Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/B396F97A25A311EF90484830C4F9AE02.roa
File: B396F97A25A311EF90484830C4F9AE02.roa (raw, json)
Hash identifier: SIgcQfa9gqQTNzZHSyUQ1HKHzKnTXYZRL1jYw8zAmaI=
Subject key identifier: A4:E5:78:24:2B:4A:02:86:FD:BD:3E:F9:18:56:17:B9:9A:6F:6D:86
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 0627
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/B396F97A25A311EF90484830C4F9AE02.roa
Signing time: Tue 03 Sep 2024 01:14:08 +0000
ROA not before: Tue 03 Sep 2024 01:14:08 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 14618
IP address blocks: 43.255.157.0/24 maxlen: 24
103.240.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 06:27:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1575 (0x627)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Sep 3 01:14:08 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66d662df-6f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9f:58:b7:11:24:d1:3a:d2:ba:d1:3a:c5:44:
57:64:4a:dc:f8:da:ab:19:cb:23:01:f2:15:c4:c1:
42:60:4c:de:9e:90:bf:c2:9e:e4:db:9f:16:be:f4:
df:a4:91:4d:e8:7b:7f:51:d9:b7:59:e5:97:ee:98:
41:77:8d:b8:c1:4d:bd:9d:67:c5:08:d2:8c:80:08:
6a:01:1a:b5:ae:60:16:ae:e6:00:31:8a:91:c2:c0:
e0:f1:5f:25:68:14:df:f3:73:d4:a1:77:b3:7f:7a:
58:a4:e5:97:81:4c:fd:06:0a:09:a6:b8:b1:49:ef:
62:a3:fa:71:f3:92:36:52:b4:b2:60:a7:d2:24:bf:
e4:5e:e2:b7:4c:12:55:10:92:12:fe:ab:bb:47:c2:
c7:5f:8e:e9:66:6a:a4:b6:94:f6:c5:c0:0b:2a:4c:
a2:03:8f:2b:9e:0d:28:ed:4e:01:42:2b:16:69:65:
52:d0:1e:de:c3:5c:9b:29:7b:9e:9c:92:a5:9f:68:
1f:2e:f0:7c:d9:be:4a:9e:2d:b9:95:bc:ca:3a:25:
4a:ed:ef:4c:4c:68:67:7b:c6:8f:7c:f1:40:7b:42:
6e:d0:2d:bc:e2:3b:23:a3:f6:12:56:6a:e6:a8:39:
db:5a:f5:01:0b:6c:0e:a3:52:2e:2d:35:8d:56:cc:
20:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E5:78:24:2B:4A:02:86:FD:BD:3E:F9:18:56:17:B9:9A:6F:6D:86
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/B396F97A25A311EF90484830C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.157.0/24
103.240.198.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:84:e6:66:0d:f3:89:4b:29:45:a2:79:7b:76:3f:a4:fb:49:
04:76:25:53:42:28:98:f4:0a:a1:cb:8f:b4:71:bd:83:a3:6f:
8d:aa:63:86:67:43:7a:15:1c:3b:27:31:3a:9b:00:40:72:70:
65:38:6d:26:8b:d5:e4:15:a9:2c:af:c5:47:22:1e:e6:f3:07:
42:7e:b8:bf:3c:4f:6b:a6:06:23:ac:17:28:63:7a:ec:de:ca:
16:06:e6:8e:17:91:b9:d4:cf:3f:b0:2c:66:b0:c3:26:0c:00:
57:e1:77:2e:e9:29:46:ee:b8:94:26:b1:6c:77:0f:10:ac:cd:
bc:39:8e:48:ef:e1:6b:95:25:82:9f:40:d6:d6:3a:f6:7f:6e:
41:43:8c:69:15:8b:c2:a2:fe:a5:3d:b6:71:15:9c:f7:5c:e2:
aa:73:e3:6f:0e:b7:af:4c:0d:7f:8a:aa:4e:6e:4e:52:54:fd:
0b:b5:6f:cf:a8:21:34:65:ed:0e:85:9f:d2:18:81:d5:a0:77:
34:98:a0:9e:b5:95:78:9f:72:88:20:90:8a:76:cb:e8:b5:96:
10:22:87:c3:39:ce:58:5d:36:41:8e:21:d3:39:f1:a6:91:bb:
a5:d4:05:55:f5:1c:ed:45:11:92:dc:3b:4d:6b:a1:d9:cb:6f:
b2:a2:08:dc
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBicwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjQwOTAzMDExNDA4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ2NjJkZi02ZjE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArp9YtxEk0TrSutE6xURXZErc+NqrGcsjAfIVxMFCYEzenpC/wp7k258WvvTf
pJFN6Ht/Udm3WeWX7phBd424wU29nWfFCNKMgAhqARq1rmAWruYAMYqRwsDg8V8l
aBTf83PUoXezf3pYpOWXgUz9BgoJprixSe9io/px85I2UrSyYKfSJL/kXuK3TBJV
EJIS/qu7R8LHX47pZmqktpT2xcALKkyiA48rng0o7U4BQisWaWVS0B7ew1ybKXue
nJKln2gfLvB82b5Kni25lbzKOiVK7e9MTGhne8aPfPFAe0Ju0C284jsjo/YSVmrm
qDnbWvUBC2wOo1IuLTWNVswg2wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKTleCQr
SgKG/b0++RhWF7mab22GMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvQjM5NkY5N0Ey
NUEzMTFFRjkwNDg0ODMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAr/50DBABn8MYwDQYJKoZIhvcNAQELBQADggEBADyE5mYN
84lLKUWieXt2P6T7SQR2JVNCKJj0CqHLj7RxvYOjb42qY4ZnQ3oVHDsnMTqbAEBy
cGU4bSaL1eQVqSyvxUciHubzB0J+uL88T2umBiOsFyhjeuzeyhYG5o4XkbnUzz+w
LGawwyYMAFfhdy7pKUbuuJQmsWx3DxCszbw5jkjv4WuVJYKfQNbWOvZ/bkFDjGkV
i8Ki/qU9tnEVnPdc4qpz428Ot69MDX+Kqk5uTlJU/Qu1b8+oITRl7Q6Fn9IYgdWg
dzSYoJ61lXifcoggkIp2y+i1lhAih8M5zlhdNkGOIdM58aaRu6XUBVX1HO1FEZLc
O01rodnLb7KiCNw=
-----END CERTIFICATE-----
Generated at Tue Oct 15 07:36:29 2024 by rpki-client on console-ams.rpki-client.org