Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/5917099A351C11EEA6C9E532C4F9AE02.roa
File: 5917099A351C11EEA6C9E532C4F9AE02.roa (raw, json)
Hash identifier: uZ6lyXpbdMZbgSCzD8rpBHs5/5VNHmlOuCQMOMcsI5s=
Subject key identifier: C4:03:F6:C9:59:EB:EB:A9:51:2B:C1:3B:92:5D:B5:D1:00:BB:48:3A
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 0507
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/5917099A351C11EEA6C9E532C4F9AE02.roa
Signing time: Fri 13 Oct 2023 18:04:18 +0000
ROA not before: Fri 13 Oct 2023 18:04:18 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 16509
IP address blocks: 43.247.135.0/24 maxlen: 24
43.255.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Oct 2023 15:57:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1287 (0x507)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Oct 13 18:04:18 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=652986a2-d149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:43:78:ef:43:9c:58:2e:76:1b:95:59:db:eb:
57:b7:0d:5a:6b:4b:57:86:83:97:8c:1a:b1:a6:63:
40:13:d8:ec:a7:3d:23:50:07:50:1d:f0:6e:fb:68:
95:f9:98:cf:21:6c:14:9b:23:10:c4:24:5e:ca:86:
2c:18:f5:ac:f1:fa:d5:ee:74:2d:bb:d9:05:0a:7f:
21:a0:f8:ba:b4:17:cf:d4:1b:f6:4b:4d:68:78:b5:
6d:75:3f:77:97:3c:7e:ce:a9:6a:7d:63:25:8d:20:
94:bd:b7:6e:33:cd:06:ad:d0:84:ad:97:35:fa:93:
84:f3:76:a7:b6:9b:bc:02:f5:c2:17:3d:7d:d1:f5:
a7:ad:a4:12:c1:56:f5:f0:54:83:39:a5:c1:4a:5d:
27:1e:df:37:10:a4:1c:bc:75:3d:4c:91:68:23:8e:
3a:b3:a3:81:2a:c3:b9:87:11:33:f0:23:92:c6:ad:
68:94:5e:74:35:7c:55:3c:60:c6:c6:64:a8:ae:68:
7f:93:54:45:6a:52:52:69:1b:40:0c:1c:b9:c7:27:
b1:1b:e5:f1:2c:31:65:3a:6c:22:1f:76:61:19:f5:
8b:f1:16:ae:b6:45:09:e3:b3:d6:4e:9f:27:05:f4:
1f:8c:24:9f:3d:0e:d8:91:da:0c:2d:88:3e:4f:5b:
c5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:03:F6:C9:59:EB:EB:A9:51:2B:C1:3B:92:5D:B5:D1:00:BB:48:3A
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/5917099A351C11EEA6C9E532C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.135.0/24
43.255.157.0/24
Signature Algorithm: sha256WithRSAEncryption
36:e1:b4:54:66:d5:5b:13:64:cb:cb:2d:89:f5:4a:e3:22:99:
73:de:4d:d6:fd:ed:b4:ad:11:f6:27:7f:0a:cf:c5:e1:88:72:
a0:7b:9a:b7:9f:ba:42:3c:06:f8:48:5a:94:d5:32:b9:1c:44:
4d:ef:4f:8f:58:4f:aa:61:cd:17:5b:90:6b:e8:f4:23:a9:e3:
57:58:65:e1:cf:1f:87:1e:2c:ac:ec:5a:85:6b:aa:dc:c8:d8:
9a:34:5c:54:b0:92:1c:a9:09:e0:41:97:3c:94:56:e5:5d:bb:
28:d7:80:83:4a:73:80:49:ad:7b:e5:e5:7d:76:ce:77:7a:63:
7e:fc:cc:21:c9:10:fe:2b:e4:6c:bf:57:0c:00:e3:78:b0:78:
e4:7b:cd:10:b5:c4:0f:c1:fd:2f:1b:d4:67:33:49:48:9f:c5:
91:48:8b:a5:fd:c0:29:72:90:bd:d5:6f:8b:d1:19:b7:4b:e9:
ac:04:25:e9:38:50:9e:5d:a0:e7:07:30:da:30:32:e3:11:0e:
29:49:24:a1:e3:7f:ae:27:da:87:57:97:86:af:6a:33:35:bb:
30:e6:4a:58:78:06:43:35:13:03:24:c6:bb:67:01:b1:05:92:
83:3c:76:69:55:e9:69:74:c8:2c:e7:1c:15:49:7d:76:6d:4f:
68:52:86:2c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBQcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMxMDEzMTgwNDE4WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI5ODZhMi1kMTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0EN470OcWC52G5VZ2+tXtw1aa0tXhoOXjBqxpmNAE9jspz0jUAdQHfBu+2iV
+ZjPIWwUmyMQxCReyoYsGPWs8frV7nQtu9kFCn8hoPi6tBfP1Bv2S01oeLVtdT93
lzx+zqlqfWMljSCUvbduM80GrdCErZc1+pOE83antpu8AvXCFz190fWnraQSwVb1
8FSDOaXBSl0nHt83EKQcvHU9TJFoI446s6OBKsO5hxEz8COSxq1olF50NXxVPGDG
xmSormh/k1RFalJSaRtADBy5xyexG+XxLDFlOmwiH3ZhGfWL8RautkUJ47PWTp8n
BfQfjCSfPQ7YkdoMLYg+T1vFBQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMQD9slZ
6+upUSvBO5JdtdEAu0g6MB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvNTkxNzA5OUEz
NTFDMTFFRUE2QzlFNTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAr94cDBAAr/50wDQYJKoZIhvcNAQELBQADggEBADbhtFRm
1VsTZMvLLYn1SuMimXPeTdb97bStEfYnfwrPxeGIcqB7mrefukI8BvhIWpTVMrkc
RE3vT49YT6phzRdbkGvo9COp41dYZeHPH4ceLKzsWoVrqtzI2Jo0XFSwkhypCeBB
lzyUVuVduyjXgINKc4BJrXvl5X12znd6Y378zCHJEP4r5Gy/VwwA43iweOR7zRC1
xA/B/S8b1GczSUifxZFIi6X9wClykL3Vb4vRGbdL6awEJek4UJ5doOcHMNowMuMR
DilJJKHjf64n2odXl4avajM1uzDmSlh4BkM1EwMkxrtnAbEFkoM8dmlV6Wl0yCzn
HBVJfXZtT2hShiw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org