Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7FE57EA271C711EEA69FB30CC4F9AE02.roa
File: 7FE57EA271C711EEA69FB30CC4F9AE02.roa (raw, json)
Hash identifier: rukPMK1/qrkTW9CCJb0vANXJ2QmkylqF6fPkTC9SbBU=
Subject key identifier: B1:51:56:BD:E9:14:4A:75:C6:91:ED:F1:2B:44:F2:64:D9:89:81:82
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 0522
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7FE57EA271C711EEA69FB30CC4F9AE02.roa
Signing time: Mon 23 Oct 2023 17:13:35 +0000
ROA not before: Mon 23 Oct 2023 17:13:35 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 146961
IP address blocks: 43.247.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Dec 2023 21:53:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1314 (0x522)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Oct 23 17:13:35 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6536a9bf-b50f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:36:ec:e1:f7:6f:93:d9:8a:8e:54:7a:cf:12:
d2:96:85:69:bd:d8:ec:c2:e1:6c:55:ec:57:ba:99:
bf:04:eb:a7:e0:fd:f6:96:dd:fa:bc:e7:4d:2a:b9:
f9:b7:e6:4c:ed:8f:58:81:9d:a1:d5:ec:99:a6:ce:
4e:4d:1d:a8:b9:cf:98:18:3b:15:62:29:61:99:4b:
13:23:c5:b2:94:22:71:d8:1b:86:4a:1d:f5:42:86:
8e:a9:27:63:cf:12:45:dd:0d:cb:a3:69:c4:5b:98:
8a:35:2a:d8:f6:1f:29:00:a3:7f:6f:0e:22:ec:f8:
9d:2a:be:34:70:a1:f6:8e:e1:a3:54:67:55:bd:f2:
8e:b5:13:b9:1e:43:8e:f5:48:a1:09:be:eb:28:5a:
e9:f3:dc:bd:fc:66:97:3f:bf:30:e9:5e:d4:ec:59:
8b:f1:75:ce:fb:38:d2:88:bb:17:52:d1:5e:26:7d:
a8:02:58:12:af:97:91:a8:a4:1b:c7:95:18:6f:d7:
98:50:ef:8f:aa:c7:2e:b6:e9:c9:36:c0:dd:0e:fe:
f7:c1:13:2c:d7:c3:01:59:4d:5a:a6:53:a2:6b:84:
d6:71:ec:5b:4b:74:b2:38:48:a7:cb:74:e2:7b:90:
65:ec:4f:f8:90:f9:55:bd:80:56:42:8c:a2:89:49:
f5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:51:56:BD:E9:14:4A:75:C6:91:ED:F1:2B:44:F2:64:D9:89:81:82
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7FE57EA271C711EEA69FB30CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.135.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:0f:11:1e:8c:0d:de:fa:51:71:f6:c7:36:c9:b5:ab:2d:5e:
54:3c:15:e4:20:8e:bb:f2:be:f0:b1:ba:04:40:86:8b:a5:44:
fa:0e:57:03:9f:8a:c9:43:f8:c6:7c:d0:94:5a:c0:34:45:aa:
dd:7b:58:12:47:bc:c5:52:e5:40:85:d6:fe:54:17:a7:c6:8a:
43:0e:ba:35:db:1d:02:14:59:3a:12:5b:de:99:13:8c:85:55:
9a:79:39:a7:d7:c8:17:43:1f:8c:dd:6d:9d:c0:0c:ff:82:9d:
b5:b8:73:60:57:96:f9:e2:37:90:79:07:0f:65:fa:1c:c7:4c:
91:23:0f:ec:d0:7e:68:33:b3:a6:4a:97:ab:75:bd:81:5e:e5:
c6:59:25:a4:60:3e:75:b4:77:dc:7c:60:8d:69:21:bc:d9:55:
34:53:bf:65:bd:de:ae:b0:a4:9f:f2:3e:35:37:de:66:b3:cd:
c7:b8:5d:5f:60:a9:fd:27:2c:98:78:24:99:35:bc:9e:88:ce:
38:aa:2a:7b:35:54:c5:da:ef:5e:9a:69:16:c3:96:3e:f4:e9:
d1:23:64:1f:3c:1a:10:0d:9f:57:f8:3a:2e:5c:f0:13:10:6b:
8c:95:ea:dd:9e:16:cf:1b:61:8e:82:6b:b2:db:94:09:31:93:
23:72:e8:5e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBSIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMxMDIzMTcxMzM1WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTM2YTliZi1iNTBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2jbs4fdvk9mKjlR6zxLSloVpvdjswuFsVexXupm/BOun4P32lt36vOdNKrn5
t+ZM7Y9YgZ2h1eyZps5OTR2ouc+YGDsVYilhmUsTI8WylCJx2BuGSh31QoaOqSdj
zxJF3Q3Lo2nEW5iKNSrY9h8pAKN/bw4i7PidKr40cKH2juGjVGdVvfKOtRO5HkOO
9UihCb7rKFrp89y9/GaXP78w6V7U7FmL8XXO+zjSiLsXUtFeJn2oAlgSr5eRqKQb
x5UYb9eYUO+PqscutunJNsDdDv73wRMs18MBWU1aplOia4TWcexbS3SyOEiny3Ti
e5Bl7E/4kPlVvYBWQoyiiUn1FwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLFRVr3p
FEp1xpHt8StE8mTZiYGCMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvN0ZFNTdFQTI3
MUM3MTFFRUE2OUZCMzBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr94cwDQYJKoZIhvcNAQELBQADggEBALoPER6MDd76UXH2
xzbJtastXlQ8FeQgjrvyvvCxugRAhoulRPoOVwOfislD+MZ80JRawDRFqt17WBJH
vMVS5UCF1v5UF6fGikMOujXbHQIUWToSW96ZE4yFVZp5OafXyBdDH4zdbZ3ADP+C
nbW4c2BXlvniN5B5Bw9l+hzHTJEjD+zQfmgzs6ZKl6t1vYFe5cZZJaRgPnW0d9x8
YI1pIbzZVTRTv2W93q6wpJ/yPjU33mazzce4XV9gqf0nLJh4JJk1vJ6IzjiqKns1
VMXa716aaRbDlj706dEjZB88GhANn1f4Oi5c8BMQa4yV6t2eFs8bYY6Ca7LblAkx
kyNy6F4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org