Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/CEC4C0B26D0511EE959F6246C4F9AE02.roa
File: CEC4C0B26D0511EE959F6246C4F9AE02.roa (raw, json)
Hash identifier: 6sdHpJpzWpmZqdtOMFwbc7lFYFhO6cNMudvHKoTtnqE=
Subject key identifier: AD:AC:4C:EF:D0:7C:69:85:92:C4:8D:26:D5:98:90:A2:F6:2B:0A:80
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 062D
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/CEC4C0B26D0511EE959F6246C4F9AE02.roa
Signing time: Tue 03 Sep 2024 01:14:13 +0000
ROA not before: Tue 03 Sep 2024 01:14:13 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 16509
IP address blocks: 43.255.157.0/24 maxlen: 24
103.240.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 06:27:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1581 (0x62d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Sep 3 01:14:13 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66d662e5-f18e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:21:94:2a:65:f6:95:dd:60:9d:a0:40:21:d7:
fc:38:42:00:24:4b:2c:e6:a0:f1:54:51:f0:39:84:
68:36:cf:21:c6:1f:12:c6:03:20:41:f3:da:90:c5:
b1:97:1e:5f:22:2d:3a:f1:f1:6d:ad:14:e3:f4:e0:
f8:00:8f:96:ea:a0:3c:2a:fa:ed:bb:f2:d0:fd:ea:
c3:2f:88:48:b9:74:b0:f1:7a:5c:39:33:0c:60:4e:
96:ae:14:46:db:bb:7e:79:bf:d5:e9:bd:34:44:00:
f0:23:b2:1b:b3:8b:ce:e1:f3:7b:5b:3f:75:bc:95:
48:ea:52:9f:54:4b:61:17:60:46:18:93:28:db:27:
66:53:df:ff:84:8d:98:45:d6:95:3c:be:d3:2c:b6:
69:f1:61:e2:3e:e3:32:98:aa:0c:0b:8a:1f:db:ba:
da:ae:92:44:2e:45:cb:70:dd:1b:68:f1:34:34:4c:
73:54:9d:07:65:e0:47:cc:b6:30:cb:85:ae:97:20:
a0:eb:59:9c:07:5b:a8:b6:d3:6a:ee:94:69:fc:2e:
57:56:b5:59:29:fb:e7:0e:7f:0b:c5:51:25:2e:e8:
31:b9:23:0b:e5:a6:23:21:93:03:5f:f6:1b:ba:63:
c3:66:f2:ef:d4:5d:af:22:48:3a:67:ac:87:83:2c:
6f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:AC:4C:EF:D0:7C:69:85:92:C4:8D:26:D5:98:90:A2:F6:2B:0A:80
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/CEC4C0B26D0511EE959F6246C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.157.0/24
103.240.198.0/24
Signature Algorithm: sha256WithRSAEncryption
68:59:44:af:a9:d7:8f:a5:04:3c:73:f2:69:f3:12:e9:e0:1e:
68:03:2a:7e:4b:eb:f8:e4:44:63:30:4a:55:ef:16:b1:fe:73:
fb:22:fb:a2:d4:18:1a:95:a4:4a:8d:29:30:df:d0:83:55:20:
6e:8e:60:94:06:4d:0a:cb:42:9d:c6:0e:35:09:05:6e:a3:0a:
8e:b0:8f:86:8c:2a:ca:bb:38:05:bd:ff:dc:9e:26:36:c7:00:
c6:55:d2:34:74:94:e2:35:39:18:ca:42:de:b7:81:04:fc:93:
75:05:cc:b0:cf:f2:f8:5f:12:0f:28:94:c7:fa:4f:58:31:57:
53:d9:5a:76:d1:99:2e:06:4a:95:c0:64:3a:6b:eb:90:4b:e1:
c6:72:d2:f3:57:4a:5b:ee:40:15:69:4e:6d:42:89:63:5d:e7:
c6:76:78:c8:4f:cf:d2:7a:72:f3:aa:75:26:69:f3:b7:1c:88:
b8:96:68:18:cf:15:3e:4a:b8:02:6f:c7:40:74:05:09:0f:11:
96:99:71:1e:ef:5a:3f:ff:5e:8e:03:15:b0:e2:3a:d4:85:48:
fe:e4:f3:3a:58:22:07:dc:f2:73:22:68:5d:99:c6:ed:c2:02:
45:15:4a:60:e1:6c:21:2b:b2:a6:d9:59:d6:00:c1:b7:72:58:
e0:8f:17:56
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBi0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjQwOTAzMDExNDEzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ2NjJlNS1mMThlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAriGUKmX2ld1gnaBAIdf8OEIAJEss5qDxVFHwOYRoNs8hxh8SxgMgQfPakMWx
lx5fIi068fFtrRTj9OD4AI+W6qA8Kvrtu/LQ/erDL4hIuXSw8XpcOTMMYE6WrhRG
27t+eb/V6b00RADwI7Ibs4vO4fN7Wz91vJVI6lKfVEthF2BGGJMo2ydmU9//hI2Y
RdaVPL7TLLZp8WHiPuMymKoMC4of27rarpJELkXLcN0baPE0NExzVJ0HZeBHzLYw
y4WulyCg61mcB1uottNq7pRp/C5XVrVZKfvnDn8LxVElLugxuSML5aYjIZMDX/Yb
umPDZvLv1F2vIkg6Z6yHgyxvVwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFK2sTO/Q
fGmFksSNJtWYkKL2KwqAMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvQ0VDNEMwQjI2
RDA1MTFFRTk1OUY2MjQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAr/50DBABn8MYwDQYJKoZIhvcNAQELBQADggEBAGhZRK+p
14+lBDxz8mnzEungHmgDKn5L6/jkRGMwSlXvFrH+c/si+6LUGBqVpEqNKTDf0INV
IG6OYJQGTQrLQp3GDjUJBW6jCo6wj4aMKsq7OAW9/9yeJjbHAMZV0jR0lOI1ORjK
Qt63gQT8k3UFzLDP8vhfEg8olMf6T1gxV1PZWnbRmS4GSpXAZDpr65BL4cZy0vNX
SlvuQBVpTm1CiWNd58Z2eMhPz9J6cvOqdSZp87cciLiWaBjPFT5KuAJvx0B0BQkP
EZaZcR7vWj//Xo4DFbDiOtSFSP7k8zpYIgfc8nMiaF2Zxu3CAkUVSmDhbCErsqbZ
WdYAwbdyWOCPF1Y=
-----END CERTIFICATE-----
Generated at Tue Oct 15 07:36:29 2024 by rpki-client on console-ams.rpki-client.org