Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/D88ED59C139611EEAA8C626DC4F9AE02.roa
File: D88ED59C139611EEAA8C626DC4F9AE02.roa (raw, json)
Hash identifier: nyKlewa0fTzuyZRYdBtEaJBbhXBD10HGna6yYSkpBw8=
Subject key identifier: 14:79:5E:91:D5:42:97:18:10:EA:2A:5E:4C:6F:16:03:4A:0C:53:0F
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 062A
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/D88ED59C139611EEAA8C626DC4F9AE02.roa
Signing time: Tue 03 Sep 2024 01:14:11 +0000
ROA not before: Tue 03 Sep 2024 01:14:11 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 149485
IP address blocks: 43.247.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 29 Sep 2024 23:27:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1578 (0x62a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Sep 3 01:14:11 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66d662e2-b79a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:18:f8:1c:3f:62:1b:de:c1:10:15:9b:a5:d8:
a6:b6:22:c7:72:9f:db:29:f3:5c:dd:ba:ea:f0:a7:
88:07:a1:83:dc:6c:0e:6d:f4:ce:4d:1c:24:11:a0:
7b:33:07:ad:7f:0d:85:30:d1:70:f3:2e:b7:72:87:
74:8c:7c:8b:7f:ca:49:86:84:fa:70:67:57:c4:b9:
cf:a2:35:23:dc:87:40:35:4d:0b:c7:3f:2f:bc:90:
31:1b:b2:93:93:37:a9:b9:64:4a:5e:5d:f1:9a:26:
25:51:55:df:d0:eb:81:6c:18:41:f1:54:04:37:1c:
d5:d4:95:f2:73:d0:e2:be:4a:ff:f3:ae:95:a3:10:
43:e9:9d:29:4f:0e:23:72:24:c9:76:16:05:f6:2c:
e2:6a:c0:68:11:81:8f:6a:21:54:81:f0:b5:55:0b:
c0:e6:ce:df:29:eb:2a:a4:a0:c6:67:a4:45:4a:65:
3b:86:44:1d:98:04:1f:2b:4c:33:ed:57:76:06:f0:
77:b0:10:c1:fe:b4:54:52:0c:9f:34:ea:a4:a6:7b:
2a:41:b6:70:c8:75:da:22:e5:fb:67:75:5c:55:ed:
a7:77:0f:96:a8:72:2d:b0:de:77:cd:96:8a:2d:ef:
b1:9d:21:02:f8:9f:34:0e:e0:28:d9:f1:7e:b4:bb:
3b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:79:5E:91:D5:42:97:18:10:EA:2A:5E:4C:6F:16:03:4A:0C:53:0F
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/D88ED59C139611EEAA8C626DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.132.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:c7:2d:61:84:2f:9d:bc:3a:96:18:58:aa:97:3c:35:b5:da:
a6:5c:39:b7:20:ad:bb:c3:4a:6e:7a:f3:95:a2:e5:6e:22:2c:
6b:91:d8:14:1f:bc:7c:83:9f:51:81:21:56:53:c9:f9:3c:dc:
fd:f0:c5:07:fb:f8:95:2e:6d:8a:e1:43:1e:df:53:e6:b2:05:
92:e2:67:77:9f:27:fe:34:be:7f:03:bd:1a:bc:7c:64:92:29:
a5:d8:a7:67:c3:e7:fd:7c:b0:e0:8f:40:bb:aa:07:bc:36:59:
55:a6:70:a3:b1:e2:71:e6:bf:b9:8b:4f:03:fb:ab:f7:53:2c:
98:8c:ca:fe:59:65:23:04:5c:7d:64:d5:a5:da:9e:d8:e5:31:
89:ed:cd:cc:3c:b2:f3:97:9b:6f:85:6a:44:a5:82:b9:fb:57:
97:23:90:c2:b6:6b:42:da:46:83:08:d6:6f:ef:7a:e5:1a:f0:
f3:0c:7d:e4:37:40:3c:5a:de:bb:41:5e:23:b0:f6:46:cb:04:
9e:e6:47:d6:5c:36:c1:48:c8:ee:a4:9b:43:7a:39:33:c2:41:
d2:c0:50:02:c4:5d:fd:44:37:45:e3:0b:8b:a4:8a:c2:42:6a:
89:0e:7e:8a:ea:63:9c:51:ca:eb:de:cc:27:fe:fb:14:25:85:
a0:25:3e:e5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBiowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjQwOTAzMDExNDExWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ2NjJlMi1iNzlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwBj4HD9iG97BEBWbpdimtiLHcp/bKfNc3brq8KeIB6GD3GwObfTOTRwkEaB7
Mwetfw2FMNFw8y63cod0jHyLf8pJhoT6cGdXxLnPojUj3IdANU0Lxz8vvJAxG7KT
kzepuWRKXl3xmiYlUVXf0OuBbBhB8VQENxzV1JXyc9Divkr/866VoxBD6Z0pTw4j
ciTJdhYF9iziasBoEYGPaiFUgfC1VQvA5s7fKesqpKDGZ6RFSmU7hkQdmAQfK0wz
7Vd2BvB3sBDB/rRUUgyfNOqkpnsqQbZwyHXaIuX7Z3VcVe2ndw+WqHItsN53zZaK
Le+xnSEC+J80DuAo2fF+tLs70wIDAQABo4IClTCCApEwHQYDVR0OBBYEFBR5XpHV
QpcYEOoqXkxvFgNKDFMPMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvRDg4RUQ1OUMx
Mzk2MTFFRUFBOEM2MjZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr94QwDQYJKoZIhvcNAQELBQADggEBAIzHLWGEL528OpYY
WKqXPDW12qZcObcgrbvDSm5685Wi5W4iLGuR2BQfvHyDn1GBIVZTyfk83P3wxQf7
+JUubYrhQx7fU+ayBZLiZ3efJ/40vn8DvRq8fGSSKaXYp2fD5/18sOCPQLuqB7w2
WVWmcKOx4nHmv7mLTwP7q/dTLJiMyv5ZZSMEXH1k1aXantjlMYntzcw8svOXm2+F
akSlgrn7V5cjkMK2a0LaRoMI1m/veuUa8PMMfeQ3QDxa3rtBXiOw9kbLBJ7mR9Zc
NsFIyO6km0N6OTPCQdLAUALEXf1EN0XjC4ukisJCaokOforqY5xRyuvezCf++xQl
haAlPuU=
-----END CERTIFICATE-----
Generated at Mon Sep 30 01:11:53 2024 by rpki-client on console-fra.rpki-client.org