Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/F69DF92242E011EEBBFC663FC4F9AE02.roa
File: F69DF92242E011EEBBFC663FC4F9AE02.roa (raw, json)
Hash identifier: +v8D5ZEKK1eQBG2mfuyrM5JbALfMS9/1G0XDeHG7WrE=
Subject key identifier: 32:5C:C7:CD:08:E0:44:2E:53:63:B5:15:DA:8C:EF:98:7F:B9:84:A6
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 04BE
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/F69DF92242E011EEBBFC663FC4F9AE02.roa
Signing time: Tue 05 Sep 2023 00:51:40 +0000
ROA not before: Tue 05 Sep 2023 00:51:40 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 47813
IP address blocks: 43.254.165.0/24 maxlen: 24
43.255.158.0/23 maxlen: 24
103.240.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Sep 2023 12:54:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1214 (0x4be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Sep 5 00:51:40 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=64f67b9c-5aa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c3:ac:a0:b5:67:30:72:5f:d8:2e:4e:7e:a6:
f9:c8:97:e7:74:b3:c3:fb:f0:10:71:73:33:71:c7:
6b:80:eb:21:c3:aa:19:90:34:5e:59:ed:a9:00:95:
62:73:de:9e:4b:6e:d6:fe:86:12:60:10:c8:4d:b8:
0b:7d:2f:ee:e7:d0:a6:c0:8a:b9:01:99:74:ba:e5:
c2:10:7a:bd:3b:74:95:38:5f:0c:88:0f:cc:2a:36:
e9:0a:7d:11:69:38:f6:3a:54:43:45:98:b2:76:c6:
68:c1:35:67:2f:f9:2b:8b:cb:1b:70:80:0e:d2:32:
fa:a0:09:67:50:4a:7d:56:b0:88:23:97:a0:b4:07:
e3:3f:b6:a4:6e:21:33:b5:f8:65:20:dc:89:19:87:
89:d8:9b:87:fe:cd:b2:2a:81:16:60:62:0d:60:83:
7e:07:12:fe:46:f5:42:08:b6:fb:bc:20:e1:18:a3:
80:ae:30:70:d5:ab:d0:0a:65:aa:b6:ae:72:4e:c3:
02:2f:47:76:87:0c:3f:ef:7c:bd:78:33:d7:f3:c3:
a1:46:b1:24:14:de:f8:aa:7a:73:2f:96:26:64:d4:
5c:14:32:b9:93:11:a7:6f:04:db:f2:4b:1e:ed:16:
2d:53:a5:ad:78:1e:c5:69:01:be:31:62:40:12:a1:
6a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:5C:C7:CD:08:E0:44:2E:53:63:B5:15:DA:8C:EF:98:7F:B9:84:A6
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/F69DF92242E011EEBBFC663FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.165.0/24
43.255.158.0/23
103.240.198.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:b4:86:18:1f:30:a6:52:88:a4:64:3f:a5:35:f2:1c:ad:9f:
c9:f3:28:1b:e2:31:5c:79:79:7a:15:c0:79:f8:be:d5:9a:75:
1b:81:22:20:16:1c:4e:e4:48:c6:82:08:78:95:00:4d:9e:0a:
01:73:86:08:55:49:f4:f9:74:e7:19:b6:c6:d0:bc:e6:77:dd:
bc:68:fe:31:d0:e8:8b:4d:fb:9b:79:a3:ea:d4:3f:de:df:af:
d0:8b:0e:79:5b:1b:a5:ac:0f:45:47:8b:99:2f:7f:3f:5b:6a:
64:a8:96:fb:4d:97:ea:b9:b5:c3:4f:a7:55:a4:95:92:27:98:
7b:1e:c4:7a:33:50:fb:c9:02:9b:8b:9d:34:01:ac:68:34:8a:
c5:d0:95:34:08:dc:63:65:ca:1c:a3:96:44:cb:e2:34:4b:42:
fa:c0:ea:d6:10:b5:5d:a7:f4:df:03:92:9c:52:79:e7:21:e7:
c9:bc:da:33:84:43:32:ac:48:e2:2b:c7:64:1b:22:9c:93:c4:
32:e1:2c:7c:c0:ff:53:19:8a:bb:fe:57:2c:4c:6c:d2:c1:17:
96:df:3c:fb:68:18:6c:b8:6a:f7:b0:9a:de:5f:52:98:89:82:
27:5b:d8:1b:0f:e5:83:91:bd:fb:fd:61:6f:bf:67:24:06:59:
8e:f6:14:81
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBL4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwOTA1MDA1MTQwWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY2N2I5Yy01YWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt8OsoLVnMHJf2C5Ofqb5yJfndLPD+/AQcXMzccdrgOshw6oZkDReWe2pAJVi
c96eS27W/oYSYBDITbgLfS/u59CmwIq5AZl0uuXCEHq9O3SVOF8MiA/MKjbpCn0R
aTj2OlRDRZiydsZowTVnL/kri8sbcIAO0jL6oAlnUEp9VrCII5egtAfjP7akbiEz
tfhlINyJGYeJ2JuH/s2yKoEWYGINYIN+BxL+RvVCCLb7vCDhGKOArjBw1avQCmWq
tq5yTsMCL0d2hww/73y9eDPX88OhRrEkFN74qnpzL5YmZNRcFDK5kxGnbwTb8kse
7RYtU6WteB7FaQG+MWJAEqFqNwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFDJcx80I
4EQuU2O1FdqM75h/uYSmMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvRjY5REY5MjI0
MkUwMTFFRUJCRkM2NjNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAr/qUDBAEr/54DBABn8MYwDQYJKoZIhvcNAQELBQADggEB
AD+0hhgfMKZSiKRkP6U18hytn8nzKBviMVx5eXoVwHn4vtWadRuBIiAWHE7kSMaC
CHiVAE2eCgFzhghVSfT5dOcZtsbQvOZ33bxo/jHQ6ItN+5t5o+rUP97fr9CLDnlb
G6WsD0VHi5kvfz9bamSolvtNl+q5tcNPp1WklZInmHsexHozUPvJApuLnTQBrGg0
isXQlTQI3GNlyhyjlkTL4jRLQvrA6tYQtV2n9N8DkpxSeech58m82jOEQzKsSOIr
x2QbIpyTxDLhLHzA/1MZirv+VyxMbNLBF5bfPPtoGGy4avewmt5fUpiJgidb2BsP
5YORvfv9YW+/ZyQGWY72FIE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org