Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/88978EF0A65111EEABE0B079C4F9AE02.roa
File: 88978EF0A65111EEABE0B079C4F9AE02.roa (raw, json)
Hash identifier: NxAtd/13bVeR3hgFnMNcl4NqwPAF1iee1z/CMtOAxpU=
Subject key identifier: 1F:DE:72:15:DB:30:9A:6D:C3:45:B9:AB:A1:7A:B9:2E:EF:6C:60:97
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 0572
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/88978EF0A65111EEABE0B079C4F9AE02.roa
Signing time: Fri 29 Dec 2023 13:52:41 +0000
ROA not before: Fri 29 Dec 2023 13:52:41 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 834
IP address blocks: 43.247.135.0/24 maxlen: 24
43.255.122.0/23 maxlen: 24
43.255.156.0/24 maxlen: 24
103.24.216.0/23 maxlen: 24
103.231.58.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 07:58:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1394 (0x572)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Dec 29 13:52:41 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=658ecf29-27f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1e:cf:50:1f:81:85:22:1e:9d:3a:27:eb:96:
ca:d0:97:61:fa:1f:c0:bf:2c:fc:7f:59:cc:7e:3a:
3d:2c:d2:85:09:e9:ce:cf:ad:45:11:32:2d:66:b1:
3b:b2:8b:f1:e1:37:fe:19:e5:9e:2c:b5:04:54:42:
be:e6:0d:1b:97:c9:15:6b:1c:89:82:24:12:b1:73:
f9:be:2f:b7:36:9f:ec:69:e4:21:8c:f2:48:26:d2:
5e:47:1d:69:21:f4:e6:7c:c3:d3:25:b3:92:5c:2a:
67:8e:3f:d0:7c:8d:46:01:f1:8b:16:74:10:07:19:
e0:8f:0f:61:29:71:fa:88:d0:f5:1c:00:c9:0b:f9:
e2:2c:0b:e0:29:9a:f1:57:f5:90:4a:fb:46:08:0f:
7d:18:46:8a:22:85:13:ae:52:b6:3d:21:bb:08:0e:
44:9b:92:14:03:e5:1b:14:fb:f0:4d:4b:e3:5d:2e:
5b:40:7e:fe:15:aa:6c:e1:9c:b3:8e:f1:e5:0d:a5:
b5:21:8d:d9:2c:70:e4:1a:d8:52:5c:69:90:93:98:
be:a8:72:55:40:5b:02:01:f3:2c:cd:9b:83:46:87:
30:c8:4e:01:40:a6:08:84:ab:35:ad:33:9c:34:50:
f3:9e:8c:c1:a5:a6:da:a0:b4:41:d7:9b:03:c6:ff:
8e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:DE:72:15:DB:30:9A:6D:C3:45:B9:AB:A1:7A:B9:2E:EF:6C:60:97
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/88978EF0A65111EEABE0B079C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.135.0/24
43.255.122.0/23
43.255.156.0/24
103.24.216.0/23
103.231.58.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:5d:2b:ef:37:94:ec:d6:68:df:26:1e:6c:c0:df:a7:08:5d:
07:99:90:4e:e4:8d:3b:18:a9:4b:e4:9d:e0:41:87:da:0e:b3:
10:70:b8:17:c9:c3:37:f1:58:bf:ed:10:11:60:2e:7c:32:04:
66:04:f9:aa:b2:9e:25:c3:25:68:ca:cb:ca:03:de:00:cf:f8:
b3:ea:fa:37:36:ce:d5:b0:23:17:62:43:13:ac:6f:cf:f4:70:
ca:b8:9b:aa:ff:5f:14:16:ce:51:af:ec:3a:2d:9c:42:b9:05:
71:56:b6:af:37:8d:0e:6f:43:26:f5:c7:7c:f0:98:8e:d8:a9:
b1:d7:dc:e7:42:e6:ef:e5:65:95:5e:6f:a8:8f:18:e1:4c:17:
b7:94:b3:5a:6c:8a:5b:8f:a3:aa:76:ee:a2:1b:45:74:d7:07:
c1:1b:3c:5b:a5:93:70:01:37:99:fb:87:b8:90:af:52:c6:f9:
26:a5:0b:b3:44:76:51:f3:3d:b6:45:76:9d:1f:a8:a1:78:30:
96:df:8e:5d:bd:3f:bf:49:6f:1d:e6:ee:34:26:b4:35:e3:e0:
5e:15:24:65:64:f9:47:0f:4f:43:41:69:15:da:b9:74:4e:9c:
8a:33:25:a6:c7:7d:df:df:e0:58:51:76:af:ad:36:3c:fe:a4:
69:53:5e:ac
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBXIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMxMjI5MTM1MjQxWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NThlY2YyOS0yN2Y3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2h7PUB+BhSIenTon65bK0Jdh+h/Avyz8f1nMfjo9LNKFCenOz61FETItZrE7
sovx4Tf+GeWeLLUEVEK+5g0bl8kVaxyJgiQSsXP5vi+3Np/saeQhjPJIJtJeRx1p
IfTmfMPTJbOSXCpnjj/QfI1GAfGLFnQQBxngjw9hKXH6iND1HADJC/niLAvgKZrx
V/WQSvtGCA99GEaKIoUTrlK2PSG7CA5Em5IUA+UbFPvwTUvjXS5bQH7+Faps4Zyz
jvHlDaW1IY3ZLHDkGthSXGmQk5i+qHJVQFsCAfMszZuDRocwyE4BQKYIhKs1rTOc
NFDznozBpabaoLRB15sDxv+O1QIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFB/echXb
MJptw0W5q6F6uS7vbGCXMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvODg5NzhFRjBB
NjUxMTFFRUFCRTBCMDc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAAr94cDBAEr/3oDBAAr/5wDBAFnGNgDBAFn5zowDQYJKoZI
hvcNAQELBQADggEBAKddK+83lOzWaN8mHmzA36cIXQeZkE7kjTsYqUvkneBBh9oO
sxBwuBfJwzfxWL/tEBFgLnwyBGYE+aqyniXDJWjKy8oD3gDP+LPq+jc2ztWwIxdi
QxOsb8/0cMq4m6r/XxQWzlGv7DotnEK5BXFWtq83jQ5vQyb1x3zwmI7YqbHX3OdC
5u/lZZVeb6iPGOFMF7eUs1psiluPo6p27qIbRXTXB8EbPFulk3ABN5n7h7iQr1LG
+SalC7NEdlHzPbZFdp0fqKF4MJbfjl29P79Jbx3m7jQmtDXj4F4VJGVk+UcPT0NB
aRXauXROnIozJabHfd/f4FhRdq+tNjz+pGlTXqw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org