Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/59F9110E734D11EEBDC1151FC4F9AE02.roa
File: 59F9110E734D11EEBDC1151FC4F9AE02.roa (raw, json)
Hash identifier: X9yCvIME2k74oIeNZUOxPAtC1V1Xd/pZl6KlZsU9l6M=
Subject key identifier: A5:38:A3:39:14:FC:BB:66:51:A9:1C:5C:DA:5F:5E:0B:6F:56:8A:A6
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 0536
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/59F9110E734D11EEBDC1151FC4F9AE02.roa
Signing time: Tue 31 Oct 2023 03:08:30 +0000
ROA not before: Tue 31 Oct 2023 03:08:30 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 834
IP address blocks: 43.255.122.0/23 maxlen: 24
43.255.156.0/24 maxlen: 24
43.255.158.0/23 maxlen: 24
103.24.216.0/23 maxlen: 24
103.231.58.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Dec 2023 21:21:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1334 (0x536)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Oct 31 03:08:30 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65406fae-584a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a2:6c:6e:0f:0f:74:d5:af:b6:ef:1e:d9:78:
04:52:9c:fa:13:14:e8:33:ec:33:53:03:92:52:4b:
22:27:92:3b:53:ee:2e:40:ff:4d:ae:ef:79:a7:ad:
c3:d2:e7:4b:07:a0:2e:c9:1c:46:c9:22:fa:9a:6d:
08:27:07:99:07:31:16:de:22:20:f4:da:76:c3:b1:
28:72:a4:ee:90:41:f1:a1:f6:56:30:46:57:bb:de:
8c:e0:94:54:24:cd:00:77:ff:0a:d4:8d:d8:69:c2:
29:49:e7:86:32:a5:f5:00:1d:ee:0e:d3:57:f5:d4:
9c:ec:a4:25:bb:57:1e:dc:5e:a3:87:dd:69:57:53:
4c:7e:62:ad:8c:e3:27:b4:5e:41:a2:3d:1b:1f:2f:
70:70:a2:05:36:93:33:d7:01:bf:cd:c2:a5:c3:4b:
cc:30:05:e9:c6:1e:d2:5c:62:f4:16:76:0c:a8:1d:
3c:a2:91:0a:eb:69:5c:3f:2c:05:64:8c:bf:21:fb:
7b:de:29:2c:b8:72:a3:d5:f5:07:7a:0a:2e:ad:a0:
51:b8:e3:2d:9c:c8:38:9b:44:ee:34:f3:12:43:c2:
91:4d:16:d4:80:84:c4:1c:db:ff:69:5f:f5:3a:e9:
94:3c:b9:88:ff:cf:59:36:f6:56:67:22:f0:ea:19:
e5:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:38:A3:39:14:FC:BB:66:51:A9:1C:5C:DA:5F:5E:0B:6F:56:8A:A6
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/59F9110E734D11EEBDC1151FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.122.0/23
43.255.156.0/24
43.255.158.0/23
103.24.216.0/23
103.231.58.0/23
Signature Algorithm: sha256WithRSAEncryption
10:4a:38:36:0e:1e:53:d0:82:2e:76:7c:96:b8:1e:e5:41:b7:
7e:04:c0:2a:2d:e9:cd:2b:50:56:16:e4:ef:32:05:5b:b4:36:
dc:3c:85:da:33:cf:6d:8a:c0:6f:d0:6a:09:8a:52:cf:42:f5:
94:ba:72:07:02:8d:4f:e4:2b:63:2c:08:88:75:bb:d4:62:18:
bf:28:68:e7:23:8f:8a:eb:54:60:40:3f:93:65:1a:25:0e:6f:
21:7c:c7:0c:d3:12:0c:67:da:38:4f:7c:89:4e:d1:8e:74:26:
ca:6c:d6:86:02:92:04:04:b3:34:5a:37:a1:3c:23:dd:d8:5d:
7f:88:fe:3d:93:1b:aa:08:03:26:63:00:2f:c3:ac:7b:e9:f4:
96:a5:1d:1e:02:87:73:35:5a:d7:85:c4:20:ca:04:28:10:52:
68:1e:ec:d1:c4:f4:41:d5:37:5f:0d:f2:91:6a:8e:8f:24:dd:
c2:a7:0c:24:fd:63:e9:aa:d9:9a:66:c2:82:7b:f4:49:51:2c:
e3:b1:d5:10:40:3d:81:fa:10:28:75:11:c8:75:5e:6f:c8:c7:
9a:5b:8b:33:99:b1:33:9d:b2:9b:41:c2:87:0a:7e:bd:d6:11:
17:e0:d7:63:0b:ea:08:b9:7a:30:7f:f7:c5:9d:ab:e8:be:17:
ba:13:40:53
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBTYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMxMDMxMDMwODMwWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQwNmZhZS01ODRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw6Jsbg8PdNWvtu8e2XgEUpz6ExToM+wzUwOSUksiJ5I7U+4uQP9Nru95p63D
0udLB6AuyRxGySL6mm0IJweZBzEW3iIg9Np2w7EocqTukEHxofZWMEZXu96M4JRU
JM0Ad/8K1I3YacIpSeeGMqX1AB3uDtNX9dSc7KQlu1ce3F6jh91pV1NMfmKtjOMn
tF5Boj0bHy9wcKIFNpMz1wG/zcKlw0vMMAXpxh7SXGL0FnYMqB08opEK62lcPywF
ZIy/Ift73iksuHKj1fUHegouraBRuOMtnMg4m0TuNPMSQ8KRTRbUgITEHNv/aV/1
OumUPLmI/89ZNvZWZyLw6hnl8wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFKU4ozkU
/LtmUakcXNpfXgtvVoqmMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvNTlGOTExMEU3
MzREMTFFRUJEQzExNTFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAEr/3oDBAAr/5wDBAEr/54DBAFnGNgDBAFn5zowDQYJKoZI
hvcNAQELBQADggEBABBKODYOHlPQgi52fJa4HuVBt34EwCot6c0rUFYW5O8yBVu0
Ntw8hdozz22KwG/QagmKUs9C9ZS6cgcCjU/kK2MsCIh1u9RiGL8oaOcjj4rrVGBA
P5NlGiUObyF8xwzTEgxn2jhPfIlO0Y50Jsps1oYCkgQEszRaN6E8I93YXX+I/j2T
G6oIAyZjAC/DrHvp9JalHR4Ch3M1WteFxCDKBCgQUmge7NHE9EHVN18N8pFqjo8k
3cKnDCT9Y+mq2ZpmwoJ79ElRLOOx1RBAPYH6ECh1Ech1Xm/Ix5pbizOZsTOdsptB
wocKfr3WERfg12ML6gi5ejB/98Wdq+i+F7oTQFM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org