Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/EF47BB58D81A11EDAB75C13EC4F9AE02.roa
File: EF47BB58D81A11EDAB75C13EC4F9AE02.roa (raw, json)
Hash identifier: uuH5AlDfX/iuZKz+zJFasnZ9iszANz1rLH8LeRZhfRE=
Subject key identifier: AB:01:0D:0E:8A:1A:6E:88:2D:29:6E:3B:13:90:E4:61:D4:EA:A1:F2
Certificate issuer: /CN=A9132B4D/serialNumber=23F5D93A82E7D7840679B1C64DA37C37CFFE77EF
Certificate serial: 053B
Authority key identifier: 23:F5:D9:3A:82:E7:D7:84:06:79:B1:C6:4D:A3:7C:37:CF:FE:77:EF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/EF47BB58D81A11EDAB75C13EC4F9AE02.roa
Signing time: Tue 12 Dec 2023 02:36:20 +0000
ROA not before: Tue 12 Dec 2023 02:36:20 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 137872
IP address blocks: 43.252.52.0/22 maxlen: 24
58.82.192.0/19 maxlen: 24
58.82.224.0/19 maxlen: 24
103.15.84.0/22 maxlen: 24
123.136.0.0/20 maxlen: 24
161.81.0.0/16 maxlen: 24
182.239.64.0/21 maxlen: 24
182.239.96.0/21 maxlen: 24
203.142.96.0/24 maxlen: 24
203.142.100.0/22 maxlen: 24
203.142.104.0/21 maxlen: 24
203.142.112.0/21 maxlen: 24
203.142.120.0/22 maxlen: 24
203.142.124.0/23 maxlen: 24
203.142.126.0/24 maxlen: 24
223.122.0.0/18 maxlen: 24
223.122.64.0/18 maxlen: 24
223.122.128.0/17 maxlen: 24
2401:3000:a000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 29 Jan 2024 02:18:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1339 (0x53b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9132B4D/serialNumber=23F5D93A82E7D7840679B1C64DA37C37CFFE77EF
Validity
Not Before: Dec 12 02:36:20 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6577c724-2ba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:05:da:3b:20:84:cb:a5:ce:97:0d:21:3c:2e:
26:a3:7f:0b:72:96:e3:75:dc:a7:ef:a4:2d:33:53:
08:20:76:fa:85:0b:51:1c:56:1c:d2:b9:73:a0:01:
78:cd:ee:8c:d9:2c:a8:36:f1:a0:02:4e:74:cb:ff:
cc:fd:a1:87:4c:74:cc:e6:06:13:6b:18:84:71:42:
6a:96:17:29:94:d1:63:c3:cb:7d:a2:cc:b5:05:3c:
78:b7:db:39:b4:9d:3c:40:ab:83:06:21:cb:5a:94:
4c:1d:a7:31:57:9f:a1:2d:80:46:68:d3:19:db:66:
b0:11:aa:db:ec:14:68:29:05:62:4b:09:94:af:1a:
60:17:03:a6:20:b4:50:e0:b2:b6:0a:c2:fe:bb:56:
cf:da:75:b3:56:81:ea:22:c3:62:40:b4:de:e4:a3:
97:ce:64:91:98:9a:13:97:8b:1c:52:ef:0b:c0:1d:
dc:05:51:f3:b9:89:1b:87:d6:37:f5:f0:65:ee:3b:
4f:9e:4f:b6:8a:95:2f:3b:ba:a8:bf:79:8d:e0:e0:
27:d7:f6:0b:21:1c:ca:a9:ad:cc:4e:bb:38:b8:2e:
e7:77:28:99:f5:e2:d6:b0:63:2a:71:71:c1:86:40:
5c:7d:f8:cb:da:29:d3:74:63:f0:15:39:6a:49:4c:
6b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:01:0D:0E:8A:1A:6E:88:2D:29:6E:3B:13:90:E4:61:D4:EA:A1:F2
X509v3 Authority Key Identifier:
keyid:23:F5:D9:3A:82:E7:D7:84:06:79:B1:C6:4D:A3:7C:37:CF:FE:77:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/I_XZOoLn14QGebHGTaN8N8_-d-8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/EF47BB58D81A11EDAB75C13EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.52.0/22
58.82.192.0/18
103.15.84.0/22
123.136.0.0/20
161.81.0.0/16
182.239.64.0/21
182.239.96.0/21
203.142.96.0/24
203.142.100.0-203.142.126.255
223.122.0.0/16
IPv6:
2401:3000:a000::/36
Signature Algorithm: sha256WithRSAEncryption
1d:f0:c5:24:e7:c9:77:50:fa:9d:61:f1:a1:86:7b:aa:30:a4:
41:1b:e8:dd:ff:4e:d7:73:b3:54:e8:b4:45:d1:e7:88:71:4b:
92:2e:71:c8:6c:62:fb:1b:fb:85:8a:59:89:b0:ec:75:d7:92:
fa:00:ef:1a:a9:d4:48:69:94:a1:a6:87:bb:22:0c:31:5e:9e:
cb:e3:58:da:36:22:11:4b:2a:dc:54:b1:aa:1e:7e:ef:44:c4:
fe:b2:4d:f5:fd:88:80:13:9d:33:cd:c6:93:03:45:f3:d2:2b:
2c:80:55:d3:23:32:a1:b8:76:08:3c:2e:fb:8d:bb:f7:89:a9:
6c:ce:ac:a7:fb:ac:22:33:a5:ff:ae:ab:32:86:67:dc:22:94:
78:a1:11:98:7f:93:3b:ad:3a:03:ca:27:55:ad:b0:14:69:0a:
9f:1e:e2:eb:7b:38:b2:24:ff:f8:0b:f9:c4:51:33:b3:75:c6:
77:73:c0:ae:28:f3:e9:a9:9a:1e:ea:2e:a9:87:5d:14:1d:0b:
f4:11:cd:e7:e3:bc:d2:9c:22:73:d1:9e:83:91:65:27:84:e9:
2e:f2:df:83:8c:ef:44:5f:01:e9:98:4e:1f:83:f2:bb:2b:b2:
3e:04:90:1a:b0:df:ea:f8:5e:ee:d0:f2:09:77:f9:a2:9c:fd:
e5:80:2d:b0
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgICBTswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzJCNEQxMTAvBgNVBAUTKDIzRjVEOTNBODJFN0Q3ODQwNjc5QjFDNjREQTM3QzM3
Q0ZGRTc3RUYwHhcNMjMxMjEyMDIzNjIwWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTc3YzcyNC0yYmEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwQXaOyCEy6XOlw0hPC4mo38Lcpbjddyn76QtM1MIIHb6hQtRHFYc0rlzoAF4
ze6M2SyoNvGgAk50y//M/aGHTHTM5gYTaxiEcUJqlhcplNFjw8t9osy1BTx4t9s5
tJ08QKuDBiHLWpRMHacxV5+hLYBGaNMZ22awEarb7BRoKQViSwmUrxpgFwOmILRQ
4LK2CsL+u1bP2nWzVoHqIsNiQLTe5KOXzmSRmJoTl4scUu8LwB3cBVHzuYkbh9Y3
9fBl7jtPnk+2ipUvO7qov3mN4OAn1/YLIRzKqa3MTrs4uC7ndyiZ9eLWsGMqcXHB
hkBcffjL2inTdGPwFTlqSUxr8wIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFKsBDQ6K
Gm6ILSluOxOQ5GHU6qHyMB8GA1UdIwQYMBaAFCP12TqC59eEBnmxxk2jfDfP/nfv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkI0RC9DMTk5RTAwNkIy
MDUxMUVCQUVBRTlGMTBDNEY5QUUwMi9JX1haT29MbjE0UUdlYkhHVGFOOE44Xy1k
LTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lfWFpPb0xuMTRRR2ViSEdUYU44TjhfLWQtOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzJCNEQvQzE5OUUwMDZCMjA1MTFFQkFFQUU5RjEwQzRGOUFFMDIvRUY0N0JCNThE
ODFBMTFFREFCNzVDMTNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwawYIKwYBBQUHAQcBAf8E
XDBaMEgEAgABMEIDBAIr/DQDBAY6UsADBAJnD1QDBAR7iAADAwChUQMEA7bvQAME
A7bvYAMEAMuOYDAMAwQCy45kAwQAy45+AwMA33owDgQCAAIwCAMGBCQBMACgMA0G
CSqGSIb3DQEBCwUAA4IBAQAd8MUk58l3UPqdYfGhhnuqMKRBG+jd/07Xc7NU6LRF
0eeIcUuSLnHIbGL7G/uFilmJsOx115L6AO8aqdRIaZShpoe7IgwxXp7L41jaNiIR
SyrcVLGqHn7vRMT+sk31/YiAE50zzcaTA0Xz0issgFXTIzKhuHYIPC77jbv3ials
zqyn+6wiM6X/rqsyhmfcIpR4oRGYf5M7rToDyidVrbAUaQqfHuLreziyJP/4C/nE
UTOzdcZ3c8CuKPPpqZoe6i6ph10UHQv0Ec3n47zSnCJz0Z6DkWUnhOku8t+DjO9E
XwHpmE4fg/K7K7I+BJAasN/q+F7u0PIJd/minP3lgC2w
-----END CERTIFICATE-----
Generated at Mon Jan 29 03:23:24 2024 by rpki-client on console-fra.rpki-client.org