Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7C622E7457C311EE9B8B5665C4F9AE02.roa
File: 7C622E7457C311EE9B8B5665C4F9AE02.roa (raw, json)
Hash identifier: ABAUav4Ky1UKqfVLjzC8sMkfZ+CY9xaFYpgCPuQNq3w=
Subject key identifier: 78:3D:62:1B:D4:E3:77:47:1C:90:15:9A:17:6E:43:37:E3:58:43:B7
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 0624
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7C622E7457C311EE9B8B5665C4F9AE02.roa
Signing time: Tue 03 Sep 2024 01:14:04 +0000
ROA not before: Tue 03 Sep 2024 01:14:04 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 135983
IP address blocks: 43.254.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 29 Sep 2024 23:28:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1572 (0x624)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Sep 3 01:14:04 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66d662dc-29aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9b:f6:92:4e:35:ae:12:db:08:00:1c:3d:f8:
f1:1f:cb:bb:5e:b8:9b:cb:b5:f6:8c:8e:aa:80:57:
97:b2:27:12:11:0f:36:42:a8:eb:45:b0:2a:e1:73:
fd:3e:70:7b:56:65:e4:01:18:38:8c:b7:af:4b:be:
74:62:f1:92:61:31:f0:65:31:f4:4d:05:f7:f8:13:
29:b0:a8:8e:26:c2:4d:09:fd:4a:7f:f7:66:02:0a:
d7:42:c3:dd:ce:46:cd:d0:e8:75:bd:6a:42:9f:cc:
30:ef:db:a0:9e:08:86:27:ef:06:c4:34:2f:54:53:
78:8b:05:72:7d:89:6f:77:68:96:42:9f:a3:0e:5c:
9d:2c:29:e4:86:98:81:2f:65:b5:ad:54:78:34:4f:
54:9a:d3:23:fc:5a:f3:61:f3:e8:5e:2c:56:89:6a:
09:6c:15:10:29:ab:67:1c:2c:7d:21:87:59:c3:3f:
13:54:cd:c4:dc:cd:06:dc:a8:84:14:34:05:88:89:
d6:7f:af:99:6c:ff:6c:d9:d8:d3:18:d5:b9:45:a7:
1f:6a:6c:0e:04:b6:00:53:55:a4:d5:9b:cd:f8:1d:
e2:a0:31:ff:8c:dd:37:85:60:89:68:48:05:f6:d1:
6e:25:0c:95:b3:7f:3a:b4:90:04:3e:0e:fb:b0:e1:
c3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:3D:62:1B:D4:E3:77:47:1C:90:15:9A:17:6E:43:37:E3:58:43:B7
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7C622E7457C311EE9B8B5665C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.166.0/24
Signature Algorithm: sha256WithRSAEncryption
12:15:6b:50:14:b6:36:12:81:f3:51:2f:f2:2d:d1:52:38:e8:
a4:46:14:c7:b6:3b:a3:e9:9c:0b:da:8c:e8:50:01:7f:15:5f:
91:16:44:be:c4:2c:0b:2c:8a:3c:76:90:08:3c:92:c6:eb:fe:
2b:b9:e0:58:e8:b7:8d:45:09:7a:c0:62:2a:06:0f:ce:27:2e:
35:00:3d:b9:34:ca:cd:f8:8e:9d:7a:2e:51:6e:bc:3e:d2:cd:
c0:5c:c4:e7:76:7b:76:02:dd:03:b8:a8:ad:20:d8:a7:eb:9d:
d8:a0:4a:7a:1d:fd:32:fa:24:92:9d:14:bb:2e:53:97:4c:ab:
b4:6e:ad:54:04:c1:cf:b5:a8:0f:8e:dd:94:f1:e9:95:13:12:
c3:53:88:f3:a9:ed:e3:b7:b9:c5:36:a6:ca:b0:d1:24:f2:8f:
63:30:cd:ea:4c:a5:ee:61:3e:d2:bc:d0:09:34:29:62:0f:67:
03:26:c4:03:2d:4b:51:79:15:9d:69:12:5e:94:4b:2f:93:50:
70:83:2c:a6:98:a3:15:6e:0c:7d:c0:af:58:4e:00:5c:04:5e:
a7:7f:79:c1:42:32:d0:77:f2:be:51:58:bc:35:aa:06:b2:d1:
b6:59:bd:58:20:1b:34:db:1d:99:00:9a:cc:24:c8:07:02:52:
8d:b5:ea:1e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBiQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjQwOTAzMDExNDA0WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ2NjJkYy0yOWFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAupv2kk41rhLbCAAcPfjxH8u7Xriby7X2jI6qgFeXsicSEQ82QqjrRbAq4XP9
PnB7VmXkARg4jLevS750YvGSYTHwZTH0TQX3+BMpsKiOJsJNCf1Kf/dmAgrXQsPd
zkbN0Oh1vWpCn8ww79ugngiGJ+8GxDQvVFN4iwVyfYlvd2iWQp+jDlydLCnkhpiB
L2W1rVR4NE9UmtMj/FrzYfPoXixWiWoJbBUQKatnHCx9IYdZwz8TVM3E3M0G3KiE
FDQFiInWf6+ZbP9s2djTGNW5RacfamwOBLYAU1Wk1ZvN+B3ioDH/jN03hWCJaEgF
9tFuJQyVs386tJAEPg77sOHDNwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHg9YhvU
43dHHJAVmhduQzfjWEO3MB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvN0M2MjJFNzQ1
N0MzMTFFRTlCOEI1NjY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr/qYwDQYJKoZIhvcNAQELBQADggEBABIVa1AUtjYSgfNR
L/It0VI46KRGFMe2O6PpnAvajOhQAX8VX5EWRL7ELAssijx2kAg8ksbr/iu54Fjo
t41FCXrAYioGD84nLjUAPbk0ys34jp16LlFuvD7SzcBcxOd2e3YC3QO4qK0g2Kfr
ndigSnod/TL6JJKdFLsuU5dMq7RurVQEwc+1qA+O3ZTx6ZUTEsNTiPOp7eO3ucU2
psqw0STyj2MwzepMpe5hPtK80Ak0KWIPZwMmxAMtS1F5FZ1pEl6USy+TUHCDLKaY
oxVuDH3Ar1hOAFwEXqd/ecFCMtB38r5RWLw1qgay0bZZvVggGzTbHZkAmswkyAcC
Uo216h4=
-----END CERTIFICATE-----
Generated at Mon Sep 30 01:11:53 2024 by rpki-client on console-fra.rpki-client.org