
31:15:ba:53:a2:96:29:81:48:87:74:87:36:e8:e1:e9:6d:98:
8e:03:58:c1:71:b6:79:0b:2f:f7:a9:37:18:cf:04:0d:55:df:
bb:58:7e:f8:d5:64:f0:7c:17:20:d0:1b:de:00:9c:56:47:3c:
8c:27:89:ea:33:82:85:12:c0:99:da:ce:fd:2b:3b:ba:61:11:
0f:9f:48:dd:1c:a5:fd:e1:b8:5b:6b:7f:ec:18:0e:e7:22:f6:
0f:11:dc:9b:6f:d9:8c:27:c6:2d:b1:cf:c2:57:6b:84:a4:22:
0d:55:25:17:88:5b:33:4c:93:16:b8:e4:9c:b8:7d:2e:06:17:
18:6c:d3:7c:d4:f3:90:a8:6d:12:c5:7c:b0:aa:19:5f:03:74:
cb:b4:6a:e9:40:f5:9e:c7:00:fc:ca:b1:15:8e:a9:9b:7d:a0:
c8:f6:bd:c4
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIBQTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
QzM2MjExMC8GA1UEBRMoRUE4M0FGNEEyMUNCQzIwNzFGNTY5NTZFNURERDU4NEM3
NjM4RkE1QjAeFw0yNDA4MDUwMzUyNTlaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YjA0YzliLWVkNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCkJasluqjyThUOlJ7jPPnnqhvJiEkf2t9sdEElakrZIU6gmSxq7jwpcWHvs5LQ
4Q8itDNlVTQ1OvE/1mbYRFiQZPaa73xjLF+4HPtu3DR5vRQBku1zmx822cgBBJRn
4Pp+uRdEB8rF6bmwid2CdBeV6Ov7gAh2UelHRHC6MzvqO4sGN9PF+PyppZD4AjFq
VoNH74ZQRwn67eSYyYE7+AI4zHux1//dNo2vnKnIYHBUnrR8ukCfPoN+D1SlnYam
mEH/u5uJ+LcYdWQt6ziYzYkZDXOnPQodzf9WqdMKdMHqKpnM3k369DFkxAVuvn2i
hLmglZKvNk35oottS9Wx6wjtAgMBAAGjggK6MIICtjAdBgNVHQ4EFgQUnrvSdlMV
6IMi40aRrcM5qYX77qEwHwYDVR0jBBgwFoAU6oOvSiHLwgcfVpVuXd1YTHY4+lsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFDMzYyLzZBMDhGNDkyMjU3
NzExRUZCQjBCODI1MUM0RjlBRTAyLzZvT3ZTaUhMd2djZlZwVnVYZDFZVEhZNC1s
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNm9PdlNpSEx3Z2NmVnBWdVhkMVlUSFk0LWxzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
QzM2Mi82QTA4RjQ5MjI1NzcxMUVGQkIwQjgyNTFDNEY5QUUwMi81RjlDQzE5MDI1
NzgxMUVGOTQxMjI0NTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBEBggrBgEFBQcBBwEB/wQ1
MDMwIAQCAAEwGgMEACvmywMEAi1x4DAMAwQALXiJAwQALXiKMA8EAgACMAkDBwAk
BXFAAAIwDQYJKoZIhvcNAQELBQADggEBALVHaOgSr0T5ovrttxob/Gg3n64gtLKA
sClJJ64LH+xHvY+F5sU2XH4XSLMNhkr1XSg8lzLH5IU58k2/TdfE5yhXuKz4kh6G
ND9NOQKUhg+Gcjp7uNFhvqcjqTEVulOilimBSId0hzbo4eltmI4DWMFxtnkLL/ep
NxjPBA1V37tYfvjVZPB8FyDQG94AnFZHPIwnieozgoUSwJnazv0rO7phEQ+fSN0c
pf3huFtrf+wYDuci9g8R3Jtv2Ywnxi2xz8JXa4SkIg1VJReIWzNMkxa45Jy4fS4G
Fxhs03zU85CobRLFfLCqGV8DdMu0aulA9Z7HAPzKsRWOqZt9oMj2vcQ=
-----END CERTIFICATE-----
Generated at Fri Aug 16 06:42:45 2024 by rpki-client on console-fra.rpki-client.org