Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/406B7EB6A34A11EEAA64CF7DC4F9AE02.roa
File: 406B7EB6A34A11EEAA64CF7DC4F9AE02.roa (raw, json)
Hash identifier: fTChBcNVcrJT4iXJaopKfvnjkcgJ4FHzhIOTVct5WeQ=
Subject key identifier: 1C:18:62:90:79:87:78:F3:63:09:AA:E5:50:BD:AB:47:E1:56:0B:A6
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 0560
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/406B7EB6A34A11EEAA64CF7DC4F9AE02.roa
Signing time: Mon 25 Dec 2023 17:23:00 +0000
ROA not before: Mon 25 Dec 2023 17:23:00 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 400618
IP address blocks: 43.255.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 09:44:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1376 (0x560)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Dec 25 17:23:00 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6589ba74-3c6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d4:f9:bc:e6:de:a8:4d:cd:5d:76:b8:ed:2e:
53:9a:7a:7c:72:eb:c6:f5:1b:f4:4c:a4:2c:72:bf:
bf:87:63:87:1f:7a:38:80:80:3d:7c:e7:14:a7:fc:
50:ac:7b:95:bb:26:3a:32:b3:e6:e3:3f:21:13:fe:
45:18:c1:ba:1c:33:f1:93:46:33:a1:1c:76:a4:ff:
16:74:86:9e:c4:d4:cc:37:24:94:d6:63:4e:58:32:
63:d1:22:28:15:18:0f:4b:8e:03:c8:87:5b:18:ac:
d8:88:54:6f:cb:5e:69:81:17:c9:fa:8e:7b:20:98:
93:33:34:18:72:16:55:bb:e3:46:18:53:96:f3:f9:
55:5f:18:4c:b2:3b:9b:08:f8:aa:5a:b9:67:e5:fd:
41:e7:81:38:54:f7:f6:36:c5:81:3d:94:1b:91:21:
dd:45:db:a4:78:fc:c0:71:b5:15:4c:46:fa:11:ed:
23:5e:36:4a:17:cf:85:38:ef:d5:4b:f0:c3:24:10:
3f:f9:b5:f3:a7:01:7f:40:3c:a8:2a:ce:8d:92:1b:
7b:9c:fa:62:41:6a:b9:8b:b4:20:c6:97:61:e2:ab:
5b:f5:bf:ae:32:b9:39:70:30:59:82:16:c0:73:75:
98:ed:55:7b:27:2b:7d:8d:67:5b:45:9a:03:a0:30:
51:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:18:62:90:79:87:78:F3:63:09:AA:E5:50:BD:AB:47:E1:56:0B:A6
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/406B7EB6A34A11EEAA64CF7DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.122.0/24
Signature Algorithm: sha256WithRSAEncryption
43:a0:2e:7f:87:76:05:b5:06:ad:b0:d0:38:d4:c5:22:f7:2c:
85:03:ac:03:ff:31:6a:cc:e5:1c:59:38:8a:84:de:3c:ce:be:
66:db:62:e3:9e:a0:a1:64:59:b4:e3:a0:50:2b:64:88:7a:12:
6d:a2:42:74:53:01:4c:4b:81:ce:53:77:a4:02:d6:b2:65:03:
da:f2:4b:96:14:b7:1e:87:95:db:82:84:bd:c3:0e:5c:f9:91:
ab:98:6b:ab:bf:a9:08:cc:2a:78:21:3d:d6:a3:38:23:19:52:
a5:f5:53:54:e8:0e:bb:d8:74:c3:02:72:1b:83:52:e1:3d:9b:
4e:df:f0:27:0c:d0:d5:01:de:51:3e:3a:f0:a9:17:9a:d8:d2:
a6:e6:81:7f:94:ab:73:70:a4:e0:6e:22:48:21:ff:e8:e9:55:
c8:d5:ef:02:5a:37:50:06:5a:62:eb:a7:ce:37:93:b7:df:e1:
68:e7:50:72:9f:c4:e8:6e:4e:62:4b:8c:38:3e:05:9a:a6:80:
37:2c:75:63:d2:90:d2:3c:7b:e4:54:45:b4:a8:06:f2:9e:b6:
7b:8b:10:c3:e5:9f:4b:29:eb:d2:40:41:a5:76:45:2f:fb:b4:
0a:f7:d5:1a:1a:a7:e0:02:03:fe:8b:4c:0d:97:8a:14:02:0b:
39:5a:8f:6f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBWAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMxMjI1MTcyMzAwWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTg5YmE3NC0zYzZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApNT5vObeqE3NXXa47S5Tmnp8cuvG9Rv0TKQscr+/h2OHH3o4gIA9fOcUp/xQ
rHuVuyY6MrPm4z8hE/5FGMG6HDPxk0YzoRx2pP8WdIaexNTMNySU1mNOWDJj0SIo
FRgPS44DyIdbGKzYiFRvy15pgRfJ+o57IJiTMzQYchZVu+NGGFOW8/lVXxhMsjub
CPiqWrln5f1B54E4VPf2NsWBPZQbkSHdRdukePzAcbUVTEb6Ee0jXjZKF8+FOO/V
S/DDJBA/+bXzpwF/QDyoKs6Nkht7nPpiQWq5i7Qgxpdh4qtb9b+uMrk5cDBZghbA
c3WY7VV7Jyt9jWdbRZoDoDBRWwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBwYYpB5
h3jzYwmq5VC9q0fhVgumMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvNDA2QjdFQjZB
MzRBMTFFRUFBNjRDRjdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr/3owDQYJKoZIhvcNAQELBQADggEBAEOgLn+HdgW1Bq2w
0DjUxSL3LIUDrAP/MWrM5RxZOIqE3jzOvmbbYuOeoKFkWbTjoFArZIh6Em2iQnRT
AUxLgc5Td6QC1rJlA9ryS5YUtx6HlduChL3DDlz5kauYa6u/qQjMKnghPdajOCMZ
UqX1U1ToDrvYdMMCchuDUuE9m07f8CcM0NUB3lE+OvCpF5rY0qbmgX+Uq3NwpOBu
Ikgh/+jpVcjV7wJaN1AGWmLrp843k7ff4WjnUHKfxOhuTmJLjDg+BZqmgDcsdWPS
kNI8e+RURbSoBvKetnuLEMPln0sp69JAQaV2RS/7tAr31Roap+ACA/6LTA2XihQC
Czlaj28=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org