Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/8216D34A779B11EE95522465C4F9AE02.roa
File: 8216D34A779B11EE95522465C4F9AE02.roa (raw, json)
Hash identifier: PuBUL/0wac6c0FQwwAkIpDg/0b4xe5wh6ek3EAdCgwc=
Subject key identifier: E0:04:ED:36:E5:F0:AB:CC:B4:26:A7:EE:DC:50:1B:C1:0E:DB:76:F5
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 0539
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/8216D34A779B11EE95522465C4F9AE02.roa
Signing time: Tue 31 Oct 2023 03:13:48 +0000
ROA not before: Tue 31 Oct 2023 03:13:48 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 47813
IP address blocks: 43.255.158.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Dec 2023 17:26:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1337 (0x539)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Oct 31 03:13:48 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=654070ec-b100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f6:ba:71:99:20:c3:cd:cc:68:da:cb:92:3d:
ae:4f:67:fa:6c:b7:98:72:b8:c7:28:a4:da:af:59:
b5:08:26:27:80:de:ef:dd:69:5b:4f:62:00:d0:9f:
7d:29:66:13:e2:a0:96:bd:8d:1e:9e:ca:75:eb:28:
b5:81:15:e9:b6:2e:27:36:aa:2b:a7:44:5c:bc:a4:
7b:e5:c3:d8:21:00:7b:af:24:42:25:2f:ab:f7:35:
8c:17:c2:1b:70:8b:47:69:a7:a8:7e:48:c0:d5:65:
7f:95:43:bc:b9:ce:3e:e8:fe:43:cd:36:4e:fd:d6:
f3:b0:1a:ff:2d:60:41:b3:33:70:34:0e:f1:d1:ed:
0c:c8:56:d6:3b:50:d0:9b:bd:f7:71:52:88:5f:6b:
dd:29:24:8b:b4:2b:97:68:91:5d:58:ff:41:95:14:
d7:a7:f1:34:7b:21:bf:19:36:ef:77:02:c3:7a:d8:
aa:1e:3d:9f:ec:c6:9e:25:03:50:ac:9d:00:e3:49:
2c:ab:4d:a5:87:2a:32:dd:a8:4e:94:cd:cb:94:43:
b0:27:ac:2a:7a:1b:a2:93:2c:65:3f:72:2c:ab:10:
d7:27:8f:9a:db:95:a7:20:26:1c:38:64:ec:14:af:
36:cf:55:dc:12:c3:db:27:24:11:36:b3:00:37:70:
a3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:04:ED:36:E5:F0:AB:CC:B4:26:A7:EE:DC:50:1B:C1:0E:DB:76:F5
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/8216D34A779B11EE95522465C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.158.0/23
Signature Algorithm: sha256WithRSAEncryption
31:44:b6:f2:d4:f2:d1:c2:3e:db:b4:2e:43:bb:37:52:67:66:
3f:af:6b:4e:b6:68:07:fa:1d:43:6d:5d:f2:fd:03:e7:b8:06:
6b:f3:52:ca:4d:62:72:cc:28:cb:d2:7f:82:dd:c2:d3:e3:3f:
ae:22:08:07:1f:5c:13:ce:c2:ab:01:2a:ab:bc:a6:11:f7:3a:
7b:70:76:3e:8a:42:4c:b6:b2:f5:b4:b4:4f:ac:6a:ff:3d:c8:
59:9a:46:f6:6a:74:3c:73:52:25:5e:79:65:13:9b:62:c3:fa:
5e:6b:c2:70:0b:08:99:e4:ad:40:c3:c4:23:4c:de:f6:8c:97:
86:41:8f:c3:04:bb:86:84:dc:0f:14:b0:84:3f:b4:09:63:f5:
23:e2:a0:de:7b:c0:6d:39:81:01:9b:0b:69:37:7a:d0:51:b2:
e5:a1:4e:ac:7a:af:60:e8:06:b1:53:27:91:40:48:42:8c:3d:
e2:3b:e8:fd:bd:f3:d0:b8:80:94:93:13:0e:49:e8:0d:9e:60:
5a:dc:55:ee:2d:34:81:9d:8d:5a:ee:1f:cc:bf:ad:7f:e1:fe:
7d:c6:2f:28:77:42:68:d0:80:9a:46:69:58:4a:43:10:2c:33:
5e:08:03:96:76:75:31:23:e9:cd:31:51:ee:ae:78:ae:35:b0:
00:ca:49:e9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBTkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMxMDMxMDMxMzQ4WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQwNzBlYy1iMTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuva6cZkgw83MaNrLkj2uT2f6bLeYcrjHKKTar1m1CCYngN7v3WlbT2IA0J99
KWYT4qCWvY0ensp16yi1gRXpti4nNqorp0RcvKR75cPYIQB7ryRCJS+r9zWMF8Ib
cItHaaeofkjA1WV/lUO8uc4+6P5DzTZO/dbzsBr/LWBBszNwNA7x0e0MyFbWO1DQ
m733cVKIX2vdKSSLtCuXaJFdWP9BlRTXp/E0eyG/GTbvdwLDetiqHj2f7MaeJQNQ
rJ0A40ksq02lhyoy3ahOlM3LlEOwJ6wqehuikyxlP3IsqxDXJ4+a25WnICYcOGTs
FK82z1XcEsPbJyQRNrMAN3CjVwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOAE7Tbl
8KvMtCan7txQG8EO23b1MB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvODIxNkQzNEE3
NzlCMTFFRTk1NTIyNDY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEr/54wDQYJKoZIhvcNAQELBQADggEBADFEtvLU8tHCPtu0
LkO7N1JnZj+va062aAf6HUNtXfL9A+e4BmvzUspNYnLMKMvSf4LdwtPjP64iCAcf
XBPOwqsBKqu8phH3Ontwdj6KQky2svW0tE+sav89yFmaRvZqdDxzUiVeeWUTm2LD
+l5rwnALCJnkrUDDxCNM3vaMl4ZBj8MEu4aE3A8UsIQ/tAlj9SPioN57wG05gQGb
C2k3etBRsuWhTqx6r2DoBrFTJ5FASEKMPeI76P2989C4gJSTEw5J6A2eYFrcVe4t
NIGdjVruH8y/rX/h/n3GLyh3QmjQgJpGaVhKQxAsM14IA5Z2dTEj6c0xUe6ueK41
sADKSek=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org